mirror of
https://github.com/verdaccio/verdaccio.git
synced 2025-01-13 22:48:31 -05:00
Merge pull request #887 from verdaccio/fix-website-issues
Fix website issues
This commit is contained in:
commit
a7e882a188
37 changed files with 3 additions and 2621 deletions
|
@ -61,9 +61,9 @@ const users = [
|
||||||
const siteConfig = {
|
const siteConfig = {
|
||||||
title: 'Verdaccio' /* title for your website */,
|
title: 'Verdaccio' /* title for your website */,
|
||||||
tagline: 'Verdaccio · A lightweight private npm proxy registry',
|
tagline: 'Verdaccio · A lightweight private npm proxy registry',
|
||||||
url: 'http://www.verdaccio.org' /* your website url */,
|
url: 'https://verdaccio.org' /* your website url */,
|
||||||
organizationName: 'verdaccio',
|
organizationName: 'verdaccio',
|
||||||
cname: 'www.verdaccio.org',
|
cname: 'verdaccio.org',
|
||||||
noIndex: false,
|
noIndex: false,
|
||||||
baseUrl: '/' /* base url for your project */,
|
baseUrl: '/' /* base url for your project */,
|
||||||
projectName: 'verdaccio',
|
projectName: 'verdaccio',
|
||||||
|
@ -93,10 +93,7 @@ const siteConfig = {
|
||||||
},
|
},
|
||||||
algolia: {
|
algolia: {
|
||||||
apiKey: 'a8b4d117e513cd8d71d6a95e3d9d4a91',
|
apiKey: 'a8b4d117e513cd8d71d6a95e3d9d4a91',
|
||||||
indexName: 'verdaccio',
|
indexName: 'verdaccio'
|
||||||
algoliaOptions: {
|
|
||||||
facetFilters: ['language:LANGUAGE', 'version:VERSION'],
|
|
||||||
}
|
|
||||||
},
|
},
|
||||||
gaTrackingId: 'UA-2527438-21',
|
gaTrackingId: 'UA-2527438-21',
|
||||||
twitter: true,
|
twitter: true,
|
||||||
|
|
|
@ -1,15 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-ansible
|
|
||||||
title: Ansible
|
|
||||||
original_id: ansible
|
|
||||||
---
|
|
||||||
|
|
||||||
We have a customised solution for `verdaccio` in our organization.
|
|
||||||
|
|
||||||
[https://github.com/verdaccio/ansible-verdaccio](https://github.com/verdaccio/ansible-verdaccio)
|
|
||||||
|
|
||||||
#### Other options
|
|
||||||
|
|
||||||
* Ansible role for Gentoo users: [jirutka/ansible-role-sinopia](https://github.com/jirutka/ansible-role-sinopia).
|
|
||||||
* Ansible role for Ubuntu users: [jagregory/sinopia-ansible](https://github.com/jagregory/sinopia-ansible).
|
|
||||||
* ansible-verdaccio-role [https://github.com/refinery29/ansible-verdaccio-role](https://github.com/refinery29/ansible-verdaccio-role)
|
|
|
@ -1,58 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-authentification
|
|
||||||
title: Authentification
|
|
||||||
original_id: authentification
|
|
||||||
---
|
|
||||||
|
|
||||||
The authentification is tied to the auth [plugin](plugins.md) you are using. The package restrictions also is handled by the [Package Access](packages.md).
|
|
||||||
|
|
||||||
The client authentification is handled by `npm` client itself. Once you login to the application:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
npm adduser --registry http://localhost:4873
|
|
||||||
```
|
|
||||||
|
|
||||||
A token is generated in the `npm` configuration file hosted in your user home folder. For more information about `.npmrc` read the [official documentation](https://docs.npmjs.com/files/npmrc).
|
|
||||||
|
|
||||||
```bash
|
|
||||||
cat .npmrc
|
|
||||||
registry=http://localhost:5555/
|
|
||||||
//localhost:5555/:_authToken="secretVerdaccioToken"
|
|
||||||
//registry.npmjs.org/:_authToken=secretNpmjsToken
|
|
||||||
```
|
|
||||||
|
|
||||||
#### Anonymous publish
|
|
||||||
|
|
||||||
`verdaccio`allows you to enable anonymous publish, to achieve that you will need to set up correctly your [packages access](packages.md).
|
|
||||||
|
|
||||||
Eg:
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
'my-company-*':
|
|
||||||
access: $anonymous
|
|
||||||
publish: $anonymous
|
|
||||||
proxy: npmjs
|
|
||||||
```
|
|
||||||
|
|
||||||
As is described [on issue #212](https://github.com/verdaccio/verdaccio/issues/212#issuecomment-308578500) until `npm@5.3.0` and all minor releases **won't allow you publish without a token**. However `yarn` has not such limitation.
|
|
||||||
|
|
||||||
## Default htpasswd
|
|
||||||
|
|
||||||
In order to simplify the setup, `verdaccio` use a plugin based on `htpasswd`. As of version v3.0.x an [external plugin](https://github.com/verdaccio/verdaccio-htpasswd)
|
|
||||||
is used by default. The v2.x version of this package still contains the built-in version of this plugin.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
auth:
|
|
||||||
htpasswd:
|
|
||||||
file: ./htpasswd
|
|
||||||
# Maximum amount of users allowed to register, defaults to "+inf".
|
|
||||||
# You can set this to -1 to disable registration.
|
|
||||||
#max_users: 1000
|
|
||||||
```
|
|
||||||
|
|
||||||
Property | Type | Required | Example | Support | Description
|
|
||||||
--- | --- | --- | --- | --- | ---
|
|
||||||
file | string | Yes | ./htpasswd | all | file that host the encrypted credentials
|
|
||||||
max_users | number | No | 1000 | all | set limit of users
|
|
||||||
|
|
||||||
In case to decide do not allow user to login, you can set `max_users: -1`.
|
|
|
@ -1,15 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-build
|
|
||||||
title: Build the source code
|
|
||||||
original_id: build
|
|
||||||
---
|
|
||||||
|
|
||||||
Verdaccio relies on `yarn` instead `npm` to download dependencies.
|
|
||||||
|
|
||||||
*Note: the current build only will build with `➜ yarn@1.x`.
|
|
||||||
|
|
||||||
```bash
|
|
||||||
yarn install
|
|
||||||
```
|
|
||||||
|
|
||||||
To see the complete list of scripts, [click here](https://github.com/verdaccio/verdaccio/wiki/Build-Source-Code).
|
|
|
@ -1,18 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-chef
|
|
||||||
title: Chef Cookbook
|
|
||||||
original_id: chef
|
|
||||||
---
|
|
||||||
|
|
||||||
Using Chef Cookbook for Verdaccio
|
|
||||||
|
|
||||||
For further information:
|
|
||||||
|
|
||||||
* [https://github.com/verdaccio/verdaccio-cookbook](https://github.com/verdaccio/verdaccio-cookbook)
|
|
||||||
* [https://supermarket.chef.io/cookbooks/verdaccio](https://supermarket.chef.io/cookbooks/verdaccio)
|
|
||||||
|
|
||||||
> We are looking for contributors for this repository, if you are interested please notify the author via tickets.
|
|
||||||
|
|
||||||
Author: [Keli Grubb](https://github.com/kgrubb) && Barthelemy Vessemont.
|
|
||||||
|
|
||||||
|
|
|
@ -1,15 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-ci
|
|
||||||
title: Continuous Integration
|
|
||||||
original_id: ci
|
|
||||||
---
|
|
||||||
|
|
||||||
You may use verdaccio with continuous integration while login or publish. When
|
|
||||||
using NPM to install a private module in a continuous integration environment
|
|
||||||
for the first time, a brick wall is quickly hit. The NPM login command is
|
|
||||||
designed to be used interactively. This causes an issue in CI, scripts, etc.
|
|
||||||
Here’s how to use NPM login different continuous integration platforms.
|
|
||||||
|
|
||||||
- [Travis CI](https://remysharp.com/2015/10/26/using-travis-with-private-npm-deps)
|
|
||||||
- [Circle CI 1.0](https://circleci.com/docs/1.0/npm-login/) or [Circle CI 2.0](https://circleci.com/docs/2.0/deployment-integrations/#npm)
|
|
||||||
- [Gitlab CI](https://www.exclamationlabs.com/blog/continuous-deployment-to-npm-using-gitlab-ci/)
|
|
|
@ -1,27 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-cli
|
|
||||||
title: Command Line Tool
|
|
||||||
original_id: cli
|
|
||||||
---
|
|
||||||
|
|
||||||
The verdaccio CLI is your go start the application.
|
|
||||||
|
|
||||||
## Commands
|
|
||||||
|
|
||||||
```bash
|
|
||||||
verdaccio --listen 4000 --config ~./config.yaml
|
|
||||||
```
|
|
||||||
|
|
||||||
Command | Default | Example | Description
|
|
||||||
--- | --- | --- | ---
|
|
||||||
--listen \ **-l** | 4873 | -p 7000 | http port
|
|
||||||
--config \ **-c** | ~/.local/verdaccio/config.yaml | ~./config.yaml | the configuration file
|
|
||||||
|
|
||||||
## Default config file location
|
|
||||||
|
|
||||||
To locate the home directory, we rely on **$XDG_DATA_HOME** as a first choice and Windows environment we look for [APPDATA environment variable](https://www.howtogeek.com/318177/what-is-the-appdata-folder-in-windows/).
|
|
||||||
|
|
||||||
## Default storage location
|
|
||||||
|
|
||||||
We use **$XDG_DATA_HOME** environment variable as default to locate the storage by default which [should be the same](https://askubuntu.com/questions/538526/is-home-local-share-the-default-value-for-xdg-data-home-in-ubuntu-14-04) as $HOME/.local/share.
|
|
||||||
If you are using a custom storage, this location is irrelevant.
|
|
|
@ -1,209 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-configuration
|
|
||||||
title: Configuration File
|
|
||||||
original_id: configuration
|
|
||||||
---
|
|
||||||
|
|
||||||
This file is the cornerstone of verdaccio where you can modify the default behaviour, enable plugins and extend features.
|
|
||||||
|
|
||||||
A default configuration file is created the very first time you run `verdaccio`.
|
|
||||||
|
|
||||||
## Default Configuration
|
|
||||||
|
|
||||||
The default configuration has support for **scoped** packages and allow any user to access all packages but only **authenticated users to publish**.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
storage: ./storage
|
|
||||||
auth:
|
|
||||||
htpasswd:
|
|
||||||
file: ./htpasswd
|
|
||||||
uplinks:
|
|
||||||
npmjs:
|
|
||||||
url: https://registry.npmjs.org/
|
|
||||||
packages:
|
|
||||||
'@*/*':
|
|
||||||
access: $all
|
|
||||||
publish: $authenticated
|
|
||||||
proxy: npmjs
|
|
||||||
'**':
|
|
||||||
proxy: npmjs
|
|
||||||
logs:
|
|
||||||
- {type: stdout, format: pretty, level: http}
|
|
||||||
```
|
|
||||||
|
|
||||||
## Sections
|
|
||||||
|
|
||||||
The following sections explain what each property means and the different options.
|
|
||||||
|
|
||||||
### Storage
|
|
||||||
|
|
||||||
Is the location of the default storage. **Verdaccio is by default based on local file system**.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
storage: ./storage
|
|
||||||
```
|
|
||||||
|
|
||||||
### Plugins
|
|
||||||
|
|
||||||
Is the location of the plugin directory. Useful for Docker/Kubernetes based deployments.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
plugins: ./plugins
|
|
||||||
```
|
|
||||||
|
|
||||||
### Authentification
|
|
||||||
|
|
||||||
The authentification set up is done here, the default auth is based on `htpasswd` and is built-in. You can modify this behaviour via [plugins](plugins.md). For more information about this section read the [auth page](auth.md).
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
auth:
|
|
||||||
htpasswd:
|
|
||||||
file: ./htpasswd
|
|
||||||
max_users: 1000
|
|
||||||
```
|
|
||||||
|
|
||||||
### Web UI
|
|
||||||
|
|
||||||
This properties allow you to modify the look and feel of the web UI. For more information about this section read the [web ui page](web.md).
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
web:
|
|
||||||
enable: true
|
|
||||||
title: Verdaccio
|
|
||||||
logo: logo.png
|
|
||||||
```
|
|
||||||
|
|
||||||
### Uplinks
|
|
||||||
|
|
||||||
Uplinks is the ability of the system to fetch packages from remote registries when those packages are not available locally. For more information about this section read the [uplinks page](uplinks.md).
|
|
||||||
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
uplinks:
|
|
||||||
npmjs:
|
|
||||||
url: https://registry.npmjs.org/
|
|
||||||
```
|
|
||||||
|
|
||||||
### Packages
|
|
||||||
|
|
||||||
Packages allow the user to control how the packages are gonna be accessed. For more information about this section read the [packages page](packages.md).
|
|
||||||
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
packages:
|
|
||||||
'@*/*':
|
|
||||||
access: $all
|
|
||||||
publish: $authenticated
|
|
||||||
proxy: npmjs
|
|
||||||
```
|
|
||||||
|
|
||||||
## Advanced Settings
|
|
||||||
|
|
||||||
### Offline Publish
|
|
||||||
|
|
||||||
By default `verdaccio` does not allow to publish when the client is offline, that behavior can be overridden by setting this to *true*.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
publish:
|
|
||||||
allow_offline: false
|
|
||||||
```
|
|
||||||
|
|
||||||
<small>Since: `verdaccio@2.3.6` due [#223](https://github.com/verdaccio/verdaccio/pull/223)</small>
|
|
||||||
|
|
||||||
### URL Prefix
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
url_prefix: https://dev.company.local/verdaccio/
|
|
||||||
```
|
|
||||||
|
|
||||||
Since: `verdaccio@2.3.6` due [#197](https://github.com/verdaccio/verdaccio/pull/197)
|
|
||||||
|
|
||||||
|
|
||||||
### Max Body Size
|
|
||||||
|
|
||||||
By default the maximum body size for a JSON document is `10mb`, if you run in errors as `"request entity too large"` you may increase this value.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
max_body_size: 10mb
|
|
||||||
```
|
|
||||||
|
|
||||||
### Listen Port
|
|
||||||
|
|
||||||
`verdaccio` runs by default in the port `4873`. Changing the port can be done via [cli](cli.md) or in the configuration file, the following options are valid.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
listen:
|
|
||||||
# - localhost:4873 # default value
|
|
||||||
# - http://localhost:4873 # same thing
|
|
||||||
# - 0.0.0.0:4873 # listen on all addresses (INADDR_ANY)
|
|
||||||
# - https://example.org:4873 # if you want to use https
|
|
||||||
# - "[::1]:4873" # ipv6
|
|
||||||
# - unix:/tmp/verdaccio.sock # unix socket
|
|
||||||
```
|
|
||||||
|
|
||||||
### HTTPS
|
|
||||||
|
|
||||||
To enable `https` in `verdaccio` it's enough to set the `listen` flag with the protocol *https://*. For more information about this section read the [ssl page](ssl.md).
|
|
||||||
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
https:
|
|
||||||
key: ./path/verdaccio-key.pem
|
|
||||||
cert: ./path/verdaccio-cert.pem
|
|
||||||
ca: ./path/verdaccio-csr.pem
|
|
||||||
```
|
|
||||||
|
|
||||||
### Proxy
|
|
||||||
|
|
||||||
Proxies are special-purpose HTTP servers designed to transfer data from remote servers to local clients.
|
|
||||||
|
|
||||||
#### http_proxy and https_proxy
|
|
||||||
|
|
||||||
If you have a proxy in your network you can set a `X-Forwarded-For` header using the following properties.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
http_proxy: http://something.local/
|
|
||||||
https_proxy: https://something.local/
|
|
||||||
```
|
|
||||||
|
|
||||||
#### no_proxy
|
|
||||||
|
|
||||||
This variable should contain a comma-separated list of domain extensions proxy should not be used for.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
no_proxy: localhost,127.0.0.1
|
|
||||||
```
|
|
||||||
|
|
||||||
### Notifications
|
|
||||||
|
|
||||||
Enabling notifications to third-party tools is fairly easy via web hooks. For more information about this section read the [notifications page](notifications.md).
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
notify:
|
|
||||||
method: POST
|
|
||||||
headers: [{'Content-Type': 'application/json'}]
|
|
||||||
endpoint: https://usagge.hipchat.com/v2/room/3729485/notification?auth_token=mySecretToken
|
|
||||||
content: '{"color":"green","message":"New package published: * {{ name }}*","notify":true,"message_format":"text"}'
|
|
||||||
```
|
|
||||||
|
|
||||||
|
|
||||||
> For more detailed configuration settings, please [check the source code](https://github.com/verdaccio/verdaccio/tree/master/conf).
|
|
||||||
|
|
||||||
|
|
||||||
### Audit
|
|
||||||
|
|
||||||
<small>Since: `verdaccio@3.0.0`</small>
|
|
||||||
|
|
||||||
`npm audit` is a new command released with [npm 6.x](https://github.com/npm/npm/releases/tag/v6.1.0). Verdaccio includes
|
|
||||||
a built-in middleware plugin to handle this command.
|
|
||||||
|
|
||||||
> If you have a new installation it comes by default, otherwise you need to add the following props to your config file
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
middlewares:
|
|
||||||
audit:
|
|
||||||
enabled: true
|
|
||||||
```
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -1,85 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-contributing
|
|
||||||
title: Contributing Verdaccio
|
|
||||||
original_id: contributing
|
|
||||||
---
|
|
||||||
|
|
||||||
First of all 👏👏 thanks for visiting this page, for us means you are willing contribute to `verdaccio` and we are happy for that. Jumping into an unfamiliar code base is not easy but we are here to help you.
|
|
||||||
|
|
||||||
## Comunication Channels
|
|
||||||
|
|
||||||
If you are willing for asking, we use two channels for discussions:
|
|
||||||
|
|
||||||
* [Public Gitter channel](https://gitter.im/verdaccio/)
|
|
||||||
* [Contributors Slack channel](https://verdaccio-npm.slack.com) (unfortunately only by email invitation, you might ask in **Gitter** to be included)
|
|
||||||
|
|
||||||
## Getting started
|
|
||||||
|
|
||||||
As a first glance verdaccio is a single repository, but there are many ways you might contribute and a variety of technologies to practice.
|
|
||||||
|
|
||||||
### Finding my spot
|
|
||||||
|
|
||||||
All we have different skills, so, let's see where you might feel comfortable.
|
|
||||||
|
|
||||||
### I know or I want to learn Node.js
|
|
||||||
|
|
||||||
Node.js is the base of `verdaccio`, we use libraries as `express`, `commander`, `request` or `async`. Verdaccio is basically a Rest API that create a communication with `npm` clients compatible, as `yarn`.
|
|
||||||
|
|
||||||
We have a long [list of plugins](plugins.md) ready to be used and improved but at the same time [you might create your own](dev-plugins.md).
|
|
||||||
|
|
||||||
### I would prefer to work in the User Interface
|
|
||||||
|
|
||||||
Recently we have moved to modern techonologies as `React` and `element-react`. We are looking forward to see new ideas how to improve the UI.
|
|
||||||
|
|
||||||
### I feel more confortable improving the stack
|
|
||||||
|
|
||||||
Of course, we will be happy to help us improving the stack, you can upgrade dependencies as `eslint`, `stylelint`, `webpack`. You migt merely improve the `webpack` configuration would be great. Any suggestion is very welcome. Furthermore whether you have experience with **Yeoman** you might help us with the [verdaccio generator](https://github.com/verdaccio/generator-verdaccio-plugin).
|
|
||||||
|
|
||||||
Here some ideas:
|
|
||||||
|
|
||||||
* Create a common eslint rules to be used across all dependencies or plugins
|
|
||||||
* Improve Flow types definitions delivery
|
|
||||||
* Moving to Webpack 4
|
|
||||||
* Improve hot reload with Webpack
|
|
||||||
* We use babel and webpack across all dependencies, why not a common preset?
|
|
||||||
* Improve continous integration delivery
|
|
||||||
|
|
||||||
### I do great Documentation
|
|
||||||
|
|
||||||
Many contributors find typos and grammar issues, that also helps to improve the overall experience for troubleshooting.
|
|
||||||
|
|
||||||
### I am a Designer
|
|
||||||
|
|
||||||
We have a frontend website [http://www.verdaccio.org/](http://www.verdaccio.org/) that will be happy to see your ideas.
|
|
||||||
|
|
||||||
Our website is based on [Docusaurus](https://docusaurus.io/).
|
|
||||||
|
|
||||||
### I am a DevOps
|
|
||||||
|
|
||||||
We have a widely popular Docker image [https://hub.docker.com/r/verdaccio/verdaccio/](https://hub.docker.com/r/verdaccio/verdaccio/) that need maintenance and pretty likely huge improvements, we need your knowledge for the benefits of all users.
|
|
||||||
|
|
||||||
We have support for **Kubernetes**, **Puppet**, **Ansible** and **Chef** and we need help in those fields, feel free to see all repositories.
|
|
||||||
|
|
||||||
### I can do translations
|
|
||||||
|
|
||||||
Verdaccio aims to be multilingual, in order to achieve it **we have the awesome support** of [Crowdin](https://crowdin.com) that is an amazing platform for translations.
|
|
||||||
|
|
||||||
<img src="https://d3n8a8pro7vhmx.cloudfront.net/uridu/pages/144/attachments/original/1485948891/Crowdin.png" width="400px"/>
|
|
||||||
|
|
||||||
We have setup a project where you can choose your favourite language, if you do not find your language feel free to request one [creating a ticket](https://github.com/verdaccio/verdaccio/issues/new).
|
|
||||||
|
|
||||||
[Go to Crowdin Verdaccio](https://crowdin.com/project/verdaccio)
|
|
||||||
|
|
||||||
|
|
||||||
## I'm ready to contribute
|
|
||||||
|
|
||||||
If you are thinking *"I've seen already the [repositories](repositories.md) and I'm willing to start right away"* then I have good news for you, that's the next step.
|
|
||||||
|
|
||||||
You will need learn how to build, [we have prepared a guide just for that](build.md).
|
|
||||||
|
|
||||||
Once you have played around with all scripts and you know how to use them, we are ready to go to the next step, run the [**Unit Test**](test.md).
|
|
||||||
|
|
||||||
|
|
||||||
## Full list of contributors. We want to see your face here !
|
|
||||||
|
|
||||||
<a href="graphs/contributors"><img src="https://opencollective.com/verdaccio/contributors.svg?width=890&button=false" /></a>
|
|
|
@ -1,162 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-dev-plugins
|
|
||||||
title: Developing Plugins
|
|
||||||
original_id: dev-plugins
|
|
||||||
---
|
|
||||||
|
|
||||||
There are many ways to extend `verdaccio`, currently we support `authentication plugins`, `middleware plugins` (since `v2.7.0`) and `storage plugins` since (`v3.x`).
|
|
||||||
|
|
||||||
## Authentication Plugin
|
|
||||||
|
|
||||||
This section will describe how it looks like a Verdaccio plugin in a ES5 way. Basically we have to return an object with a single method called `authenticate` that will recieve 3 arguments (`user, password, callback`). Once the authentication has been executed there is 2 options to give a response to `verdaccio`.
|
|
||||||
|
|
||||||
### API
|
|
||||||
|
|
||||||
```js
|
|
||||||
function authenticate (user, password, callback) {
|
|
||||||
...more stuff
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
##### OnError
|
|
||||||
|
|
||||||
Either something bad happened or auth was unsuccessful.
|
|
||||||
|
|
||||||
```
|
|
||||||
callback(null, false)
|
|
||||||
```
|
|
||||||
|
|
||||||
##### OnSuccess
|
|
||||||
|
|
||||||
The auth was successful.
|
|
||||||
|
|
||||||
|
|
||||||
`groups` is an array of strings where the user is part of.
|
|
||||||
|
|
||||||
```
|
|
||||||
callback(null, groups);
|
|
||||||
```
|
|
||||||
|
|
||||||
### Example
|
|
||||||
|
|
||||||
```javascript
|
|
||||||
function Auth(config, stuff) {
|
|
||||||
var self = Object.create(Auth.prototype);
|
|
||||||
self._users = {};
|
|
||||||
|
|
||||||
// config for this module
|
|
||||||
self._config = config;
|
|
||||||
|
|
||||||
// verdaccio logger
|
|
||||||
self._logger = stuff.logger;
|
|
||||||
|
|
||||||
// pass verdaccio logger to ldapauth
|
|
||||||
self._config.client_options.log = stuff.logger;
|
|
||||||
|
|
||||||
return self;
|
|
||||||
}
|
|
||||||
|
|
||||||
Auth.prototype.authenticate = function (user, password, callback) {
|
|
||||||
var LdapClient = new LdapAuth(self._config.client_options);
|
|
||||||
....
|
|
||||||
LdapClient.authenticate(user, password, function (err, ldapUser) {
|
|
||||||
...
|
|
||||||
var groups;
|
|
||||||
...
|
|
||||||
callback(null, groups);
|
|
||||||
});
|
|
||||||
};
|
|
||||||
|
|
||||||
module.exports = Auth;
|
|
||||||
```
|
|
||||||
|
|
||||||
And the setup
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
auth:
|
|
||||||
htpasswd:
|
|
||||||
file: ./htpasswd
|
|
||||||
```
|
|
||||||
Where `htpasswd` is the sufix of the plugin name. eg: `verdaccio-htpasswd` and the rest of the body would be the plugin configuration params.
|
|
||||||
|
|
||||||
## Middleware Plugin
|
|
||||||
|
|
||||||
Middleware plugins have the capability to modify the API layer, either adding new endpoints or intercepting requests.
|
|
||||||
|
|
||||||
> A pretty good example
|
|
||||||
of middleware plugin is the [sinopia-github-oauth](https://github.com/soundtrackyourbrand/sinopia-github-oauth) and [verdaccio-audit](https://github.com/verdaccio/verdaccio-audit).
|
|
||||||
|
|
||||||
### API
|
|
||||||
|
|
||||||
```js
|
|
||||||
function register_middlewares(expressApp, authInstance, storageInstance) {
|
|
||||||
/* more stuff */
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
To register a middleware we need an object with a single method called `register_middlewares` that will recieve 3 arguments (`expressApp, auth, storage`).
|
|
||||||
*Auth* is the authentification instance and *storage* is also the main Storage instance that will give you have access to all to the storage actions.
|
|
||||||
|
|
||||||
|
|
||||||
## Storage Plugin
|
|
||||||
|
|
||||||
Verdaccio by default uses a file system storage plugin [local-storage](https://github.com/verdaccio/local-storage) but, since `verdaccio@3.x` you can plug in a custom storage.
|
|
||||||
|
|
||||||
### API
|
|
||||||
|
|
||||||
The storage API is a bit more complex, you will need to create a class that return a `ILocalData` implementation. Please see details bellow.
|
|
||||||
|
|
||||||
```js
|
|
||||||
|
|
||||||
class LocalDatabase<ILocalData>{
|
|
||||||
constructor(config: Config, logger: Logger): ILocalData;
|
|
||||||
}
|
|
||||||
|
|
||||||
declare interface verdaccio$ILocalData {
|
|
||||||
add(name: string, callback: verdaccio$Callback): void;
|
|
||||||
remove(name: string, callback: verdaccio$Callback): void;
|
|
||||||
get(callback: verdaccio$Callback): void;
|
|
||||||
getSecret(): Promise<string>;
|
|
||||||
setSecret(secret: string): Promise<any>;
|
|
||||||
getPackageStorage(packageInfo: string): verdaccio$IPackageStorage;
|
|
||||||
}
|
|
||||||
|
|
||||||
declare interface verdaccio$ILocalPackageManager {
|
|
||||||
writeTarball(name: string): verdaccio$IUploadTarball;
|
|
||||||
readTarball(name: string): verdaccio$IReadTarball;
|
|
||||||
readPackage(fileName: string, callback: verdaccio$Callback): void;
|
|
||||||
createPackage(name: string, value: verdaccio$Package, cb: verdaccio$Callback): void;
|
|
||||||
deletePackage(fileName: string, callback: verdaccio$Callback): void;
|
|
||||||
removePackage(callback: verdaccio$Callback): void;
|
|
||||||
updatePackage(pkgFileName: string,
|
|
||||||
updateHandler: verdaccio$Callback,
|
|
||||||
onWrite: verdaccio$Callback,
|
|
||||||
transformPackage: Function,
|
|
||||||
onEnd: verdaccio$Callback): void;
|
|
||||||
savePackage(fileName: string, json: verdaccio$Package, callback: verdaccio$Callback): void;
|
|
||||||
}
|
|
||||||
|
|
||||||
interface IUploadTarball extends stream$PassThrough {
|
|
||||||
abort(): void;
|
|
||||||
done(): void;
|
|
||||||
}
|
|
||||||
|
|
||||||
interface IReadTarball extends stream$PassThrough {
|
|
||||||
abort(): void;
|
|
||||||
done(): void;
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
> The Storage API is still experimental and might change in the next minor versions. For further information about Storage API please follow the [types
|
|
||||||
definitions in our official repository](https://github.com/verdaccio/flow-types).
|
|
||||||
|
|
||||||
### Storage Plugins Examples
|
|
||||||
|
|
||||||
The following list of plugins are implementing the Storage API and might be used them as example.
|
|
||||||
|
|
||||||
* [verdaccio-memory](https://github.com/verdaccio/verdaccio-memory)
|
|
||||||
* [local-storage](https://github.com/verdaccio/local-storage)
|
|
||||||
* [verdaccio-google-cloud](https://github.com/verdaccio/verdaccio-google-cloud)
|
|
||||||
* [verdaccio-s3-storage](https://github.com/Remitly/verdaccio-s3-storage/tree/s3)
|
|
||||||
|
|
||||||
> Are you willing to contribute with new Storage Plugins? [Click here.](https://github.com/verdaccio/verdaccio/issues/103#issuecomment-357478295)
|
|
|
@ -1,171 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-docker
|
|
||||||
title: Docker
|
|
||||||
original_id: docker
|
|
||||||
---
|
|
||||||
|
|
||||||
<div class="docker-count">
|
|
||||||
|
|
||||||
![alt Docker Pulls Count](http://dockeri.co/image/verdaccio/verdaccio "Docker Pulls Count")
|
|
||||||
|
|
||||||
</div>
|
|
||||||
|
|
||||||
To pull the latest pre-built [docker image](https://hub.docker.com/r/verdaccio/verdaccio/):
|
|
||||||
|
|
||||||
```bash
|
|
||||||
docker pull verdaccio/verdaccio
|
|
||||||
```
|
|
||||||
|
|
||||||
![Docker pull](/svg/docker_verdaccio.gif)
|
|
||||||
|
|
||||||
## Tagged Versions
|
|
||||||
|
|
||||||
Since version `v2.x` you can pull docker images by [tag](https://hub.docker.com/r/verdaccio/verdaccio/tags/), as follows:
|
|
||||||
|
|
||||||
For a major version:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
docker pull verdaccio/verdaccio:3
|
|
||||||
```
|
|
||||||
For a minor version:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
docker pull verdaccio/verdaccio:3.0
|
|
||||||
```
|
|
||||||
|
|
||||||
For a specific (patch) version:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
docker pull verdaccio/verdaccio:3.0.1
|
|
||||||
```
|
|
||||||
|
|
||||||
For the next major release using the `beta` (master branch) version.
|
|
||||||
|
|
||||||
```bash
|
|
||||||
docker pull verdaccio/verdaccio:beta
|
|
||||||
```
|
|
||||||
|
|
||||||
> If you are interested on a list of tags, [please visit the Docker Hub website](https://hub.docker.com/r/verdaccio/verdaccio/tags/).
|
|
||||||
|
|
||||||
## Running verdaccio using Docker
|
|
||||||
|
|
||||||
To run the docker container:
|
|
||||||
```bash
|
|
||||||
docker run -it --rm --name verdaccio -p 4873:4873 verdaccio/verdaccio
|
|
||||||
```
|
|
||||||
The last argument defines which image to use.
|
|
||||||
The above line will pull the latest prebuilt image from dockerhub, if you haven't done that already.
|
|
||||||
|
|
||||||
If you have [build an image locally](#build-your-own-docker-image) use `verdaccio` as the last argument.
|
|
||||||
|
|
||||||
|
|
||||||
You can use `-v` to bind mount `conf`, `storage` and `plugins` to the hosts filesystem:
|
|
||||||
```bash
|
|
||||||
V_PATH=/path/for/verdaccio; docker run -it --rm --name verdaccio -p 4873:4873 \
|
|
||||||
-v $V_PATH/conf:/verdaccio/conf \
|
|
||||||
-v $V_PATH/storage:/verdaccio/storage \
|
|
||||||
-v $V_PATH/plugins:/verdaccio/plugins \
|
|
||||||
verdaccio/verdaccio
|
|
||||||
```
|
|
||||||
>Note: Verdaccio runs as a non-root user (uid=100, gid=101) inside the container, if you use bind mount to override default, you need to make sure the mount directory is assigned to the right user. In above example, you need to run `sudo chown -R 100:101 /opt/verdaccio` otherwise you will get permission errors at runtime. [Use docker volume](https://docs.docker.com/storage/volumes/) is recommended over using bind mount.
|
|
||||||
|
|
||||||
### Plugins
|
|
||||||
Plugins can be installed in a separate directory and mounted using Docker or Kubernetes, however make sure you build plugins with native dependencies using the same base image as the Verdaccio Dockerfile.
|
|
||||||
|
|
||||||
### Docker and custom port configuration
|
|
||||||
Any `host:port` configured in `conf/config.yaml` under `listen` is currently ignored when using docker.
|
|
||||||
|
|
||||||
If you want to reach verdaccio docker instance under different port, lets say `5000`
|
|
||||||
in your `docker run` command replace `-p 4873:4873` with `-p 5000:4873`.
|
|
||||||
|
|
||||||
In case you need to specify which port to listen to **in the docker container**,
|
|
||||||
since version 2.?.? you can do so by providing additional arguments to `docker run`: `--env PORT=5000`
|
|
||||||
This changes which port the docker container exposes and the port verdaccio listens to.
|
|
||||||
|
|
||||||
Of course the numbers you give to `-p` paremeter need to match,
|
|
||||||
so assuming you want them to all be the same this is what you could copy, paste and adopt:
|
|
||||||
```bash
|
|
||||||
PORT=5000; docker run -it --rm --name verdaccio \
|
|
||||||
--env PORT -p $PORT:$PORT
|
|
||||||
verdaccio/verdaccio
|
|
||||||
```
|
|
||||||
|
|
||||||
### Using HTTPS with Docker
|
|
||||||
You can configure the protocol verdaccio is going to listen on, similarly to the port configuration.
|
|
||||||
You have to overwrite the default value("http") of the `PROTOCOL` environment variable to "https", after you specified the certificates in the config.yaml.
|
|
||||||
|
|
||||||
```bash
|
|
||||||
PROTOCOL=https; docker run -it --rm --name verdaccio \
|
|
||||||
--env PROTOCOL -p 4873:4873
|
|
||||||
verdaccio/verdaccio
|
|
||||||
```
|
|
||||||
|
|
||||||
### Using docker-compose
|
|
||||||
|
|
||||||
1. Get the latest version of [docker-compose](https://github.com/docker/compose).
|
|
||||||
2. Build and run the container:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
$ docker-compose up --build
|
|
||||||
```
|
|
||||||
|
|
||||||
You can set the port to use (for both container and host) by prefixing the above command with `PORT=5000 `.
|
|
||||||
|
|
||||||
Docker will generate a named volume in which to store persistent application data. You can use `docker inspect` or `docker volume inspect` to reveal the physical location of the volume and edit the configuration, such as:
|
|
||||||
|
|
||||||
```
|
|
||||||
$ docker volume inspect verdaccio_verdaccio
|
|
||||||
[
|
|
||||||
{
|
|
||||||
"Name": "verdaccio_verdaccio",
|
|
||||||
"Driver": "local",
|
|
||||||
"Mountpoint": "/var/lib/docker/volumes/verdaccio_verdaccio/_data",
|
|
||||||
"Labels": null,
|
|
||||||
"Scope": "local"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
|
|
||||||
```
|
|
||||||
|
|
||||||
## Build your own Docker image
|
|
||||||
|
|
||||||
```bash
|
|
||||||
docker build -t verdaccio .
|
|
||||||
```
|
|
||||||
|
|
||||||
There is also an npm script for building the docker image, so you can also do:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
npm run build:docker
|
|
||||||
```
|
|
||||||
|
|
||||||
Note: The first build takes some minutes to build because it needs to run `npm install`,
|
|
||||||
and it will take that long again whenever you change any file that is not listed in `.dockerignore`.
|
|
||||||
|
|
||||||
If you want to use the docker image on a rpi or a compatible device there is also a dockerfile available.
|
|
||||||
To build the docker image for raspberry pi execute:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
npm run build:docker:rpi
|
|
||||||
```
|
|
||||||
|
|
||||||
Please note that for any of the above docker commands you need to have docker installed on your machine and the docker executable should be available on your `$PATH`.
|
|
||||||
|
|
||||||
## Docker Examples
|
|
||||||
|
|
||||||
There is a separate repository that hosts multiple configurations to compose Docker images with `verdaccio`, for instance, as reverse proxy:
|
|
||||||
|
|
||||||
[https://github.com/verdaccio/docker-examples](https://github.com/verdaccio/docker-examples)
|
|
||||||
|
|
||||||
## Docker Custom Builds
|
|
||||||
|
|
||||||
* [docker-verdaccio-gitlab](https://github.com/snics/docker-verdaccio-gitlab)
|
|
||||||
* [docker-verdaccio](https://github.com/deployable/docker-verdaccio)
|
|
||||||
* [docker-verdaccio-s3](https://github.com/asynchrony/docker-verdaccio-s3) Private NPM container that can backup to s3
|
|
||||||
* [docker-verdaccio-ldap](https://github.com/snadn/docker-verdaccio-ldap)
|
|
||||||
* [verdaccio-ldap](https://github.com/nathantreid/verdaccio-ldap)
|
|
||||||
* [verdaccio-compose-local-bridge](https://github.com/shingtoli/verdaccio-compose-local-bridge)
|
|
||||||
* [docker-verdaccio](https://github.com/Global-Solutions/docker-verdaccio)
|
|
||||||
* [verdaccio-docker](https://github.com/idahobean/verdaccio-docker)
|
|
||||||
* [verdaccio-server](https://github.com/andru255/verdaccio-server)
|
|
||||||
* [coldrye-debian-verdaccio](https://github.com/coldrye-docker/coldrye-debian-verdaccio) docker image providing verdaccio from coldrye-debian-nodejs.
|
|
|
@ -1,114 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-iss-server
|
|
||||||
title: Installing on IIS server
|
|
||||||
original_id: iss-server
|
|
||||||
---
|
|
||||||
|
|
||||||
These instructions were written for Windows Server 2012, IIS 8, [Node.js 0.12.3](https://nodejs.org/), [iisnode 0.2.16](https://github.com/tjanczuk/iisnode) and [verdaccio 2.1.0](https://github.com/verdaccio/verdaccio).
|
|
||||||
|
|
||||||
* Install IIS Install [iisnode](https://github.com/tjanczuk/iisnode).
|
|
||||||
Make sure you install prerequisites (Url Rewrite Module & node) as explained in the instructions for iisnode.
|
|
||||||
* Create a new folder in Explorer where you want to host verdaccio.
|
|
||||||
For example `C:\verdaccio`.
|
|
||||||
Save [package.json](#packagejson),
|
|
||||||
[start.js](#startjs)
|
|
||||||
and [web.config](#webconfig) in this folder.
|
|
||||||
* Create a new site in Internet Information Services Manager. You can name it whatever you want.
|
|
||||||
I'll call it verdaccio in these [instructions](http://www.iis.net/learn/manage/configuring-security/application-pool-identities). Specify the path to where you saved all files and a port number.
|
|
||||||
* Go back to Explorer and give the user that runs the application pool modify rights to the folder you just created. If you've named the new site verdaccio and did not change the app pool, it's running under an ApplicationPoolIdentity and you should give the user IIS AppPool\verdaccio modify rights see instructions if you need help. (You can restrict access later if you want so that it only has modify rights on the iisnode and verdaccio\storage)
|
|
||||||
* Start a command prompt and execute the commands below to download verdaccio:
|
|
||||||
|
|
||||||
````
|
|
||||||
cd c:\verdaccio
|
|
||||||
npm install
|
|
||||||
````
|
|
||||||
|
|
||||||
* Make sure you have an inbound rule accepting TCP traffic to the port in Windows Firewall
|
|
||||||
* Thats it! Now you can navigate to the host and port that you specified
|
|
||||||
|
|
||||||
|
|
||||||
I wanted the `verdaccio` site to be the default site in IIS so I did the following:
|
|
||||||
|
|
||||||
* I made sure the .npmrc file in `c:\users{yourname}\` had the registry set to `"registry=http://localhost/"`
|
|
||||||
* I stopped the "Default Web Site" and only start the site "verdaccio" site in IIS
|
|
||||||
* I set the bindings to "http", ip address "All Unassigned" on port 80, ok any warning or prompts
|
|
||||||
|
|
||||||
These instructions are based on [Host Sinopia in IIS
|
|
||||||
on Windows](https://gist.github.com/HCanber/4dd8409f79991a09ac75). I had to tweak my web config as per below but you may find the original from the
|
|
||||||
for mentioned link works better
|
|
||||||
|
|
||||||
A default configuration file will be created `c:\verdaccio\verdaccio\config.yaml`
|
|
||||||
|
|
||||||
### package.json
|
|
||||||
|
|
||||||
````json
|
|
||||||
{
|
|
||||||
"name": "iisnode-verdaccio",
|
|
||||||
"version": "1.0.0",
|
|
||||||
"description": "Hosts verdaccio in iisnode",
|
|
||||||
"main": "start.js",
|
|
||||||
"dependencies": {
|
|
||||||
"verdaccio": "^2.1.0"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
````
|
|
||||||
|
|
||||||
### start.js
|
|
||||||
|
|
||||||
````bash
|
|
||||||
process.argv.push('-l', 'unix:' + process.env.PORT);
|
|
||||||
require('./node_modules/verdaccio/src/lib/cli.js');
|
|
||||||
````
|
|
||||||
|
|
||||||
### web.config
|
|
||||||
|
|
||||||
````xml
|
|
||||||
<configuration>
|
|
||||||
<system.webServer>
|
|
||||||
<modules>
|
|
||||||
<remove name="WebDAVModule" />
|
|
||||||
</modules>
|
|
||||||
|
|
||||||
<!-- indicates that the start.js file is a node.js application
|
|
||||||
to be handled by the iisnode module -->
|
|
||||||
<handlers>
|
|
||||||
<remove name="WebDAV" />
|
|
||||||
<add name="iisnode" path="start.js" verb="*" modules="iisnode" resourceType="Unspecified" requireAccess="Execute" />
|
|
||||||
<add name="WebDAV" path="*" verb="*" modules="WebDAVModule" resourceType="Unspecified" requireAccess="Execute" />
|
|
||||||
</handlers>
|
|
||||||
|
|
||||||
<rewrite>
|
|
||||||
<rules>
|
|
||||||
|
|
||||||
<!-- iisnode folder is where iisnode stores it's logs. These should
|
|
||||||
never be rewritten -->
|
|
||||||
<rule name="iisnode" stopProcessing="true">
|
|
||||||
<match url="iisnode*" />
|
|
||||||
<action type="None" />
|
|
||||||
</rule>
|
|
||||||
|
|
||||||
<!-- Rewrite all other urls in order for verdaccio to handle these -->
|
|
||||||
<rule name="verdaccio">
|
|
||||||
<match url="/*" />
|
|
||||||
<action type="Rewrite" url="start.js" />
|
|
||||||
</rule>
|
|
||||||
</rules>
|
|
||||||
</rewrite>
|
|
||||||
|
|
||||||
<!-- exclude node_modules directory and subdirectories from serving
|
|
||||||
by IIS since these are implementation details of node.js applications -->
|
|
||||||
<security>
|
|
||||||
<requestFiltering>
|
|
||||||
<hiddenSegments>
|
|
||||||
<add segment="node_modules" />
|
|
||||||
</hiddenSegments>
|
|
||||||
</requestFiltering>
|
|
||||||
</security>
|
|
||||||
|
|
||||||
</system.webServer>
|
|
||||||
</configuration>
|
|
||||||
````
|
|
||||||
|
|
||||||
### Troubleshooting
|
|
||||||
- **The web interface does not load when hosted with https as it tries to download scripts over http.**
|
|
||||||
Make sure that you have correctly mentioned `url_prefix` in verdaccio config. Follow the [discussion](https://github.com/verdaccio/verdaccio/issues/622).
|
|
|
@ -1,51 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-installation
|
|
||||||
title: Installation
|
|
||||||
original_id: installation
|
|
||||||
---
|
|
||||||
|
|
||||||
Verdaccio is a multiplatform web application. To install it, you need a few prerequisites.
|
|
||||||
|
|
||||||
#### Prerequisites
|
|
||||||
|
|
||||||
1. Node higher than
|
|
||||||
- For version `verdaccio@2.x` Node `v4.6.1` is the minimum supported version.
|
|
||||||
- For version `verdaccio@latest` Node `6.12.0` is the minimum supported version.
|
|
||||||
2. npm `>=3.x` or `yarn`
|
|
||||||
3. The web interface supports the `Chrome, Firefox, Edge, and IE9` browsers.
|
|
||||||
|
|
||||||
## Installing the CLI
|
|
||||||
|
|
||||||
`verdaccio` must be installed globaly using either of the following methods:
|
|
||||||
|
|
||||||
Using `npm`
|
|
||||||
|
|
||||||
```bash
|
|
||||||
npm install -g verdaccio
|
|
||||||
```
|
|
||||||
or using `yarn`
|
|
||||||
|
|
||||||
```bash
|
|
||||||
yarn global add verdaccio
|
|
||||||
```
|
|
||||||
|
|
||||||
![install verdaccio](/svg/install_verdaccio.gif)
|
|
||||||
|
|
||||||
|
|
||||||
## Basic Usage
|
|
||||||
|
|
||||||
Once it has been installed, you only need to execute the CLI command:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
$> verdaccio
|
|
||||||
warn --- config file - /home/.config/verdaccio/config.yaml
|
|
||||||
warn --- http address - http://localhost:4873/ - verdaccio/3.0.1
|
|
||||||
```
|
|
||||||
|
|
||||||
![](https://cdn-images-1.medium.com/max/720/1*jDHnZ7_68u5s1lFK2cygnA.gif)
|
|
||||||
|
|
||||||
For more information about the CLI, please [read the cli section](cli.md).
|
|
||||||
|
|
||||||
## Docker Image
|
|
||||||
|
|
||||||
`verdaccio` has an official docker image you can use, and in most cases, the default configuration is good enough. For more information about how to install the official image, [read the docker section](docker.md).
|
|
|
@ -1,100 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-kubernetes
|
|
||||||
title: Kubernetes
|
|
||||||
original_id: kubernetes
|
|
||||||
---
|
|
||||||
|
|
||||||
You can find instructions to deploy Verdaccio on a Kubernetes cluster on the
|
|
||||||
[verdaccio/docker-example](https://github.com/verdaccio/docker-examples/tree/master/kubernetes-example)
|
|
||||||
repository. However, the recommended method to install Verdaccio on a Kubernetes
|
|
||||||
cluster is to use [Helm](https://helm.sh). Helm is a
|
|
||||||
[Kubernetes](https://kubernetes.io) package manager which bring multiple
|
|
||||||
advantages.
|
|
||||||
|
|
||||||
## Helm
|
|
||||||
|
|
||||||
### Setup Helm
|
|
||||||
|
|
||||||
If you haven't used Helm before, you need to setup the Helm controller called
|
|
||||||
Tiller:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
helm init
|
|
||||||
```
|
|
||||||
|
|
||||||
### Install
|
|
||||||
|
|
||||||
Deploy the Helm [stable/verdaccio](https://github.com/kubernetes/charts/tree/master/stable/verdaccio)
|
|
||||||
chart. In this example we use `npm` as release name:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
helm install --name npm stable/verdaccio
|
|
||||||
```
|
|
||||||
|
|
||||||
### Deploy a specific version
|
|
||||||
|
|
||||||
```bash
|
|
||||||
helm install --name npm --set image.tag=2.6.5 stable/verdaccio
|
|
||||||
```
|
|
||||||
|
|
||||||
### Upgrading Verdaccio
|
|
||||||
|
|
||||||
```bash
|
|
||||||
helm upgrade npm stable/verdaccio
|
|
||||||
```
|
|
||||||
|
|
||||||
### Uninstalling
|
|
||||||
|
|
||||||
```bash
|
|
||||||
helm del --purge npm
|
|
||||||
```
|
|
||||||
|
|
||||||
**Note:** this command delete all the resources, including packages that you may
|
|
||||||
have previously published to the registry.
|
|
||||||
|
|
||||||
|
|
||||||
### Custom Verdaccio configuration
|
|
||||||
|
|
||||||
You can customize the Verdaccio configuration using a Kubernetes *configMap*.
|
|
||||||
|
|
||||||
#### Prepare
|
|
||||||
|
|
||||||
Copy the [existing configuration](https://github.com/verdaccio/verdaccio/blob/master/conf/full.yaml)
|
|
||||||
and adapt it for your use case:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
wget https://raw.githubusercontent.com/verdaccio/verdaccio/master/conf/full.yaml -O config.yaml
|
|
||||||
```
|
|
||||||
|
|
||||||
**Note:** Make sure you are using the right path for the storage that is used for
|
|
||||||
persistency:
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
storage: /verdaccio/storage/data
|
|
||||||
auth:
|
|
||||||
htpasswd:
|
|
||||||
file: /verdaccio/storage/htpasswd
|
|
||||||
```
|
|
||||||
|
|
||||||
#### Deploy the configMap
|
|
||||||
|
|
||||||
Deploy the `configMap` to the cluster
|
|
||||||
|
|
||||||
```bash
|
|
||||||
kubectl create configmap verdaccio-config --from-file ./config.yaml
|
|
||||||
```
|
|
||||||
|
|
||||||
#### Deploy Verdaccio
|
|
||||||
|
|
||||||
Now you can deploy the Verdaccio Helm chart and specify which configuration to
|
|
||||||
use:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
helm install --name npm --set customConfigMap=verdaccio-config stable/verdaccio
|
|
||||||
```
|
|
||||||
|
|
||||||
## Rancher Support
|
|
||||||
|
|
||||||
[Rancher](http://rancher.com/) is a complete container management platform that makes managing and using containers in production really easy.
|
|
||||||
|
|
||||||
* [verdaccio-rancher](https://github.com/lgaticaq/verdaccio-rancher)
|
|
|
@ -1,26 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-logger
|
|
||||||
title: Logger
|
|
||||||
original_id: logger
|
|
||||||
---
|
|
||||||
|
|
||||||
As any web application, verdaccio has a customisable built-in logger. You can define multiple types of outputs.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
logs:
|
|
||||||
# console output
|
|
||||||
- {type: stdout, format: pretty, level: http}
|
|
||||||
# file output
|
|
||||||
- {type: file, path: verdaccio.log, level: info}
|
|
||||||
```
|
|
||||||
|
|
||||||
Use `SIGUSR2` to notify the application, the log-file was rotated and it needs to reopen it.
|
|
||||||
|
|
||||||
### Configuration
|
|
||||||
|
|
||||||
Property | Type | Required | Example | Support | Description
|
|
||||||
--- | --- | --- | --- | --- | ---
|
|
||||||
type | string | No | [stdout, file] | all | define the output
|
|
||||||
path | string | No | verdaccio.log | all | if type is file, define the location of that file
|
|
||||||
format | string | No | [pretty, pretty-timestamped] | all | output format
|
|
||||||
level | string | No | [fatal, error, warn, http, info, debug, trace] | all | verbose level
|
|
|
@ -1,43 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-node-api
|
|
||||||
title: Node API
|
|
||||||
original_id: node-api
|
|
||||||
---
|
|
||||||
|
|
||||||
Verdaccio can be invoqued programmatically. The node API was introduced after version `verdaccio@3.0.0-alpha.10`.
|
|
||||||
|
|
||||||
## Usage
|
|
||||||
|
|
||||||
#### Programmatically
|
|
||||||
|
|
||||||
```js
|
|
||||||
import startServer from 'verdaccio';
|
|
||||||
|
|
||||||
startServer(configJsonFormat, 6000, store, '1.0.0', 'verdaccio',
|
|
||||||
(webServer, addrs, pkgName, pkgVersion) => {
|
|
||||||
webServer.listen(addr.port || addr.path, addr.host, () => {
|
|
||||||
console.log('verdaccio running');
|
|
||||||
});
|
|
||||||
});
|
|
||||||
```
|
|
||||||
|
|
||||||
## Other implementations
|
|
||||||
|
|
||||||
* [verdaccio-server](https://github.com/boringame/verdaccio-server) local npm registry proxy server
|
|
||||||
|
|
||||||
```js
|
|
||||||
// js
|
|
||||||
import * as verdaccioServer from "verdaccio-server";
|
|
||||||
verdaccioServer.start();
|
|
||||||
verdaccioServer.stop();
|
|
||||||
verdaccioServer.list();
|
|
||||||
verdaccioServer.stopAll();
|
|
||||||
verdaccioServer.show();
|
|
||||||
verdaccioServer.cli();
|
|
||||||
// windows .net2
|
|
||||||
verdaccioServer.serviceInstall();
|
|
||||||
verdaccioServer.serviceUninstall();
|
|
||||||
verdaccioServer.serviceStart();
|
|
||||||
verdaccioServer.serviceStop();
|
|
||||||
verdaccioServer.serviceRestart();
|
|
||||||
```
|
|
|
@ -1,169 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-notifications
|
|
||||||
title: Notifications
|
|
||||||
original_id: notifications
|
|
||||||
---
|
|
||||||
|
|
||||||
Notify was built primarily to use with Slack's Incoming
|
|
||||||
webhooks, but will also deliver a simple payload to
|
|
||||||
any endpoint. Currently only active for `npm publish`
|
|
||||||
command.
|
|
||||||
|
|
||||||
## Usage
|
|
||||||
|
|
||||||
An example with a **HipChat**, **Stride** and **Google Hangouts Chat** hook:
|
|
||||||
|
|
||||||
> Verdaccio supports any API, feel free to ad more examples.
|
|
||||||
|
|
||||||
#### Single notification
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
notify:
|
|
||||||
method: POST
|
|
||||||
headers: [{'Content-Type': 'application/json'}]
|
|
||||||
endpoint: https://usagge.hipchat.com/v2/room/3729485/notification?auth_token=mySecretToken
|
|
||||||
content: '{"color":"green","message":"New package published: * {{ name }}*","notify":true,"message_format":"text"}'
|
|
||||||
```
|
|
||||||
|
|
||||||
#### Multiple notification
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
notify:
|
|
||||||
'example-google-chat':
|
|
||||||
method: POST
|
|
||||||
headers: [{'Content-Type': 'application/json'}]
|
|
||||||
endpoint: https://chat.googleapis.com/v1/spaces/AAAAB_TcJYs/messages?key=myKey&token=myToken
|
|
||||||
content: '{"text":"New package published: `{{ name }}{{#each versions}} v{{version}}{{/each}}`"}'
|
|
||||||
'example-hipchat':
|
|
||||||
method: POST
|
|
||||||
headers: [{'Content-Type': 'application/json'}]
|
|
||||||
endpoint: https://usagge.hipchat.com/v2/room/3729485/notification?auth_token=mySecretToken
|
|
||||||
content: '{"color":"green","message":"New package published: * {{ name }}*","notify":true,"message_format":"text"}'
|
|
||||||
'example-stride':
|
|
||||||
method: POST
|
|
||||||
headers: [{'Content-Type': 'application/json'}, {'authorization': 'Bearer secretToken'}]
|
|
||||||
endpoint: https://api.atlassian.com/site/{cloudId}/conversation/{conversationId}/message
|
|
||||||
content: '{"body": {"version": 1,"type": "doc","content": [{"type": "paragraph","content": [{"type": "text","text": "New package published: * {{ name }}* Publisher name: * {{ publisher.name }}"}]}]}}'
|
|
||||||
```
|
|
||||||
|
|
||||||
## Template
|
|
||||||
|
|
||||||
We use [Handlebars](https://handlebarsjs.com/) as main template engine.
|
|
||||||
|
|
||||||
### Format Examples
|
|
||||||
|
|
||||||
```
|
|
||||||
# iterate all versions
|
|
||||||
{{ name }}{{#each versions}} v{{version}}{{/each}}`"}
|
|
||||||
|
|
||||||
# publisher and `dist-tag` package published
|
|
||||||
{{ publisher.name }} has published {{publishedPackage}}"}
|
|
||||||
```
|
|
||||||
|
|
||||||
### Properties
|
|
||||||
|
|
||||||
List of properties accesible via template
|
|
||||||
|
|
||||||
* Metadata
|
|
||||||
* Publisher (who is publishing)
|
|
||||||
* Package Published (package@1.0.0)
|
|
||||||
|
|
||||||
### Metadata
|
|
||||||
|
|
||||||
Package metadata that the template has access
|
|
||||||
|
|
||||||
```
|
|
||||||
{
|
|
||||||
"_id": "@test/pkg1",
|
|
||||||
"name": "@test/pkg1",
|
|
||||||
"description": "",
|
|
||||||
"dist-tags": {
|
|
||||||
"beta": "1.0.54"
|
|
||||||
},
|
|
||||||
"versions": {
|
|
||||||
"1.0.54": {
|
|
||||||
"name": "@test/pkg1",
|
|
||||||
"version": "1.0.54",
|
|
||||||
"description": "some description",
|
|
||||||
"main": "index.js",
|
|
||||||
"scripts": {
|
|
||||||
"test": "echo \"Error: no test specified\" && exit 1"
|
|
||||||
},
|
|
||||||
"keywords": [],
|
|
||||||
"author": {
|
|
||||||
"name": "Author Name",
|
|
||||||
"email": "author@domain.com"
|
|
||||||
},
|
|
||||||
"license": "MIT",
|
|
||||||
"dependencies": {
|
|
||||||
"webpack": "4.12.0"
|
|
||||||
},
|
|
||||||
"readmeFilename": "README.md",
|
|
||||||
"_id": "@ test/pkg1@1.0.54",
|
|
||||||
"_npmVersion": "6.1.0",
|
|
||||||
"_nodeVersion": "9.9.0",
|
|
||||||
"_npmUser": {},
|
|
||||||
"dist": {
|
|
||||||
"integrity": "sha512-JlXWpLtMUBAqvVZBvH7UVLhXkGE1ctmXbDjbH/l0zMuG7wVzQ7GshTYvD/b5C+G2vOL2oiIS1RtayA/kKkTwKw==",
|
|
||||||
"shasum": "29c55c52c1e76e966e706165e5b9f22e32aa9f22",
|
|
||||||
"tarball": "http://localhost:4873/@test/pkg1/-/@test/pkg1-1.0.54.tgz"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"readme": "# test",
|
|
||||||
"_attachments": {
|
|
||||||
"@test/pkg1-1.0.54.tgz": {
|
|
||||||
"content_type": "application/octet-stream",
|
|
||||||
"data": "H4sIAAAAAAAAE+y9Z5PjyJIgOJ ...",
|
|
||||||
"length": 33112
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"time": {}
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
|
|
||||||
### Publisher
|
|
||||||
|
|
||||||
You can access to the package publisher information in the `content` of a webhook using the `publisher` object.
|
|
||||||
|
|
||||||
See below the `publisher` object type:
|
|
||||||
|
|
||||||
```
|
|
||||||
{
|
|
||||||
name: string,
|
|
||||||
groups: string[],
|
|
||||||
real_groups: string[]
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
An example:
|
|
||||||
|
|
||||||
```
|
|
||||||
notify:
|
|
||||||
method: POST
|
|
||||||
headers: [{'Content-Type': 'application/json'}]
|
|
||||||
endpoint: https://usagge.hipchat.com/v2/room/3729485/notification?auth_token=mySecretToken
|
|
||||||
content: '{"color":"green","message":"New package published: * {{ name }}*. Publisher name: * {{ publisher.name }} *.","notify":true,"message_format":"text"}'
|
|
||||||
```
|
|
||||||
|
|
||||||
**Note:** it's not possible to get the publisher information if the `package.json` file already has the `publisher` property.
|
|
||||||
|
|
||||||
### Package Published
|
|
||||||
|
|
||||||
You can acces to the package is being published with the keyword `{{publishedPackage}}` as follows.
|
|
||||||
|
|
||||||
```
|
|
||||||
{{ publisher.name }} has published {{publishedPackage}}"}
|
|
||||||
```
|
|
||||||
|
|
||||||
## Configuration
|
|
||||||
|
|
||||||
Property | Type | Required | Support | Default | Description
|
|
||||||
--- | --- | --- | --- | --- | ---
|
|
||||||
method| string | No | all | | HTTP verb
|
|
||||||
packagePattern| string | No | all | | Only run this notification if the package name matches the regular expression
|
|
||||||
packagePatternFlags| string | No | all | | Any flags to be used with the regular expression
|
|
||||||
headers| array/object | Yes | all | | If this endpoint requires specific headers, set them here as an array of key: value objects.
|
|
||||||
endpoint| string | Yes | all | | set the URL endpoint for this call
|
|
||||||
content| string | Yes | all | | any [Handlebar](https://handlebarsjs.com/) expressions
|
|
|
@ -1,151 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-packages
|
|
||||||
title: Package Access
|
|
||||||
original_id: packages
|
|
||||||
---
|
|
||||||
|
|
||||||
It's a series of contraints that allow or restrict access to the local storage based in specific criteria.
|
|
||||||
|
|
||||||
The security constraints remain on the shoulders of the plugin being used, by default `verdaccio` uses the [htpasswd plugin](https://github.com/verdaccio/verdaccio-htpasswd). If you use a different plugin the behaviour might be different. The default plugin does not handle `allow_access` and `allow_publish` by itself, it uses an internal fallback in case the plugin is not ready for it.
|
|
||||||
|
|
||||||
For more information about permissions visit [the authentification section in the wiki](auth.md).
|
|
||||||
|
|
||||||
### Usage
|
|
||||||
|
|
||||||
```yalm
|
|
||||||
packages:
|
|
||||||
# scoped packages
|
|
||||||
'@scope/*':
|
|
||||||
access: all
|
|
||||||
publish: all
|
|
||||||
proxy: server2
|
|
||||||
|
|
||||||
'private-*':
|
|
||||||
access: all
|
|
||||||
publish: all
|
|
||||||
proxy: uplink1
|
|
||||||
|
|
||||||
'**':
|
|
||||||
# allow all users (including non-authenticated users) to read and
|
|
||||||
# publish all packages
|
|
||||||
access: all
|
|
||||||
publish: all
|
|
||||||
proxy: uplink2
|
|
||||||
```
|
|
||||||
if none is specified, the default one remains
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
packages:
|
|
||||||
'**':
|
|
||||||
access: all
|
|
||||||
publish: $authenticated
|
|
||||||
```
|
|
||||||
|
|
||||||
The list of valid groups according the default plugins are
|
|
||||||
|
|
||||||
```js
|
|
||||||
'$all', '$anonymous', '@all', '@anonymous', 'all', 'undefined', 'anonymous'
|
|
||||||
```
|
|
||||||
All users recieve all those set of permissions independently of is anonymous or not plus the groups provided by the plugin, in case of `htpasswd` return the username as a group. For instance, if you are logged as `npmUser` the list of groups will be.
|
|
||||||
|
|
||||||
```js
|
|
||||||
// groups without '$' are going to be deprecated eventually
|
|
||||||
'$all', '$anonymous', '@all', '@anonymous', 'all', 'undefined', 'anonymous', 'npmUser'
|
|
||||||
```
|
|
||||||
|
|
||||||
If you want to protect specific set packages under your group, you need to do something like this. Let's use a `Regex` that covers all prefixed `npmuser-` packages. We recomend using a prefix for your packages, in that way it will be easier to protect them.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
packages:
|
|
||||||
'npmuser-*':
|
|
||||||
access: npmuser
|
|
||||||
publish: npmuser
|
|
||||||
```
|
|
||||||
|
|
||||||
Restart `verdaccio` and in your console try to install `npmuser-core`.
|
|
||||||
|
|
||||||
```bash
|
|
||||||
$ npm install npmuser-core
|
|
||||||
npm install npmuser-core
|
|
||||||
npm ERR! code E403
|
|
||||||
npm ERR! 403 Forbidden: npmuser-core@latest
|
|
||||||
|
|
||||||
npm ERR! A complete log of this run can be found in:
|
|
||||||
npm ERR! /Users/user/.npm/_logs/2017-07-02T12_20_14_834Z-debug.log
|
|
||||||
```
|
|
||||||
You can change the existing behaviour using a different plugin authentication. `verdaccio` just checks whether the user that tried to access or publish a specific package belongs to the right group.
|
|
||||||
|
|
||||||
#### Set multiple groups
|
|
||||||
|
|
||||||
Defining multiple access groups is fairly easy, just define them with a white space between them.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
'company-*':
|
|
||||||
access: admin internal
|
|
||||||
publish: admin
|
|
||||||
proxy: server1
|
|
||||||
'supersecret-*':
|
|
||||||
access: secret super-secret-area ultra-secret-area
|
|
||||||
publish: secret ultra-secret-area
|
|
||||||
proxy: server1
|
|
||||||
|
|
||||||
```
|
|
||||||
|
|
||||||
#### Blocking access to set of packages
|
|
||||||
|
|
||||||
If you want to block the acccess/publish to a specific group of packages. Just do not define `access` and `publish`.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
packages:
|
|
||||||
'old-*':
|
|
||||||
'**':
|
|
||||||
access: all
|
|
||||||
publish: $authenticated
|
|
||||||
```
|
|
||||||
#### Blocking proxying a set of specific packages
|
|
||||||
|
|
||||||
You might want to block one or several packages from fetching from remote repositories., but, at the same time, allow others to access different *uplinks*.
|
|
||||||
|
|
||||||
Let's see the following example:
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
packages:
|
|
||||||
'jquery':
|
|
||||||
access: $all
|
|
||||||
publish: $all
|
|
||||||
'my-company-*':
|
|
||||||
access: $all
|
|
||||||
publish: $authenticated
|
|
||||||
'@my-local-scope/*':
|
|
||||||
access: $all
|
|
||||||
publish: $authenticated
|
|
||||||
'**':
|
|
||||||
access: all
|
|
||||||
publish: $authenticated
|
|
||||||
proxy: npmjs
|
|
||||||
```
|
|
||||||
Let's describe what we want with the above example:
|
|
||||||
|
|
||||||
* I want to host my own `jquery` dependency but I need to avoid proxying it.
|
|
||||||
* I want all dependencies that match with `my-company-*` but I need to avoid proxying them.
|
|
||||||
* I want all dependencies that are in the `my-local-scope` scope but I need to avoid proxying them.
|
|
||||||
* I want proxying for all the rest of the dependencies.
|
|
||||||
|
|
||||||
Be **aware that the order of your packages definitions is important and always use double wilcard**. Because if you do not include it `verdaccio` will include it for you and the way that your dependencies are resolved will be affected.
|
|
||||||
|
|
||||||
### Configuration
|
|
||||||
|
|
||||||
You can define mutiple `packages` and each of them must have an unique `Regex`.
|
|
||||||
|
|
||||||
Property | Type | Required | Example | Support | Description
|
|
||||||
--- | --- | --- | --- | --- | ---
|
|
||||||
access | string | No | $all | all | define groups allowed to access the package
|
|
||||||
publish | string | No | $authenticated | all | define groups allowed to publish
|
|
||||||
proxy | string | No |npmjs | all | limit look ups for specific uplink
|
|
||||||
storage | boolean | No | [true,false] | all | TODO
|
|
||||||
|
|
||||||
> We higlight that we recommend to not use **allow_access**/**allow_publish** and **proxy_access** anymore, those are deprecated and will soon be removed, please use the short version of each of those (**access**/**publish**/**proxy**).
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -1,144 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-plugins
|
|
||||||
title: Plugins
|
|
||||||
original_id: plugins
|
|
||||||
---
|
|
||||||
|
|
||||||
Verdaccio is an plugabble aplication. It can be extended in many ways, either new authentication methods, adding
|
|
||||||
endpoints or using a custom storage.
|
|
||||||
|
|
||||||
> If you are interested to develop your own plugin, read the [development](dev-plugins.md) section.
|
|
||||||
|
|
||||||
## Usage
|
|
||||||
|
|
||||||
### Installation
|
|
||||||
|
|
||||||
```bash
|
|
||||||
$> npm install --global verdaccio-activedirectory
|
|
||||||
```
|
|
||||||
`verdaccio` as a sinopia fork it has backward compability with plugins that are compatible with `sinopia@1.4.0`. In such case the installation is the same.
|
|
||||||
|
|
||||||
```
|
|
||||||
$> npm install --global sinopia-memory
|
|
||||||
```
|
|
||||||
|
|
||||||
### Configuration
|
|
||||||
|
|
||||||
Open the `config.yaml` file and update the `auth` section as follows:
|
|
||||||
|
|
||||||
The default configuration looks like this, due we use a build-in `htpasswd` plugin by default that you can disable just commenting out the following lines.
|
|
||||||
|
|
||||||
|
|
||||||
### Auth Plugin Configuration
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
htpasswd:
|
|
||||||
file: ./htpasswd
|
|
||||||
#max_users: 1000
|
|
||||||
```
|
|
||||||
|
|
||||||
and replacing them with (in case you decide to use a `ldap` plugin.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
auth:
|
|
||||||
activedirectory:
|
|
||||||
url: "ldap://10.0.100.1"
|
|
||||||
baseDN: 'dc=sample,dc=local'
|
|
||||||
domainSuffix: 'sample.local'
|
|
||||||
```
|
|
||||||
|
|
||||||
#### Multiple Auth plugins
|
|
||||||
|
|
||||||
This is tecnically possible, the plugins order becames important, the the credentials will resolved in order.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
auth:
|
|
||||||
htpasswd:
|
|
||||||
file: ./htpasswd
|
|
||||||
#max_users: 1000
|
|
||||||
activedirectory:
|
|
||||||
url: "ldap://10.0.100.1"
|
|
||||||
baseDN: 'dc=sample,dc=local'
|
|
||||||
domainSuffix: 'sample.local'
|
|
||||||
```
|
|
||||||
|
|
||||||
### Middleware Plugin Configuration
|
|
||||||
|
|
||||||
This is an example how to set up a middleware plugin. All middleware plugins must be defined in the **middlewares** namespace.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
middlewares:
|
|
||||||
audit:
|
|
||||||
enabled: true
|
|
||||||
```
|
|
||||||
|
|
||||||
### Store Plugin Configuration
|
|
||||||
|
|
||||||
This is an example how to set up a storage plugin. All storage plugins must be defined in the **store** namespace.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
store:
|
|
||||||
memory:
|
|
||||||
limit: 1000
|
|
||||||
```
|
|
||||||
|
|
||||||
> If you define a custom store, the property **storage** in the configuration file will be ignored.
|
|
||||||
|
|
||||||
## Legacy plugins
|
|
||||||
|
|
||||||
### Sinopia Plugins
|
|
||||||
|
|
||||||
(compatible all versions)
|
|
||||||
|
|
||||||
* [sinopia-npm](https://www.npmjs.com/package/sinopia-npm): auth plugin for sinopia supporting an npm registry.
|
|
||||||
* [sinopia-memory](https://www.npmjs.com/package/sinopia-memory): auth plugin for sinopia that keeps users in memory.
|
|
||||||
* [sinopia-github-oauth-cli](https://www.npmjs.com/package/sinopia-github-oauth-cli).
|
|
||||||
* [sinopia-crowd](https://www.npmjs.com/package/sinopia-crowd): auth plugin for sinopia supporting atlassian crowd.
|
|
||||||
* [sinopia-activedirectory](https://www.npmjs.com/package/sinopia-activedirectory): Active Directory authentication plugin for sinopia.
|
|
||||||
* [sinopia-github-oauth](https://www.npmjs.com/package/sinopia-github-oauth): authentication plugin for sinopia2, supporting github oauth web flow.
|
|
||||||
* [sinopia-delegated-auth](https://www.npmjs.com/package/sinopia-delegated-auth): Sinopia authentication plugin that delegates authentication to another HTTP URL
|
|
||||||
* [sinopia-altldap](https://www.npmjs.com/package/sinopia-altldap): Alternate LDAP Auth plugin for Sinopia
|
|
||||||
* [sinopia-request](https://www.npmjs.com/package/sinopia-request): An easy and fully auth-plugin with configuration to use an external API.
|
|
||||||
* [sinopia-htaccess-gpg-email](https://www.npmjs.com/package/sinopia-htaccess-gpg-email): Generate password in htaccess format, encrypt with GPG and send via MailGun API to users.
|
|
||||||
* [sinopia-mongodb](https://www.npmjs.com/package/sinopia-mongodb): An easy and fully auth-plugin with configuration to use a mongodb database.
|
|
||||||
* [sinopia-htpasswd](https://www.npmjs.com/package/sinopia-htpasswd): auth plugin for sinopia supporting htpasswd format.
|
|
||||||
* [sinopia-leveldb](https://www.npmjs.com/package/sinopia-leveldb): a leveldb backed auth plugin for sinopia private npm.
|
|
||||||
* [sinopia-gitlabheres](https://www.npmjs.com/package/sinopia-gitlabheres): Gitlab authentication plugin for sinopia.
|
|
||||||
* [sinopia-gitlab](https://www.npmjs.com/package/sinopia-gitlab): Gitlab authentication plugin for sinopia
|
|
||||||
* [sinopia-ldap](https://www.npmjs.com/package/sinopia-ldap): LDAP auth plugin for sinopia.
|
|
||||||
* [sinopia-github-oauth-env](https://www.npmjs.com/package/sinopia-github-oauth-env) Sinopia authentication plugin with github oauth web flow.
|
|
||||||
|
|
||||||
> All sinopia plugins should be compatible with all future verdaccio versions. Anyhow, we encourage contributors to migrate them to the
|
|
||||||
modern verdaccio API and using the prefix as *verdaccio-xx-name*.
|
|
||||||
|
|
||||||
## Verdaccio Plugins
|
|
||||||
|
|
||||||
(compatible since 2.1.x)
|
|
||||||
|
|
||||||
### Authorization Plugins
|
|
||||||
|
|
||||||
* [verdaccio-bitbucket](https://github.com/idangozlan/verdaccio-bitbucket): Bitbucket authentication plugin for verdaccio.
|
|
||||||
* [verdaccio-ldap](https://www.npmjs.com/package/verdaccio-ldap): LDAP auth plugin for verdaccio.
|
|
||||||
* [verdaccio-active-directory](https://github.com/nowhammies/verdaccio-activedirectory): Active Directory authentication plugin for verdaccio
|
|
||||||
* [verdaccio-gitlab](https://github.com/bufferoverflow/verdaccio-gitlab): use GitLab Personal Access Token to authenticate
|
|
||||||
* [verdaccio-htpasswd](https://github.com/verdaccio/verdaccio-htpasswd): Auth based on htpasswd file plugin (built-in) for verdaccio
|
|
||||||
* [verdaccio-github-oauth](https://github.com/aroundus-inc/verdaccio-github-oauth): Github oauth authentication plugin for verdaccio.
|
|
||||||
|
|
||||||
### Middleware Plugins
|
|
||||||
|
|
||||||
* [verdaccio-audit](https://github.com/verdaccio/verdaccio-audit): verdaccio plugin for *npm audit* cli support (built-in) (compatible since 3.x)
|
|
||||||
|
|
||||||
* [verdaccio-profile-api](https://github.com/ahoracek/verdaccio-profile-api): verdacci plugin for *npm profile* cli support and *npm profile set password* for *verdaccio-htpasswd* based authentificaton
|
|
||||||
|
|
||||||
### Storage Plugins
|
|
||||||
|
|
||||||
(compatible since 3.x)
|
|
||||||
|
|
||||||
* [verdaccio-memory](https://github.com/verdaccio/verdaccio-memory) Storage plugin to host packages in Memory
|
|
||||||
* [verdaccio-s3-storage](https://github.com/remitly/verdaccio-s3-storage) Storage plugin to host packages **Amazon S3**
|
|
||||||
* [verdaccio-google-cloud](https://github.com/verdaccio/verdaccio-google-cloud) Storage plugin to host packages **Google Cloud Storage**
|
|
||||||
|
|
||||||
## Caveats
|
|
||||||
|
|
||||||
> Not all these plugins are been tested continuously, some of them might not work at all.
|
|
||||||
Please if you found any issue feel free to notify the owner of each plugin.
|
|
|
@ -1,45 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-protect-your-dependencies
|
|
||||||
title: Protecting packages
|
|
||||||
original_id: protect-your-dependencies
|
|
||||||
---
|
|
||||||
|
|
||||||
`verdaccio` allows you protect publish, to achieve that you will need to set up correctly your [packages acces](packages).
|
|
||||||
|
|
||||||
### Package configuration
|
|
||||||
|
|
||||||
Let's see for instance the following set up. You have a set of dependencies what are prefixed with `my-company-*` and you need to protect them from anonymous or another logged user without right credentials.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
'my-company-*':
|
|
||||||
access: admin teamA teamB teamC
|
|
||||||
publish: admin teamA
|
|
||||||
proxy: npmjs
|
|
||||||
```
|
|
||||||
|
|
||||||
With this configuration, basically we allow to groups **admin** and **teamA** to * publish* and **teamA** **teamB** **teamC** *access* to such dependencies.
|
|
||||||
|
|
||||||
### Use case: teamD try to access the dependency
|
|
||||||
|
|
||||||
So, if I am logged as **teamD**. I shouldn't be able to access all dependencies that match with `my-company-*` pattern.
|
|
||||||
|
|
||||||
```bash
|
|
||||||
➜ npm whoami
|
|
||||||
teamD
|
|
||||||
```
|
|
||||||
I won't have access to such dependencies and also won't be visible via web for user **teamD**. If I try to access the following will happen.
|
|
||||||
|
|
||||||
```bash
|
|
||||||
➜ npm install my-company-core
|
|
||||||
npm ERR! code E403
|
|
||||||
npm ERR! 403 Forbidden: webpack-1@latest
|
|
||||||
```
|
|
||||||
or with `yarn`
|
|
||||||
|
|
||||||
```bash
|
|
||||||
➜ yarn add my-company-core
|
|
||||||
yarn add v0.24.6
|
|
||||||
info No lockfile found.
|
|
||||||
[1/4] 🔍 Resolving packages...
|
|
||||||
error An unexpected error occurred: "http://localhost:5555/webpack-1: unregistered users are not allowed to access package my-company-core".
|
|
||||||
```
|
|
|
@ -1,29 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-puppet
|
|
||||||
title: Puppet
|
|
||||||
original_id: puppet
|
|
||||||
---
|
|
||||||
|
|
||||||
Install verdaccio for Debian, Ubuntu, Fedora, and RedHat.
|
|
||||||
|
|
||||||
# Usage
|
|
||||||
|
|
||||||
There are two variants to install verdaccio using this Puppet module:
|
|
||||||
|
|
||||||
* Apply-mode (with puppet-apply and no puppetmaster setup needed)
|
|
||||||
* Master-Agent-mode (with puppet-agent accessing your configuration through the puppetmaster).
|
|
||||||
|
|
||||||
In both variants you have to explicitely call "class nodejs {}" in your puppet script because
|
|
||||||
the puppet-verdaccio module only defines this as a requirement, so you have all the flexibility you want when installing nodejs.
|
|
||||||
Scroll down for details about Master-Agent-mode variant.
|
|
||||||
|
|
||||||
For further information:
|
|
||||||
|
|
||||||
[https://github.com/verdaccio/puppet-verdaccio](https://github.com/verdaccio/puppet-verdaccio)
|
|
||||||
|
|
||||||
> We are looking for active contributors for this integration, if you are interested
|
|
||||||
[refers to this ticket](https://github.com/verdaccio/puppet-verdaccio/issues/11).
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -1,10 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-source-code
|
|
||||||
title: Source Code
|
|
||||||
original_id: source-code
|
|
||||||
---
|
|
||||||
|
|
||||||
`verdaccio` is composed or multiple repositories you might contribute. Look into the **issues** tab whether there is a ticket waiting for you 🤠.
|
|
||||||
|
|
||||||
To see the complete list of repositories, [click here](https://github.com/verdaccio/verdaccio/wiki/Repositories).
|
|
||||||
|
|
|
@ -1,91 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-reverse-proxy
|
|
||||||
title: Reverse Proxy Setup
|
|
||||||
original_id: reverse-proxy
|
|
||||||
---
|
|
||||||
|
|
||||||
## Apache
|
|
||||||
|
|
||||||
Apache and mod_proxy should not decode/encode slashes and leave them as they are:
|
|
||||||
|
|
||||||
````
|
|
||||||
<VirtualHost *:80>
|
|
||||||
AllowEncodedSlashes NoDecode
|
|
||||||
ProxyPass /npm http://127.0.0.1:4873 nocanon
|
|
||||||
ProxyPassReverse /npm http://127.0.0.1:4873
|
|
||||||
</VirtualHost>
|
|
||||||
````
|
|
||||||
|
|
||||||
### Configuration with SSL
|
|
||||||
|
|
||||||
config.yaml
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
url_prefix: https://npm.your.domain.com
|
|
||||||
```
|
|
||||||
|
|
||||||
Apache virtual server configuration
|
|
||||||
|
|
||||||
````
|
|
||||||
apacheconfig
|
|
||||||
<IfModule mod_ssl.c>
|
|
||||||
<VirtualHost *:443>
|
|
||||||
ServerName npm.your.domain.com
|
|
||||||
SSLEngine on
|
|
||||||
SSLCertificateFile /etc/letsencrypt/live/npm.your.domain.com/fullchain.pem
|
|
||||||
SSLCertificateKeyFile /etc/letsencrypt/live/npm.your.domain.com/privkey.pem
|
|
||||||
SSLProxyEngine On
|
|
||||||
ProxyRequests Off
|
|
||||||
ProxyPreserveHost On
|
|
||||||
AllowEncodedSlashes NoDecode
|
|
||||||
ProxyPass / http://127.0.0.1:4873 nocanon
|
|
||||||
ProxyPassReverse / http://127.0.0.1:4873
|
|
||||||
</VirtualHost>
|
|
||||||
</IfModule>
|
|
||||||
````
|
|
||||||
|
|
||||||
## Nginx
|
|
||||||
|
|
||||||
|
|
||||||
````
|
|
||||||
server {
|
|
||||||
listen 80 default_server;
|
|
||||||
location / {
|
|
||||||
proxy_pass http://127.0.0.1:4873/;
|
|
||||||
proxy_set_header Host $host;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
````
|
|
||||||
|
|
||||||
## Run behind reverse proxy with different domain and port
|
|
||||||
|
|
||||||
If you run verdaccio behind reverse proxy, you may noticed all resource file served as relaticve path, like `http://127.0.0.1:4873/-/static`
|
|
||||||
|
|
||||||
To resolve this issue, you should send real domain and port to verdaccio with `Host` heade
|
|
||||||
|
|
||||||
Nginx configure should look like this:
|
|
||||||
|
|
||||||
```nginx
|
|
||||||
location / {
|
|
||||||
proxy_pass http://127.0.0.1:4873/;
|
|
||||||
proxy_set_header Host $host:$server_port;
|
|
||||||
proxy_set_header X-Forwarded-For $remote_addr;
|
|
||||||
proxy_set_header X-Forwarded-Proto $scheme;
|
|
||||||
}
|
|
||||||
```
|
|
||||||
For this case, `url_prefix` should NOT set in verdaccio config
|
|
||||||
|
|
||||||
---
|
|
||||||
or a sub-directory installation:
|
|
||||||
|
|
||||||
```nginx
|
|
||||||
location ~ ^/verdaccio/(.*)$ {
|
|
||||||
proxy_pass http://127.0.0.1:4873/$1;
|
|
||||||
proxy_set_header Host $host:$server_port;
|
|
||||||
proxy_set_header X-Forwarded-For $remote_addr;
|
|
||||||
proxy_set_header X-Forwarded-Proto $scheme;
|
|
||||||
}
|
|
||||||
```
|
|
||||||
For this case, `url_prefix` should set to `/verdaccio/`
|
|
||||||
|
|
||||||
> Note: There is a Slash after install path (`https://your-domain:port/vardaccio/`)!
|
|
|
@ -1,76 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-server-configuration
|
|
||||||
title: Server Configuration
|
|
||||||
original_id: server-configuration
|
|
||||||
---
|
|
||||||
|
|
||||||
This is mostly basic linux server configuration stuff but I felt it important to document and share the steps I took to get verdaccio running permanently on my server. You will need root (or sudo) permissions for the following.
|
|
||||||
|
|
||||||
## Running as a separate user
|
|
||||||
First create the verdaccio user:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
$ sudo adduser --disabled-login --gecos 'Verdaccio NPM mirror' verdaccio
|
|
||||||
```
|
|
||||||
|
|
||||||
You create a shell as the verdaccio user using the following command:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
$ sudo su verdaccio
|
|
||||||
$ cd ~
|
|
||||||
```
|
|
||||||
|
|
||||||
The 'cd ~' command send you to the home directory of the verdaccio user. Make sure you run verdaccio at least once to generate the config file. Edit it according to your needs.
|
|
||||||
|
|
||||||
## Listening on all addresses
|
|
||||||
If you want to listen to every external address set the listen directive in the config to:
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
# you can specify listen address (or simply a port)
|
|
||||||
listen: 0.0.0.0:4873
|
|
||||||
```
|
|
||||||
If you are running `verdaccio` in a Amazon EC2 Instance, [you will need set the listen in change your config file](https://github.com/verdaccio/verdaccio/issues/314#issuecomment-327852203) as is described above.
|
|
||||||
|
|
||||||
> Apache configure? Please check out the [Reverse Proxy Setup](reverse-proxy.md)
|
|
||||||
|
|
||||||
## Keeping verdaccio running forever
|
|
||||||
We can use the node package called 'forever' to keep verdaccio running all the time.
|
|
||||||
https://github.com/nodejitsu/forever
|
|
||||||
|
|
||||||
First install forever globally:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
$ sudo npm install -g forever
|
|
||||||
```
|
|
||||||
|
|
||||||
Make sure you've started verdaccio at least once to generate the config file and write down the created admin user. You can then use the following command to start verdaccio:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
$ forever start `which verdaccio`
|
|
||||||
```
|
|
||||||
|
|
||||||
You can check the documentation for more information on how to use forever.
|
|
||||||
|
|
||||||
## Surviving server restarts
|
|
||||||
We can use crontab and forever together to restart verdaccio after a server reboot.
|
|
||||||
When you're logged in as the verdaccio user do the following:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
$ crontab -e
|
|
||||||
```
|
|
||||||
|
|
||||||
This might ask you to choose an editor. Pick your favorite and proceed.
|
|
||||||
Add the following entry to the file:
|
|
||||||
|
|
||||||
```
|
|
||||||
@reboot /usr/bin/forever start /usr/lib/node_modules/verdaccio/bin/verdaccio
|
|
||||||
```
|
|
||||||
|
|
||||||
The locations may vary depending on your server setup. If you want to know where your files are you can use the 'which' command:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
$ which forever
|
|
||||||
$ which verdaccio
|
|
||||||
```
|
|
||||||
|
|
||||||
|
|
|
@ -1,53 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-ssl
|
|
||||||
title: Set up the SSL Certificates
|
|
||||||
original_id: ssl
|
|
||||||
---
|
|
||||||
|
|
||||||
Follow this instructions to configure a SSL certificate to serve NPM registry under HTTPS.
|
|
||||||
|
|
||||||
* Update the listen property in your `~/.config/verdaccio/config.yaml`:
|
|
||||||
|
|
||||||
````
|
|
||||||
listen: 'https://your.domain.com/'
|
|
||||||
````
|
|
||||||
|
|
||||||
Once you update the listen and try to run verdaccio again will ask for certificates.
|
|
||||||
|
|
||||||
* Generate your certificates
|
|
||||||
|
|
||||||
````
|
|
||||||
$ openssl genrsa -out /Users/user/.config/verdaccio/verdaccio-key.pem 2048
|
|
||||||
$ openssl req -new -sha256 -key /Users/user/.config/verdaccio/verdaccio-key.pem -out /Users/user/.config/verdaccio/verdaccio-csr.pem
|
|
||||||
$ openssl x509 -req -in /Users/user/.config/verdaccio/verdaccio-csr.pem -signkey /Users/user/.config/verdaccio/verdaccio-key.pem -out /Users/user/.config/verdaccio/verdaccio-cert.pem
|
|
||||||
````
|
|
||||||
|
|
||||||
* Edit your config file `/Users/user/.config/verdaccio/config.yaml` and add the following section
|
|
||||||
|
|
||||||
````
|
|
||||||
https:
|
|
||||||
key: /Users/user/.config/verdaccio/verdaccio-key.pem
|
|
||||||
cert: /Users/user/.config/verdaccio/verdaccio-cert.pem
|
|
||||||
ca: /Users/user/.config/verdaccio/verdaccio-csr.pem
|
|
||||||
````
|
|
||||||
|
|
||||||
Alternatively, if you have a certificate as `server.pfx` format, you can add the following configuration section. The passphrase is optional and only needed, if your certificate is encrypted.
|
|
||||||
|
|
||||||
````
|
|
||||||
https:
|
|
||||||
pfx: /Users/user/.config/verdaccio/server.pfx
|
|
||||||
passphrase: 'secret'
|
|
||||||
````
|
|
||||||
|
|
||||||
More info on the `key`, `cert`, `ca`, `pfx` and `passphrase` arguments on the [Node documentation](https://nodejs.org/api/tls.html#tls_tls_createsecurecontext_options)
|
|
||||||
|
|
||||||
* Run `verdaccio` in your command line.
|
|
||||||
|
|
||||||
* Open the browser and load `https://your.domain.com:port/`
|
|
||||||
|
|
||||||
This instructions are mostly valid under OSX and Linux, on Windows the paths will vary but, the steps are the same.
|
|
||||||
|
|
||||||
## Docker
|
|
||||||
If you are using the Docker image, you have to set the `PROTOCOL` environment variable to `https` as the `listen` argument is provided on the [Dockerfile](https://github.com/verdaccio/verdaccio/blob/master/Dockerfile#L43), and thus ignored from your config file.
|
|
||||||
|
|
||||||
You can also set the `PORT` environment variable if you are using a different port than `4873`.
|
|
|
@ -1,8 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-unit-testing
|
|
||||||
title: Unit Testing
|
|
||||||
original_id: unit-testing
|
|
||||||
---
|
|
||||||
|
|
||||||
Verdaccio has strong focus on unit testing and end to end testing. If you are willing to contribute,
|
|
||||||
please refer to the following [guide for more information](https://github.com/verdaccio/verdaccio/wiki/Developing-new-tests).
|
|
|
@ -1,87 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-uplinks
|
|
||||||
title: Uplinks
|
|
||||||
original_id: uplinks
|
|
||||||
---
|
|
||||||
|
|
||||||
An *uplink* is a link with an external registry that provides acccess to external packages.
|
|
||||||
|
|
||||||
![Uplinks](/img/uplinks.png)
|
|
||||||
|
|
||||||
### Usage
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
uplinks:
|
|
||||||
npmjs:
|
|
||||||
url: https://registry.npmjs.org/
|
|
||||||
server2:
|
|
||||||
url: http://mirror.local.net/
|
|
||||||
timeout: 100ms
|
|
||||||
server3:
|
|
||||||
url: http://mirror2.local.net:9000/
|
|
||||||
baduplink:
|
|
||||||
url: http://localhost:55666/
|
|
||||||
```
|
|
||||||
### Configuration
|
|
||||||
|
|
||||||
You can define mutiple uplinks and each of them must have an unique name (key). They can have two properties:
|
|
||||||
|
|
||||||
Property | Type | Required | Example | Support | Description | Default
|
|
||||||
--- | --- | --- | --- | --- | --- | ---
|
|
||||||
url | string | Yes | https://registry.npmjs.org/ | all | The registry url | npmjs
|
|
||||||
ca | string | No | ~./ssl/client.crt' | all | SSL path certificate | No default
|
|
||||||
timeout | string | No | 100ms | all | set new timeout for the request | 30s
|
|
||||||
maxage | string | No |10m | all | limit maximun failure request | 2m
|
|
||||||
fail_timeout | string | No |10m | all | defines max time when a request becomes a failure | 5m
|
|
||||||
max_fails | number | No |2 | all | limit maximun failure request | 2
|
|
||||||
cache | boolean | No |[true,false] | >= 2.1 | cache all remote tarballs in storage | true
|
|
||||||
auth | list | No | [see below](uplinks.md#auth-property) | >= 2.5 | assigns the header 'Authorization' [more info](http://blog.npmjs.org/post/118393368555/deploying-with-npm-private-modules) | disabled
|
|
||||||
headers | list | No | authorization: "Bearer SecretJWToken==" | all | list of custom headers for the uplink | disabled
|
|
||||||
strict_ssl |boolean | No | [true,false] | >= 3.0 | If true, requires SSL certificates be valid. | true
|
|
||||||
|
|
||||||
#### Auth property
|
|
||||||
|
|
||||||
The `auth` property allows you to use an auth token with an uplink. Using the default environment variable:
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
uplinks:
|
|
||||||
private:
|
|
||||||
url: https://private-registry.domain.com/registry
|
|
||||||
auth:
|
|
||||||
type: bearer
|
|
||||||
token_env: true # defaults to `process.env['NPM_TOKEN']`
|
|
||||||
```
|
|
||||||
|
|
||||||
or via a specified environment variable:
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
uplinks:
|
|
||||||
private:
|
|
||||||
url: https://private-registry.domain.com/registry
|
|
||||||
auth:
|
|
||||||
type: bearer
|
|
||||||
token_env: FOO_TOKEN
|
|
||||||
```
|
|
||||||
|
|
||||||
`token_env: FOO_TOKEN `internally will use `process.env['FOO_TOKEN']`
|
|
||||||
|
|
||||||
or by directly specifying a token:
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
uplinks:
|
|
||||||
private:
|
|
||||||
url: https://private-registry.domain.com/registry
|
|
||||||
auth:
|
|
||||||
type: bearer
|
|
||||||
token: "token"
|
|
||||||
```
|
|
||||||
|
|
||||||
> Note: `token` has priority over `token_env`
|
|
||||||
|
|
||||||
### You Must know
|
|
||||||
|
|
||||||
* Verdaccio does not use Basic Authentication since version `v2.3.0`. All tokens generated by verdaccio are based on JWT ([JSON Web Token](https://jwt.io/))
|
|
||||||
* Uplinks must be registries compatible with the `npm` endpoints. Eg: *verdaccio*, `sinopia@1.4.0`, *npmjs registry*, *yarn registry*, *JFrog*, *Nexus* and more.
|
|
||||||
* Setting `cache` to false will help to save space in your hard drive. This will avoid store `tarballs` but [it will keep metadata in folders](https://github.com/verdaccio/verdaccio/issues/391).
|
|
||||||
* Exceed with multiple uplinks might slow down the lookup of your packages due for each request a npm client does, verdaccio does 1 call for each uplink.
|
|
||||||
* The (timeout, maxage and fail_timeout) format follow the [NGINX measurement units](http://nginx.org/en/docs/syntax.html)
|
|
|
@ -1,33 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-use-cases
|
|
||||||
title: Use Cases
|
|
||||||
original_id: use-cases
|
|
||||||
---
|
|
||||||
|
|
||||||
## Using private packages
|
|
||||||
|
|
||||||
You can add users and manage which users can access which packages.
|
|
||||||
|
|
||||||
It is recommended that you define a prefix for your private packages, for example "local", so all your private things will look like this: `local-foo`. This way you can clearly separate public packages from private ones.
|
|
||||||
|
|
||||||
## Using public packages from npmjs.org
|
|
||||||
|
|
||||||
If some package doesn't exist in the storage, server will try to fetch it from npmjs.org. If npmjs.org is down, it serves packages from cache pretending that no other packages exist. Verdaccio will download only what's needed (= requested by clients), and this information will be cached, so if client will ask the same thing second time, it can be served without asking npmjs.org for it.
|
|
||||||
|
|
||||||
Example: if you successfully request express@3.0.1 from this server once, you'll able to do that again (with all it's dependencies) anytime even if npmjs.org is down. But say express@3.0.0 will not be downloaded until it's actually needed by somebody. And if npmjs.org is offline, this server would say that only express@3.0.1 (= only what's in the cache) is published, but nothing else.
|
|
||||||
|
|
||||||
## Override public packages
|
|
||||||
|
|
||||||
If you want to use a modified version of some public package `foo`, you can just publish it to your local server, so when your type `npm install foo`, it'll consider installing your version.
|
|
||||||
|
|
||||||
There's two options here:
|
|
||||||
|
|
||||||
1. You want to create a separate fork and stop synchronizing with public version.
|
|
||||||
|
|
||||||
If you want to do that, you should modify your configuration file so verdaccio won't make requests regarding this package to npmjs anymore. Add a separate entry for this package to *config.yaml* and remove `npmjs` from `proxy` list and restart the server.
|
|
||||||
|
|
||||||
When you publish your package locally, you should probably start with version string higher than existing one, so it won't conflict with existing package in the cache.
|
|
||||||
|
|
||||||
2. You want to temporarily use your version, but return to public one as soon as it's updated.
|
|
||||||
|
|
||||||
In order to avoid version conflicts, you should use a custom pre-release suffix of the next patch version. For example, if a public package has version 0.1.2, you can upload 0.1.3-my-temp-fix. This way your package will be used until its original maintainer updates his public package to 0.1.3.
|
|
|
@ -1,26 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-webui
|
|
||||||
title: Web User Interface
|
|
||||||
original_id: webui
|
|
||||||
---
|
|
||||||
|
|
||||||
<p align="center"><img src="https://firebasestorage.googleapis.com/v0/b/jotadeveloper-website.appspot.com/o/verdaccio_long_video2.gif?alt=media&token=4d20cad1-f700-4803-be14-4b641c651b41"></p>
|
|
||||||
|
|
||||||
Verdaccio has a web user interface to display only the private packges and can be customisable.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
web:
|
|
||||||
enable: true
|
|
||||||
title: Verdaccio
|
|
||||||
logo: logo.png
|
|
||||||
```
|
|
||||||
|
|
||||||
All access restrictions defined to [protect your packages](protect-your-dependencies.md) will also apply to the Web Interface.
|
|
||||||
|
|
||||||
### Configuration
|
|
||||||
|
|
||||||
Property | Type | Required | Example | Support | Description
|
|
||||||
--- | --- | --- | --- | --- | ---
|
|
||||||
enable | boolean | No | true/false | all | allow to display the web interface
|
|
||||||
title | string | No | Verdaccio | all | HTML head title description
|
|
||||||
logo | string | No | http://my.logo.domain/logo.png | all | a URI where logo is located
|
|
|
@ -1,58 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-what-is-verdaccio
|
|
||||||
title: What is Verdaccio?
|
|
||||||
original_id: what-is-verdaccio
|
|
||||||
---
|
|
||||||
|
|
||||||
Verdaccio is a **lightweight private npm proxy registry** built in **Node.js**
|
|
||||||
|
|
||||||
## What's a registry
|
|
||||||
|
|
||||||
* A repository for packages that implements the **CommonJS Compliant Package Registry specification** for reading package info
|
|
||||||
* Provide an API compatible with npm clients **(yarn/npm/pnpm)**
|
|
||||||
* Follow the semantic Versioning compatible **(semver)**
|
|
||||||
|
|
||||||
```
|
|
||||||
$> verdaccio
|
|
||||||
```
|
|
||||||
|
|
||||||
![registry](/svg/verdaccio_server.gif)
|
|
||||||
|
|
||||||
## Using Verdaccio
|
|
||||||
|
|
||||||
Using verdaccio with any node package manager client is quite straightforward.
|
|
||||||
|
|
||||||
![registry](/svg/npm_install.gif)
|
|
||||||
|
|
||||||
You can use a custom registry either setting globally for all your projects
|
|
||||||
|
|
||||||
```
|
|
||||||
npm set registry http://localhost:4873
|
|
||||||
```
|
|
||||||
|
|
||||||
or by command line as argument `--registry` in npm (slightly different in yarn)
|
|
||||||
|
|
||||||
```
|
|
||||||
npm install lodash --registry http://localhost:4873
|
|
||||||
```
|
|
||||||
|
|
||||||
## Private
|
|
||||||
|
|
||||||
All packages that you publish are private and only accessible based in your configuration.
|
|
||||||
|
|
||||||
## Proxy
|
|
||||||
|
|
||||||
Verdaccio cache all dependencies by demand and speed up installations in local or private networks.
|
|
||||||
|
|
||||||
## Verdaccio in a nutshell
|
|
||||||
|
|
||||||
* It's a web app based on Node.js
|
|
||||||
* It's a private npm registry
|
|
||||||
* It's a local network proxy
|
|
||||||
* It's a Pluggable application
|
|
||||||
* It's a fairly easy install and use
|
|
||||||
* We offer Docker and Kubernetes support
|
|
||||||
* It is 100% compatible with yarn, npm and pnpm
|
|
||||||
* It was **forked** based on `sinopia@1.4.0` and 100% **backward compatible**.
|
|
||||||
* Verdaccio means **A green color popular in late medieval Italy for fresco painting**.
|
|
||||||
|
|
|
@ -1,58 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.2.0-windows
|
|
||||||
title: Installing As a Windows Service
|
|
||||||
original_id: windows
|
|
||||||
---
|
|
||||||
|
|
||||||
Loosely based upon the instructions found [here](http://asysadmin.tumblr.com/post/32941224574/running-nginx-on-windows-as-a-service). I crafted the following and it provided me with a fully working verdaccio service installation:
|
|
||||||
|
|
||||||
1. Create a directory for verdaccio
|
|
||||||
* mkdir `c:\verdaccio`
|
|
||||||
* cd `c:\verdaccio`
|
|
||||||
2. Install verdaccio locally (I ran into npm issues with global installs)
|
|
||||||
* npm install verdaccio
|
|
||||||
3. Create your `config.yaml` file in this location `(c:\verdaccio\config.yaml)`
|
|
||||||
4. Windows Service Setup
|
|
||||||
|
|
||||||
## Using NSSM
|
|
||||||
|
|
||||||
ALTERNATIVE METHOD: (WinSW package was missing when I tried to download it)
|
|
||||||
|
|
||||||
* Download [NSSM](https://www.nssm.cc/download/) and extract
|
|
||||||
|
|
||||||
* Add the path that contains nssm.exe to the PATH
|
|
||||||
|
|
||||||
* Open an administrative command
|
|
||||||
|
|
||||||
* Run nssm install verdaccio At a minimum you must fill in the Application tab Path,
|
|
||||||
Startup directory and Arguments fields. Assuming an install with node in the system path and a
|
|
||||||
location of c:\verdaccio the below values will work:
|
|
||||||
* Path: `node`
|
|
||||||
* Startup directory: `c:\verdaccio`
|
|
||||||
* Arguments: `c:\verdaccio\node_modules\verdaccio\build\lib\cli.js -c c:\verdaccio\config.yaml`
|
|
||||||
|
|
||||||
You can adjust other service settings under other tabs as desired. When you are done, click Install service button
|
|
||||||
|
|
||||||
* Start the service sc start verdaccio
|
|
||||||
|
|
||||||
## Using WinSW
|
|
||||||
|
|
||||||
* As of 2015-10-27, WinSW is no longer available at the below location. Please follow the Using NSSM instructions above.
|
|
||||||
* Download [WinSW](http://repo.jenkins-ci.org/releases/com/sun/winsw/winsw/)
|
|
||||||
* Place the executable (e.g. `winsw-1.9-bin.exe`) into this folder (`c:\verdaccio`) and rename it to `verdaccio-winsw.exe`
|
|
||||||
* Create a configuration file in `c:\verdaccio`, named `verdaccio-winsw.xml`
|
|
||||||
with the following configuration `xml verdaccio verdaccio verdaccio node c:\verdaccio\node_modules\verdaccio\src\lib\cli.js -c c:\verdaccio\config.yaml roll c:\verdaccio\ `.
|
|
||||||
* Install your service
|
|
||||||
* `cd c:\verdaccio`
|
|
||||||
* `verdaccio-winsw.exe install`
|
|
||||||
* Start your service
|
|
||||||
* `verdaccio-winsw.exe start`
|
|
||||||
|
|
||||||
Some of the above config is more verbose than I had expected, it appears as though 'workingdirectory'
|
|
||||||
is ignored, but other than that, this works for me and allows my verdaccio instance to
|
|
||||||
persist between restarts of the server, and also restart itself should there be any crashes of the verdaccio process.
|
|
||||||
|
|
||||||
|
|
||||||
## Repositories
|
|
||||||
|
|
||||||
* [verdaccio-deamon-windows](https://github.com/davidenke/verdaccio-deamon-windows)
|
|
|
@ -1,194 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.3.0-dev-plugins
|
|
||||||
title: Developing Plugins
|
|
||||||
original_id: dev-plugins
|
|
||||||
---
|
|
||||||
|
|
||||||
There are many ways to extend `verdaccio`, the kind of plugins supported are:
|
|
||||||
|
|
||||||
* Authentication plugins
|
|
||||||
* Middleware plugins (since `v2.7.0`)
|
|
||||||
* Storage plugins since (`v3.x`)
|
|
||||||
|
|
||||||
> We recommend developing plugins using our [flow type definitions](https://github.com/verdaccio/flow-types).
|
|
||||||
|
|
||||||
## Authentication Plugin
|
|
||||||
|
|
||||||
Basically we have to return an object with a single method called `authenticate` that will recieve 3 arguments (`user, password, callback`).
|
|
||||||
|
|
||||||
### API
|
|
||||||
|
|
||||||
```flow
|
|
||||||
interface IPluginAuth extends IPlugin {
|
|
||||||
login_url?: string;
|
|
||||||
authenticate(user: string, password: string, cb: Callback): void;
|
|
||||||
adduser(user: string, password: string, cb: Callback): void;
|
|
||||||
allow_access(user: RemoteUser, pkg: $Subtype<PackageAccess>, cb: Callback): void;
|
|
||||||
allow_publish(user: RemoteUser, pkg: $Subtype<PackageAccess>, cb: Callback): void;
|
|
||||||
}
|
|
||||||
```
|
|
||||||
> Only `adduser`, `allow_access` and `allow_publish` are optional, verdaccio provide a fallback in all those cases.
|
|
||||||
|
|
||||||
#### Callback
|
|
||||||
|
|
||||||
Once the authentication has been executed there is 2 options to give a response to `verdaccio`.
|
|
||||||
|
|
||||||
###### OnError
|
|
||||||
|
|
||||||
Either something bad happened or auth was unsuccessful.
|
|
||||||
|
|
||||||
```flow
|
|
||||||
callback(null, false)
|
|
||||||
```
|
|
||||||
|
|
||||||
###### OnSuccess
|
|
||||||
|
|
||||||
The auth was successful.
|
|
||||||
|
|
||||||
|
|
||||||
`groups` is an array of strings where the user is part of.
|
|
||||||
|
|
||||||
```
|
|
||||||
callback(null, groups);
|
|
||||||
```
|
|
||||||
|
|
||||||
### Example
|
|
||||||
|
|
||||||
```javascript
|
|
||||||
function Auth(config, stuff) {
|
|
||||||
var self = Object.create(Auth.prototype);
|
|
||||||
self._users = {};
|
|
||||||
|
|
||||||
// config for this module
|
|
||||||
self._config = config;
|
|
||||||
|
|
||||||
// verdaccio logger
|
|
||||||
self._logger = stuff.logger;
|
|
||||||
|
|
||||||
// pass verdaccio logger to ldapauth
|
|
||||||
self._config.client_options.log = stuff.logger;
|
|
||||||
|
|
||||||
return self;
|
|
||||||
}
|
|
||||||
|
|
||||||
Auth.prototype.authenticate = function (user, password, callback) {
|
|
||||||
var LdapClient = new LdapAuth(self._config.client_options);
|
|
||||||
....
|
|
||||||
LdapClient.authenticate(user, password, function (err, ldapUser) {
|
|
||||||
...
|
|
||||||
var groups;
|
|
||||||
...
|
|
||||||
callback(null, groups);
|
|
||||||
});
|
|
||||||
};
|
|
||||||
|
|
||||||
module.exports = Auth;
|
|
||||||
```
|
|
||||||
|
|
||||||
And the configuration will looks like:
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
auth:
|
|
||||||
htpasswd:
|
|
||||||
file: ./htpasswd
|
|
||||||
```
|
|
||||||
Where `htpasswd` is the sufix of the plugin name. eg: `verdaccio-htpasswd` and the rest of the body would be the plugin configuration params.
|
|
||||||
|
|
||||||
## Middleware Plugin
|
|
||||||
|
|
||||||
Middleware plugins have the capability to modify the API layer, either adding new endpoints or intercepting requests.
|
|
||||||
|
|
||||||
```flow
|
|
||||||
interface verdaccio$IPluginMiddleware extends verdaccio$IPlugin {
|
|
||||||
register_middlewares(app: any, auth: IBasicAuth, storage: IStorageManager): void;
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
### register_middlewares
|
|
||||||
|
|
||||||
The method provide full access to the authentification and storage via `auth` and `storage`. `app` is the express application that allows you to add new endpoints.
|
|
||||||
|
|
||||||
> A pretty good example
|
|
||||||
of middleware plugin is the [sinopia-github-oauth](https://github.com/soundtrackyourbrand/sinopia-github-oauth) and [verdaccio-audit](https://github.com/verdaccio/verdaccio-audit).
|
|
||||||
|
|
||||||
### API
|
|
||||||
|
|
||||||
```js
|
|
||||||
function register_middlewares(expressApp, authInstance, storageInstance) {
|
|
||||||
/* more stuff */
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
To register a middleware we need an object with a single method called `register_middlewares` that will recieve 3 arguments (`expressApp, auth, storage`).
|
|
||||||
*Auth* is the authentification instance and *storage* is also the main Storage instance that will give you have access to all to the storage actions.
|
|
||||||
|
|
||||||
|
|
||||||
## Storage Plugin
|
|
||||||
|
|
||||||
Verdaccio by default uses a file system storage plugin [local-storage](https://github.com/verdaccio/local-storage), but, since `verdaccio@3.x` you can plug in a custom storage replacing the default behaviour.
|
|
||||||
|
|
||||||
### API
|
|
||||||
|
|
||||||
The storage API is a bit more complex, you will need to create a class that return a `IPluginStorage` implementation. Please see details bellow.
|
|
||||||
|
|
||||||
```flow
|
|
||||||
class LocalDatabase<IPluginStorage>{
|
|
||||||
constructor(config: $Subtype<verdaccio$Config>, logger: verdaccio$Logger): ILocalData;
|
|
||||||
}
|
|
||||||
|
|
||||||
interface IPluginStorage {
|
|
||||||
logger: verdaccio$Logger;
|
|
||||||
config: $Subtype<verdaccio$Config>;
|
|
||||||
add(name: string, callback: verdaccio$Callback): void;
|
|
||||||
remove(name: string, callback: verdaccio$Callback): void;
|
|
||||||
get(callback: verdaccio$Callback): void;
|
|
||||||
getSecret(): Promise<string>;
|
|
||||||
setSecret(secret: string): Promise<any>;
|
|
||||||
getPackageStorage(packageInfo: string): verdaccio$IPackageStorage;
|
|
||||||
search(onPackage: verdaccio$Callback, onEnd: verdaccio$Callback, validateName: Function): void;
|
|
||||||
}
|
|
||||||
|
|
||||||
interface IPackageStorageManager {
|
|
||||||
path: string;
|
|
||||||
logger: verdaccio$Logger;
|
|
||||||
writeTarball(name: string): verdaccio$IUploadTarball;
|
|
||||||
readTarball(name: string): verdaccio$IReadTarball;
|
|
||||||
readPackage(fileName: string, callback: verdaccio$Callback): void;
|
|
||||||
createPackage(name: string, value: verdaccio$Package, cb: verdaccio$Callback): void;
|
|
||||||
deletePackage(fileName: string, callback: verdaccio$Callback): void;
|
|
||||||
removePackage(callback: verdaccio$Callback): void;
|
|
||||||
updatePackage(pkgFileName: string,
|
|
||||||
updateHandler: verdaccio$Callback,
|
|
||||||
onWrite: verdaccio$Callback,
|
|
||||||
transformPackage: Function,
|
|
||||||
onEnd: verdaccio$Callback): void;
|
|
||||||
savePackage(fileName: string, json: verdaccio$Package, callback: verdaccio$Callback): void;
|
|
||||||
}
|
|
||||||
|
|
||||||
class verdaccio$IUploadTarball extends stream$PassThrough {
|
|
||||||
abort: Function;
|
|
||||||
done: Function;
|
|
||||||
_transform: Function;
|
|
||||||
abort(): void;
|
|
||||||
done(): void;
|
|
||||||
}
|
|
||||||
|
|
||||||
class verdaccio$IReadTarball extends stream$PassThrough {
|
|
||||||
abort: Function;
|
|
||||||
abort(): void;
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
> The Storage API is still experimental and might change in the next minor versions. For further information about Storage API please follow the [types
|
|
||||||
definitions in our official repository](https://github.com/verdaccio/flow-types).
|
|
||||||
|
|
||||||
### Storage Plugins Examples
|
|
||||||
|
|
||||||
The following list of plugins are implementing the Storage API and might be used them as example.
|
|
||||||
|
|
||||||
* [verdaccio-memory](https://github.com/verdaccio/verdaccio-memory)
|
|
||||||
* [local-storage](https://github.com/verdaccio/local-storage)
|
|
||||||
* [verdaccio-google-cloud](https://github.com/verdaccio/verdaccio-google-cloud)
|
|
||||||
* [verdaccio-s3-storage](https://github.com/Remitly/verdaccio-s3-storage/tree/s3)
|
|
||||||
|
|
||||||
> Are you willing to contribute with new Storage Plugins? [Click here.](https://github.com/verdaccio/verdaccio/issues/103#issuecomment-357478295)
|
|
|
@ -1,49 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.3.0-installation
|
|
||||||
title: Installation
|
|
||||||
original_id: installation
|
|
||||||
---
|
|
||||||
|
|
||||||
Verdaccio is a multiplatform web application. To install it, you need a few prerequisites.
|
|
||||||
|
|
||||||
#### Prerequisites
|
|
||||||
|
|
||||||
1. Node higher than
|
|
||||||
- For version `verdaccio@2.x` Node `v4.6.1` is the minimum supported version.
|
|
||||||
- For version `verdaccio@latest` Node `6.12.0` is the minimum supported version.
|
|
||||||
2. npm `>=3.x` or `yarn`
|
|
||||||
3. The web interface supports the `Chrome, Firefox, Edge, and IE9` browsers.
|
|
||||||
|
|
||||||
## Installing the CLI
|
|
||||||
|
|
||||||
`verdaccio` must be installed globaly using either of the following methods:
|
|
||||||
|
|
||||||
Using `npm`
|
|
||||||
|
|
||||||
```bash
|
|
||||||
npm install -g verdaccio
|
|
||||||
```
|
|
||||||
or using `yarn`
|
|
||||||
|
|
||||||
```bash
|
|
||||||
yarn global add verdaccio
|
|
||||||
```
|
|
||||||
|
|
||||||
![install verdaccio](/svg/install_verdaccio.gif)
|
|
||||||
|
|
||||||
|
|
||||||
## Basic Usage
|
|
||||||
|
|
||||||
Once it has been installed, you only need to execute the CLI command:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
$> verdaccio
|
|
||||||
warn --- config file - /home/.config/verdaccio/config.yaml
|
|
||||||
warn --- http address - http://localhost:4873/ - verdaccio/3.0.1
|
|
||||||
```
|
|
||||||
|
|
||||||
For more information about the CLI, please [read the cli section](cli.md).
|
|
||||||
|
|
||||||
## Docker Image
|
|
||||||
|
|
||||||
`verdaccio` has an official docker image you can use, and in most cases, the default configuration is good enough. For more information about how to install the official image, [read the docker section](docker.md).
|
|
|
@ -1,146 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.3.0-plugins
|
|
||||||
title: Plugins
|
|
||||||
original_id: plugins
|
|
||||||
---
|
|
||||||
|
|
||||||
Verdaccio is an plugabble aplication. It can be extended in many ways, either new authentication methods, adding
|
|
||||||
endpoints or using a custom storage.
|
|
||||||
|
|
||||||
> If you are interested to develop your own plugin, read the [development](dev-plugins.md) section.
|
|
||||||
|
|
||||||
## Usage
|
|
||||||
|
|
||||||
### Installation
|
|
||||||
|
|
||||||
```bash
|
|
||||||
$> npm install --global verdaccio-activedirectory
|
|
||||||
```
|
|
||||||
`verdaccio` as a sinopia fork it has backward compability with plugins that are compatible with `sinopia@1.4.0`. In such case the installation is the same.
|
|
||||||
|
|
||||||
```
|
|
||||||
$> npm install --global sinopia-memory
|
|
||||||
```
|
|
||||||
|
|
||||||
### Configuration
|
|
||||||
|
|
||||||
Open the `config.yaml` file and update the `auth` section as follows:
|
|
||||||
|
|
||||||
The default configuration looks like this, due we use a build-in `htpasswd` plugin by default that you can disable just commenting out the following lines.
|
|
||||||
|
|
||||||
|
|
||||||
### Auth Plugin Configuration
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
htpasswd:
|
|
||||||
file: ./htpasswd
|
|
||||||
#max_users: 1000
|
|
||||||
```
|
|
||||||
|
|
||||||
and replacing them with (in case you decide to use a `ldap` plugin.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
auth:
|
|
||||||
activedirectory:
|
|
||||||
url: "ldap://10.0.100.1"
|
|
||||||
baseDN: 'dc=sample,dc=local'
|
|
||||||
domainSuffix: 'sample.local'
|
|
||||||
```
|
|
||||||
|
|
||||||
#### Multiple Auth plugins
|
|
||||||
|
|
||||||
This is tecnically possible, the plugins order becames important, the the credentials will resolved in order.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
auth:
|
|
||||||
htpasswd:
|
|
||||||
file: ./htpasswd
|
|
||||||
#max_users: 1000
|
|
||||||
activedirectory:
|
|
||||||
url: "ldap://10.0.100.1"
|
|
||||||
baseDN: 'dc=sample,dc=local'
|
|
||||||
domainSuffix: 'sample.local'
|
|
||||||
```
|
|
||||||
|
|
||||||
### Middleware Plugin Configuration
|
|
||||||
|
|
||||||
This is an example how to set up a middleware plugin. All middleware plugins must be defined in the **middlewares** namespace.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
middlewares:
|
|
||||||
audit:
|
|
||||||
enabled: true
|
|
||||||
```
|
|
||||||
|
|
||||||
> You might follow the [audit middle plugin](https://github.com/verdaccio/verdaccio-audit) as base example.
|
|
||||||
|
|
||||||
### Store Plugin Configuration
|
|
||||||
|
|
||||||
This is an example how to set up a storage plugin. All storage plugins must be defined in the **store** namespace.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
store:
|
|
||||||
memory:
|
|
||||||
limit: 1000
|
|
||||||
```
|
|
||||||
|
|
||||||
> If you define a custom store, the property **storage** in the configuration file will be ignored.
|
|
||||||
|
|
||||||
## Legacy plugins
|
|
||||||
|
|
||||||
### Sinopia Plugins
|
|
||||||
|
|
||||||
(compatible all versions)
|
|
||||||
|
|
||||||
* [sinopia-npm](https://www.npmjs.com/package/sinopia-npm): auth plugin for sinopia supporting an npm registry.
|
|
||||||
* [sinopia-memory](https://www.npmjs.com/package/sinopia-memory): auth plugin for sinopia that keeps users in memory.
|
|
||||||
* [sinopia-github-oauth-cli](https://www.npmjs.com/package/sinopia-github-oauth-cli).
|
|
||||||
* [sinopia-crowd](https://www.npmjs.com/package/sinopia-crowd): auth plugin for sinopia supporting atlassian crowd.
|
|
||||||
* [sinopia-activedirectory](https://www.npmjs.com/package/sinopia-activedirectory): Active Directory authentication plugin for sinopia.
|
|
||||||
* [sinopia-github-oauth](https://www.npmjs.com/package/sinopia-github-oauth): authentication plugin for sinopia2, supporting github oauth web flow.
|
|
||||||
* [sinopia-delegated-auth](https://www.npmjs.com/package/sinopia-delegated-auth): Sinopia authentication plugin that delegates authentication to another HTTP URL
|
|
||||||
* [sinopia-altldap](https://www.npmjs.com/package/sinopia-altldap): Alternate LDAP Auth plugin for Sinopia
|
|
||||||
* [sinopia-request](https://www.npmjs.com/package/sinopia-request): An easy and fully auth-plugin with configuration to use an external API.
|
|
||||||
* [sinopia-htaccess-gpg-email](https://www.npmjs.com/package/sinopia-htaccess-gpg-email): Generate password in htaccess format, encrypt with GPG and send via MailGun API to users.
|
|
||||||
* [sinopia-mongodb](https://www.npmjs.com/package/sinopia-mongodb): An easy and fully auth-plugin with configuration to use a mongodb database.
|
|
||||||
* [sinopia-htpasswd](https://www.npmjs.com/package/sinopia-htpasswd): auth plugin for sinopia supporting htpasswd format.
|
|
||||||
* [sinopia-leveldb](https://www.npmjs.com/package/sinopia-leveldb): a leveldb backed auth plugin for sinopia private npm.
|
|
||||||
* [sinopia-gitlabheres](https://www.npmjs.com/package/sinopia-gitlabheres): Gitlab authentication plugin for sinopia.
|
|
||||||
* [sinopia-gitlab](https://www.npmjs.com/package/sinopia-gitlab): Gitlab authentication plugin for sinopia
|
|
||||||
* [sinopia-ldap](https://www.npmjs.com/package/sinopia-ldap): LDAP auth plugin for sinopia.
|
|
||||||
* [sinopia-github-oauth-env](https://www.npmjs.com/package/sinopia-github-oauth-env) Sinopia authentication plugin with github oauth web flow.
|
|
||||||
|
|
||||||
> All sinopia plugins should be compatible with all future verdaccio versions. Anyhow, we encourage contributors to migrate them to the
|
|
||||||
modern verdaccio API and using the prefix as *verdaccio-xx-name*.
|
|
||||||
|
|
||||||
## Verdaccio Plugins
|
|
||||||
|
|
||||||
(compatible since 2.1.x)
|
|
||||||
|
|
||||||
### Authorization Plugins
|
|
||||||
|
|
||||||
* [verdaccio-bitbucket](https://github.com/idangozlan/verdaccio-bitbucket): Bitbucket authentication plugin for verdaccio.
|
|
||||||
* [verdaccio-ldap](https://www.npmjs.com/package/verdaccio-ldap): LDAP auth plugin for verdaccio.
|
|
||||||
* [verdaccio-active-directory](https://github.com/nowhammies/verdaccio-activedirectory): Active Directory authentication plugin for verdaccio
|
|
||||||
* [verdaccio-gitlab](https://github.com/bufferoverflow/verdaccio-gitlab): use GitLab Personal Access Token to authenticate
|
|
||||||
* [verdaccio-htpasswd](https://github.com/verdaccio/verdaccio-htpasswd): Auth based on htpasswd file plugin (built-in) for verdaccio
|
|
||||||
* [verdaccio-github-oauth](https://github.com/aroundus-inc/verdaccio-github-oauth): Github oauth authentication plugin for verdaccio.
|
|
||||||
|
|
||||||
### Middleware Plugins
|
|
||||||
|
|
||||||
* [verdaccio-audit](https://github.com/verdaccio/verdaccio-audit): verdaccio plugin for *npm audit* cli support (built-in) (compatible since 3.x)
|
|
||||||
|
|
||||||
* [verdaccio-profile-api](https://github.com/ahoracek/verdaccio-profile-api): verdacci plugin for *npm profile* cli support and *npm profile set password* for *verdaccio-htpasswd* based authentificaton
|
|
||||||
|
|
||||||
### Storage Plugins
|
|
||||||
|
|
||||||
(compatible since 3.x)
|
|
||||||
|
|
||||||
* [verdaccio-memory](https://github.com/verdaccio/verdaccio-memory) Storage plugin to host packages in Memory
|
|
||||||
* [verdaccio-s3-storage](https://github.com/remitly/verdaccio-s3-storage) Storage plugin to host packages **Amazon S3**
|
|
||||||
* [verdaccio-google-cloud](https://github.com/verdaccio/verdaccio-google-cloud) Storage plugin to host packages **Google Cloud Storage**
|
|
||||||
|
|
||||||
## Caveats
|
|
||||||
|
|
||||||
> Not all these plugins are been tested continuously, some of them might not work at all.
|
|
||||||
Please if you found any issue feel free to notify the owner of each plugin.
|
|
|
@ -1,26 +0,0 @@
|
||||||
---
|
|
||||||
id: version-3.3.0-webui
|
|
||||||
title: Web User Interface2
|
|
||||||
original_id: webui
|
|
||||||
---
|
|
||||||
|
|
||||||
<p align="center"><img src="https://github.com/verdaccio/verdaccio/blob/master/assets/gif/verdaccio_big_30.gif?raw=true"></p>
|
|
||||||
|
|
||||||
Verdaccio has a web user interface to display only the private packges and can be customisable.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
web:
|
|
||||||
enable: true
|
|
||||||
title: Verdaccio
|
|
||||||
logo: logo.png
|
|
||||||
```
|
|
||||||
|
|
||||||
All access restrictions defined to [protect your packages](protect-your-dependencies.md) will also apply to the Web Interface.
|
|
||||||
|
|
||||||
### Configuration
|
|
||||||
|
|
||||||
Property | Type | Required | Example | Support | Description
|
|
||||||
--- | --- | --- | --- | --- | ---
|
|
||||||
enable | boolean | No | true/false | all | allow to display the web interface
|
|
||||||
title | string | No | Verdaccio | all | HTML head title description
|
|
||||||
logo | string | No | http://my.logo.domain/logo.png | all | a URI where logo is located
|
|
|
@ -1,47 +0,0 @@
|
||||||
{
|
|
||||||
"version-3.2.0-docs": {
|
|
||||||
"Introduction": [
|
|
||||||
"version-3.2.0-what-is-verdaccio",
|
|
||||||
"version-3.2.0-installation",
|
|
||||||
"version-3.2.0-cli"
|
|
||||||
],
|
|
||||||
"Configuration": [
|
|
||||||
"version-3.2.0-configuration",
|
|
||||||
"version-3.2.0-uplinks",
|
|
||||||
"version-3.2.0-packages",
|
|
||||||
"version-3.2.0-authentification",
|
|
||||||
"version-3.2.0-notifications",
|
|
||||||
"version-3.2.0-logger",
|
|
||||||
"version-3.2.0-webui"
|
|
||||||
],
|
|
||||||
"Server": [
|
|
||||||
"version-3.2.0-server-configuration",
|
|
||||||
"version-3.2.0-reverse-proxy",
|
|
||||||
"version-3.2.0-ssl",
|
|
||||||
"version-3.2.0-windows",
|
|
||||||
"version-3.2.0-iss-server"
|
|
||||||
],
|
|
||||||
"Plugins": [
|
|
||||||
"version-3.2.0-plugins",
|
|
||||||
"version-3.2.0-dev-plugins"
|
|
||||||
],
|
|
||||||
"DevOps": [
|
|
||||||
"version-3.2.0-docker",
|
|
||||||
"version-3.2.0-kubernetes",
|
|
||||||
"version-3.2.0-ansible",
|
|
||||||
"version-3.2.0-puppet",
|
|
||||||
"version-3.2.0-chef",
|
|
||||||
"version-3.2.0-ci"
|
|
||||||
],
|
|
||||||
"Development": [
|
|
||||||
"version-3.2.0-build",
|
|
||||||
"version-3.2.0-contributing",
|
|
||||||
"version-3.2.0-source-code",
|
|
||||||
"version-3.2.0-unit-testing",
|
|
||||||
"version-3.2.0-node-api"
|
|
||||||
],
|
|
||||||
"Guides": [
|
|
||||||
"version-3.2.0-protect-your-dependencies"
|
|
||||||
]
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,6 +0,0 @@
|
||||||
[
|
|
||||||
"3.4.1",
|
|
||||||
"3.4.0",
|
|
||||||
"3.3.0",
|
|
||||||
"3.2.0"
|
|
||||||
]
|
|
Loading…
Add table
Reference in a new issue