上周淘宝源https://registry.npm.taobao.org/证书过期,导致我们的项目部署不了。只能紧急的将上线项目的源改为cnpm
的。现在一周时间过去了,淘宝源的证书还没更新,我们还有其他项目准备上线。
我们不清楚淘宝源什么时候会更新证书,也不清楚cnpm
什么时候出现不可预测的问题。所以我们不能将希望都寄托在第三方身上,决定搭建自己的npm
私有仓库。
经过调研(就百度了一下),我们决定使用Verdaccio
搭建自己的npm
私有仓库。
下面使用docker
搭建Verdaccio
。
创建目录
verdaccio
暴露了三个目录conf
、storage
和plugins
提供映射,可以将容器内部的文件夹映射至宿主机,这里把目录映射出来,这样在容器内部出现问题,其文件还能保留下来,重新制作容器、挂载目录即可恢复,同时修改一些配置也会比较方便,我这里将目录挂在~/verdaccio
下。
mkdir ~/verdaccio
# 配置文件目录
mkdir ~/verdaccio/conf
# 发布的包存储目录
mkdir ~/verdaccio/storage
# 插件目录
mkdir ~/verdaccio/plugins
# docker容器中使用的用户id10001 运行的程序,所以要对目录进行授权,否则容器启动失败(读取不了配置文件)
chown 10001:65535 ~/verdaccio -R
创建配置文件config.yaml
cd ~/verdaccio/conf
vim config.yaml
配置文件
#
# This is the config file used for the docker images.
# It allows all users to do anything, so don't use it on production systems.
#
# Do not configure host and port under `listen` in this file
# as it will be ignored when using docker.
# see https://github.com/verdaccio/verdaccio/blob/master/wiki/docker.md#docker-and-custom-port-configuration
#
# Look here for more config file examples:
# https://github.com/verdaccio/verdaccio/tree/master/conf
#
# 发布的包存储路径
storage: /verdaccio/storage
auth:
htpasswd:
file: /verdaccio/conf/htpasswd
# Maximum amount of users allowed to register, defaults to "+inf".
# You can set this to -1 to disable registration.
#max_users: 1000
security:
api:
jwt:
sign:
expiresIn: 60d
notBefore: 1
web:
sign:
expiresIn: 7d
# a list of other known repositories we can talk to
uplinks:
npmjs:
url: https://r.cnpmjs.org/
packages:
'@jota/*':
access: $all
publish: $all
'@*/*':
# scoped packages
access: $all
publish: $all
proxy: npmjs
'**':
# allow all users (including non-authenticated users) to read and
# publish all packages
#
# you can specify usernames/groupnames (depending on your auth plugin)
# and three keywords: "$all", "$anonymous", "$authenticated"
access: $all
# allow all known users to publish packages
# (anyone can register by default, remember?)
publish: $all
# if package is not available locally, proxy requests to 'npmjs' registry
proxy: npmjs
# To use `npm audit` uncomment the following section
middlewares:
audit:
enabled: true
# log settings
logs:
- {type: stdout, format: pretty, level: trace}
#- {type: file, path: verdaccio.log, level: info}
docker-compose
配置
创建docker-compose
配置
vim ~/verdaccio/docker-compose.yml
version: '3'
services:
verdaccio:
image: verdaccio/verdaccio:4
container_name: verdaccio
restart: always
ports:
- 4873:4873
volumes:
- ./storage:/verdaccio/storage
- ./conf:/verdaccio/conf
- ./plugins:/verdaccio/plugins
- ./logs:/verdaccio/logs
environment:
NODE_ENV: production
VERDACCIO_PROTOCOL: http
VERDACCIO_TITLE: Verdaccio
VERDACCIO_LOG_LEVEL: http
VERDACCIO_ALLOW_OFFLINE: true
VERDACCIO_API_SECRET: mysecret
VERDACCIO_WEB_SECRET: mysecret
VERDACCIO_AUTH_TOKEN_EXPIRES: 60d
VERDACCIO_WEB_TOKEN_EXPIRES: 7d
VERDACCIO_ISSUER: verdaccio
VERDACCIO_AUDIENCE: verdaccio
VERDACCIO_UPLINKS_NPMJS_URL: https://r.cnpmjs.org/
VERDACCIO_UPLINKS_NPMJS_CACHE: true
VERDACCIO_UPLINKS_NPMJS_MAXAGE: 300000
VERDACCIO_UPLINKS_NPMJS_MAXFAIL: 2
VERDACCIO_UPLINKS_NPMJS_FAIL_TIMEOUT: 10000
VERDACCIO_UPLINKS_NPMJS_MAX_OFFLINE_TIME: 300000
VERDACCIO_UPLINKS_NPMJS_SCOPED_PACKAGES: true
VERDACCIO_UPLINKS_NPMJS_FETCH_METADATA: true
VERDACCIO_UPLINKS_NPMJS_FETCH_PACKAGE: true
VERDACCIO_UPLINKS_NPMJS_CONCURRENCY: 4
VERDACCIO_UPLINKS_NPMJS_MAX_PAYLOAD_SIZE: 1024
VERDACCIO_UPLINKS_NPMJS_MAX_SOCKETS: 100
VERDACCIO_UPLINKS_NPMJS_TIMEOUT: 10000
VERDACCIO_UPLINKS_NPMJS_MAX_RETRY: 3
测试
访问http://192.168.56.108:4873/
更改源
-
下载源管理工具
npm i yrm -g
-
添加源
yrm add verdaccio http://192.168.56.108:4873
-
使用源
yrm use verdaccio