# npm 私服搭建教程

## npm 私服必要性

1.  如果公司处于隐私保护的需要,不想将自己封的包推到 npm 社区,但又急需要一套完整的包管理工具来管理越来越多的组件,模块,项目。对于前端,最熟悉的莫过于 npm,bower 等,但是 bower 的市场明显没有 npm 强大的,npm 是前端包管理的不二选择 。
2.  下过 node 库的人都懂,从 npmjs 上下载有多慢,所以大家会用 cnpm 从淘宝那下,但有比淘宝更快的方法是从局域网的私服下。
3.  当我们搭好了这套私服管理工具之后有什么优势呢?

- 私有包托管在我们的私服上,不对外。
- 项目中使用的所有包可以缓存在我们的私服上,然后大家下包的时候走私服,不用走 npmjs 了。速度快上七八倍不在话下。
- 对于下载和发布 npm 包都有了相应的权限管理。

## windows npm 私服搭建过程

1. 安装 node 环境,[node 下载地址](https://nodejs.org/zh-cn/download/)
2. 准备工作目录 例如我这里的`F:\npm`
3. 初始化`pakage.json`

```
npm init -y
```

4. 安装`verdaccio `

```
npm  i  verdaccio
```

4. 新建 `config.yaml` 作为 verdaccio 私服配置文件,配置文件可参考如下:

```yaml
# 查看更多例子
# https://github.com/verdaccio/verdaccio/tree/master/conf

# 仓库保存的地址,publish时仓库保存的地址
storage: ./storage
# 插件的地址
plugins: ./plugins
# 监听的地址
listen: 'https://192.168.12.8:4873'

max_body_size: 1024mb

web:
  enable: true
  title: panda | npm服务器
  logo: assets/panda.png
  primary_color: '#4b5e40'
  # comment out to disable gravatar support
  gravatar: true
  scope: '@scope'
  # by default packages are ordercer ascendant (asc|desc)
  sort_packages: asc
  # convert your UI to the dark side
  darkMode: false

# 翻译您的注册表,api i18n尚不可用
i18n:
  # list of the available translations https://github.com/verdaccio/ui/tree/master/i18n/translations
  web: zh-CN

auth:
  htpasswd:
    file: ./htpasswd # 账号密码的文件地址,初始化时不存在,可指定需要手工创建
    # 默认1000,为允许用户注册的数量。defaults to "+inf"。
    # 为-1时,不允许用户通过npm adduser注册。
    # 但是,当为-1时,可以通过直接编写htpasswd file内容的方式添加用户
    max_users: 1000

# a list of other known repositories we can talk to
uplinks:
  taobao:
    url: https://registry.npm.taobao.org/
  npmjs:
    url: https://registry.npmjs.org/

packages:
  '@*/*':
    # scoped packages
    access: $all
    publish: $authenticated
    unpublish: $authenticated
    proxy: taobao

  '**':
    # allow all users (including non-authenticated users) to read and
    # publish all packages
    #
    # you can specify usernames/groupnames (depending on your auth plugin)
    # and three keywords: "$all", "$anonymous", "$authenticated"
    access: $all

    # allow all known users to publish/publish packages
    # (anyone can register by default, remember?)
    publish: $authenticated
    unpublish: $authenticated

    # if package is not available locally, proxy requests to 'npmjs' registry
    proxy: taobao

# You can specify HTTP/1.1 server keep alive timeout in seconds for incoming connections.
# A value of 0 makes the http server behave similarly to Node.js versions prior to 8.0.0, which did not have a keep-alive timeout.
# WORKAROUND: Through given configuration you can workaround following issue https://github.com/verdaccio/verdaccio/issues/301. Set to 0 in case 60 is not enough.
#server:
#keepAliveTimeout: 60

middlewares:
  audit:
    enabled: true

https:
  key: ./ssl/g.civnet.cn.key
  cert: ./ssl/g.civnet.cn.pem

notify:
  method: POST
  headers: [{ 'Content-Type': 'application/json' }]
  endpoint: http://172.16.10.33:3000/ # https://usagge.hipchat.com/v2/room/3729485/notification?auth_token=mySecretToken
  content: '{"color":"green","message":"New package published: * {{ name }}*","notify":true,"message_format":"text"}'

# log settings
logs:
  - { type: stdout, format: pretty, level: http }
  #- {type: file, path: verdaccio.log, level: info}
#experiments:
#  # support for npm token command
#  token: false
#  # support for the new v1 search endpoint, functional by incomplete read more on ticket 1732
#  search: false
```

5. 试运行一下 verdaccio 看有无报错

```
npx verdaccio
# 能够正常打开并使用'http://192.168.12.8:4873即为正常
```

5. 下载[nssm](https://www.nssm.cc/download/)注册 verdaccio 作为 windwos 服务

- cmd 进入刚下载好 nssm.exe 根目录
- 打开安装交互界面

```bash
nssm install  npmjs
# npmjs 是你的服务名
```

- 配置如下: Path: node Startup directory: f:\verdaccio Arguments: f:\verdaccio\node_modules\verdaccio\build\lib\cli.js -c f:\verdaccio\config.yaml

6. 启动服务大功告成!服务器目录如下图 ![目录](https://g.civnet.cn:5010/images/npm/verdaccio.png)