I'm working in heavy secured company, the only possible way to reach pub.dev/packages is through nexus sonatype proxy, so I've set the pub_hosted_url to point nexus server, fetching versions working perfecty but after that pub trying downloading packages from archive url: https://pub.dartlang.org that is not reachable, temporary solution that I made is write simple server that redirect all request to nexus, override response by replace all https://pub.dartlang.org to nexus urls, is there any better solution to handle nexus proxy ?
I think you can reverse the order, have nexus in front door, and your simple server as middle tier to bridge nexus and pub.dartlang.org
Related
We are using Jfrog artifactory selfhosted instance with license for our project and many customers are using for thir package and binary management.
Since this is hosted i our private selfhosted environments over linux platform, regularly we may need to have a maintenance window atleast 2 times in a month to apply patches to our servers and all. So we are considering for high availability for our currently running Jfrog instance which should resolve this downtime during the maintenance. Also we are looking for some better managemental scenarios as below and couldnt find any helpful guidance from the docs.
How the Jfrog server insance service status can be monitored along with auto restart if the service is in failed state after the server reboot.
Is there any way to set and populate a notification messsage to the sustomers regarding the sceduled maintenance.
How can we enable the high availability for JFrog Artifactory and Xray. ?
Here are some of the workaround you can follow to mitigate the situation
To monitor the health of the JFrog services you can use the below rest API
curl -u : -XGET
http://<Art_IP>:8046/router/api/v1/topology/health -H 'Content-Type:
application/json'
If you are looking for a more lightweight check you can use
curl -u: -XGET
http://<Art_IP>:8081/artifactory/api/system/ping
By default, the systemctl scripts check for the availability of the services and restart them when they see a failure. The same applies to the system restart as well.
There is no option for a pop-up message however, you can set a custom message as a banner in the Artifactory. Navigate to Administration -> General settings -> Customer message. Here is the wiki link
When you add another node to the mix, Artifactory/Xray becomes a cluster to balance the load (or as a failover) however it is the responsibility of the load balancer/Reverse proxy to manage the traffic between the cluster nodes according to the availability of the backend node.
I run a .Net 6 API on my Raspberry PI. I can get data from this API using the browser “https://192.168.178.51:7001/swagger/” . Also getting data from entering the url “https://192.168.178.51:7001/api/status/” returns the expected values. So the API is working so far. But when I try to get data from my Blazor WASM App using HTTPClient I get no data. Inspect the browser shows the following message:
GET https://192.168.178.51:7001/api/Status net::ERR_CERT_AUTHORITY_INVALID
How can I fix this? Do I have to install a SSL Certificate? How to do this for a self contained API?
You will need, at minima, a self-sign certificate. Then you will need to let your browser accept a self-sign.(Advance, Proceed to ServerIp)
Now, I do not know what OS you are using in your Raspberry, but for a Beaglebone(similar to Raspberry Pi) with Debian and nginx, here is the procedure
https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-nginx-on-debian-10
You will need the same kind of steps for which ever OS and webserver(Apache, nginx...Kestrel?).
Using a reverse proxy will be the solution, as described here: https://learn.microsoft.com/en-us/aspnet/core/host-and-deploy/linux-nginx?view=aspnetcore-6.0
Quote from the article:
Kestrel is great for serving dynamic content from ASP.NET Core. However, the web serving capabilities aren't as feature rich as servers such as IIS, Apache, or Nginx. A reverse proxy server can offload work such as serving static content, caching requests, compressing requests, and HTTPS termination from the HTTP server.
Using a reverse proxy I can set a certificate.
I'm working on a project where I have to use websocket apis in nodejs to update data in real time, such as open orders, pricing updates, and other things. Since my front end is react and I need to create a subdomain like api.example.com, I was wondering whether apache2 or nginx is the better platform for implementing a websocket server. If anyone knows, it would be helpful.
We have Artifactory deployed locally. Our network team reports that Artifactory has begun downloading large amounts of data from Fastly, to the extent that it is having a major impact on our network. They report,
a ton of data is pulled from 199.232.192.209 - SKYCA-3 and thats
fastly
It happened yesterday between 3:30 and 9:30, and started again today at 10:00.
Can anyone tell us why Artifactory is doing this, and how can we control or stop it?
This is most probably a result of a build (or another automated process) which is hitting a remote repository in Artifactory, requesting artifacts which are not cached and resulting in outgoing requests to the proxied external repository.
It is common for public repositories to use services such as Fastly to serve requests.
The best way to troubleshoot it, would be looking at the Artifactory request log and see who generated this load of requests and which repository was used.
In addition, the Artifactory log file should contain logging for such outgoing requests, for example:
2021-05-20 21:11:45,306 [http-nio-8081-exec-2] [INFO ] (o.a.r.HttpRepo :443) - jcenter downloading https://jcenter.bintray.com/org/cfg4j/cfg4j/3.3.2/cfg4j-3.3.2.jar 36.17 KB
I am new to this forum and my searches haven't found a solution to my problem.
I am having an issue with Sonatype Nexus v2.11.4-01. This is the OSS version. The repo server is behind a load balancer which is handling all the SSL and redirecting via http to the Nexus server.
I have a windows server using a chocolatey client, v0.9.9.11, configured to use the source: https://repo.agent.company.com/nexus/service/local/nuget/NuGet/
This windows server is on a network that does not allow port 80 traffic in or out. The commands choco list and choco search work correctly. However, when I try to run choco install agent -y, I get an error about not being able to get to the repo.
If I open the following in a browser: https://repo.agent.company.com/nexus/service/local/nuget/NuGet/Packages/
I see in the response:
xml:base="http://repo.agent.company.com/nexus/service/local/nuget/NuGet/"
and
src="http://repos.agent.company.com/nexus/service/local/nuget/NuGet/"
My question is, how do I get the xml:base and src URL's to have https? Wireshark has shown me that the initial communications are done via https, but the download is initiated via http, which seems to match what I am seeing in the Package URL response.
Thank you for helping.
It sounds like there is a reverse proxy of some sort running in front of Nexus?
If so, it has to be configured to set the X-Forwarded-Proto header:
https://help.sonatype.com/display/NXRM2/Installation+and+Running#InstallationandRunning-Example:ReverseProxySSLTerminationatBasePath