feat: guarddog-nexus — webhook-based PyPI scanner with web UI

docker-compose.yml

@@ -0,0 +1,44 @@
+services:
+  guarddog-nexus:
+    build: .
+    ports:
+      - "8080:8080"
+    environment:
+      NEXUS_URL: http://nexus:8081
+      NEXUS_USERNAME: admin
+      NEXUS_PASSWORD: "${NEXUS_PASSWORD:-admin123}"
+      NEXUS_REPOSITORIES: pypi-proxy
+      LOG_LEVEL: INFO
+      LOG_SYSLOG_HOST: ""
+      HOST: "0.0.0.0"
+      PORT: "8080"
+    volumes:
+      - ./data:/data
+    depends_on:
+      nexus-setup:
+        condition: service_completed_successfully
+    restart: unless-stopped
+
+  nexus:
+    image: sonatype/nexus3:3.79.0
+    ports:
+      - "8081:8081"
+    volumes:
+      - nexus-data:/nexus-data
+    restart: unless-stopped
+
+  nexus-setup:
+    image: alpine:3.21
+    volumes:
+      - ./scripts/setup-nexus.sh:/setup.sh:ro
+      - nexus-data:/nexus-data:ro
+    environment:
+      NEXUS_URL: http://nexus:8081
+      ADMIN_PASSWORD: "${NEXUS_PASSWORD:-admin123}"
+      WEBHOOK_URL: http://guarddog-nexus:8080/webhooks/nexus
+    entrypoint: ["/bin/sh", "/setup.sh"]
+    depends_on:
+      - nexus
+
+volumes:
+  nexus-data: