verdaccio私有npm仓库服务

# 加速镜像：registry.cn-shanghai.aliyuncs.com/kubesec/verdaccio:6.1.2docker pull verdaccio/verdaccio:6.1.2

mkdir -p /opt/verdaccio/{conf,storage,plugins}

sudo curl -L https://raw.githubusercontent.com/verdaccio/verdaccio/6.x/conf/docker.yaml -o /opt/verdaccio/conf/config.yaml

cat <<EOF | sudo tee /opt/verdaccio/conf/config.yaml## This is the default configuration file. It allows all users to do anything,# please read carefully the documentation and best practices to# improve security.## Do not configure host and port under `listen` in this file# as it will be ignored when using docker.# see https://verdaccio.org/docs/en/docker#docker-and-custom-port-configuration## Look here for more config file examples:# https://github.com/verdaccio/verdaccio/tree/6.x/conf## Read about the best practices# https://verdaccio.org/docs/best# path to a directory with all packagesstorage: /verdaccio/storage/data# path to a directory with plugins to includeplugins: /verdaccio/plugins# https://verdaccio.org/docs/webuiweb:  title: Verdaccio# comment out to disable gravatar support# gravatar: false# by default packages are ordercer ascendant (asc|desc)# sort_packages: asc# convert your UI to the dark side# darkMode: true# html_cache: true# by default all features are displayed# login: true# showInfo: true# showSettings: true# In combination with darkMode you can force specific theme# showThemeSwitch: true# showFooter: true# showSearch: true# showRaw: true# showDownloadTarball: true#  HTML tags injected after manifest <scripts/># scriptsBodyAfter:#    - '<script type="text/javascript" src="https://my.company.com/customJS.min.js"></script>'#  HTML tags injected before ends </head>#  metaScripts:#    - '<script type="text/javascript" src="https://code.jquery.com/jquery-3.5.1.slim.min.js"></script>'#    - '<script type="text/javascript" src="https://browser.sentry-cdn.com/5.15.5/bundle.min.js"></script>'#    - '<meta name="robots" content="noindex" />'#  HTML tags injected first child at <body/>#  bodyBefore:#    - '<div id="myId">html before webpack scripts</div>'#  Public path for template manifest scripts (only manifest)#  publicPath: http://somedomain.org/# https://verdaccio.org/docs/configuration#authenticationauth:  htpasswd:    file: /verdaccio/storage/htpasswd# Maximum amount of users allowed to register, defaults to "+infinity".# You can set this to -1 to disable registration.# max_users: 1000# Hash algorithm, possible options are: "bcrypt", "md5", "sha1", "crypt".# algorithm: bcrypt # by default is crypt, but is recommended use bcrypt for new installations# Rounds number for "bcrypt", will be ignored for other algorithms.# rounds: 10# https://verdaccio.org/docs/configuration#uplinks# a list of other known repositories we can talk touplinks:  npmjs:    url: https://registry.npmjs.org/# Learn how to protect your packages# https://verdaccio.org/docs/protect-your-dependencies/# https://verdaccio.org/docs/configuration#packagespackages:'@*/*':# scoped packages    access: $all    publish: $authenticated    unpublish: $authenticated    proxy: npmjs'**':# allow all users (including non-authenticated users) to read and# publish all packages## you can specify usernames/groupnames (depending on your auth plugin)# and three keywords: "$all", "$anonymous", "$authenticated"    access: $all# allow all known users to publish/publish packages# (anyone can register by default, remember?)    publish: $authenticated    unpublish: $authenticated# if package is not available locally, proxy requests to 'npmjs' registry    proxy: npmjs# To improve your security configuration and  avoid dependency confusion# consider removing the proxy property for private packages# https://verdaccio.org/docs/best#remove-proxy-to-increase-security-at-private-packages# https://verdaccio.org/docs/configuration#server# You can specify HTTP/1.1 server keep alive timeout in seconds for incoming connections.# A value of 0 makes the http server behave similarly to Node.js versions prior to 8.0.0, which did not have a keep-alive timeout.# WORKAROUND: Through given configuration you can workaround following issue https://github.com/verdaccio/verdaccio/issues/301. Set to 0 in case 60 is not enough.server:  keepAliveTimeout: 60# Allow `req.ip` to resolve properly when Verdaccio is behind a proxy or load-balancer# See: https://expressjs.com/en/guide/behind-proxies.html# trustProxy: '127.0.0.1'# https://verdaccio.org/docs/configuration#offline-publish# publish:#   allow_offline: false# https://verdaccio.org/docs/configuration#url-prefix# url_prefix: /verdaccio/# VERDACCIO_PUBLIC_URL='https://somedomain.org';# url_prefix: '/my_prefix'# // url -> https://somedomain.org/my_prefix/# VERDACCIO_PUBLIC_URL='https://somedomain.org';# url_prefix: '/'# // url -> https://somedomain.org/# VERDACCIO_PUBLIC_URL='https://somedomain.org/first_prefix';# url_prefix: '/second_prefix'# // url -> https://somedomain.org/second_prefix/'# https://verdaccio.org/docs/configuration#security# security:#   api:#     legacy: true#     # recomended set to true for older installations#     migrateToSecureLegacySignature: true#     jwt:#       sign:#         expiresIn: 29d#       verify:#         someProp: [value]#    web:#      sign:#        expiresIn: 1h # 1 hour by default#      verify:#         someProp: [value]# https://verdaccio.org/docs/configuration#user-rate-limit# userRateLimit:#   windowMs: 50000#   max: 1000# https://verdaccio.org/docs/configuration#max-body-size# max_body_size: 10mb# https://verdaccio.org/docs/configuration#listen-port# listen:# - localhost:4873            # default value# - http://localhost:4873     # same thing# - 0.0.0.0:4873              # listen on all addresses (INADDR_ANY)# - https://example.org:4873  # if you want to use https# - "[::1]:4873"                # ipv6# - unix:/tmp/verdaccio.sock    # unix socket# The HTTPS configuration is useful if you do not consider use a HTTP Proxy# https://verdaccio.org/docs/configuration#https# https:#   key: ./path/verdaccio-key.pem#   cert: ./path/verdaccio-cert.pem#   ca: ./path/verdaccio-csr.pem# https://verdaccio.org/docs/configuration#proxy# http_proxy: http://something.local/# https_proxy: https://something.local/# https://verdaccio.org/docs/configuration#notifications# notify:#   method: POST#   headers: [{ "Content-Type": "application/json" }]#   endpoint: https://usagge.hipchat.com/v2/room/3729485/notification?auth_token=mySecretToken#   content: '{"color":"green","message":"New package published: * {{ name }}*","notify":true,"message_format":"text"}'middlewares:  audit:    enabled: true# https://verdaccio.org/docs/logger# log settingslog: { type: stdout, format: pretty, level: http }#experiments:#  # support for npm token command#  token: false#  # enable tarball URL redirect for hosting tarball with a different server, the tarball_url_redirect can be a template string#  tarball_url_redirect: 'https://mycdn.com/verdaccio/${packageName}/${filename}'#  # the tarball_url_redirect can be a function, takes packageName and filename and returns the url, when working with a js configuration file#  tarball_url_redirect(packageName, filename) {#    const signedUrl = // generate a signed url#    return signedUrl;#  }# translate your registry, api i18n not available yet# i18n:# list of the available translations https://github.com/verdaccio/verdaccio/blob/master/packages/plugins/ui-theme/src/i18n/ABOUT_TRANSLATIONS.md#   web: en-USEOF

chown -R 10001:65533 /opt/verdaccio

docker run -d --name verdaccio -p 4873:4873 -v /opt/verdaccio/conf:/verdaccio/conf -v /opt/verdaccio/storage:/verdaccio/storage  -v /opt/verdaccio/plugins:/verdaccio/plugins verdaccio/verdaccio:6.1.2