需求
因为网络环境不允许直接访问公网,需要有内部的 NPM 镜像源。
可以充当内部缓存。减少对外请求的时间。
私有包也可以向上放。
Verdaccio
Verdaccio 是一个 Node.js 创建的轻量的私有 npm proxy registry。
- 它是基于 Node.js 的网页应用程序
- 它是私有 npm registry
- 它是本地网络 proxy
- 它是可插入式应用程序
- 它相当容易安装和使用
- 我们提供 Docker 和 Kubernetes 支持
- 它与 yarn, npm 和 pnpm 100% 兼容
- 它 forked 于sinopia@1.4.0并且 100% 向后兼容。
- Verdaccio 表示意大利中世纪晚期 fresco 绘画中流行的一种绿色的意思。
上面都是来自于官方的介绍。
搭建
我这边采用的是 docker 搭建。一拉镜像就起来了,不用想太多。
1docker-compose.yml
2
3version: '3.1'
4
5services:
6 verdaccio:
7 image: verdaccio/verdaccio:4
8 container_name: "verdaccio"
9 networks:
10 - node-network
11 environment:
12 - VERDACCIO_PORT=4873
13 ports:
14 - "4873:4873"
15 volumes:
16 - "./storage:/verdaccio/storage"
17 - "./config/config.yaml:/verdaccio/conf/config.yaml"
18 - "./plugins:/verdaccio/plugins"
19networks:
20 node-network:
21 driver: bridge
配置文件
1config.yaml
2
3#
4# This is the config file used for the docker images.
5# It allows all users to do anything, so don't use it on production systems.
6#
7# Do not configure host and port under `listen` in this file
8# as it will be ignored when using docker.
9# see https://verdaccio.org/docs/en/docker#docker-and-custom-port-configuration
10#
11# Look here for more config file examples:
12# https://github.com/verdaccio/verdaccio/tree/master/conf
13#
14
15# path to a directory with all packages
16storage: /verdaccio/storage/data
17# path to a directory with plugins to include
18plugins: /verdaccio/plugins
19
20web:
21 # WebUI is enabled as default, if you want disable it, just uncomment this line
22 #enable: false
23 title: Verdaccio
24 # comment out to disable gravatar support
25 # gravatar: false
26 # by default packages are ordercer ascendant (asc|desc)
27 # sort_packages: asc
28
29auth:
30 htpasswd:
31 file: /verdaccio/storage/htpasswd
32 # Maximum amount of users allowed to register, defaults to "+infinity".
33 # You can set this to -1 to disable registration.
34 # max_users: 1000
35
36# a list of other known repositories we can talk to
37uplinks:
38 taobao:
39 url: https://registry.npm.taobao.org/
40
41packages:
42 '@*/*':
43 # scoped packages
44 access: $all
45 publish: $authenticated
46 unpublish: $authenticated
47 proxy: taobao
48
49 '**':
50 # allow all users (including non-authenticated users) to read and
51 # publish all packages
52 #
53 # you can specify usernames/groupnames (depending on your auth plugin)
54 # and three keywords: "$all", "$anonymous", "$authenticated"
55 access: $all
56
57 # allow all known users to publish/publish packages
58 # (anyone can register by default, remember?)
59 publish: $authenticated
60 unpublish: $authenticated
61
62 # if package is not available locally, proxy requests to 'npmjs' registry
63 proxy: taobao
64
65middlewares:
66 audit:
67 enabled: true
68
69# log settings
70logs:
71 - { type: stdout, format: pretty, level: warn }
72 #- {type: file, path: verdaccio.log, level: info}
73#experiments:
74# # support for npm token command
75# token: false
Nginx 反代配置
1server {
2 listen 80;
3 listen 443 ssl;
4 server_name npm.yourMainDomain.cn;
5 access_log /data/wwwlogs/npm.yourMainDomain.cn.log;
6 error_log /data/wwwlogs/npm.yourMainDomain.cn.error.log error;
7 client_max_body_size 20m;
8 client_body_buffer_size 256k;
9 client_body_temp_path /etc/nginx/proxy_temp;
10 ssl_certificate /usr/local/nginx/conf/ssl/*.yourMainDomain.cn.cer;
11 ssl_certificate_key /usr/local/nginx/conf/ssl/*.yourMainDomain.cn.key;
12 ssl_session_timeout 5m;
13 ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
14 ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
15 ssl_prefer_server_ciphers on;
16
17 location / {
18 proxy_set_header X-Forwarded-Proto $scheme;
19 proxy_pass http://10.20.2.8:4873;
20 proxy_redirect off;
21 proxy_set_header X-Real-IP $remote_addr;
22 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
23 proxy_set_header Host $host;
24 }
25}