0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2025-01-06 22:40:26 -05:00
verdaccio/website/docs/uplinks.md

3.7 KiB

id title
uplinks Uplinks

An uplink is a link with an external registry that provides access to external packages.

Uplinks

Usage

uplinks:
  npmjs:
   url: https://registry.npmjs.org/
  server2:
    url: http://mirror.local.net/
    timeout: 100ms
  server3:
    url: http://mirror2.local.net:9000/
  baduplink:
    url: http://localhost:55666/

Configuration

You can define mutiple uplinks and each of them must have an unique name (key). They can have the following properties:

Property Type Required Example Support Description Default
url string Yes https://registry.npmjs.org/ all The registry url npmjs
ca string No ~./ssl/client.crt' all SSL path certificate No default
timeout string No 100ms all set new timeout for the request 30s
maxage string No 10m all the time threshold to the cache is valid 2m
fail_timeout string No 10m all defines max time when a request becomes a failure 5m
max_fails number No 2 all limit maximun failure request 2
cache boolean No [true,false] >= 2.1 cache all remote tarballs in storage true
auth list No see below >= 2.5 assigns the header 'Authorization' more info disabled
headers list No authorization: "Bearer SecretJWToken==" all list of custom headers for the uplink disabled
strict_ssl boolean No [true,false] >= 3.0 If true, requires SSL certificates be valid. true
agent_options object No maxSockets: 10 >= 4.0.2 options for the HTTP or HTTPS Agent responsible for managing uplink connection persistence and reuse more info No default

Auth property

The auth property allows you to use an auth token with an uplink. Using the default environment variable:

uplinks:
  private:
    url: https://private-registry.domain.com/registry
    auth:
      type: bearer
      token_env: true # by defaults points to the environment variable `NPM_TOKEN`

or via a specified custom environment variable:

uplinks:
  private:
    url: https://private-registry.domain.com/registry
    auth:
      type: bearer
      token_env: FOO_TOKEN # override the default `NPM_TOKEN` by a custom one

token_env: FOO_TOKEN internally will use process.env['FOO_TOKEN']

or by directly specifying a token oh the configuration file (not recommended by security corcerns):

uplinks:
  private:
    url: https://private-registry.domain.com/registry
    auth:
      type: bearer
      token: "token"

Note: token has priority over token_env

You Must know

  • Uplinks must be registries compatible with the npm endpoints. Eg: verdaccio, sinopia@1.4.0, npmjs registry, yarn registry, JFrog, Nexus and more.
  • Setting cache to false will help to save space in your hard drive. This will avoid store tarballs but it will keep metadata in folders.
  • Multiple uplinks might slow down the lookup of your packages. For each request an npm client makes, verdaccio makes 1 call to each configured uplink.
  • The (timeout, maxage and fail_timeout) format follow the NGINX measurement units
  • When using the Helm Chart, you can use secretEnvVars to inject sensitive environment variables, which can be used to configure private uplink auth.