ubuntu20.04上使用 Verdaccio 搭建 npm 私有仓库

安装nvm

1. 首先安装必要的工具：

apt update
apt install curl

2. 下载并执行nvm安装脚本：

curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh | bash

3. 添加环境变量（如果安装脚本没有自动添加）。编辑 ~/.bashrc：

export NVM_DIR="$HOME/.nvm"
[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"  # This loads nvm
[ -s "$NVM_DIR/bash_completion" ] && \. "$NVM_DIR/bash_completion"  # This loads nvm bash_completion

4. 使环境变量生效：

source ~/.bashrc

5. 验证安装：

nvm --version

常用nvm命令：

nvm install node        # 安装最新版node
nvm install 20.18.0    # 安装特定版本
nvm use 20.18.0        # 使用特定版本
nvm ls                 # 列出已安装的版本
nvm current            # 显示当前使用的版本
nvm alias default 20.18.0  # 设置默认版本

如果遇到网络问题，可以设置淘宝镜像：

export NVM_NODEJS_ORG_MIRROR=https://npmmirror.com/mirrors/node

安装 Verdaccio

# 必须要加 -g 全局安装
npm install verdaccio -g

安装成功之后随即在命令行输出 verdaccio 随即我们会看到服务已经运行；出现以下内容

根据服务启动后信息不难得到两个重要信息

verdaccio 配置文件：/root/.config/verdaccio/config.yaml

verdaccio 默认启动：默认占用 4873 端口（使用云服务器的小伙伴记得开启安全组）。

注意： 可能有些小伙伴的启用端口前面显示的是 localhost:4873，如果出现这种情况打开安全组也是不生效的，以下附上解决方案。

使用 vim 打开配置文件。在首行新增 listen 0.0.0.0:4873，端口可以任意指定。0.0.0.0 就是表示当前主机的 IPV4 地址；之后再重启服务就，在浏览器输入服务器 IP 加端口就可以访问了。

我的/root/.config/verdaccio/config.yaml 配置文件：

listen: 0.0.0.0:4873
# path to a directory with all packages
storage: /home/lzq/.local/share/verdaccio/storage
# path to a directory with plugins to include
plugins: ./plugins
# 添加以下配置来增加最大包体积限制
max_body_size: 1000mb# https://verdaccio.org/docs/webui
web:title: Verdaccio# comment out to disable gravatar support# gravatar: false# by default packages are ordercer ascendant (asc|desc)# sort_packages: asc# convert your UI to the dark side# darkMode: true# html_cache: true# by default all features are displayed# login: true# showInfo: true# showSettings: true# In combination with darkMode you can force specific theme# showThemeSwitch: true# showFooter: true# showSearch: true# showRaw: true# showDownloadTarball: true#  HTML tags injected after manifest <scripts/># scriptsBodyAfter:#    - '<script type="text/javascript" src="https://my.company.com/customJS.min.js"></script>'#  HTML tags injected before ends </head>#  metaScripts:#    - '<script type="text/javascript" src="https://code.jquery.com/jquery-3.5.1.slim.min.js"></script>'#    - '<script type="text/javascript" src="https://browser.sentry-cdn.com/5.15.5/bundle.min.js"></script>'#    - '<meta name="robots" content="noindex" />'#  HTML tags injected first child at <body/>#  bodyBefore:#    - '<div id="myId">html before webpack scripts</div>'#  Public path for template manifest scripts (only manifest)#  publicPath: http://somedomain.org/# https://verdaccio.org/docs/configuration#authentication
auth:htpasswd:file: ./htpasswd# Maximum amount of users allowed to register, defaults to "+inf".# You can set this to -1 to disable registration.# max_users: 1000# Hash algorithm, possible options are: "bcrypt", "md5", "sha1", "crypt".# algorithm: bcrypt # by default is crypt, but is recommended use bcrypt for new installations# Rounds number for "bcrypt", will be ignored for other algorithms.# rounds: 10# https://verdaccio.org/docs/configuration#uplinks
# a list of other known repositories we can talk to
uplinks:npmjs:url: https://registry.npmmirror.com/maxage: 30mtimeout: 600smax_fails: 5fail_timeout: 5mcache: true# Learn how to protect your packages
# https://verdaccio.org/docs/protect-your-dependencies/
# https://verdaccio.org/docs/configuration#packages
packages:'@*/*':# scoped packagesaccess: $allpublish: $authenticatedunpublish: $authenticatedproxy: npmjs'**':# allow all users (including non-authenticated users) to read and# publish all packages## you can specify usernames/groupnames (depending on your auth plugin)# and three keywords: "$all", "$anonymous", "$authenticated"access: $all# allow all known users to publish/publish packages# (anyone can register by default, remember?)publish: $authenticatedunpublish: $authenticated# if package is not available locally, proxy requests to 'npmjs' registryproxy: npmjsserver:keepAliveTimeout: 60timeout: 600000rateLimit:windowMs: 1000max: 10000bodyParser:json:limit: '1000mb'    # JSON请求体积限制encoded:limit: '1000mb'    # URL编码请求体积限制# Allow `req.ip` to resolve properly when Verdaccio is behind a proxy or load-balancer# See: https://expressjs.com/en/guide/behind-proxies.html# trustProxy: '127.0.0.1'# https://verdaccio.org/docs/configuration#offline-publish
# publish:
#   allow_offline: false# https://verdaccio.org/docs/configuration#url-prefix
# url_prefix: /verdaccio/
# VERDACCIO_PUBLIC_URL='https://somedomain.org';
# url_prefix: '/my_prefix'
# // url -> https://somedomain.org/my_prefix/
# VERDACCIO_PUBLIC_URL='https://somedomain.org';
# url_prefix: '/'
# // url -> https://somedomain.org/
# VERDACCIO_PUBLIC_URL='https://somedomain.org/first_prefix';
# url_prefix: '/second_prefix'
# // url -> https://somedomain.org/second_prefix/'# security:
#   api:
#     legacy: true
#     # recomended set to true for older installations
#     migrateToSecureLegacySignature: true
#     jwt:
#       sign:
#         expiresIn: 29d
#       verify:
#         someProp: [value]
#    web:
#      sign:
#        expiresIn: 1h # 1 hour by default
#      verify:
#         someProp: [value]# https://verdaccio.org/docs/configuration#user-rate-limit
# userRateLimit:
#   windowMs: 50000
#   max: 1000# https://verdaccio.org/docs/configuration#max-body-size
# max_body_size: 10mb# https://verdaccio.org/docs/configuration#listen-port
# listen:
# - localhost:4873            # default value
# - http://localhost:4873     # same thing
# - 0.0.0.0:4873              # listen on all addresses (INADDR_ANY)
# - https://example.org:4873  # if you want to use https
# - "[::1]:4873"                # ipv6
# - unix:/tmp/verdaccio.sock    # unix socket# The HTTPS configuration is useful if you do not consider use a HTTP Proxy
# https://verdaccio.org/docs/configuration#https
# https:
#   key: ./path/verdaccio-key.pem
#   cert: ./path/verdaccio-cert.pem
#   ca: ./path/verdaccio-csr.pem# https://verdaccio.org/docs/configuration#proxy
# http_proxy: http://something.local/
# https_proxy: https://something.local/# https://verdaccio.org/docs/configuration#notifications
# notify:
#   method: POST
#   headers: [{ "Content-Type": "application/json" }]
#   endpoint: https://usagge.hipchat.com/v2/room/3729485/notification?auth_token=mySecretToken
#   content: '{"color":"green","message":"New package published: * {{ name }}*","notify":true,"message_format":"text"}'middlewares:audit:enabled: true# https://verdaccio.org/docs/logger
# log settings
log: { type: stdout, format: pretty, level: http }
#experiments:
#  # support for npm token command
#  token: false
#  # disable writing body size to logs, read more on ticket 1912
#  bytesin_off: false
#  # enable tarball URL redirect for hosting tarball with a different server, the tarball_url_redirect can be a template string
#  tarball_url_redirect: 'https://mycdn.com/verdaccio/${packageName}/${filename}'
#  # the tarball_url_redirect can be a function, takes packageName and filename and returns the url, when working with a js configuration file
#  tarball_url_redirect(packageName, filename) {
#    const signedUrl = // generate a signed url
#    return signedUrl;
#  }# translate your registry, api i18n not available yet
# i18n:
# list of the available translations https://github.com/verdaccio/verdaccio/blob/master/packages/plugins/ui-theme/src/i18n/ABOUT_TRANSLATIONS.md
#   web: en-US

使用 pm2 管理 verdaccio

此时我们虽然能够访问到 npm 私服，但是有个很严重的问题，就是启动服务后在命令行中不能进行其他操作。这里推荐使用 pm2 对 verdaccio 进程进行管理。即使退出 ssh 连接也能在后台运行。

# 全局安装 verdaccio和pm2
$ npm install -g pm2

$ pm2 start verdaccio
[PM2] Starting /usr/local/bin/verdaccio in fork_mode (1 instance)
[PM2] Done.
┌─────┬──────────────┬─────────────┬─────────┬─────────┬──────────┬────────┬──────┬───────────┬──────────┬──────────┬──────────┬──────────┐
│ id  │ name         │ namespace   │ version │ mode    │ pid      │ uptime │ ↺    │ status    │ cpu      │ mem      │ user     │ watching │
├─────┼──────────────┼─────────────┼─────────┼─────────┼──────────┼────────┼──────┼───────────┼──────────┼──────────┼──────────┼──────────┤
│ 0   │ verdaccio    │ default     │ N/A     │ fork    │ 20889    │ 0s     │ 0    │ online    │ 0%       │ 10.2mb   │ cm       │ disabled │
└─────┴──────────────┴─────────────┴─────────┴─────────┴──────────┴────────┴──────┴───────────┴──────────┴──────────┴──────────┴──────────┘

常用命令

指令	  描述	                                    示例
pm2 -ls	  列出当前被 pm2 管理的所有进程	
pm2 stop  <app_name | namespace|id|'all'|json_conf>	关闭某个进程	pm2 stop vardaccio
pm2 restart <app_name|namespace|id|'all'|json_conf>	重启某个进程	pm2 restart verdaccio
pm2 delete <app_name|namespace|id]|'all'|json_conf>	删除某个进程	pm2 delete verdaccio
pm2 start <app_name|namespace|id|'all'|json_conf>	启动某个进程	pm2 start verdaccio

nrm 管理 npm 源

npm install -g nrm

# 添加私有库
$ nrm add localnpm http://服务器ip:4873# 查看现有的npm源
$ nrm ls
* npm -------- https://registry.npmjs.org/yarn ------- https://registry.yarnpkg.com/cnpm ------- http://r.cnpmjs.org/taobao ----- https://registry.npm.taobao.org/nj --------- https://registry.nodejitsu.com/npmMirror -- https://skimdb.npmjs.com/registry/edunpm ----- http://registry.enpmjs.org/localnpm -- http://服务器ip:4873/
# 设置npm源
$ nrm use localnpm 

发布包到私有库上

注册用户

# 注册用户
$ npm adduser
npm notice Log in on http://服务器ip:4873/
Username: yourusername
Password:
Email: (this IS public) xxxxxx@qq.com
Logged in as yourusername on http://服务器ip:4873/.

登录

# 登录用户
$ npm login
npm notice Log in on http://服务器ip:4873/
Username: yourusername
Password:
Email: (this IS public) xxxxxx@qq.com
Logged in as yourusername on http://服务器ip:4873/.
# 查看当前登录用户
$ npm who am i
yourusername

发布
进入含有package.json的目录，执行命令

# 发布当前包
$ npm publish
...
npm notice === Tarball Details ===
npm notice name:          marriage-service-manage
npm notice version:       3.2.1
npm notice package size:  11.9 MB
npm notice unpacked size: 22.3 MB
npm notice shasum:        cb0cb1535cedd1a36edb070d10829fb5fb1213ef
npm notice integrity:     sha512-WV65rERQZZona[...]iRNAtK7Kz+cxg==
npm notice total files:   725
npm notice
+ marriage-service-manage@3.2.1
# 最后看到 + [你的包名@版本号]既可