JFrog Artifactory is one of the popular, advanced repository management tools. It is a cross-platform tool that allows DevOps to manage multiple package repositories. It provides high availability and multi-site replication to automate your pipeline and enable faster releases.

Here at Fixwebnode, as part of our Server Management Services, we regularly help our Customers to perform related repository management tools installation queries.

In this context, we shall look into how to install JFrog Artifactory on Ubuntu 20.04 LTS.

Steps to Install JFrog Artifactory on Ubuntu 20.04 LTS Focal Fossa

1. Perform System Update

To begin, ensure that all your system packages are up-to-date by running the following apt commands in the terminal:

$ sudo apt update
$ sudo apt upgrade

2. Install JFrog Artifactory on the system

By default, the JFrog Artifactory package is not available on Ubuntu 20.04 base repository. Now we add the JFrog repository to your system using the following command:

$ echo "deb https://jfrog.bintray.com/artifactory-debs bionic main" | tee /etc/apt/sources.list.d/jfrog.list

Next, import the GPG key with the following command:

$ wget -qO - https://api.bintray.com/orgs/jfrog/keys/gpg/public.key | apt-key add -

Once the repository is added, update the repository and install JFrog using the following command below:

$ sudo apt update
$ sudo apt install jfrog-artifactory-oss

3. Start JFrog Artifactory

Then, start the JFrog service and enable it to start at system reboot with the following command:

$ sudo systemctl start artifactory
$ sudo systemctl enable artifactory
$ sudo systemctl status artifactory

4. Configure Firewall

Now we open port 8082 to allow JFrog We will do it with the following commands below:

$ sudo ufw allow 8082/tcp
$ sudo ufw reload

5. Configure Nginx as a Reverse Proxy

You can configure Nginx as a reverse proxy for JFrog. First, install the Nginx webserver with the following command:

$ apt-get install nginx -y

After installing Nginx, create a new Nginx virtual host configuration file with the following command:

$ nano /etc/nginx/sites-available/jfrog.conf

Add the following lines:

upstream jfrog {
  server 127.0.0.1:8082 weight=100 max_fails=5 fail_timeout=5;
}
server {
  listen          80;
  server_name     jfrog.domain.com;
  location / {
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Server $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://jfrog/;
  }
}

Save and close the file then activate the Nginx virtual host with the following command:

$ ln -s /etc/nginx/sites-available/jfrog.conf /etc/nginx/sites-enabled/

Next, verify the Nginx for any syntax error with the following command:

$ nginx -t

You should see the following output:

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Finally, restart the Nginx service to implement the changes:

$ systemctl restart nginx

At this point, Nginx is configured to serve JFrog site.

6. Secure JFrog with Let's Encrypt SSL

It is recommended to secure JFrog with Let's Encrypt SSL. First, add the Certbot repository with the following command:

$ apt-get install software-properties-common -y
$ add-apt-repository ppa:ahasenack/certbot-tlssni01-1875471

Next, update the repository and install the Certbot client with the following command:

$ apt-get update -y
$ apt-get install certbot python3-certbot-nginx -y

Once the Certbot client is installed, run the following command to download and install Let's Encrypt SSL for your website:

$ certbot --nginx -d jfrog.domain.com

You will be asked to provide your valid email and accept the term of service as shown below:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): email@email.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: A
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for jfrog.domain.com
Waiting for verification...
Cleaning up challenges
Deploying Certificate to VirtualHost /etc/nginx/sites-enabled/jfrog.conf

Next, select whether or not to redirect HTTP traffic to HTTPS:

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2

Type 2 and hit enter to start the process. Once the certificate has been installed, you should see the following output:

Redirecting all traffic on port 80 to ssl in /etc/nginx/sites-enabled/jfrog.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://jfrog.domain.com
You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=jfrog.domain.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/jfrog.domain.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/jfrog.domain.com/privkey.pem
   Your cert will expire on 2020-09-07. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot again
   with the "certonly" option. To non-interactively renew *all* of
   your certificates, run "certbot renew"
 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.
 - If you like Certbot, please consider supporting our work by:
   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le
 - We were unable to subscribe you the EFF mailing list because your
   e-mail address appears to be invalid. You can try again later by
   visiting https://act.eff.org.

How to access JFrog Web Interface ?

• Once successfully installed, now open your web browser and type the URL http://your-ip-address:8082/artifactory or jfrog.domain.com. You will be redirected to the Welcome to JFROG page where you can log in with your account information.
• Provide the default username as a "admin" and password as a "password", and click on the Login button.
• Now, click on the Get Started button. You should see the password reset screen.
• Set the new admin password and click on the Next button.
• Set your base URL and click on the Next button.
• Select your desired repository and click on the Next button.
• Now, click on the Finish button. You should see the Artifactory dashboard.

[Need help in fixing Ubuntu System Installation issues ? We can help you. ]