Nexus repository APT plugin

Build Status DepShield Badge

Huzzah! APT is now part of Nexus Repository Manager. Version 3.17.0 includes the APT plugin by default. The plugin source code is now in nexus-public in nexus-repository-apt

Filing issues: If using 3.17.0 or later please file any issues at

Upgrading to 3.17.0: If you are an existing APT user upgrading to 3.17 you will not be able to install the community plugin. No other changes are required and your existing data will remain intact.

There are some differences from the community version of the plugin. First of all, we have added component records for the .deb files which adds support for features such as Search, Cleanup Policies, Tagging (PRO only) and Moving between repositories (PRO only). We've also added support for Restore Metadata Task, API for Repository creation via Groovy and we've written help documentation. The "retain N versions" feature has been removed as this conflicts with Cleanup Policies and future work we are doing in that space.

Compatibility Matrix:

Plugin Version Nexus Repository Version
v1.0.2 <3.9.0
v1.0.5 3.9.0
v1.0.7 3.11.0
v1.0.8 3.13.0
v1.0.9 3.14.0
v1.0.10 3.15.2
In product 3.17.0


docker build -t nexus-repository-apt:3.15.2 .

Run a docker container from that image

docker run -d -p 8081:8081 --name nexus-repo nexus-repository-apt:3.15.2

For further information like how to persist volumes check out the GitHub Repo for the official Nexus Repository 3 Docker image.

The application will now be available from your browser at http://localhost:8081


Manually upload a package to a new created repo:

curl -u user:pass -X POST -H "Content-Type: multipart/form-data" --data-binary "@package.deb" http://nexus_url:8081/repository/repo_name/

Create a snapshot of the current package lists for the repo that can be pulled from:

curl -u user:pass -X MKCOL http://nexus_url:8081/repository/repo_name/snapshots/$SNAPSHOT_ID

Create gpg key required for signing apt-packages


To sign packages use; gpg --export-secret-key --armor <Name or ID> and passphrase in the hosted repository configuration.

The private armored key should look like this:


...Base64 key...

The Fine Print

It is worth noting that this is NOT SUPPORTED by Sonatype, and is a contribution of Mike Poindexter's plus us to the open source community (read: you!)


Phew, that was easier than I thought. Last but not least of all:

Have fun building and using this plugin on the Nexus platform, we are glad to have you here!

Getting help

Looking to contribute to our code but need some help? There's a few ways to get information: