From 9c91b95c33be41ee972fa58598d567c3b76f0782 Mon Sep 17 00:00:00 2001
From: Thanh Ha <thanh.ha@linuxfoundation.org>
Date: Wed, 20 Jun 2018 12:47:26 -0400
Subject: [PATCH] Add Nexus 3 bootstrap docs

Issue: RELENG-966
Change-Id: I697085b5a3d8fac0288d9ab04e85da8cbd529676
Signed-off-by: Thanh Ha <thanh.ha@linuxfoundation.org>
---
 docs/infra/bootstrap.rst | 93 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 93 insertions(+)

diff --git a/docs/infra/bootstrap.rst b/docs/infra/bootstrap.rst
index a8fdf36..230fd10 100644
--- a/docs/infra/bootstrap.rst
+++ b/docs/infra/bootstrap.rst
@@ -564,6 +564,99 @@ Setup routing
         * Releases
         * Snapshots
 
+.. _bootstrap-nexus3:
+
+Nexus 3
+=======
+
+.. _nexus3-setup-server-config:
+
+Setup Server Config
+-------------------
+
+#. Navigate to https://nexus3.example.org/#admin/system/emailserver
+#. SMTP Settings
+
+   .. code-block:: none
+
+      Enabled: true
+      Hostname: localhost
+      Port: 25
+      Username:
+      Password:
+      From address: noreply@example.org
+      Subject prefix:
+
+.. _nexus3-setup-ldap:
+
+Setup LDAP
+----------
+
+#. Navigate to https://nexus3.example.org/#admin/security/ldap
+#. Click ``Create connection``
+#. Configure the LDAP connection as follows
+
+   .. code-block:: none
+
+      Name: ldaps://ldap.example.org:636
+      Protocol: ldaps
+      Hostname: ldap.example.org
+      Port: 636
+      Search base: dc=example,dc=org
+      Authentication method: Anonymous Authentication
+
+#. Click ``Verify connection`` and check that it works
+#. Click ``Next``
+#. Configure the ``User & Group Settings`` as follows:
+
+   .. code-block:: none
+
+      Base DN: ou=Users
+      Object Class: inetOrgPerson
+      User ID Attribute: uid
+      Real Name Attribute: cn
+      E-Mail Attribute: mail
+      Map LDAP groups as roles: true
+
+      Group Type: Static Groups
+      Base DN: ou=groups
+      Object Class: groupOfNames
+      Group ID Attribute: cn
+      Group Member Attribute: member
+      Group Member Format: ${dn}
+
+#. Click ``Verify user mapping`` and confirm it works
+#. Click ``Create``
+
+.. _nexus3-setup-admin-role:
+
+Setup Admin role
+----------------
+
+#. Navigate to https://nexus3.example.org/#admin/security/roles
+#. Click ``Create role > External Role Mapping``
+#. Configure mapping as follows:
+
+   .. code-block:: none
+
+      Mapped Role: lf-collab-admins
+      Role Name: lf-collab-admins
+      Role description: lf-collab-admins
+      Privileges: nx-all
+
+From this point you should be able to login using your own account to
+administrate the server. Do that and then setup admin user email and
+deactivate the default deployment account as we will create separate
+project deployment accounts for each individual project.
+
+#. Navigate to https://nexus3.example.org/#admin/security/users:admin
+#. Configure the admin user email to ``collab-it+PROJECT@linuxfoundation.org``
+
+   .. note::
+
+      Replace email as necessary for your org.
+
+
 .. _post-bootstrap:
 
 Post bootstrap
-- 
2.16.6