Docker 部署 verdaccio 搭建 npm 私服
一、镜像获取
# 获取 verdaccio 镜像
docker pull verdaccio/verdaccio二、修改配置文件
cd /wwwroot/opt/docker/verdaccio/conf
vim config.yamlconfig.yaml 配置文件如下,可以根据自己的需要进行修改
#
# This is the default configuration file. It allows all users to do anything,
# please read carefully the documentation and best practices to
# improve security.
#
# Look here for more config file examples:
# https://github.com/verdaccio/verdaccio/tree/5.x/conf
#
# Read about the best practices
# https://verdaccio.org/docs/best
# path to a directory with all packages
storage: ./storage
# path to a directory with plugins to include
plugins: ./plugins
# https://verdaccio.org/docs/webui
web:
title: Verdaccio
# comment out to disable gravatar support
# gravatar: false
# by default packages are ordercer ascendant (asc|desc)
# sort_packages: asc
# convert your UI to the dark side
# darkMode: true
# html_cache: true
# by default all features are displayed
# login: true
# showInfo: true
# showSettings: true
# In combination with darkMode you can force specific theme
# showThemeSwitch: true
# showFooter: true
# showSearch: true
# showRaw: true
# showDownloadTarball: true
# HTML tags injected after manifest <scripts/>
# scriptsBodyAfter:
# - '<script type="text/javascript" src="https://my.company.com/customJS.min.js"></script>'
# HTML tags injected before ends </head>
# metaScripts:
# - '<script type="text/javascript" src="https://code.jquery.com/jquery-3.5.1.slim.min.js"></script>'
# - '<script type="text/javascript" src="https://browser.sentry-cdn.com/5.15.5/bundle.min.js"></script>'
# - '<meta name="robots" content="noindex" />'
# HTML tags injected first child at <body/>
# bodyBefore:
# - '<div id="myId">html before webpack scripts</div>'
# Public path for template manifest scripts (only manifest)
# publicPath: http://somedomain.org/
# https://verdaccio.org/docs/configuration#authentication
auth:
htpasswd:
file: ./htpasswd
# Maximum amount of users allowed to register, defaults to "+inf".
# You can set this to -1 to disable registration.
# max_users: 1000
# https://verdaccio.org/docs/configuration#uplinks
# a list of other known repositories we can talk to
uplinks:
taobao:
url: https://registry.npm.taobao.org/
npmjs:
url: https://registry.npmjs.org/
yarnkg:
url: https://registry.yarnpkg.com/
tencent:
url: https://mirrors.cloud.tencent.com/npm/
cnpm:
url: https://r.cnpmjs.org/
npmMirror:
url: https://skimdb.npmjs.com/registry/
# Learn how to protect your packages
# https://verdaccio.org/docs/protect-your-dependencies/
# https://verdaccio.org/docs/configuration#packages
packages:
'@*/*':
# scoped packages
access: $all
publish: $authenticated
unpublish: $authenticated
proxy: taobao
'**':
# allow all users (including non-authenticated users) to read and
# publish all packages
#
# you can specify usernames/groupnames (depending on your auth plugin)
# and three keywords: "$all", "$anonymous", "$authenticated"
access: $all
# allow all known users to publish/publish packages
# (anyone can register by default, remember?)
publish: $authenticated
unpublish: $authenticated
# if package is not available locally, proxy requests to 'npmjs' registry
proxy: taobao
# To improve your security configuration and avoid dependency confusion
# consider removing the proxy property for private packages
# https://verdaccio.org/docs/best#remove-proxy-to-increase-security-at-private-packages
# https://verdaccio.org/docs/configuration#server
# You can specify HTTP/1.1 server keep alive timeout in seconds for incoming connections.
# A value of 0 makes the http server behave similarly to Node.js versions prior to 8.0.0, which did not have a keep-alive timeout.
# WORKAROUND: Through given configuration you can workaround following issue https://github.com/verdaccio/verdaccio/issues/301. Set to 0 in case 60 is not enough.
server:
keepAliveTimeout: 60
# https://verdaccio.org/docs/configuration#offline-publish
# publish:
# allow_offline: false
# https://verdaccio.org/docs/configuration#url-prefix
# url_prefix: /verdaccio/
# VERDACCIO_PUBLIC_URL='https://somedomain.org';
# url_prefix: '/my_prefix'
# // url -> https://somedomain.org/my_prefix/
# VERDACCIO_PUBLIC_URL='https://somedomain.org';
# url_prefix: '/'
# // url -> https://somedomain.org/
# VERDACCIO_PUBLIC_URL='https://somedomain.org/first_prefix';
# url_prefix: '/second_prefix'
# // url -> https://somedomain.org/second_prefix/'
# https://verdaccio.org/docs/configuration#security
# security:
# api:
# legacy: true
# jwt:
# sign:
# expiresIn: 29d
# verify:
# someProp: [value]
# web:
# sign:
# expiresIn: 1h # 1 hour by default
# verify:
# someProp: [value]
# https://verdaccio.org/docs/configuration#user-rate-limit
# userRateLimit:
# windowMs: 50000
# max: 1000
# https://verdaccio.org/docs/configuration#max-body-size
max_body_size: 50mb
# https://verdaccio.org/docs/configuration#listen-port
listen:
- '0.0.0.0:4873' # listen on all addresses (INADDR_ANY)
# - https://example.org:4873 # if you want to use https
# - "[::1]:4873" # ipv6
# - unix:/tmp/verdaccio.sock # unix socket
# The HTTPS configuration is useful if you do not consider use a HTTP Proxy
# https://verdaccio.org/docs/configuration#https
# https:
# key: ./path/verdaccio-key.pem
# cert: ./path/verdaccio-cert.pem
# ca: ./path/verdaccio-csr.pem
# https://verdaccio.org/docs/configuration#proxy
# http_proxy: http://something.local/
# https_proxy: https://something.local/
# https://verdaccio.org/docs/configuration#notifications
notify:
method: POST
headers: [{ "Content-Type": "application/json;charset=utf-8" }]
# 发送消息的webhook
endpoint: xxx
content: '{ "msgtype": "text","at": { "isAtAll": true }, "text": {"content":"组件发版通知: {
{ name }}{
{#each versions}} v{
{version}}{
{/each}}"}}'
middlewares:
audit:
enabled: true
# https://verdaccio.org/docs/logger
# log settings
logs: { type: stdout, format: pretty, level: http }
#experiments:
# # support for npm token command
# token: false
# # disable writing body size to logs, read more on ticket 1912
# bytesin_off: false
# # enable tarball URL redirect for hosting tarball with a different server, the tarball_url_redirect can be a template string
# tarball_url_redirect: 'http://175.42.30.161:46803/verdaccio/${packageName}/${filename}'
# tarball_url_redirect: 'http://175.42.30.161:46803/${packageName}/${filename}'
# # the tarball_url_redirect can be a function, takes packageName and filename and returns the url, when working with a js configuration file
# tarball_url_redirect(packageName, filename) {
# const signedUrl = // generate a signed url
# return signedUrl;
# }
# translate your registry, api i18n not available yet
i18n:
# list of the available translations https://github.com/verdaccio/verdaccio/blob/master/packages/plugins/ui-theme/src/i18n/ABOUT_TRANSLATIONS.md
web: zh-CN
auth:
htpasswd:
file: ./htpasswd # 是 npm 私服的用户密码文件max_body_size: 50mb # 是推上私服的包的最大大小
listen:
- '0.0.0.0:4873' # 是监听的ip和端口,4873 就是后面访问的端口notify:
method: POST
headers: [{ "Content-Type": "application/json;charset=utf-8" }]
# 推包后发送消息的 webhook 地址,如没有则不用配置
endpoint: xxx
三、创建容器并运行
docker run -d --name verdaccio \n
-p 4873:4873 \n
-v /wwwroot/opt/docker/verdaccio:/verdaccio \n
--privileged=true verdaccio/verdaccio 四、测试运行
此时,verdaccio已经启动,http://ip:4873/ 已经可以访问
五、使用内网穿透 的 web界面坑
在搭建公司私有库时,使用的内网ip,但是为了在外面方便访问,运营将内网ip穿透得到一个外网可以访问的ip。但是不能使用内网ip和外网ip同时访问web页面。查看verdaccio的页面请求发现会将当天第一次请求的域名缓存起来。假设当天先访问内网环境域名,则外网环境web页面将无法访问,因为请求被写死成内网地址,如果先访问外网地址,则内网地址跳转到无包页面。
庆幸的是,这并不影响包的安装