Using Sinopia to build private NPM services

The original address HTTPS://GITHUB.COM/JINDADA/BLOG/ISSUES/1 why need to build private NPM Private package only want to use inside, still don't want to use git+ssh way, feel not elegant, And also want to be able to configure the appropriate permissions the package on NPM is very slow to download, want to cache the downloaded package on the server, the next download first check the update, if not update the cache to go directly to the time to download, public package to go public warehouses, private package to go internal server private Warehouse Why write this article

Writing this article, have seen the great God wrote a few Good articles, here want to focus on the summary, and explain the article has not mentioned the pit
Here are some articles that feel good:
+ Use Sinopia to build a private NPM warehouse
+ Sinopia | Starting from scratch to build NPM warehouse Introduction Sinopia

Sinopia's introduction and advantages and disadvantages are not detailed in the above 2 articles have a very detailed description of deployment installation and use of installation sinopia and boot (assuming you have installed the node environment)

$ NPM Install sinopia-g
$ sinopia

Then open the browser access address http://localhost:4873/Normal display is successful, 4873 is the default port configuration NPM Agent

After the Sinopia is started, the NPM agent used by the client is set up first through the NPM set registry http://localhost:4873/, and then the add user and login can be used normally

$ NPM adduser--registry http://localhost:4873//Follow the prompts to enter

$ NPM Login//Follow the prompts

After the login is successful, you will be able to perform NPM publish on this private NPM, and refresh http://localhost:4873/to see the package you just uploaded.

Note: You cannot publish a package name + version number already exists in the public warehouse package, because when the release, Sinopia will first go to your configuration of the public warehouse (can be specified by the configuration file, the default is http:// registry.npmjs.org) to Check,check Pass to allow upload package to Sinopia configuration

Sinopia is the feature of which directory you run, it will be in the corresponding directory to create their own files. In the absence of a configuration file, the default directory is the installation directory you can specify the directory to run by Sinopia-c Path/config.yaml

There are two files by default in the directory: Config.yaml and storage, htpasswd are created automatically after the user is added.

config.yaml-Configure access rights, proxies, file storage paths, and all configuration information.
storage-Cache NPM Package Directory
htpasswd-Save the user's account password and other information Config.yaml: Configure access rights, proxy, file storage path and so on all configuration information

# This is the default config file.
It allows all users to did anything, # so don ' t use it on production systems. # Look in for the more config file examples: # https://github.com/rlidwka/sinopia/tree/master/conf # path to a director Y with the All packages storage:./storage//NPM Package stored path auth:htpasswd:file:./HTPASSWD//Save user's account password and other information # Maxim
    Um amount of users allowed to register and defaults to "+inf".
    # You can set this to-1 to disable registration. Max_users:-1//default is 1000, change to-1, prohibit registration # A list of other known repositories we can talk to uplinks:npmjs:url:http:// registry.npmjs.org///default to NPM's official Website packages://Configure Rights Management ' @*/* ': # Scoped Packages Access: $all Publish: $aut
    Henticated ' * ': # Allow all users (including non-authenticated users) to read and # Publish all packages  # can specify Usernames/groupnames (depending on your auth plugin) # and three keywords: "$all", "$anonymous",

  $authenticated Access: $all  # Allow all known users to publish packages # (anyone can register by default, remember?)  Publish: $authenticated # If package isn't available locally, proxy requests to ' NPMJS ' Registry Proxy:npmjs # Log Settings logs:-{type:stdout, Format:pretty, level:http} #-{type:file, Path:sinopia.log, level:info} # Y OU can specify listen address (or simply a port) listen:localhost:4873//Default No, only on native access, change localhost to 0.0.0.0 and then access through extranet

htpasswd Configuration

Max_users in Config.yaml:-1 means that we set the maximum number of users to-1 to disable the NPM adduser command to create the user, but still can initialize the user through the htpasswd file in the directory, open the htpasswd file

Zhangsan:{sha}????????????????? =:autocreated 2016-02-05t15:33:46.238z
Lisi:{sha}???????????????? =:autocreated 2016-02-05t15:39:19.960z
Wangwu:{sha}???????????????? =:autocreated 2016-02-05t17:59:05.041z

It is clear that the password is encrypted, but the encryption algorithm is simple, that is, simple SHA1 and then converted to Base64, followed by a timestamp.
Even so, we are still very ignorant, still do not know how to add users. Don't be afraid!! Here to give you an easy to use small plug-ins Htpasswd-for-sinopia, yes, is the author of my writing, we feel good must appreciate star ah. The following is a brief introduction to the use of Htpasswd-for-sinopia:

$ NPM Install htpasswd-for-sinopia-g//install

$ sinopia-adduser//execute in Sinopia directory, enter username password as prompted

$ vim htpasswd//view HTPASSWD found that the information just entered has been quietly lying inside, then proved to add success

Packages configuration (this part of the previous article has been said in detail, here directly copy over)

The configuration is roughly divided into two parts, one that starts with @weflex/* and the other is the wildcard character *.

This, of course, matches the Name field in Package.json, such as @weflex/app will match the first configuration, and express matches the second.

The meaning of this configuration is that the general team or the company's private projects will have different rights control, so it borrows the scoped name of NPM, which is @company form, for example @weflex/app represents the Weflex's app project.

Next, there are three basic settings under each named filter (filter):

Access: Indicates which type of user can install a matching item (install)
Publish: Indicates which type of user can publish a matching item (publish)
Proxy: As the name, the value here corresponds to the uplinks
For values of 1 and 2, we usually have some of the following optional configurations:

All means that everyone can perform the corresponding action all means that everyone can perform the corresponding operation authenticated indicates that only authenticated people can perform the corresponding action
$anonymous means that only anonymous people can do the corresponding action (usually useless)
Alternatively, you can specify one or more users that correspond to the user table htpasswd that we configured previously, so that you explicitly specify which users can perform a matching operation after the configuration is complete, and then run:

$ sinopia-c Config.yml

cooperate with Sinopia to use PM2: Process Daemon management tool

$ NPM install-g pm2

$ pm2 start ' which Sinopia '

More action reference https://wohugb.gitbooks.io/pm2/content/ NRM:NPM Mirror Address management tool

$//install NRM
$ npm install-g NRM
$//View list
$ NRM ls
$//Add mirror with name Sinopia
$ NRM Add Sinopia http://loc alhost:4873
$//View list
$ NRM ls
$//Sinopia Mirror address
$ NRM Use Sinopia

Security

To ensure a private NPM warehouse, you can add a layer of Nginx to the front end, and then configure SSH as a two-tier authentication