verdaccio/conf/full.yaml

# path to a directory with all packages
storage: ./storage

web:
  # WebUI is enabled as default, if you want disable it, just uncomment this line
  #enable: false

  title: Verdaccio

  # logo: logo.png

auth:
  htpasswd:
    file: ./htpasswd
    # Maximum amount of users allowed to register, defaults to "+infinity".
    # You can set this to -1 to disable registration.
    #max_users: 1000

# a list of other known repositories we can talk to
uplinks:
  npmjs:
    url: https://registry.npmjs.org/

    # amount of time to wait for repository to respond
    # before giving up and use the local cached copy
    #timeout: 30s

    # maximum time in which data is considered up to date
    #
    # default is 2 minutes, so server won't request the same data from
    # uplink if a similar request was made less than 2 minutes ago
    #maxage: 2m

    # if two subsequent requests fail, no further requests will be sent to
    # this uplink for five minutes
    #max_fails: 2
    #fail_timeout: 5m

    # timeouts are defined in the same way as nginx, see:
    # http://wiki.nginx.org/ConfigNotation

    # add/override HTTP headers sent to the uplink server
    # this allows for HTTP Basic auth for example:
    #headers:
    #  authorization: "Basic YourBase64EncodedCredentials=="

    # set this to false to prevent tarballs from this upstream
    # to be stored in the local storage (defaults to true)
    #cache: false

    # set this to false to disable strict SSL cert check (defaults to true)
    #strict_ssl: false

packages:
  '@*/*':
    # scoped packages
    access: $all
    publish: $authenticated
    proxy: npmjs
  # uncomment this for packages with "local-" prefix to be available
  # for admin only, it's a recommended way of handling private packages
  #'local-*':
  #  access: admin
  #  publish: admin
  #  # you can override storage directory for a group of packages this way:
  #  storage: 'local_storage'

  '**':
    # allow all users to read packages (including non-authenticated users)
    #
    # you can specify usernames/groupnames (depending on your auth plugin)
    # and three keywords: "$all", "$anonymous", "$authenticated"
    access: $all

    # allow 'admin' to publish packages
    publish: $authenticated

    # if package is not available locally, proxy requests to 'npmjs' registry
    proxy: npmjs

#####################################################################
# Advanced settings
#####################################################################

## Special packages publish configurations
#publish:
## This will allow the publisher to publish packages even if any uplink is down.
#  allow_offline: true

# if you use nginx with custom path, use this to override links
#url_prefix: https://dev.company.local/verdaccio/

# You can specify listen address (or simply a port).
# If you add multiple values, verdaccio will listen on all of them.
#
# Examples:
#
#listen:
# - localhost:4873            # default value
# - http://localhost:4873     # same thing
# - 0.0.0.0:4873              # listen on all addresses (INADDR_ANY)
# - https://example.org:4873  # if you want to use https
# - [::1]:4873                # ipv6
# - unix:/tmp/verdaccio.sock    # unix socket

# Configure HTTPS, it is required if you use "https" protocol above.
#https:
#  key: path/to/server.key
#  cert: path/to/server.crt
#  ca: path/to/server.pem

# type: file | stdout | stderr
# level: trace | debug | info | http (default) | warn | error | fatal
#
# parameters for file: name is filename
#  {type: 'file', path: 'verdaccio.log', level: 'debug'},
#
# parameters for stdout and stderr: format: json | pretty | pretty-timestamped
#  {type: 'stdout', format: 'pretty', level: 'debug'},
logs:
  - {type: stdout, format: pretty, level: http}
  #- {type: file, path: verdaccio.log, level: info}

# you can specify proxy used with all requests in wget-like manner here
# (or set up ENV variables with the same name)
#http_proxy: http://something.local/
#https_proxy: https://something.local/
#no_proxy: localhost,127.0.0.1

# maximum size of uploaded json document
# increase it if you have "request entity too large" errors
#max_body_size: 1mb

# Notify Settings
# Notify was built primarily to use with Slack's Incoming
# webhooks, but will also deliver a simple payload to
# any endpoint. Currently only active for publish / create
# commands.
notify:
  # Choose a method. Technically this will accept any HTTP
  # request method, but probably stick to GET or POST
  method: POST
  # Only run this notification if the package name matches the regular
  # expression
  packagePattern: ^example-package$
  # Any flags to be used with the regular expression
  packagePatternFlags: i
  # If this endpoint requires specific headers, set them here
  # as an array of key: value objects.
  headers: [{'Content-type': 'application/x-www-form-urlencoded'}]
  # set the URL endpoint for this call
  endpoint: https://hooks.slack.com/...
  # Finally, the content you will be sending in the body.
  # This data will first be run through Handlebars to parse
  # any Handlebar expressions. All data housed in the metadata object
  # is available for use within the expressions.
  content: ' {{ handlebar-expression }}'
  # For Slack, follow the following format:
  # content: '{ "text": "Package *{{ name }}* published to version *{{ dist-tags.latest }}*", "username": "Verdaccio", "icon_emoji": ":package:" }'

  # Multiple notification endpoints can be created by specifying a collection
  'example-package-1':
    method: POST
    # Only run this notification if the package name matches the regular
    # expression
    packagePattern: ^example-package-regex$
    # Any flags to be used with the regular expression
    # since verdaccio 2.2.2 this property has been disabled read #108
    # it will be re-enabled after 2.5.0
    # packagePatternFlags: i
    # If this endpoint requires specific headers, set them here
    # as an array of key: value objects.
    # headers supports as well a literal object
    headers: {'Content-type': 'application/x-www-form-urlencoded'}
    # set the URL endpoint for this call
    endpoint: https://hooks.slack.com/...
    # Finally, the content you will be sending in the body.
    # This data will first be run through Handlebars to parse
    # any Handlebar expressions. All data housed in the metadata object
    # is available for use within the expressions.
    content: ' {{ handlebar-expression }}'
    # For Slack, follow the following format:
    # content: '{ "text": "Package *{{ name }}* published to version *{{ dist-tags.latest }}*", "username": "Verdaccio", "icon_emoji": ":package:" }'

# Configure plugins that can register custom middlewares
#middlewares:
# plugin-name:
#   setting: true
config file changes 2013-06-13 16:21:14 +02:00			`# path to a directory with all packages`
			`storage: ./storage`

temporarily disable web interface in config I want to release 0.10 soon, and web doesn't have auth system yet. So we'll probably disable it for now, and re-enable when its ready. 2014-09-06 21:53:28 +02:00			`web:`
refactor: :memo: remove invalid section and modify comment 2017-08-28 16:42:26 +02:00			`# WebUI is enabled as default, if you want disable it, just uncomment this line`
			`#enable: false`
temporarily disable web interface in config I want to release 0.10 soon, and web doesn't have auth system yet. So we'll probably disable it for now, and re-enable when its ready. 2014-09-06 21:53:28 +02:00
Remove references to sinopia in Documentation and configuration 2016-08-20 18:46:54 +02:00			`title: Verdaccio`
Add new web ui, replace the old one based on jQuery by React components and webpack. 2017-06-17 10:50:49 +02:00
temporarily disable web interface in config I want to release 0.10 soon, and web doesn't have auth system yet. So we'll probably disable it for now, and re-enable when its ready. 2014-09-06 21:53:28 +02:00			`# logo: logo.png`
Add new web ui, replace the old one based on jQuery by React components and webpack. 2017-06-17 10:50:49 +02:00
auth refactoring: part 2 auth plugins 2014-09-02 02:27:04 +02:00			`auth:`
			`htpasswd:`
"users_file" -> "file" in config 2014-09-14 17:57:39 +02:00			`file: ./htpasswd`
refactor: :memo: remove invalid section and modify comment 2017-08-28 16:42:26 +02:00			`# Maximum amount of users allowed to register, defaults to "+infinity".`
Fix wrongly documented max_users in auto generated config.yaml See rlidwka/sinopia-htpasswd#3 and rlidwka/sinopia-htpasswd#6 2014-09-30 09:53:22 +02:00			`# You can set this to -1 to disable registration.`
auth refactoring: part 2 auth plugins 2014-09-02 02:27:04 +02:00			`#max_users: 1000`
basic support for .htpasswd 2014-06-26 18:21:23 +02:00
change config file format + comments 2013-09-24 06:27:47 +02:00			`# a list of other known repositories we can talk to`
config file changes 2013-06-13 16:21:14 +02:00			`uplinks:`
			`npmjs:`
			`url: https://registry.npmjs.org/`

change interval formatting in config All intervals are now in milliseconds. But you can add multiples ("ms", "s", "m", "h", "d", "M", "y") to set value using different units. For example, value "1.5h" would mean 1.5 hours. 2014-03-08 04:49:59 +01:00			`# amount of time to wait for repository to respond`
setting default timeout to 30 seconds, #18 2013-12-07 23:37:27 +01:00			`# before giving up and use the local cached copy`
change interval formatting in config All intervals are now in milliseconds. But you can add multiples ("ms", "s", "m", "h", "d", "M", "y") to set value using different units. For example, value "1.5h" would mean 1.5 hours. 2014-03-08 04:49:59 +01:00			`#timeout: 30s`
Adding a configurable timeout for each uplink 2013-12-04 20:39:29 +01:00
change interval formatting in config All intervals are now in milliseconds. But you can add multiples ("ms", "s", "m", "h", "d", "M", "y") to set value using different units. For example, value "1.5h" would mean 1.5 hours. 2014-03-08 04:49:59 +01:00			`# maximum time in which data is considered up to date`
added a maxage option for uplinks 2013-10-22 10:34:07 +02:00			`#`
			`# default is 2 minutes, so server won't request the same data from`
			`# uplink if a similar request was made less than 2 minutes ago`
change interval formatting in config All intervals are now in milliseconds. But you can add multiples ("ms", "s", "m", "h", "d", "M", "y") to set value using different units. For example, value "1.5h" would mean 1.5 hours. 2014-03-08 04:49:59 +01:00			`#maxage: 2m`
added a maxage option for uplinks 2013-10-22 10:34:07 +02:00
document new config options 2014-03-13 19:32:44 +01:00			`# if two subsequent requests fail, no further requests will be sent to`
			`# this uplink for five minutes`
			`#max_fails: 2`
			`#fail_timeout: 5m`

			`# timeouts are defined in the same way as nginx, see:`
			`# http://wiki.nginx.org/ConfigNotation`

Allow adding/overriding HTTP headers of uplinks via config https://github.com/verdaccio/verdaccio/pull/67 2016-10-05 12:56:03 +02:00			`# add/override HTTP headers sent to the uplink server`
			`# this allows for HTTP Basic auth for example:`
			`#headers:`
			`# authorization: "Basic YourBase64EncodedCredentials=="`

[GH-131] add cache option to uplinks 2017-03-04 00:39:26 +01:00			`# set this to false to prevent tarballs from this upstream`
			`# to be stored in the local storage (defaults to true)`
			`#cache: false`

feat: add strict_ssl_option, fixes #587 2018-03-17 15:47:28 +01:00			`# set this to false to disable strict SSL cert check (defaults to true)`
			`#strict_ssl: false`

config file changes 2013-06-13 16:21:14 +02:00			`packages:`
fix: configuration files inconsistencies, add unit test 2017-08-02 20:46:06 +02:00			`'@/':`
			`# scoped packages`
			`access: $all`
			`publish: $authenticated`
			`proxy: npmjs`
support setting different storage paths for different packages fixes #35 2014-01-13 19:56:36 +01:00			`# uncomment this for packages with "local-" prefix to be available`
more comments in config file 2013-09-24 06:36:43 +02:00			`# for admin only, it's a recommended way of handling private packages`
			`#'local-*':`
Refactor authorization plugins 2015-04-08 22:54:59 +02:00			`# access: admin`
			`# publish: admin`
support setting different storage paths for different packages fixes #35 2014-01-13 19:56:36 +01:00			`# # you can override storage directory for a group of packages this way:`
			`# storage: 'local_storage'`
more comments in config file 2013-09-24 06:36:43 +02:00
Update the configs to fully support proxying scoped packages from the npm registry 2016-09-26 13:48:36 +02:00			`'**':`
auth refactoring: part 2 auth plugins 2014-09-02 02:27:04 +02:00			`# allow all users to read packages (including non-authenticated users)`
			`#`
			`# you can specify usernames/groupnames (depending on your auth plugin)`
'@all' -> '$all' (avoid yaml identifiers) 2014-09-14 17:49:15 +02:00			`# and three keywords: "$all", "$anonymous", "$authenticated"`
Refactor authorization plugins 2015-04-08 22:54:59 +02:00			`access: $all`
config file changes 2013-06-13 16:21:14 +02:00
change config file format + comments 2013-09-24 06:27:47 +02:00			`# allow 'admin' to publish packages`
fix: configuration files inconsistencies, add unit test 2017-08-02 20:46:06 +02:00			`publish: $authenticated`
change config file format + comments 2013-09-24 06:27:47 +02:00
			`# if package is not available locally, proxy requests to 'npmjs' registry`
proxy_access -> proxy (since we're removing proxy_publish) 2013-12-29 01:54:46 +01:00			`proxy: npmjs`
more comments in config file 2013-09-24 06:36:43 +02:00
			`#####################################################################`
			`# Advanced settings`
			`#####################################################################`

fix: #78 add new setting to allow publish when uplinks are offline 2017-06-19 20:45:09 +02:00			`## Special packages publish configurations`
			`#publish:`
			`## This will allow the publisher to publish packages even if any uplink is down.`
			`# allow_offline: true`

more comments in config file 2013-09-24 06:36:43 +02:00			`# if you use nginx with custom path, use this to override links`
Remove references to sinopia in Documentation and configuration 2016-08-20 18:46:54 +02:00			`#url_prefix: https://dev.company.local/verdaccio/`
more comments in config file 2013-09-24 06:36:43 +02:00
add some docs for specifying listen addresses 2015-03-28 15:38:39 +01:00			`# You can specify listen address (or simply a port).`
Remove references to sinopia in Documentation and configuration 2016-08-20 18:46:54 +02:00			`# If you add multiple values, verdaccio will listen on all of them.`
add some docs for specifying listen addresses 2015-03-28 15:38:39 +01:00			`#`
			`# Examples:`
			`#`
			`#listen:`
			`# - localhost:4873 # default value`
			`# - http://localhost:4873 # same thing`
			`# - 0.0.0.0:4873 # listen on all addresses (INADDR_ANY)`
			`# - https://example.org:4873 # if you want to use https`
			`# - [::1]:4873 # ipv6`
Remove references to sinopia in Documentation and configuration 2016-08-20 18:46:54 +02:00			`# - unix:/tmp/verdaccio.sock # unix socket`
add some docs for specifying listen addresses 2015-03-28 15:38:39 +01:00
			`# Configure HTTPS, it is required if you use "https" protocol above.`
			`#https:`
			`# key: path/to/server.key`
			`# cert: path/to/server.crt`
#189 Update https conf full yaml file 2017-05-13 11:23:05 +02:00			`# ca: path/to/server.pem`
adding listen address to config 2013-09-24 06:40:46 +02:00
logging engine added, much better logs now 2013-10-11 07:32:59 +02:00			`# type: file \| stdout \| stderr`
			`# level: trace \| debug \| info \| http (default) \| warn \| error \| fatal`
			`#`
			`# parameters for file: name is filename`
Remove references to sinopia in Documentation and configuration 2016-08-20 18:46:54 +02:00			`# {type: 'file', path: 'verdaccio.log', level: 'debug'},`
logging engine added, much better logs now 2013-10-11 07:32:59 +02:00			`#`
Implement timestamped pretty logging to stdout or stderr https://github.com/verdaccio/verdaccio/pull/68 2016-10-06 09:35:10 +02:00			`# parameters for stdout and stderr: format: json \| pretty \| pretty-timestamped`
logging engine added, much better logs now 2013-10-11 07:32:59 +02:00			`# {type: 'stdout', format: 'pretty', level: 'debug'},`
hide authorization header in logs 2013-10-12 16:37:47 +02:00			`logs:`
logging engine added, much better logs now 2013-10-11 07:32:59 +02:00			`- {type: stdout, format: pretty, level: http}`
Remove references to sinopia in Documentation and configuration 2016-08-20 18:46:54 +02:00			`#- {type: file, path: verdaccio.log, level: info}`
config examples for proxy 2013-11-24 18:07:54 +01:00
			`# you can specify proxy used with all requests in wget-like manner here`
			`# (or set up ENV variables with the same name)`
			`#http_proxy: http://something.local/`
			`#https_proxy: https://something.local/`
			`#no_proxy: localhost,127.0.0.1`

adding config param to specify upload limits, fixes #39 2014-01-18 20:04:12 +01:00			`# maximum size of uploaded json document`
			`# increase it if you have "request entity too large" errors`
			`#max_body_size: 1mb`
Simple notification system to send publish commands to external systems (ala Slack) 2016-05-20 15:48:29 +02:00
			`# Notify Settings`
			`# Notify was built primarily to use with Slack's Incoming`
			`# webhooks, but will also deliver a simple payload to`
			`# any endpoint. Currently only active for publish / create`
			`# commands.`
			`notify:`
			`# Choose a method. Technically this will accept any HTTP`
			`# request method, but probably stick to GET or POST`
			`method: POST`
Add support for multiple notification endpoints to existing webhook system 2017-01-10 09:30:56 +01:00			`# Only run this notification if the package name matches the regular`
			`# expression`
			`packagePattern: ^example-package$`
			`# Any flags to be used with the regular expression`
			`packagePatternFlags: i`
Simple notification system to send publish commands to external systems (ala Slack) 2016-05-20 15:48:29 +02:00			`# If this endpoint requires specific headers, set them here`
			`# as an array of key: value objects.`
			`headers: [{'Content-type': 'application/x-www-form-urlencoded'}]`
			`# set the URL endpoint for this call`
			`endpoint: https://hooks.slack.com/...`
			`# Finally, the content you will be sending in the body.`
			`# This data will first be run through Handlebars to parse`
			`# any Handlebar expressions. All data housed in the metadata object`
			`# is available for use within the expressions.`
			`content: ' {{ handlebar-expression }}'`
			`# For Slack, follow the following format:`
			`# content: '{ "text": "Package {{ name }} published to version {{ dist-tags.latest }}", "username": "Verdaccio", "icon_emoji": ":package:" }'`
Add support for multiple notification endpoints to existing webhook system 2017-01-10 09:30:56 +01:00
			`# Multiple notification endpoints can be created by specifying a collection`
fix: configuration files inconsistencies, add unit test 2017-08-02 20:46:06 +02:00			`'example-package-1':`
Add support for multiple notification endpoints to existing webhook system 2017-01-10 09:30:56 +01:00			`method: POST`
			`# Only run this notification if the package name matches the regular`
			`# expression`
			`packagePattern: ^example-package-regex$`
			`# Any flags to be used with the regular expression`
(fix): Update doc for issue found on #108 2017-07-02 00:07:42 +02:00			`# since verdaccio 2.2.2 this property has been disabled read #108`
			`# it will be re-enabled after 2.5.0`
			`# packagePatternFlags: i`
Add support for multiple notification endpoints to existing webhook system 2017-01-10 09:30:56 +01:00			`# If this endpoint requires specific headers, set them here`
			`# as an array of key: value objects.`
(fix): Update doc for issue found on #108 2017-07-02 00:07:42 +02:00			`# headers supports as well a literal object`
			`headers: {'Content-type': 'application/x-www-form-urlencoded'}`
Add support for multiple notification endpoints to existing webhook system 2017-01-10 09:30:56 +01:00			`# set the URL endpoint for this call`
			`endpoint: https://hooks.slack.com/...`
			`# Finally, the content you will be sending in the body.`
			`# This data will first be run through Handlebars to parse`
			`# any Handlebar expressions. All data housed in the metadata object`
			`# is available for use within the expressions.`
			`content: ' {{ handlebar-expression }}'`
			`# For Slack, follow the following format:`
			`# content: '{ "text": "Package {{ name }} published to version {{ dist-tags.latest }}", "username": "Verdaccio", "icon_emoji": ":package:" }'`
feat: Add middleware plugins from fl4re/sinopia This is basically the PR fl4re/sinopia#18 by @fredr 2017-10-24 16:02:08 +02:00
			`# Configure plugins that can register custom middlewares`
			`#middlewares:`
			`# plugin-name:`
			`# setting: true`