NPM私有镜像源搭建

需求

因为网络环境不允许直接访问公网,需要有内部的NPM镜像源。

  1. 可以充当内部缓存。减少对外请求的时间。

  2. 私有包也可以向上放。

Verdaccio

文档地址

Verdaccio 是一个 Node.js创建的轻量的私有npm proxy registry。

  • 它是基于Node.js的网页应用程序
  • 它是私有npm registry
  • 它是本地网络proxy
  • 它是可插入式应用程序
  • 它相当容易安装和使用
  • 我们提供Docker和Kubernetes支持
  • 它与yarn, npm 和pnpm 100% 兼容
  • 它forked于sinopia@1.4.0并且100% 向后兼容。
  • Verdaccio 表示意大利中世纪晚期fresco 绘画中流行的一种绿色的意思。

上面都是来自于官方的介绍。

搭建

我这边采用的是docker搭建。一拉镜像就起来了,不用想太多。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
docker-compose.yml

version: '3.1'

services:
verdaccio:
image: verdaccio/verdaccio:4
container_name: "verdaccio"
networks:
- node-network
environment:
- VERDACCIO_PORT=4873
ports:
- "4873:4873"
volumes:
- "./storage:/verdaccio/storage"
- "./config/config.yaml:/verdaccio/conf/config.yaml"
- "./plugins:/verdaccio/plugins"
networks:
node-network:
driver: bridge

配置文件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
config.yaml

#
# This is the config file used for the docker images.
# It allows all users to do anything, so don't use it on production systems.
#
# Do not configure host and port under `listen` in this file
# as it will be ignored when using docker.
# see https://verdaccio.org/docs/en/docker#docker-and-custom-port-configuration
#
# Look here for more config file examples:
# https://github.com/verdaccio/verdaccio/tree/master/conf
#

# path to a directory with all packages
storage: /verdaccio/storage/data
# path to a directory with plugins to include
plugins: /verdaccio/plugins

web:
# WebUI is enabled as default, if you want disable it, just uncomment this line
#enable: false
title: Verdaccio
# comment out to disable gravatar support
# gravatar: false
# by default packages are ordercer ascendant (asc|desc)
# sort_packages: asc

auth:
htpasswd:
file: /verdaccio/storage/htpasswd
# Maximum amount of users allowed to register, defaults to "+infinity".
# You can set this to -1 to disable registration.
# max_users: 1000

# a list of other known repositories we can talk to
uplinks:
taobao:
url: https://registry.npm.taobao.org/

packages:
'@*/*':
# scoped packages
access: $all
publish: $authenticated
unpublish: $authenticated
proxy: taobao

'**':
# allow all users (including non-authenticated users) to read and
# publish all packages
#
# you can specify usernames/groupnames (depending on your auth plugin)
# and three keywords: "$all", "$anonymous", "$authenticated"
access: $all

# allow all known users to publish/publish packages
# (anyone can register by default, remember?)
publish: $authenticated
unpublish: $authenticated

# if package is not available locally, proxy requests to 'npmjs' registry
proxy: taobao

middlewares:
audit:
enabled: true

# log settings
logs:
- { type: stdout, format: pretty, level: warn }
#- {type: file, path: verdaccio.log, level: info}
#experiments:
# # support for npm token command
# token: false

Nginx反代配置

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
server {
listen 80;
listen 443 ssl;
server_name npm.yourMainDomain.cn;
access_log /data/wwwlogs/npm.yourMainDomain.cn.log;
error_log /data/wwwlogs/npm.yourMainDomain.cn.error.log error;
client_max_body_size 20m;
client_body_buffer_size 256k;
client_body_temp_path /etc/nginx/proxy_temp;
ssl_certificate /usr/local/nginx/conf/ssl/*.yourMainDomain.cn.cer;
ssl_certificate_key /usr/local/nginx/conf/ssl/*.yourMainDomain.cn.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;

location / {
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://10.20.2.8:4873;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
}
}
0%