由于公司为保密部门,与外网隔离,则搭建内网npm包管理势在必行,查阅资料后决定使用verdacciopm2nrm等工具完成。

verdaccio

verdaccio是什么?

verdaccio是一种绿色,直观上看去偏墨绿,也可能是作者喜欢,来自意大利。😂

verdaccio 是一个 node.js创建的轻量、私有的npm proxy registry

官网总结:

  • 一个node.js的网页应用程序
  • 私有化npm源
  • 本地网络的proxy

Registry是什么?

  • 源(Registry)就是管理包的储存库(package),实现了储存库CommandJS兼容包的源规范。—package.json里面的定义。
  • 提供包管理工具的接口,如npmyarnpnpm。—可以通过包管理工具安装
  • 提供语意化的版本(兼容semver)。 —可以查看版本

安装

配置要求

  1. 环境:node.js@8.x +
  2. 包管理:npm@6.x+pnpm@5.xyarn@2.x
  3. 浏览器: 现代浏览器or >= IE.11

因为不太喜欢yarn后面的步骤都是通过npm完成

install via CLI

  1. win: npm install -g verdaccio  
  2. mac:  sudo npm install -g verdaccio

查看版本

  1. verdaccio -V

截屏2021-03-08 上午11.21.15.png

运行

  1. verdaccio

输出
image.png

配置

找到其中的config file打开,config是verdaccio程序的基础,我们修改特性、启用插件、扩展特性都是在这里配置,这个文件是YAML写的,逐个分析一波,相关配置内容官网

  1. #
  2. # This is the default config file. It allows all users to do anything,
  3. # so don't use it on production systems.
  4. #
  5. # Look here for more config file examples:
  6. # https://github.com/verdaccio/verdaccio/tree/master/conf
  7. #
  9. # path to a directory with all packages
  10. storage: /Users/pheeno/.local/share/verdaccio/storage
  11. # path to a directory with plugins to include
  12. plugins: ./plugins
  14. web:
  15.   title: Verdaccio
  16.   # comment out to disable gravatar support
  17.   # gravatar: false
  18.   # by default packages are ordercer ascendant (asc|desc)
  19.   # sort_packages: asc
  20.   # convert your UI to the dark side
  21.   # darkMode: true
  23. # translate your registry, api i18n not available yet
  24. # i18n:
  25. # list of the available translations https://github.com/verdaccio/ui/tree/master/i18n/translations
  26. #   web: en-US
  28. auth:
  29.   htpasswd:
  30.     file: ./htpasswd
  31.     # Maximum amount of users allowed to register, defaults to "+inf".
  32.     # You can set this to -1 to disable registration.
  33.     # max_users: 1000
  35. # a list of other known repositories we can talk to
  36. uplinks:
  37.   npmjs:
  38.     url: https://registry.npmjs.org/
  40. packages:
  41.   '@*/*':
  42.     # scoped packages
  43.     access: $all
  44.     publish: $authenticated
  45.     unpublish: $authenticated
  46.     proxy: npmjs
  48.   '**':
  49.     # allow all users (including non-authenticated users) to read and
  50.     # publish all packages
  51.     #
  52.     # you can specify usernames/groupnames (depending on your auth plugin)
  53.     # and three keywords: "$all", "$anonymous", "$authenticated"
  54.     access: $all
  56.     # allow all known users to publish/publish packages
  57.     # (anyone can register by default, remember?)
  58.     publish: $authenticated
  59.     unpublish: $authenticated
  61.     # if package is not available locally, proxy requests to 'npmjs' registry
  62.     proxy: npmjs
  64. # You can specify HTTP/1.1 server keep alive timeout in seconds for incoming connections.
  65. # A value of 0 makes the http server behave similarly to Node.js versions prior to 8.0.0, which did not have a keep-alive timeout.
  66. # WORKAROUND: Through given configuration you can workaround following issue https://github.com/verdaccio/verdaccio/issues/301. Set to 0 in case 60 is not enough.
  67. server:
  68.   keepAliveTimeout: 60
  70. middlewares:
  71.   audit:
  72.     enabled: true
  74. # log settings
  75. logs:
  76.   - { type: stdout, format: pretty, level: http }
  77.   #- {type: file, path: verdaccio.log, level: info}
  78. #experiments:
  79. #  # support for npm token command
  80. #  token: false
  81. #  # support for the new v1 search endpoint, functional by incomplete read more on ticket 1732
  82. #  search: false
  83. #  # disable writing body size to logs, read more on ticket 1912
  84. #  bytesin_off: false
  86. # This affect the web and api (not developed yet)
  87. #i18n:
  88. #web: en-US

storage

存放npm包的目录,单独建一个专门用来存储

  1. # path to a directory with all packages
  2. storage:D:/public_repo

plugins

插件的包目录,对基于DockerKubernetes部署的项目需要用到

web

用于显示源的网页,其中的配置
enable: true 是否开启网页
title: ‘xxxxx’ 网页头部显示标题
logo: ./xxx/xxx/xxx.png 网页中显示的logo图标

auth

uplinks

本地npm包如果找不到,会默认从其他的源中拉取,设置成npm官方源

  1. # a list of other known repositories we can talk to
  2. uplinks:
  3.   npmjs:
  4.     url: https://registry.npmjs.org/

packages

server

middlewares

logs

局域网启动

  1. 安装verdaccio

由于win10在node_modules下安装服务失败,不明原因,则在其他盘单独安装verdaccio,这里我是安装到了事先准备好的用于做storage的文件中,假设是E://public_repo然后运行npm install verdaccio

  1. 本地开启服务 nssm(windows)

发布源

Tips&Issuses

  • 离线状态下,局域网访问源,一直返回500 error:uplink offline

解决: config.yaml中加入publish: allow_offline: true

nrm

nrm是一个用来切换npm源(registry)数据的工具,配合verdaccio使用很方便。

安装

  1. npm install -g nrm

使用

  1. //查看所有源
  2. nrm ls
  3. //使用某个源
  4. nrm use taobao
  5. //添加源
  6. nrm add my-registry http://my-location.com
  7. //删除源
  8. nrm del my-registry

Tips & Issuses

在node低版本,win7系统中会出现 internal/validator.js这个文件报错,

解决:首先查看npm config配置npm config ls
image.png
如果是win32则进入报错的文件
image.png

const NRMRC = path.join(process.env.HOME, '.nrmrc');
改为
const NRMRC = path.join(process.env.USERPROFILE, '.nrmrc');

pm2