Private npm registry with https.

05 Apr 2018

Sometimes you want to give your colleagues access to some library but can’t make the code public. One option is get the paid version of npm registry. Other is to raise up a private npm registry.

verdaccio is a npm proxy and cache that is easy to deploy. You can simply use the docker image as specified in README. But here is how to do it for a machine. I’m using Centos 7.4 example and Epel’s nodejs.

Install epel and nodejs

root@localhost:~ # yum install epel-release
root@localhost:~ # yum install nodejs

Create a user, setup sudo and install verdaccio

root@localhost:~ # useradd npmuser
root@localhost:~ # passwd npmuser
root@localhost:~ # usermod -aG wheel npmuser

Log with and install verdaccio and create the config file

root@localhost:~ # su - npmuser
npmuser@localhost:~ $ npm install -g verdaccio
npmuser@localhost:~ $ # Run it so it create the default config file
npmuser@localhost:~ $ verdaccio

Wait it to start then stop it with Ctrl+C

Create a self signed certificate

npmuser@localhost:~/verdaccio $ cd verdaccio
npmuser@localhost:~/verdaccio $ openssl req -x509 -nodes -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -batch

Configure verdaccio

npmuser@localhost:~/verdaccio $ cat << EOF > config.yaml

listen: https://`hostname -f`:4873

https:
  key: ${HOME}/verdaccio/key.pem
  cert: ${HOME}/verdaccio/cert.pem
  ca: ${HOME}verdaccio/cert.pem
EOF

Note: If you hasn’t DNS configured replace hostname -f by your IP address.

Enable the port in firewall

npmuser@localhost:~/verdaccio $ sudo firewall-cmd --zone public --add-port=4873/tcp --permanent
npmuser@localhost:~/verdaccio $ sudo systemctl restart firewalld

Test it

npmuser@localhost:~/verdaccio verdaccio

Navigate to http://:4873. You should see the front end page saying _No Package Published Yet_. Stop it with _Ctrl+C_.

Create the systemd service

npmuser@localhost:~/verdaccio $ sudo cat <<EOF > /etc/systemd/system/verdaccio.service
[Unit]
Description=Private NPM registry.

[Service]
User=${USER}
WorkingDirectory=${HOME}
ExecStart=/bin/verdaccio
ExecStop=/usr/bin/killall verdaccio
EOF

Enable it and start it.

npmuser@localhost:~/verdaccio $ sudo systmectl enable verdaccio.service
npmuser@localhost:~/verdaccio $ sudo systmectl start verdaccio.service

That’s it! You can check for the logs by journalctl -xf --unit verdaccio.service

Remove sudo if needed

npmuser@localhost:~/verdaccio $ sudo gpasswd -d npmuser wheel

Publishing

To publish do the registry configure it at your npm. Also since we are using self signed certificate you need to disable strict-ssl. And last add your user, e-mail verification is not required.

you@yourmachine:~ $ npm config set registry https://<PRIVATE_REGISTRY_IP_OR_DOMAIN>:4873
you@yourmachine:~ $ npm config set strict-ssl false

You can strict the authentication by following the verdaccio docs about it.

Cheers,