5.1 KiB
id | title | original_id |
---|---|---|
version-3.2.0-configuration | Configuration File | configuration |
This file is the cornerstone of verdaccio where you can modify the default behaviour, enable plugins and extend features.
A default configuration file is created the very first time you run verdaccio
.
Default Configuration
The default configuration has support for scoped packages and allow any user to access all packages but only authenticated users to publish.
storage: ./storage
auth:
htpasswd:
file: ./htpasswd
uplinks:
npmjs:
url: https://registry.npmjs.org/
packages:
'@*/*':
access: $all
publish: $authenticated
proxy: npmjs
'**':
proxy: npmjs
logs:
- {type: stdout, format: pretty, level: http}
Sections
The following sections explain what each property means and the different options.
Storage
Is the location of the default storage. Verdaccio is by default based on local file system.
storage: ./storage
Plugins
Is the location of the plugin directory. Useful for Docker/Kubernetes based deployments.
plugins: ./plugins
Authentification
The authentification set up is done here, the default auth is based on htpasswd
and is built-in. You can modify this behaviour via plugins. For more information about this section read the auth page.
auth:
htpasswd:
file: ./htpasswd
max_users: 1000
Web UI
This properties allow you to modify the look and feel of the web UI. For more information about this section read the web ui page.
web:
enable: true
title: Verdaccio
logo: logo.png
Uplinks
Uplinks is the ability of the system to fetch packages from remote registries when those packages are not available locally. For more information about this section read the uplinks page.
uplinks:
npmjs:
url: https://registry.npmjs.org/
Packages
Packages allow the user to control how the packages are gonna be accessed. For more information about this section read the packages page.
packages:
'@*/*':
access: $all
publish: $authenticated
proxy: npmjs
Advanced Settings
Offline Publish
By default verdaccio
does not allow to publish when the client is offline, that behavior can be overridden by setting this to true.
publish:
allow_offline: false
Since: verdaccio@2.3.6
due #223
URL Prefix
url_prefix: https://dev.company.local/verdaccio/
Since: verdaccio@2.3.6
due #197
Max Body Size
By default the maximum body size for a JSON document is 10mb
, if you run in errors as "request entity too large"
you may increase this value.
max_body_size: 10mb
Listen Port
verdaccio
runs by default in the port 4873
. Changing the port can be done via cli or in the configuration file, the following options are valid.
listen:
# - localhost:4873 # default value
# - http://localhost:4873 # same thing
# - 0.0.0.0:4873 # listen on all addresses (INADDR_ANY)
# - https://example.org:4873 # if you want to use https
# - "[::1]:4873" # ipv6
# - unix:/tmp/verdaccio.sock # unix socket
HTTPS
To enable https
in verdaccio
it's enough to set the listen
flag with the protocol https://. For more information about this section read the ssl page.
https:
key: ./path/verdaccio-key.pem
cert: ./path/verdaccio-cert.pem
ca: ./path/verdaccio-csr.pem
Proxy
Proxies are special-purpose HTTP servers designed to transfer data from remote servers to local clients.
http_proxy and https_proxy
If you have a proxy in your network you can set a X-Forwarded-For
header using the following properties.
http_proxy: http://something.local/
https_proxy: https://something.local/
no_proxy
This variable should contain a comma-separated list of domain extensions proxy should not be used for.
no_proxy: localhost,127.0.0.1
Notifications
Enabling notifications to third-party tools is fairly easy via web hooks. For more information about this section read the notifications page.
notify:
method: POST
headers: [{'Content-Type': 'application/json'}]
endpoint: https://usagge.hipchat.com/v2/room/3729485/notification?auth_token=mySecretToken
content: '{"color":"green","message":"New package published: * {{ name }}*","notify":true,"message_format":"text"}'
For more detailed configuration settings, please check the source code.
Audit
Since: verdaccio@3.0.0
npm audit
is a new command released with npm 6.x. Verdaccio includes
a built-in middleware plugin to handle this command.
If you have a new installation it comes by default, otherwise you need to add the following props to your config file
middlewares:
audit:
enabled: true