LuisLlamas Logo
EN
npm-registro-privado-verdaccio

What is Verdaccio and how to use it as a private NPM registry

  • 2 min
  • Advanced

Verdaccio is a lightweight, private, and self-hosted NPM registry designed to facilitate package development in controlled environments.

verdaccio-npm

It is a very useful tool for teams that develop internal libraries and want to share them among themselves, without exposing them to a public NPM registry.

Verdaccio acts as an intelligent proxy that stores downloaded dependencies, as well as adding our own private packages.

verdaccio-arquitectura

Additionally, it allows us greater control over our developments by reducing dependency on NPM repositories (for example, because we have an internet outage).

In summary

  • You need to publish internal packages without exposing them to the NPM registry
  • You want to speed up installations through dependency caching
  • You work in environments with internet connection limitations

Installation and Configuration

To install Verdaccio, you simply need to run

npm install -g verdaccio

Now we can run it

verdaccio

We will see startup information for Verdaccio in the console, such as the configuration folder, etc.

By default, Verdaccio listens on http://localhost:4873. You can open the URL in your browser, and you will see the application’s control panel UI.

verdaccio-screenshot

If you need to run Verdaccio continuously (generally, yes), you can use solutions like PM2, Forever, or run it in Docker format.

Basic Configuration config.yaml

The main configuration file for Verdaccio is located at

  • Windows: C:\Users\Luis\AppData\Roaming\verdaccio\config.yaml
  • Linux ~/.config/verdaccio/config.yaml

Here you have a bunch of parameters. But a (very) summarized version looks something like this:

storage: ./storage       # Storage path  
plugins: ./plugins       # Plugins directory  

auth:  
  htpasswd:  
    file: ./htpasswd     # Basic authentication  

uplinks:  
  npmjs:  
    url: https://registry.npmjs.org/  

packages:  
  '@myorg/*':  
    access: $authenticated  
    publish: $authenticated  

  '**':  
    access: $all  
    proxy: npmjs

Key sections:

  • storage: Directory for private packages.
  • uplinks: Configuration for remote registries (e.g. npmjs).
  • packages: Permissions by package pattern.

Using with NPM

Now we will see how to configure NPM to use Verdaccio as a Proxy. To do this, we run:

npm set registry http://localhost:4873

You can restore the npm registry to the default by running:

npm set registry https://registry.npmjs.org/

With this, we have configured NPM to look on the Verdaccio server. Now when NPM accesses a package, it will first request the information from Verdaccio.

npm install lodash  # First looks in Verdaccio, then in npmjs

Verdaccio will search in its cache and in its private repositories. And, if it does not find a package, it will make a request to the NPM repositories.

Alternatively, you can also create a .npmrc file in your project, and overwrite the registry by adding this line:

registry=http://localhost:4873

Publish a Private Package

To add a private package to our Verdaccio repository, we do the following:

Log in (create a user if it’s your first time):

npm adduser --registry http://localhost:4873

We publish the package

npm publish --registry http://localhost:4873

::::

On this page