Back
Featured image of post NPM私有镜像源搭建

NPM私有镜像源搭建

需求

因为网络环境不允许直接访问公网,需要有内部的 NPM 镜像源。

  1. 可以充当内部缓存。减少对外请求的时间。

  2. 私有包也可以向上放。

Verdaccio

文档地址

Verdaccio 是一个 Node.js 创建的轻量的私有 npm proxy registry。

  • 它是基于 Node.js 的网页应用程序
  • 它是私有 npm registry
  • 它是本地网络 proxy
  • 它是可插入式应用程序
  • 它相当容易安装和使用
  • 我们提供 Docker 和 Kubernetes 支持
  • 它与 yarn, npm 和 pnpm 100% 兼容
  • 它 forked 于sinopia@1.4.0并且 100% 向后兼容。
  • Verdaccio 表示意大利中世纪晚期 fresco 绘画中流行的一种绿色的意思。

上面都是来自于官方的介绍。

搭建

我这边采用的是 docker 搭建。一拉镜像就起来了,不用想太多。

docker-compose.yml

version: '3.1'

services:
  verdaccio:
    image: verdaccio/verdaccio:4
    container_name: "verdaccio"
    networks:
      - node-network
    environment:
      - VERDACCIO_PORT=4873
    ports:
      - "4873:4873"
    volumes:
      - "./storage:/verdaccio/storage"
      - "./config/config.yaml:/verdaccio/conf/config.yaml"
      - "./plugins:/verdaccio/plugins"
networks:
  node-network:
    driver: bridge

配置文件

config.yaml

#
# This is the config file used for the docker images.
# It allows all users to do anything, so don't use it on production systems.
#
# Do not configure host and port under `listen` in this file
# as it will be ignored when using docker.
# see https://verdaccio.org/docs/en/docker#docker-and-custom-port-configuration
#
# Look here for more config file examples:
# https://github.com/verdaccio/verdaccio/tree/master/conf
#

# path to a directory with all packages
storage: /verdaccio/storage/data
# path to a directory with plugins to include
plugins: /verdaccio/plugins

web:
  # WebUI is enabled as default, if you want disable it, just uncomment this line
  #enable: false
  title: Verdaccio
  # comment out to disable gravatar support
  # gravatar: false
  # by default packages are ordercer ascendant (asc|desc)
  # sort_packages: asc

auth:
  htpasswd:
    file: /verdaccio/storage/htpasswd
    # Maximum amount of users allowed to register, defaults to "+infinity".
    # You can set this to -1 to disable registration.
    # max_users: 1000

# a list of other known repositories we can talk to
uplinks:
  taobao:
    url: https://registry.npm.taobao.org/

packages:
  '@*/*':
    # scoped packages
    access: $all
    publish: $authenticated
    unpublish: $authenticated
    proxy: taobao

  '**':
    # allow all users (including non-authenticated users) to read and
    # publish all packages
    #
    # you can specify usernames/groupnames (depending on your auth plugin)
    # and three keywords: "$all", "$anonymous", "$authenticated"
    access: $all

    # allow all known users to publish/publish packages
    # (anyone can register by default, remember?)
    publish: $authenticated
    unpublish: $authenticated

    # if package is not available locally, proxy requests to 'npmjs' registry
    proxy: taobao

middlewares:
  audit:
    enabled: true

# log settings
logs:
  - { type: stdout, format: pretty, level: warn }
  #- {type: file, path: verdaccio.log, level: info}
#experiments:
#  # support for npm token command
#  token: false

Nginx 反代配置

server {
        listen 80;
        listen 443 ssl;
        server_name npm.yourMainDomain.cn;
        access_log  /data/wwwlogs/npm.yourMainDomain.cn.log;
        error_log  /data/wwwlogs/npm.yourMainDomain.cn.error.log error;
        client_max_body_size 20m;
        client_body_buffer_size 256k;
        client_body_temp_path /etc/nginx/proxy_temp;
        ssl_certificate /usr/local/nginx/conf/ssl/*.yourMainDomain.cn.cer;
        ssl_certificate_key /usr/local/nginx/conf/ssl/*.yourMainDomain.cn.key;
        ssl_session_timeout 5m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
        ssl_prefer_server_ciphers on;

        location / {
                proxy_set_header X-Forwarded-Proto $scheme;
                proxy_pass http://10.20.2.8:4873;
                proxy_redirect off;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;
        }
}
comments powered by Disqus