NPM 私有倉庫的搭建
- 2020 年 4 月 29 日
- 筆記
NPM 私有倉庫的搭建
為什麼搭建私有倉庫
balabala,當然是有需求的時候嘛
搭建流程
介紹和安裝verdaccio
備註:
程式啟動後,配置文件為/home/work/.config/verdaccio/config.yaml
密碼文件所在位置:/home/work/.config/verdaccio/htpasswd
日誌文件所在文職:/home/work/verdaccio.log
-
Nodejs環境全局安裝(root)
npm install –g verdaccio -
pm2 運行程式,注意請切換成普通用戶work,不需要root
pm2 start verdaccio -
修改配置文件,配置文件如下,
參照默認文件修改內容如下- max_users: -1, 限制用戶自行註冊
- logs 日記存儲方式為文件
- title 修改為公司名稱
- 修改packages的訪問,發布,取消發布的許可權,都改為需要登錄的許可權,初步限制僅公司內部認證過的賬戶可訪問(access: $authenticated,publish: $authenticated,unpublish: $authenticated,proxy: npmjs)
- 後期需要的話,可針對不同的倉庫配置不同的人員username許可權,有開發能力的團隊,可自行訂製插件中間件,比如限制IP和用戶名訪問
自定義UI介面
從官方ui主題倉庫fork到個人帳號,然後克隆到本地開始進行自定義修改
自定義介面後需要發布版本到npm中,根據配置文件的theme設定重啟後會自定應用
從官方倉庫中fock出來,修改搜索關鍵字favicon, title, logo等,footer和header也可以修改一下
修改package.json中的name屬性,修改為 verdaccio-theme-****
安裝依賴,打包,等錄npm,發布到npm倉庫(可發布到共有npm,也可以發布到剛剛新起的npm私有倉庫服務)
npm install && npm run build && npm login && npm publishnpm i verdaccio-theme-**** -g
服務端安裝剛剛發布的主題包(root, 全局安裝,因為verdaccio是動態載入插件)
最後在配置文件中修改主題配置
theme:
****:
a:b
su work
pm2 restart verdaccio 重啟服務生效
刷新頁面吧親。不知道為什麼,僅寫theme: ****或者換行不生效,反正我也不懂,能用就行
添加用戶
去網站生成密碼,然後將密碼添加到服務端密碼文件中,記得重啟服務
默認配置
#
# This is the default config file. It allows all users to do anything,
# so don't use it on production systems.
#
# Look here for more config file examples:
# //github.com/verdaccio/verdaccio/tree/master/conf
#
# path to a directory with all packages
storage: ./storage
# path to a directory with plugins to include
plugins: ./plugins
web:
title: Qianjunet npm repo
# comment out to disable gravatar support
# gravatar: false
# by default packages are ordercer ascendant (asc|desc)
# sort_packages: asc
auth:
htpasswd:
file: ./htpasswd
# Maximum amount of users allowed to register, defaults to "+inf".
# You can set this to -1 to disable registration.
max_users: -1
# a list of other known repositories we can talk to
uplinks:
npmjs:
url: //registry.npmjs.org/
packages:
'@*/*':
# scoped packages
# access: $all
access: $authenticated
publish: $authenticated
unpublish: $authenticated
proxy: npmjs
'**':
# allow all users (including non-authenticated users) to read and
# publish all packages
#
# you can specify usernames/groupnames (depending on your auth plugin)
# and three keywords: "$all", "$anonymous", "$authenticated"
# access: $all
access: $authenticated
# allow all known users to publish/publish packages
# (anyone can register by default, remember?)
publish: $authenticated
unpublish: $authenticated
# if package is not available locally, proxy requests to 'npmjs' registry
proxy: npmjs
# You can specify HTTP/1.1 server keep alive timeout in seconds for incoming connections.
# A value of 0 makes the http server behave similarly to Node.js versions prior to 8.0.0, which did not have a keep-alive timeout.
# WORKAROUND: Through given configuration you can workaround following issue //github.com/verdaccio/verdaccio/issues/301. Set to 0 in case 60 is not enough.
server:
keepAliveTimeout: 60
middlewares:
audit:
enabled: true
# log settings
logs:
#- { type: stdout, format: pretty, level: http }
- {type: file, path: ./verdaccio.log, level: info}
#experiments:
# # support for npm token command
# token: false
配置nginx, 將請求轉發到4873服務
server {
listen 80;
server_name npm.**********.com;
location / {
proxy_http_version 1.1;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass //127.0.0.1:4873$request_uri;
proxy_redirect off;
}
}
如何使用?nrm
-
npm i -g nrm
-
查看當前所有npm的鏡像源
nrm ls -
使用淘寶源
1nrm use taobao -
添加我們自定義的私有倉庫的源
1nrm add ******** //npm.*****.com -
使用自定義的源
1nrm use ******** -
添加錯誤後,可刪除源
1nrm del ***** -
切換到自定義npm源後,使用npm登錄
1
2
3
4
5
6nrm use ******
npm login
input username:
input password:
input public email:
輸入相關資訊後登錄成功,登錄成功即可使用npm install some-package-name
發布package
1
|
npm init
|
最終詳細配置,還是得看官網,雖然官網的描述很不好懂,而且不全,但是比本篇記錄要全,畢竟這個只是小哥哥看完文檔,實際操作後的隨筆而已
TODO: 待對接npm的用戶資訊到//gitlab.*****.com
