sinopia是一个部署简易的可以实现github仓储私有化的npm组件。
如上图:
客户端产生npm请求后,发送到服务器(外网需要通过网关)。
用pm2启动sinopia集群,可以自动负载均衡。当请求到sinopia后,他会先进行权限验证(如果设置),通过验证之后就在本地文件系统中寻找对应的npm包,如果不存在则向上游链接(uplinks)配置的地址发请求。
前置⼯作:配置nodejs及npm环境参考文章:linux下安装node
安装sinopia 安装npm install sinopia -g --no-optional --no-shrinkwrap
npm WARN deprecated [email protected]: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated [email protected]: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated [email protected]: Version no longer supported. Upgrade to @latest
npm WARN deprecated [email protected]: this library is no longer supported
npm WARN deprecated [email protected]: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN saveError ENOENT: no such file or directory, open '/root/package.json'
npm WARN enoent ENOENT: no such file or directory, open '/root/package.json'
npm WARN root No description
npm WARN root No repository field.
npm WARN root No README data
npm WARN root No license field.
+ [email protected]
added 185 packages from 347 contributors in 12.179s
sionpia配置软连接
ln -s /root/node_modules/sinopia/bin/sinopia /usr/local/bin/sinopia
启动
sinopia
如下启动成功
Sinopia doesn't need superuser privileges. Don't run it under root.
warn --- config file - /root/.config/sinopia/config.yaml
warn --- http address - http://localhost:4873/
npm install pm2 -g
配置软连接 (安装出现警告可能会需要)
ln -s /usr/local/node/bin/pm2 /usr/local/bin/pm2
测试是否安装成功
pm2
如下安装成功
-------------
__/\\\\\\\\\\\\\____/\\\\____________/\\\\____/\\\\\\\\\_____
_\/\\\/\\\_\/\\\\\\________/\\\\\\__/\\\///\\\___
_\/\\\_______\/\\\_\/\\\//\\\____/\\\//\\\_\///______\//\\\__
_\/\\\\\\\\\\\\\/__\/\\\\///\\\/\\\/_\/\\\___________/\\\/___
_\/\\\/____\/\\\__\///\\\/___\/\\\________/\\\//_____
_\/\\\_____________\/\\\____\///_____\/\\\_____/\\\//________
_\/\\\_____________\/\\\_____________\/\\\___/\\\/___________
_\/\\\_____________\/\\\_____________\/\\\__/\\\\\\\\\\\\\\\_
_\///______________\///______________\///__\///__
Runtime Edition
PM2 is a Production Process Manager for Node.js applications
with a built-in Load Balancer.
Start and Daemonize any application:
$ pm2 start app.js
Load Balance 4 instances of api.js:
$ pm2 start api.js -i 4
Monitor in production:
$ pm2 monitor
Make pm2 auto-boot at server restart:
$ pm2 startup
To go further checkout:
http://pm2.io/
-------------
usage: pm2 [options]
pm2 -h, --help all available commands and options
pm2 examples display pm2 usage examples
pm2 -h help on a specific command
Access pm2 files in ~/.pm2
进程启动: sinopia
PM2启动: pm2 start sinopia
启动的端口需要在配置文件中配置:
vi /root/.config/sinopia/config.yaml
在最后一行中加入:
listen: 0.0.0.0:1234
配置文件目录:
config.yaml ------sinopia的配置文件
htpasswd ------存放用户账户信息的文件,密码通过sha1、base64加密
storage ------存放npm包及缓存包的文件夹
以上文件的目录为(root用户下):/root/.config/sinopia/
storage的存放地址可在config.yaml中配置:
storage: /root/.local/share/sinopia/storage
先在客户端创建发布权限的账户(假设为other,用户名不能有大写),然后为该账户设置发布权限:
'*':
# allow all users (including non-authenticated users) to read and
# publish all packages
#
# you can specify usernames/groupnames (depending on your auth plugin)
# and three keywords: "$all", "$anonymous", "$authenticated"
access: $all
# allow all known users to publish packages
# (anyone can register by default, remember?)
publish: other
# if package is not available locally, proxy requests to 'npmjs' registry
proxy: npmjs
以上配置文件中 ‘*’ 为包名的通配符,access为下载权限配置,publish为发布权限配置,proxy为上游地址name。在设置好发布账号后,我们应该禁用npm的addUser功能,如下配置:
auth:
htpasswd:
file: ./htpasswd
# Maximum amount of users allowed to register, defaults to "+inf".
# You can set this to -1 to disable registration.
max_users: -1
max_users为最大用户数量,默认值1000,值为-1则无法通过addUser创建账号。
所有配置信息
#
# This is the default config file. It allows all users to do anything,
# so don't use it on production systems.
#
# Look here for more config file examples:
# https://github.com/rlidwka/sinopia/tree/master/conf
#
# path to a directory with all packages
storage: ./storage //npm包存放的路径
auth:
htpasswd:
file: ./htpasswd //保存用户的账号密码等信息
# Maximum amount of users allowed to register, defaults to "+inf".
# You can set this to -1 to disable registration.
max_users: 1000 //默认为1000,改为-1为禁止注册,这样就只能通过修改htpasswd来注册用户
# a list of other known repositories we can talk to
uplinks:
npmjs:
url: http://registry.npm.taobao.org/ //默认为npm的官网,由于国情,修改 url 让sinopia使用 淘宝的npm镜像地址
packages: //配置权限管理
'@*/*':
# scoped packages
access: $all
publish: $authenticated
'*':
# allow all users (including non-authenticated users) to read and
# publish all packages
#
# you can specify usernames/groupnames (depending on your auth plugin)
# and three keywords: "$all", "$anonymous", "$authenticated"
access: $all
# allow all known users to publish packages
# (anyone can register by default, remember?)
publish: $authenticated
# if package is not available locally, proxy requests to 'npmjs' registry
proxy: npmjs
# log settings
logs:
- {type: stdout, format: pretty, level: http}
#- {type: file, path: sinopia.log, level: info}
# you can specify listen address (or simply a port)
listen: 0.0.0.0:4873 默认没有,只能在本机访问,添加后可以通过外网访问。
改为淘宝镜像
uplinks:
npmjs:
url: http://registry.npm.taobao.org/
在使用sinopia之前,强烈推荐使用nrm来管理自己的npm代理,nrm可以快速修改,切换,增加npm镜像地址。
ps.我最终搭建的地址为http://192.168.10.245:4873 请自行修改为自己的服务器ip地址
npm install -g nrm # 安装nrm
nrm add sinopia http://192.168.10.245:4873 # 添加新搭建的npm私有仓库地址
nrm use sinopia
nrm的其他命令:
$ nrm --help # 查看nrm命令帮助
$ nrm list # 列出可用的 npm 镜像地址
$ nrm use taobao # 使用`淘宝npm`镜像地址
切换为新搭建的私有仓库后,npm的使用方式没有任何改变,仍是使用npm install xxx安装我们所需要的包。如果私有仓库中没有所需要的包,会从备用的镜像中下载并缓存到本地,下一次在进行安装时会直接从私有仓库中获取。
npm 发布包要在私有npm仓库中发布包首先需要注册或登陆账号。
如果还没有账号,通过输入命令 npm adduser,然后依次输入用户名,密码,邮箱用户即可创建完毕。
如果已有账号,通过输入命令 npm login,然后依次输入用户名,密码,邮箱用户即可登陆。
然后进入你要上传的代码目录,执行初始化。
$ npm init
这个过程中要输入项目名,版本号,作者,开源协议等信息,自动生成package.json文件。
这里可以在这里填写相关信息或者直接回车跳过,因为后续可以直接修改package.json文件。
此外,通过在目录内新建README文件,可添加包的使用说明和用例代码。README文件支持markdown,书写十分方便。
然后执行发布命令就可以发布包到私有npm仓库了。
npm publish
可以通过浏览器访问http://192.168.10.245:4873 可以看到我们发布的私有包。
欢迎分享,转载请注明来源:内存溢出
微信扫一扫
支付宝扫一扫
评论列表(0条)