DEV Community

Cover image for Verdaccio: Hosting your own Private NPM Registry
Piyush Kumar Baliyan for AdmitKard

Posted on • Edited on • Originally published at tech.admitkard.com

Verdaccio: Hosting your own Private NPM Registry

What is a Private NPM registry?

Sometimes you need to publish a npm package to use within your org or team. There are many services online that provide solutions to this problem.

own Private NPM package registry

You can subscribe for Npm Orgs or GemFury and services like these.

But sometimes you want a quick and cheap solution to test things out, or to start with things. Here is when Verdaccio helps you to start.

How it looks:

Installation

Verdaccio is available as a npm package and can be downloaded. Install it as a global package.

npm install — global verdaccio
yarn global add verdaccio
Enter fullscreen mode Exit fullscreen mode

To give it a quick trial run this now

verdaccio
Enter fullscreen mode Exit fullscreen mode

Running Server

You can run verdaccio via many service managers, pm2 is fairly simple to set up and use.

Just install it globally:

npm install -g pm2
yarn global add pm2
Enter fullscreen mode Exit fullscreen mode

Run verdaccio with pm2

pm2 start verdaccio — — listen 0.0.0.0:4001
Enter fullscreen mode Exit fullscreen mode

You can now access verdaccio on http://localhost:4001.

Public Access

We need to expose our 0.0.0.0:4001 to some domain on port 80 (or 443 for https).

It can be done via any web-server Apache, Nginx, etc.

Once you install Nginx, and it is running and listening on port 80, you can start forwarding your requests to the verdaccio server.

Create and edit Nginx verdaccio.conf

vim /etc/nginx/sites-available/verdaccio.conf
Enter fullscreen mode Exit fullscreen mode

Add this to your conf:

server {
  listen 80;
  server_name npm.company.net;
  location / {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host $host;
    proxy_pass [http://localhost:4001/;](http://localhost:4001/;)
  }
}
Enter fullscreen mode Exit fullscreen mode

Add this file to the list of Nginx available-sites. (Nginx recommends to add conf to sites-available and create a symlink in sites-enabled).

ln /etc/nginx/sites-available/verdaccio.conf /etc/nginx/sites-enabled/
Enter fullscreen mode Exit fullscreen mode

Restart Nginx

sudo service restart nginx
Enter fullscreen mode Exit fullscreen mode

Configuring Domain and DNS

Add your server IP to your DNS to access via a domain. You can do this by adding A Name to your DNS manager.

A Name | npm.company.net | xxx.xxx.xxx.xxx | TTL

Refresh your cache and your registry is now hosted on [http://npm.company.net](http://npm.company.net.).

Publish Packages

Verdaccio requires authentication for publishing, thus we need to log in. First, you need to add yourself to the npm registry to publish any package:

npm adduser --registry http://npm.company.net
Enter fullscreen mode Exit fullscreen mode

Once you are logged, you can now publish.

npm publish --registry http://npm.company.net
Enter fullscreen mode Exit fullscreen mode

Install packages

npm or yarn will use the default registry for installing packages. But you can override for one package.

npm install @scope/package --registry http://npm.company.net
Enter fullscreen mode Exit fullscreen mode

Or to avoid using this again and again there is an intelligent way.

In your .npmrc

// .npmrc
@scope:registry=http://npm.company.net
Enter fullscreen mode Exit fullscreen mode

Or in .yarnrc

// .yarnrc
"@scope:registry" "http://npm.company.net"
Enter fullscreen mode Exit fullscreen mode

After this your normal packages like

  • npm install -g typescript will be installed from default registry
  • npm install @scope/pkg will be installed from your private registry

Conclusion

So you can set up your registry very quickly, on your infra. As long as your needs are limited and you don’t need very customized scoping and roles management, verdaccio will be able to handle your requirements.

A quick hint if you need to think about scale (like 1000s of employees publishing 1000s of packages), you can look at Nexus Repository.

Drop a comment if you have some suggestions, need more info or help around this.


Find more awesome stuff that AdmitKard is doing here: https://dev.to/admitkard

Top comments (0)