Infrastructure/verdaccio
0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2025-03-04 02:02:39 -05:00
Code Issues Activity
verdaccio/website/translated_docs/pt-BR/config.md

7.8 KiB
Raw Blame History

id title
configuration Arquivo de Configuração

This file is the cornerstone of Verdaccio where you can modify the default behaviour, enable plugins and extend features.

Um arquivo de configuração padrão config.yaml é criado na primeira vez que você executa verdaccio.

Configuração Padrão

The default configuration has support for scoped packages and allows any user to access all packages, but only authenticated users to publish.

storage: ./storage
auth:
  htpasswd:
    file: ./htpasswd
uplinks:
  npmjs:
    url: https://registry.npmjs.org/
packages:
  "@*/*":
    access: $all
    publish: $authenticated
    proxy: npmjs
  "**":
    proxy: npmjs
logs:
  - { type: stdout, format: pretty, level: http }

Seções

The following sections explain what each property means and their different options.

Armazenamento

É a localização do armazenamento padrão. **Por padrão o Verdaccio está baseado no arquivo de sistema local **.

storage: ./storage

Plugins

Is the location of the plugin directory. Useful for Docker/Kubernetes-based deployments.

plugins: ./plugins

Autenticação

The authentication setup is done here. The default auth is based on htpasswd and is built in. You can modify this behaviour via plugins. For more information about this section read the auth page.

auth:
  htpasswd:
    file: ./htpasswd
    max_users: 1000

Segurança

A partir de: verdaccio@4.0.0 #168

O bloco de segurança permite personalizar o token de assinatura. To enable a new JWT (JSON Web Tokens) signature you need to add the block jwt to the api section; web uses jwt by default.

A configuração é separada em duas seções, api e web. To use JWT on api it has to be defined, otherwise the legacy token signature (aes192) will be used. For JWT you might want to customize the signature and the token verification with your own properties.

security:
  api:
    legacy: true
    jwt:
      sign:
        expiresIn: 29d
      verify:
        someProp: [value]
   web:
     sign:
       expiresIn: 7d # 7 days by default
     verify:
        someProp: [value]

É altamente recomendável migrar para o JWT, pois a assinatura herdada (aes192) está obsoleta e desaparecerá em versões futuras.

Server

Um conjunto de propriedades para alterar o comportamento do aplicativo do servidor, especificamente a API (Express.js).

Você pode especificar o tempo limite de espera do servidor HTTP/1.1 em segundos para conexões de entrada. Um valor 0 faz com que o servidor http se comporte de maneira semelhante às versões do Node.js anteriores a 8.0.0, que não tinham um tempo limite de atividade. SOLUÇÃO ALTERNATIVA: Através da configuração fornecida, você pode solucionar o seguinte problema https://github.com/verdaccio/verdaccio/issues/301. Defina como 0 caso 60 não seja suficiente.

server:
  keepAliveTimeout: 60

Web UI

This property allow you to modify the look and feel of the web UI. For more information about this section read the web UI page.

web:
  enable: true
  title: Verdaccio
  logo: logo.png
  scope:

Uplinks

Uplinks add the ability to fetch packages from remote registries when those packages are not available locally. For more information about this section read the uplinks page.

uplinks:
  npmjs:
    url: https://registry.npmjs.org/

Packages

This section allows you to control how packages are accessed. For more information about this section read the packages page.

packages:
  "@*/*":
    access: $all
    publish: $authenticated
    proxy: npmjs

Configurações Avançadas

Offline Publish

By default verdaccio does not allow you to publish packages when the client is offline. This can be can be overridden by setting this value to true.

publish:
  allow_offline: false

Since: verdaccio@2.3.6 due #223

URL Prefix

The prefix is intended to be used when the server runs behinds the proxy, check the reverse proxy setup page for more details.

url_prefix: /verdaccio/

Verdaccio 5 has an improved prefix behaviour, check here details.

Max Body Size

By default the maximum body size for a JSON document is 10mb, if you run into errors that state "request entity too large" you may increase this value.

max_body_size: 10mb

Listen Port

verdaccio runs by default on the port 4873. Changing the port can be done via CLI or in the configuration file. The following options are valid:

listen:
# - localhost:4873            # default value
# - http://localhost:4873     # same thing
# - 0.0.0.0:4873              # listen on all addresses (INADDR_ANY)
# - https://example.org:4873  # if you want to use https
# - "[::1]:4873"                # ipv6
# - unix:/tmp/verdaccio.sock    # unix socket

HTTPS

To enable https in verdaccio it's enough to set the listen flag with the protocol https://. For more information about this section read the SSL page.

https:
  key: ./path/verdaccio-key.pem
  cert: ./path/verdaccio-cert.pem
  ca: ./path/verdaccio-csr.pem

Proxy

Proxies are special-purpose HTTP servers designed to transfer data from remote servers to local clients.

http_proxy e https_proxy

If you have a proxy in your network you can set a X-Forwarded-For header using the following properties:

http_proxy: http://something.local/
https_proxy: https://something.local/

no_proxy

This variable should contain a comma-separated list of domain extensions that the proxy should not be used for.

no_proxy: localhost,127.0.0.1

Notificações

Enabling notifications to third-party tools is fairly easy via webhooks. For more information about this section read the notifications page.

notify:
  method: POST
  headers: [{ "Content-Type": "application/json" }]
  endpoint: https://usagge.hipchat.com/v2/room/3729485/notification?auth_token=mySecretToken
  content: '{"color":"green","message":"New package published: * {{ name }}*","notify":true,"message_format":"text"}'

For more detailed configuration settings, please check the source code.

Audit

Since: verdaccio@3.0.0

npm audit is a new command released with npm 6.x. Verdaccio includes a built-in middleware plugin to handle this command.

If you have a new installation it comes by default, otherwise you need to add the following props to your config file

middlewares:
  audit:
    enabled: true

Experiments

This release includes a new property named experiments that can be placed in the config.yaml and is completely optional.

We want to be able to ship new things without affecting production environments. This flag allows us to add new features and get feedback from the community who decides to use them.

The features under this flag might not be stable or might be removed in future releases.

Here is one example:

experiments:
  token: false

To disable the experiments warning in the console, you must comment out the whole experiments section.