Reputation: 35772
How do I setup a private, remotely accessible Maven repository?
I need to set up a Maven repository for some internal company libraries, that need to be accessible only to our developers (ie. secure), yet should be securely accessible over the Internet.
I'm familiar with setting up public Maven repos, but am unsure of the best way to set up a private remotely accessible repo.
How can I do this?
Upvotes: 54
Views: 47840
Answers (4)
Reputation: 35772
Since posting this question I discovered JitPack, which makes it incredibly easy to create public (free) and private (cheap) repos directly from Github.
Upvotes: 13
Reputation: 105043
Amazon S3 is the best solution: http://www.stackoverflow.com/questions/850570/maven-s3-wagon-provider, because:
- No installation procedures
- Hosted by Amazon, highly available
- Fully supported by Maven through a few wagons (see the link above)
You may also find this article helpful: http://www.yegor256.com/2015/09/07/maven-repository-amazon-s3.html
Upvotes: 18
Reputation: 14096
The solution is to use a Maven Repository Manager, such as Nexus, Artifactory or Archivia.
You install the MRM on a server and configure it with the authentication details of the users you want to have access it.
You can see a publicly accessible Nexus instance at https://oss.sonatype.org and also at https://repository.apache.org So on that basis it is fairly safe to assume that the authentication in Nexus is reliable and secure.
Artifactory is available as an on-line hosted service, and we use it (the on-line hosted service) for our internal artifact hosting.
Archivia is maintained by some really good guys and I suspect they have that well locked down too.
If you want to get up and running fast and you don't want to have to manage a server, I would recommend using a hosting service such as Artifactory. I do not know if there is an online Nexus or Archivia hosting service.
Now for the disclosures:
- JFrog (creators of Artifactory) is a partner of my employers and we use the Artifactory hosting service
- Sonatype (creators of Nexus) is a partner of my employers
- I am a member of the Apache Software Foundation (creators of Archivia)
I do not recommend which MRM you use. But as a Maven committer and PMC member I strongly recommend using a MRM.
Upvotes: 21
Reputation: 533442
You can place username/passwords on different repos on your server with archiva or nexus. You can also manage who can deploy to those repos.
These can be added to your settings.xml file so you don't have to login every time.
Upvotes: 2
Related Questions
- Most simple way to create maven repository at server
- Sharing Maven local repository
- Centralized local Maven repository for Team
- How to configure maven without internet access
- How to stop maven making requests to the internet and use a single internal repo
- Local Maven Repository
- Adding Custom Maven Jars to a Private Server Location
- Maven Setup on LAN
- How to create a maven repository that others may use?
- private internal maven repository