Uplinks
An uplink is a link with an external registry that provides access to external packages.
Usage
uplinks:
npmjs:
url: https://registry.npmjs.org/
server2:
url: http://mirror.local.net/
timeout: 100ms
server3:
url: http://mirror2.local.net:9000/
baduplink:
url: http://localhost:55666/
Here's an example of seamlessly integrating npmjs and GitHub registries using Verdaccio: How to use Verdaccio with GitHub registry
Configuration
You can define mutiple uplinks and each of them must have an unique name (key). They can have the following properties:
Property | Type | Required | Example | Support | Description | Default |
---|---|---|---|---|---|---|
url | string | Yes | https://registry.npmjs.org/ | all | The registry url | npmjs |
ca | string | No | ~./ssl/client.crt' | all | SSL path certificate | No default |
timeout | string | No | 100ms | all | set new timeout for the request | 30s |
maxage | string | No | 10m | all | the time threshold to the cache is valid | 2m |
fail_timeout | string | No | 10m | all | defines max time when a request becomes a failure | 5m |
max_fails | number | No | 2 | all | limit maximun failure request | 2 |
cache | boolean | No | [true,false] | >= 2.1 | cache all remote tarballs in storage | true |
auth | list | No | see below | >= 2.5 | assigns the header 'Authorization' more info | disabled |
headers | list | No | authorization: "Bearer SecretJWToken==" | all | list of custom headers for the uplink | disabled |
strict_ssl | boolean | No | [true,false] | >= 3.0 | If true, requires SSL certificates be valid. | true |
agent_options | object | No | maxSockets: 10 | >= 4.0.2 | options for the HTTP or HTTPS Agent responsible for managing uplink connection persistence and reuse more info | No default |
Auth property
The auth
property allows you to use an auth token with an uplink. Using the default environment variable:
uplinks:
private:
url: https://private-registry.domain.com/registry
auth:
type: bearer
token_env: true # by defaults points to the environment variable `NPM_TOKEN`
or via a specified custom environment variable:
uplinks:
private:
url: https://private-registry.domain.com/registry
auth:
type: bearer
token_env: FOO_TOKEN # override the default `NPM_TOKEN` by a custom one
token_env: FOO_TOKEN
internally will use process.env['FOO_TOKEN']
or by directly specifying a token oh the configuration file (not recommended by security corcerns):
uplinks:
private:
url: https://private-registry.domain.com/registry
auth:
type: bearer
token: 'token'
Note:
token
has priority overtoken_env
You Must know
- Uplinks must be registries compatible with the
npm
endpoints. Eg: verdaccio,sinopia@1.4.0
, npmjs registry, yarn registry, JFrog, Nexus and more. - Setting
cache
to false will help to save space in your hard drive. This will avoid storetarballs
but it will keep metadata in folders. - Multiple uplinks might slow down the lookup of your packages. For each request an npm client makes, verdaccio makes 1 call to each configured uplink.
- The (timeout, maxage and fail_timeout) format follow the NGINX measurement units
- When using the Helm Chart, you can use
secretEnvVars
to inject sensitive environment variables, which can be used to configure private uplink auth.