mirror of
https://github.com/verdaccio/verdaccio.git
synced 2024-11-17 07:45:52 +01:00
66b2175584
* New translations ansible.md (Chinese Traditional) * New translations uplinks.md (Chinese Traditional, Hong Kong) * New translations ssl.md (Urdu (Pakistan)) * New translations test.md (Chinese Traditional) * New translations test.md (Chinese Traditional, Hong Kong) * New translations test.md (Portuguese, Brazilian) * New translations test.md (Spanish) * New translations test.md (Urdu (Pakistan)) * New translations uplinks.md (Chinese Traditional) * New translations uplinks.md (Portuguese, Brazilian) * New translations ssl.md (Portuguese, Brazilian) * New translations uplinks.md (Spanish) * New translations uplinks.md (Urdu (Pakistan)) * New translations use-cases.md (Chinese Traditional) * New translations use-cases.md (Chinese Traditional, Hong Kong) * New translations use-cases.md (Portuguese, Brazilian) * New translations use-cases.md (Spanish) * New translations use-cases.md (Urdu (Pakistan)) * New translations ssl.md (Spanish) * New translations ssl.md (Chinese Traditional, Hong Kong) * New translations web.md (Chinese Traditional, Hong Kong) * New translations reverse-proxy.md (Chinese Traditional, Hong Kong) * New translations protect-your-dependencies.md (Urdu (Pakistan)) * New translations repositories.md (Chinese Traditional) * New translations repositories.md (Chinese Traditional, Hong Kong) * New translations repositories.md (Portuguese, Brazilian) * New translations repositories.md (Spanish) * New translations repositories.md (Urdu (Pakistan)) * New translations reverse-proxy.md (Chinese Traditional) * New translations reverse-proxy.md (Portuguese, Brazilian) * New translations ssl.md (Chinese Traditional) * New translations reverse-proxy.md (Spanish) * New translations reverse-proxy.md (Urdu (Pakistan)) * New translations server.md (Chinese Traditional) * New translations server.md (Chinese Traditional, Hong Kong) * New translations server.md (Portuguese, Brazilian) * New translations server.md (Spanish) * New translations server.md (Urdu (Pakistan)) * New translations web.md (Chinese Traditional) * New translations web.md (Portuguese, Brazilian) * New translations protect-your-dependencies.md (Portuguese, Brazilian) * New translations repositories.md (Chinese Simplified) * New translations install.md (Chinese Simplified) * New translations kubernetes.md (Chinese Simplified) * New translations logger.md (Chinese Simplified) * New translations notifications.md (Chinese Simplified) * New translations packages.md (Chinese Simplified) * New translations plugins.md (Chinese Simplified) * New translations protect-your-dependencies.md (Chinese Simplified) * New translations reverse-proxy.md (Chinese Simplified) * New translations home.md (Chinese Simplified) * New translations server.md (Chinese Simplified) * New translations ssl.md (Chinese Simplified) * New translations test.md (Chinese Simplified) * New translations uplinks.md (Chinese Simplified) * New translations use-cases.md (Chinese Simplified) * New translations web.md (Chinese Simplified) * New translations windows.md (Chinese Simplified) * New translations iis-server.md (Chinese Simplified) * New translations docker.md (Chinese Simplified) * New translations web.md (Spanish) * New translations web.md (Urdu (Pakistan)) * New translations windows.md (Chinese Traditional) * New translations windows.md (Chinese Traditional, Hong Kong) * New translations windows.md (Portuguese, Brazilian) * New translations windows.md (Spanish) * New translations windows.md (Urdu (Pakistan)) * New translations dev-plugins.md (Chinese Simplified) * New translations ansible.md (Chinese Simplified) * New translations auth.md (Chinese Simplified) * New translations cli.md (Chinese Simplified) * New translations config.md (Chinese Simplified) * New translations contributing.md (Chinese Simplified) * New translations protect-your-dependencies.md (Spanish) * New translations protect-your-dependencies.md (Chinese Traditional, Hong Kong) * New translations ansible.md (Chinese Traditional, Hong Kong) * New translations dev-plugins.md (Chinese Traditional) * New translations config.md (Spanish) * New translations config.md (Urdu (Pakistan)) * New translations contributing.md (Chinese Traditional) * New translations contributing.md (Chinese Traditional, Hong Kong) * New translations contributing.md (Portuguese, Brazilian) * New translations contributing.md (Spanish) * New translations contributing.md (Urdu (Pakistan)) * New translations dev-plugins.md (Chinese Traditional, Hong Kong) * New translations config.md (Chinese Traditional, Hong Kong) * New translations dev-plugins.md (Portuguese, Brazilian) * New translations dev-plugins.md (Spanish) * New translations dev-plugins.md (Urdu (Pakistan)) * New translations docker.md (Chinese Traditional) * New translations docker.md (Chinese Traditional, Hong Kong) * New translations docker.md (Portuguese, Brazilian) * New translations docker.md (Spanish) * New translations config.md (Portuguese, Brazilian) * New translations config.md (Chinese Traditional) * New translations home.md (Chinese Traditional) * New translations auth.md (Urdu (Pakistan)) * New translations ansible.md (Portuguese, Brazilian) * New translations ansible.md (Spanish) * New translations ansible.md (Urdu (Pakistan)) * New translations auth.md (Chinese Traditional) * New translations auth.md (Chinese Traditional, Hong Kong) * New translations auth.md (Portuguese, Brazilian) * New translations auth.md (Spanish) * New translations cli.md (Urdu (Pakistan)) * New translations cli.md (Chinese Traditional) * New translations cli.md (Chinese Traditional, Hong Kong) * New translations cli.md (Portuguese, Brazilian) * New translations cli.md (Spanish) * New translations docker.md (Urdu (Pakistan)) * New translations home.md (Chinese Traditional, Hong Kong) * New translations protect-your-dependencies.md (Chinese Traditional) * New translations packages.md (Chinese Traditional, Hong Kong) * New translations logger.md (Urdu (Pakistan)) * New translations notifications.md (Chinese Traditional) * New translations notifications.md (Chinese Traditional, Hong Kong) * New translations notifications.md (Portuguese, Brazilian) * New translations notifications.md (Spanish) * New translations notifications.md (Urdu (Pakistan)) * New translations packages.md (Chinese Traditional) * New translations packages.md (Portuguese, Brazilian) * New translations logger.md (Portuguese, Brazilian) * New translations packages.md (Spanish) * New translations packages.md (Urdu (Pakistan)) * New translations plugins.md (Chinese Traditional) * New translations plugins.md (Chinese Traditional, Hong Kong) * New translations plugins.md (Portuguese, Brazilian) * New translations plugins.md (Spanish) * New translations plugins.md (Urdu (Pakistan)) * New translations logger.md (Spanish) * New translations logger.md (Chinese Traditional, Hong Kong) * New translations home.md (Portuguese, Brazilian) * New translations install.md (Chinese Traditional) * New translations home.md (Spanish) * New translations home.md (Urdu (Pakistan)) * New translations iis-server.md (Chinese Traditional) * New translations iis-server.md (Chinese Traditional, Hong Kong) * New translations iis-server.md (Portuguese, Brazilian) * New translations iis-server.md (Spanish) * New translations iis-server.md (Urdu (Pakistan)) * New translations install.md (Chinese Traditional, Hong Kong) * New translations logger.md (Chinese Traditional) * New translations install.md (Portuguese, Brazilian) * New translations install.md (Spanish) * New translations install.md (Urdu (Pakistan)) * New translations kubernetes.md (Chinese Traditional) * New translations kubernetes.md (Chinese Traditional, Hong Kong) * New translations kubernetes.md (Portuguese, Brazilian) * New translations kubernetes.md (Spanish) * New translations kubernetes.md (Urdu (Pakistan))
4.1 KiB
4.1 KiB
| id | title |
|---|---|
| packages | Package Access |
It's a series of contrains that allow or restrict access to the local storage based in specific criteria.
The security constraints remains on shoulders of the plugin being used, by default verdaccio uses the htpasswd plugin. If you use a different plugin the behaviour might be different. The default plugin htpasswd does not handles by itself allow_access and allow_publish, it's use an internal fallback in case the plugin is not ready for it. For more information about permissions visit the authentification section in the wiki.
Usage
packages:
# scoped packages
'@scope/*':
allow_access: all
allow_publish: all
proxy: server2
'private-*':
access: all
publish: all
proxy_access: uplink1
'**':
# allow all users (including non-authenticated users) to read and
# publish all packages
allow_access: all
allow_publish: all
proxy_access: uplink2
if none is specified, the default one remains
packages:
'**':
access: all
publish: $authenticated
The list of valid groups according the default plugins are
'$all', '$anonymous', '@all', '@anonymous', 'all', 'undefined', 'anonymous'
All users recieves all those set of permissions independently of is anonymous or not plus the groups provided by the plugin, in case of htpasswd return the username as a group. For instance, if you are logged as npmUser the list of groups will be.
// groups without '$' are going to be deprecated eventually
'$all', '$anonymous', '@all', '@anonymous', 'all', 'undefined', 'anonymous', 'npmUser'
If you want to protect specific set packages under your group, you need todo something like this. Let's use a Regex that covers all prefixed npmuser- packages. We recomend use a prefix for your packages, in that way it'd be easier to protect them.
packages:
'npmuser-*':
access: npmuser
publish: npmuser
Restart verdaccio and in your console try to install npmuser-core.
$ npm install npmuser-core
npm install npmuser-core
npm ERR! code E403
npm ERR! 403 Forbidden: npmuser-core@latest
npm ERR! A complete log of this run can be found in:
npm ERR! /Users/user/.npm/_logs/2017-07-02T12_20_14_834Z-debug.log
You can change the existing behaviour using a different plugin authentication. verdaccio just check whether the user that try to access or publish specific package belongs to the right group.
Set multiple groups
Define multiple access groups is fairly easy, just define them with a white space between them.
'company-*':
allow_access: admin internal
allow_publish: admin
proxy_access: server1
'supersecret-*':
allow_access: secret super-secret-area ultra-secret-area
allow_publish: secret ultra-secret-area
proxy_access: server1
Blocking access to set of packages
If you want to block the acccess/publish to a specific group of packages. Just, do not define access and publish.
packages:
'old-*':
'**':
access: all
publish: $authenticated
Configuration
You can define mutiple packages and each of them must have an unique Regex.
| Property | Type | Required | Example | Support | Description |
|---|---|---|---|---|---|
| allow_access/access | string | No | $all | all | define groups allowed to access the package |
| allow_publish/publish | string | No | $authenticated | all | define groups allowed to publish |
| proxy_access/proxy | string | No | npmjs | all | limit look ups for specific uplink |
| storage | boolean | No | [true,false] | all | TODO |
We higlight recommend do not use allow_access/allow_publish and proxy_access anymore, those are deprecated, please use the short version of each of those (access/publish/proxy