# npm 私服搭建教程 ## npm 私服必要性 1. 如果公司处于隐私保护的需要,不想将自己封的包推到 npm 社区,但又急需要一套完整的包管理工具来管理越来越多的组件,模块,项目。对于前端,最熟悉的莫过于 npm,bower 等,但是 bower 的市场明显没有 npm 强大的,npm 是前端包管理的不二选择 。 2. 下过 node 库的人都懂,从 npmjs 上下载有多慢,所以大家会用 cnpm 从淘宝那下,但有比淘宝更快的方法是从局域网的私服下。 3. 当我们搭好了这套私服管理工具之后有什么优势呢? - 私有包托管在我们的私服上,不对外。 - 项目中使用的所有包可以缓存在我们的私服上,然后大家下包的时候走私服,不用走 npmjs 了。速度快上七八倍不在话下。 - 对于下载和发布 npm 包都有了相应的权限管理。 ## windows npm 私服搭建过程 1. 安装 node 环境,[node 下载地址](https://nodejs.org/zh-cn/download/) 2. 准备工作目录 例如我这里的`F:\npm` 3. 初始化`pakage.json` ``` npm init -y ``` 4. 安装`verdaccio ` ``` npm i verdaccio ``` 4. 新建 `config.yaml` 作为 verdaccio 私服配置文件,配置文件可参考如下: ```yaml # 查看更多例子 # https://github.com/verdaccio/verdaccio/tree/master/conf # 仓库保存的地址,publish时仓库保存的地址 storage: ./storage # 插件的地址 plugins: ./plugins # 监听的地址 listen: 'https://192.168.12.8:4873' max_body_size: 1024mb web: enable: true title: panda | npm服务器 logo: assets/panda.png primary_color: '#4b5e40' # comment out to disable gravatar support gravatar: true scope: '@scope' # by default packages are ordercer ascendant (asc|desc) sort_packages: asc # convert your UI to the dark side darkMode: false # 翻译您的注册表,api i18n尚不可用 i18n: # list of the available translations https://github.com/verdaccio/ui/tree/master/i18n/translations web: zh-CN auth: htpasswd: file: ./htpasswd # 账号密码的文件地址,初始化时不存在,可指定需要手工创建 # 默认1000,为允许用户注册的数量。defaults to "+inf"。 # 为-1时,不允许用户通过npm adduser注册。 # 但是,当为-1时,可以通过直接编写htpasswd file内容的方式添加用户 max_users: 1000 # a list of other known repositories we can talk to uplinks: taobao: url: https://registry.npm.taobao.org/ npmjs: url: https://registry.npmjs.org/ packages: '@*/*': # scoped packages access: $all publish: $authenticated unpublish: $authenticated proxy: taobao '**': # allow all users (including non-authenticated users) to read and # publish all packages # # you can specify usernames/groupnames (depending on your auth plugin) # and three keywords: "$all", "$anonymous", "$authenticated" access: $all # allow all known users to publish/publish packages # (anyone can register by default, remember?) publish: $authenticated unpublish: $authenticated # if package is not available locally, proxy requests to 'npmjs' registry proxy: taobao # You can specify HTTP/1.1 server keep alive timeout in seconds for incoming connections. # A value of 0 makes the http server behave similarly to Node.js versions prior to 8.0.0, which did not have a keep-alive timeout. # WORKAROUND: Through given configuration you can workaround following issue https://github.com/verdaccio/verdaccio/issues/301. Set to 0 in case 60 is not enough. #server: #keepAliveTimeout: 60 middlewares: audit: enabled: true https: key: ./ssl/g.civnet.cn.key cert: ./ssl/g.civnet.cn.pem notify: method: POST headers: [{ 'Content-Type': 'application/json' }] endpoint: http://172.16.10.33:3000/ # https://usagge.hipchat.com/v2/room/3729485/notification?auth_token=mySecretToken content: '{"color":"green","message":"New package published: * {{ name }}*","notify":true,"message_format":"text"}' # log settings logs: - { type: stdout, format: pretty, level: http } #- {type: file, path: verdaccio.log, level: info} #experiments: # # support for npm token command # token: false # # support for the new v1 search endpoint, functional by incomplete read more on ticket 1732 # search: false ``` 5. 试运行一下 verdaccio 看有无报错 ``` npx verdaccio # 能够正常打开并使用'http://192.168.12.8:4873即为正常 ``` 5. 下载[nssm](https://www.nssm.cc/download/)注册 verdaccio 作为 windwos 服务 - cmd 进入刚下载好 nssm.exe 根目录 - 打开安装交互界面 ```bash nssm install npmjs # npmjs 是你的服务名 ``` - 配置如下: Path: node Startup directory: f:\verdaccio Arguments: f:\verdaccio\node_modules\verdaccio\build\lib\cli.js -c f:\verdaccio\config.yaml 6. 启动服务大功告成!服务器目录如下图 ![目录](https://g.civnet.cn:5010/images/npm/verdaccio.png)