私有仓库构建
近期公司搬迁新的办公环境,在网络层做了安全规则,多网断划分、内外网隔离,因此需要在内网构建私有 NPM、YUM、PIP、Maven、Docker 仓库。
NPM(私有仓库构建)
主机 | IP | 系统信息 | 软件 |
---|---|---|---|
yum-repos.host.com | 192.168.1.250 | CentOS Linux release 7.8.2003 (Core) Kernel: 3.10.0-1127.el7.x86_64 | nginx version: nginx/1.20.0 cnmpjs.org 最新版 |
-
数据库选择
搭建 cnpm 服务是需要数据库支撑的,官方提供了 mysql、sqlite、postgres、mariadb 数据库的支持,在这里我们选用 mysql 来提供数据服务。
# 使用 docker 构建 Mysql 数据 # 安装docker 19.03.9 $ sudo yum install -y yum-utils $ sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo $ sudo yum -y install docker-ce-19.03.9 docker-ce-cli-19.03.9 containerd.io # 构建数据库 $ sudo docker pull mysql:5.7.34 $ mkdir /data/mysql-data $ sudo docker run --name cnmp_mysql -v /data/mysql_data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=cnmp -p 3306:3306 -d mysql:5.7.34 # 创建数据库并导入 sql $ mysql> create database cnmpjs; $ mysql> source docs/db.sql;
-
安装配置 CNMPJS.ORG
-
依赖安装
克隆 cnmpjs.org 项目并安装依赖
# 克隆项目, 使用最新版即可 $ git clone https://github.com/cnpm/cnpmjs.org.git # 安装node $ sudo yum install -y nodejs # 设置 npm 源 $ npm config set registry https://registry.npm.taobao.org # 安装依赖 $ npm install
-
cnmpjs.org 配置
registryPort: 7001, //registry 端口 webPort: 7002, // web 端口 bindingHost: '' // 所有人都可以访问 database: { db: 'cnpmjs', // 数据库名称 username: 'root', // 数据库用户 password: 'cnmp', // 数据库密码 dialect: 'mysql', // 数据库类型 host: '192.168.1.250', // 数据库主机 port: 3306, // 数据库端口 pool: { maxConnections: 10, minConnections: 0, maxIdleTime: 30000 }, dialectOptions: { trace: true, }, // storage: path.join(dataDir, 'data.sqlite'), logging: !!process.env.SQL_DEBUG, } enablePrivate: false, // 是否开启私有模式 scopes: [ '@cnpm', '@cnpmtest', '@cnpm-test' ], admins: { admin: 'admin@magic.com', // 管理员账号 }
-
项目启动
npm run start
-
配置 nginx
server{ listen 80; server_name cnmp-repos.magic.com; location / { proxy_pass http://127.0.0.1:7002/; proxy_set_header X-Real-IP $remote_addr; } location /registry/ { proxy_pass http://127.0.0.1:7001/; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } }
访问: htttp://cnmp-repos.magic.com
-
测试
npm publish npm notice npm notice 📦 @magic/hello@1.0.0 npm notice === Tarball Contents === npm notice 227B package.json npm notice === Tarball Details === npm notice name: @magic/hello npm notice version: 1.0.0 npm notice package size: 258 B npm notice unpacked size: 227 B npm notice shasum: fccfce65d0d0f9e65d1f6d97c438432994dbeba5 npm notice integrity: sha512-WKjE+IWINHB16[...]C8ZlQG2mrn9mA== npm notice total files: 1 npm notice + @magic/hello@1.0.0
-
YUM(私有仓库构建)
-
内网服务器同步配置,创建 metadata repositories
# 同步 epel 源 rsync -avz --delete --exclude='repodata' rsync://rsync.mirrors.ustc.edu.cn/epel/7/x86_64/ /data/repos//epel/7/x86_64/ # 同步os 源 rsync -avz --delete --exclude='repodata' rsync://rsync.mirrors.ustc.edu.cn/centos/7/os/x86_64/ /data/repos/centos/7/os/x86_64/ # 同步 extras 源 rsync -avz --delete --exclude='repodata' rsync://rsync.mirrors.ustc.edu.cn/centos/7/extras/x86_64/ /data/repos/centos/7/extras/x86_64/ # 同步 updates 源 rsync -avz --delete --exclude='repodata' rsync://rsync.mirrors.ustc.edu.cn/centos/7/updates/x86_64/ /data/repos/centos/7/updates/x86_64/ createrepo /data/repos/epel/7/x86_64/ createrepo /data/repos/centos/7/updates/x86_64/ createrepo /data/repos/centos/7/extras/x86_64/ createrepo /data/repos/centos/7/os/x86_64/
-
加入定时任务
#!/usr/bin/env bash ######################################################################### # File Name: update_repo.sh # Author: Mode # mail: 13692247896@163.com # Created Time: 五 4/30 09:40:31 2021 # Describe: 自动更新 yum 本地 yum 源 ######################################################################### current=$(date "+%Y-%m-%d %H:%M:%S") echo -e ${current} >> /var/log/update_repo.log VER='7' ARCH='x86_64' rsync -avz --delete --exclude='repodata' rsync://rsync.mirrors.ustc.edu.cn/centos/${VER}/os/${ARCH}/ /data/repos/centos/${VER}/os/${ARCH}/ rsync -avz --delete --exclude='repodata' rsync://rsync.mirrors.ustc.edu.cn/centos/${VER}/extras/${ARCH}/ /data/repos/centos/${VER}/extras/${ARCH}/ rsync -avz --delete --exclude='repodata' rsync://rsync.mirrors.ustc.edu.cn/centos/${VER}/updates/${ARCH}/ /data/repos/centos/${VER}/updates/${ARCH}/ rsync -avz --delete --exclude='repodata' rsync://rsync.mirrors.ustc.edu.cn/epel/${VER}/${ARCH}/ /data/repos/epel/${VER}/${ARCH}/ createrepo /data/repos/epel/${VER}/${ARCH}/ createrepo /data/repos/centos/${VER}/updates/${ARCH}/ createrepo /data/repos/centos/${VER}/extras/${ARCH}/ createrepo /data/repos/centos/${VER}/os/${ARCH}/ # 定时任务 crontab -e 00 00 * * * /bin/bash /root/update-repo.sh
-
配置 nginx
$ cat /etc/nginx/conf.d/yum_repo.conf server { listen 80; server_name yum-repos.magic.com; if ($host != "yum-repos.magic.com") { return 301 http://yum-repos.magic.com$request_uri; } root /data/repos; autoindex on; autoindex_format html; autoindex_localtime on; autoindex_exact_size on; }
-
客户端配置
$ cat /etc/yum.repos.d/Private-Base.repo [base] name=CentOS-$releasever - Base baseurl=http://yum-repos.magic.com/centos/$releasever/os/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 [updates] name=CentOS-$releasever - Updates baseurl=http://yum-repos.magic.com/centos/$releasever/updates/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 [extras] name=CentOS-$releasever - Extras baseurl=http://yum-repos.magic.com/centos/$releasever/extras/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 $ cat /etc/yum.repos.d/epel.repo [epel] name=Extra Packages for Enterprise Linux 7 - $basearch baseurl=http://yum-repos.magic.com/epel/7/$basearch failovermethod=priority enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 [epel-debuginfo] name=Extra Packages for Enterprise Linux 7 - $basearch - Debug baseurl=http://yum-repos.magic.com/epel/7/$basearch/debug failovermethod=priority enabled=0 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 gpgcheck=1 [epel-source] name=Extra Packages for Enterprise Linux 7 - $basearch - Source baseurl=http://yum-repos.magic.com/epel/7/SRPMS failovermethod=priority enabled=0 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 gpgcheck=1