github.com
/
verdaccio
mirror of https://github.com/verdaccio/verdaccio.git
1
0
Fork 0
Code Releases Wiki Activity
verdaccio/docs/uplinks.md

3.1 KiB
Raw Blame History

id title
uplinks Uplinks

An uplink is a link with an external registry that provides acccess to external packages.

Uplinks

Usage

uplinks:
  npmjs:
   url: https://registry.npmjs.org/
  server2:
    url: http://mirror.local.net/
    timeout: 100ms
  server3:
    url: http://mirror2.local.net:9000/
  baduplink:
    url: http://localhost:55666/

Configuration

You can define mutiple uplinks and each of them must have an unique name (key). They can have two properties:

Property Type Required Example Support Description Default
url string Yes https://registry.npmjs.org/ all The registry url npmjs
ca string No ~./ssl/client.crt' all SSL path certificate No default
timeout string No 100ms all set new timeout for the request 30s
maxage string No 10m all limit maximun failure request 2m
fail_timeout string No 10m all defines max time when a request becomes a failure 5m
max_fails number No 2 all limit maximun failure request 2
cache boolean No [true,false] >= 2.1 cache all remote tarballs in storage true
auth list No see below >= 2.5 assigns the header 'Authorization' more info disabled
headers list No authorization: "Bearer SecretJWToken==" all list of custom headers for the uplink disabled
strict_ssl boolean No [true,false] >= 3.0 If true, requires SSL certificates be valid. true

Auth property

The auth property allows you to use an auth token with an uplink. Using the default environment variable:

uplinks:
  private:
    url: https://private-registry.domain.com/registry
    auth:
      type: bearer
      token_env: true # defaults to `process.env['NPM_TOKEN']`

or via a specified environment variable:

uplinks:
  private:
    url: https://private-registry.domain.com/registry
    auth:
      type: bearer
      token_env: FOO_TOKEN

token_env: FOO_TOKEN internally will use process.env['FOO_TOKEN']

or by directly specifying a token:

uplinks:
  private:
    url: https://private-registry.domain.com/registry
    auth:
      type: bearer
      token: "token"

Note: token has priority over token_env

You Must know

  • Verdaccio does not use Basic Authentication since version v2.3.0. All tokens generated by verdaccio are based on JWT (JSON Web Token)
  • Uplinks must be registries compatible with the npm endpoints. Eg: verdaccio, sinopia@1.4.0, npmjs registry, yarn registry, JFrog, Nexus and more.
  • Setting cache to false will help to save space in your hard drive. This will avoid store tarballs but it will keep metadata in folders.
  • Exceed with multiple uplinks might slow down the lookup of your packages due for each request a npm client does, verdaccio does 1 call for each uplink.
  • The (timeout, maxage and fail_timeout) format follow the NGINX measurement units