Setting Up a Private NPM Registry
While open source is great, sometimes it is not possible to make your code public and publish it to the official NPM registry. In this situation you may want to set up a private NPM registry and publish your packages there, for re-use by your internal applications. This article explains how to do this.
Setting up the registry server
We will be using the Verdaccio server and we will run the server inside a Docker container.
Download this Makefile into the directory that will house your registry on your Docker host.
Inspect the file to see what it will do (always a good idea) and then run:
Your container will mount
storage/ directories for persistent state.
Refer to Verdaccio's excellent documentation for more information.
Using your private registry
To make life super easy you should scope your private packages (TLDR: prefix the name with
@something/ in the package's
npm config set @something:registry http://your-docker-host:4873/ npm login --scope=@something
After this NPM will use your private registry for publishing and downloading your scoped packages and use the official registry for everything else.
It is possible to configure HTTPS access to the repository as long as you are using proper certificates, or your clients implicitly trust your internal CA. If this is not the case then NPM will cause you many headaches.
Add the following configuration:
https: key: /verdaccio/conf/key.pem cert: /verdaccio/conf/cert.pem ca: /verdaccio/conf/ca.pem
Copy the relevant certificate files into the
conf/ directory and replace the
run target in your Makefile with this:
run: $(VOLUMES) $(CONFIG) stop PROTOCOL=https docker run \ --env PROTOCOL \ -dt \ --restart always \ --name $(NAME) \ -p 4873:4873 \ -v $(CONF):/verdaccio/conf \ -v $(STORAGE):/verdaccio/storage \ $(IMG)