{{tag>npm nodejs javascript}}

====== Verdaccio installation behind reverse proxy ======
Create a private npm registry (repository).

===== Pull from docker =====
==== Bind mount method (for testing) ====

Create folder structure and conf file
  mkdir verdaccio && cd verdaccio
  mkdir conf
  mkdir storage
  mkdir plugins

Put this in //conf/config.yaml//: 

<code>
storage: /verdaccio/storage
plugins: /verdaccio/plugins
web:
  title: Verdaccio
auth:
  htpasswd:
    file: /verdaccio/conf/htpasswd
uplinks:
  npmjs:
    url: https://registry.npmjs.org/                                
packages:
  '@*/*':
    access: $all
    publish: $authenticated
    unpublish: $authenticated
    proxy: npmjs
  '**':
    access: $all
    publish: $authenticated
    unpublish: $authenticated
    proxy: npmjs
middlewares:
  audit:
    enabled: true
logs:
  - {type: stdout, format: pretty, level: http}
</code>


<code docker>
docker run -it --detach \
    --publish 4873:4873 \
    --volume `pwd`/conf:/verdaccio/conf \
    --volume `pwd`/storage:/verdaccio/storage \
    --volume `pwd`/plugins:/verdaccio/plugins \
    --name verdaccio \
    verdaccio/verdaccio
</code>

We are using docker bind mount so we need to change the permissions

   chown -R 10001:65533 /root/verdaccio/



==== Using Docker volume (recommended) ====
[[https://docs.docker.com/storage/volumes/|Docker volume]] is the recommended method.

Create volumes:
  docker volume create verdaccio
  docker volume create verdaccio-storage

Run with volume:
<code docker>
docker run -it --detach \
    --publish 4873:4873 \
    --mount source=verdaccio,target=/verdaccio \
    --mount source=verdaccio-storage,target=/verdaccio/storage \
    --name verdaccio \
    verdaccio/verdaccio
</code>

Set correct path to htpasswd file in ///var/lib/docker/volumes/verdaccio/_data/conf/config.yml//
<code yml>
...
auth:
  htpasswd:
    file: /verdaccio/conf/htpasswd
...
</code>
===== Create user =====

In //conf// folder:

  htpasswd -c htpasswd <username>

===== Apache reverse proxy config =====
Enable required apache modules:

  a2enmod proxy proxy_http proxy_balancer ssl rewrite

<code apache>
<VirtualHost *:80>
    ServerName npm.example.com
    AllowEncodedSlashes     NoDecode

    ProxyPreserveHost       On
    SSLProxyEngine          On
    ProxyRequests           Off
    ProxyPass               /       http://localhost:4873/ nocanon
    ProxyPassReverse        /       http://localhost:4873/

    RequestHeader set       X-Forwarded-Proto "https"

	ErrorLog ${APACHE_LOG_DIR}/npm.example-error.log
	CustomLog ${APACHE_LOG_DIR}/npm.example-access.log combined

    
    
RewriteEngine on
RewriteCond %{SERVER_NAME} =npm.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
</code>

SSL configuration:
<code apache>
IfModule mod_ssl.c>
<VirtualHost *:443>
    ServerName npm.example.com
    AllowEncodedSlashes     NoDecode

    ProxyPreserveHost       On
    SSLProxyEngine          On
    ProxyRequests           Off
    ProxyPass               /       http://localhost:4873/ nocanon
    ProxyPassReverse        /       http://localhost:4873/
    RequestHeader set       X-Forwarded-Proto "https"
    
	ErrorLog ${APACHE_LOG_DIR}/npm.example-error.log
	CustomLog ${APACHE_LOG_DIR}/npm.example-access.log combined
    
    

SSLCertificateFile /etc/letsencrypt/live/npm.example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/npm.example.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
</code>

====== Tested on ======
  * Debian 10
  * Verdaccio 5.1.1
  * Apache/2.4.38

====== See also ======
  * [[wiki:verdaccio_vanilla_install|Verdaccio vanilla install]]
====== References ======
  * https://blog.bitsrc.io/how-to-set-up-a-private-npm-registry-locally-1065e6790796
  * https://verdaccio.org/docs/en/authentication
  * https://verdaccio.org/docs/en/docker