Table of Contents

, ,

Verdaccio installation behind reverse proxy

Create a private npm registry (repository).

Pull from docker

Bind mount method (for testing)

Create folder structure and conf file

mkdir verdaccio && cd verdaccio
mkdir conf
mkdir storage
mkdir plugins

Put this in conf/config.yaml:

storage: /verdaccio/storage
plugins: /verdaccio/plugins
web:
  title: Verdaccio
auth:
  htpasswd:
    file: /verdaccio/conf/htpasswd
uplinks:
  npmjs:
    url: https://registry.npmjs.org/                                
packages:
  '@*/*':
    access: $all
    publish: $authenticated
    unpublish: $authenticated
    proxy: npmjs
  '**':
    access: $all
    publish: $authenticated
    unpublish: $authenticated
    proxy: npmjs
middlewares:
  audit:
    enabled: true
logs:
  - {type: stdout, format: pretty, level: http}
docker run -it --detach \
    --publish 4873:4873 \
    --volume `pwd`/conf:/verdaccio/conf \
    --volume `pwd`/storage:/verdaccio/storage \
    --volume `pwd`/plugins:/verdaccio/plugins \
    --name verdaccio \
    verdaccio/verdaccio

We are using docker bind mount so we need to change the permissions

 chown -R 10001:65533 /root/verdaccio/

Docker volume is the recommended method.

Create volumes:

docker volume create verdaccio
docker volume create verdaccio-storage

Run with volume:

docker run -it --detach \
    --publish 4873:4873 \
    --mount source=verdaccio,target=/verdaccio \
    --mount source=verdaccio-storage,target=/verdaccio/storage \
    --name verdaccio \
    verdaccio/verdaccio

Set correct path to htpasswd file in /var/lib/docker/volumes/verdaccio/_data/conf/config.yml

...
auth:
  htpasswd:
    file: /verdaccio/conf/htpasswd
...

Create user

In conf folder:

htpasswd -c htpasswd <username>

Apache reverse proxy config

Enable required apache modules:

a2enmod proxy proxy_http proxy_balancer ssl rewrite
<VirtualHost *:80>
    ServerName npm.example.com
    AllowEncodedSlashes     NoDecode
 
    ProxyPreserveHost       On
    SSLProxyEngine          On
    ProxyRequests           Off
    ProxyPass               /       http://localhost:4873/ nocanon
    ProxyPassReverse        /       http://localhost:4873/
 
    RequestHeader set       X-Forwarded-Proto "https"
 
	ErrorLog ${APACHE_LOG_DIR}/npm.example-error.log
	CustomLog ${APACHE_LOG_DIR}/npm.example-access.log combined
 
 
 
RewriteEngine on
RewriteCond %{SERVER_NAME} =npm.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

SSL configuration:

IfModule mod_ssl.c>
<VirtualHost *:443>
    ServerName npm.example.com
    AllowEncodedSlashes     NoDecode
 
    ProxyPreserveHost       On
    SSLProxyEngine          On
    ProxyRequests           Off
    ProxyPass               /       http://localhost:4873/ nocanon
    ProxyPassReverse        /       http://localhost:4873/
    RequestHeader set       X-Forwarded-Proto "https"
 
	ErrorLog ${APACHE_LOG_DIR}/npm.example-error.log
	CustomLog ${APACHE_LOG_DIR}/npm.example-access.log combined
 
 
 
SSLCertificateFile /etc/letsencrypt/live/npm.example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/npm.example.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

Tested on

See also

References