In my homelab, I run a variety of hosts, and I’ve standardized on Debian as my base OS. To avoid hitting rate limits, reduce load on public repositories and CDNs, and generally speed up downloads, I’ve been using Sonatype Nexus for a while now. It serves as a local proxy and cache for everything I need.
But for the longest time, I couldn’t find a clean way to automate the configuration of repositories in Nexus itself. Writing fragile scripts in Python or Ansible didn’t feel right. I try to avoid hacks and stick to vanilla, official tooling wherever possible.
Initially, I was also hesitant to use Terraform, as there’s no official provider for Nexus. But then I stumbled upon the community provider by datadrivers. I didn’t expect much, but decided to give it a try.
After a couple of test runs, I realized it covered all my needs—my use case is pretty simple: I just want to define a repository and be done with it.
To my surprise, the provider worked flawlessly and supports a wide range of Nexus resources out of the box.
Terraform provider documentation
For authentication, I recommend creating a dedicated Nexus user with a strong
password and passing credentials securely using environment variables:
NEXUS_USERNAME and NEXUS_PASSWORD. These can be consumed via CI pipelines.
APT Proxy Terraform Module
Since APT proxying is my most common use case, I wrote a minimal reusable Terraform module to set it up in Nexus.
The module supports more than just Debian repositories — I also use it for Proxmox and PBS mirrors. It keeps everything fast, local, and reproducible.
module "apt_debian" {
source = "./modules/apt-proxy/"
name = "debian"
distribution = "stable stable-updates"
remote_url = "https://deb.debian.org/debian"
}
module "apt_debian_security" {
source = "./modules/apt-proxy/"
name = "debian-security"
distribution = "stable-security"
remote_url = "https://security.debian.org/debian-security"
}
module "apt_docker" {
source = "./modules/apt-proxy/"
name = "docker"
distribution = "bookworm"
remote_url = "https://download.docker.com/linux/debian"
}
module "apt_pbs" {
source = "./modules/apt-proxy/"
name = "pbs"
distribution = "bookworm"
remote_url = "http://download.proxmox.com/debian/pbs"
}
module "apt_pve" {
source = "./modules/apt-proxy/"
name = "pve"
distribution = "bookworm"
remote_url = "http://download.proxmox.com/debian/pve"
}
module "apt_zabbix" {
source = "./modules/apt-proxy/"
name = "zabbix"
distribution = "bookworm"
remote_url = "https://repo.zabbix.com/zabbix/7.2/stable/debian"
}
If you’re running Nexus in your environment and want a simple, robust way to automate repo management—this Terraform provider and module combo might be exactly what you’re looking for.