Docker
To pull the latest pre-built docker image:
docker pull verdaccio/verdaccio
Versões com Tags
Desde a versão v2.x, você pode fazer o pull das imagens pela tag, por exemplo:
Para uma versão principal:
docker pull verdaccio/verdaccio:4
Para uma versão secundária:
docker pull verdaccio/verdaccio:4.0
Para uma versão específica (patch):
docker pull verdaccio/verdaccio:4.0.0
Se você está interessado em uma lista de tags, por favor acesse o Docker Hub.
Executando o Verdaccio usando Docker
Para executar o container do docker:
docker run -it --rm --name verdaccio -p 4873:4873 verdaccio/verdaccio
O último argumento define qual imagem usar. A linha acima irá puxar a imagem pré-construída mais recente do dockerhub, caso você não tenha feito ainda.
Se você tiver uma imagem construída localmente use verdaccio como o último argumento.
You can use -v to bind mount conf, storage and plugins to the hosts filesystem (example below).
Note that if you do mount conf like this, that you will first need to supply a copy of config.yaml in that directory; the Docker container will not start properly if this file is missing. You can copy this file initially from https://github.com/verdaccio/verdaccio/blob/5.x/conf/docker.yaml. However, note the security warnings in that file; you will definitely want to lock it down in production.
V_PATH=/path/for/verdaccio; docker run -it --rm --name verdaccio \
-p 4873:4873 \
-v $V_PATH/conf:/verdaccio/conf \
-v $V_PATH/storage:/verdaccio/storage \
-v $V_PATH/plugins:/verdaccio/plugins \
verdaccio/verdaccio
if you are running in a server, you might want to add -d to run it in the background
Note: Verdaccio runs as a non-root user (uid=10001) inside the container, if you use bind mount to override default, you need to make sure the mount directory is assigned to the right user. In above example, you need to run
sudo chown -R 10001:65533 /path/for/verdacciootherwise you will get permission errors at runtime. Use docker volume is recommended over using bind mount.
Verdaccio 4 provides a new set of environment variables to modify either permissions, port or http protocol. Here the complete list:
| Propriedade | padrão | Descrição |
|---|---|---|
| VERDACCIO_APPDIR | /opt/verdaccio-build | o diretório de trabalho do docker |
| VERDACCIO_USER_NAME | verdaccio | o usuário do sistema |
| VERDACCIO_USER_UID | 10001 | o Id do usuário sendo usado para aplicar permissões de pasta |
| VERDACCIO_PORT | 4873 | a porta do verdaccio |
| VERDACCIO_PROTOCOL | http | o protocolo http padrão |
SELinux
If SELinux is enforced in your system, the directories to be bind-mounted in the container need to be relabeled. Otherwise verdaccio will be forbidden from reading those files.
fatal--- cannot open config file /verdaccio/conf/config.yaml: Error: CONFIG: it does not look like a valid config file
If verdaccio can't read files on a bind-mounted directory and you are unsure, please check /var/log/audit/audit.log to confirm that it's a SELinux issue. In this example, the error above produced the following AVC denial.
type=AVC msg=audit(1606833420.789:9331): avc: denied { read } for pid=1251782 comm="node" name="config.yaml" dev="dm-2" ino=8178250 scontext=system_u:system_r:container_t:s0:c32,c258 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=0
chcon can change the labels of shared files and directories. To make a directory accessible to containers, change the directory type to container_file_t.
$ chcon -Rt container_file_t ./conf
If you want to make the directory accessible only to a specific container, use chcat to specify a matching SELinux category.
An alternative solution is to use z and Z flags. To add the z flag to the mountpoint ./conf:/verdaccio/conf simply change it to ./conf:/verdaccio/conf:z. The z flag relabels the directory and makes it accessible by every container while the Z flags relables the directory and makes it accessible only to that specific container. However using these flags is dangerous. A small configuration mistake, like mounting /home/user or /var can mess up the labels on those directories and make the system unbootable.
Plugins
Plugins can be installed in a separate directory and mounted using Docker or Kubernetes, however make sure you build plugins with native dependencies using the same base image as the Verdaccio Dockerfile.
FROM node:lts-alpine as builder
RUN mkdir -p /verdaccio/plugins \
&& cd /verdaccio/plugins \
&& npm install --global-style --no-bin-links --omit=optional verdaccio-auth-memory@latest
FROM verdaccio/verdaccio:5
ADD docker.yaml /verdaccio/conf/config.yaml
COPY --chown=$VERDACCIO_USER_UID:root --from=builder \
/verdaccio/plugins/node_modules/verdaccio-auth-memory \
/verdaccio/plugins/verdaccio-auth-memory
For more information check real plugin examples with Docker in our source code.
Configuração de Docker e porta customizada
Any host:port configured in conf/config.yaml under listen is currently ignored when using docker.
If you want to reach Verdaccio docker instance under different port, lets say 5000 in your docker run command add the environment variable VERDACCIO_PORT=5000 and then expose the port -p 5000:5000.
V_PATH=/path/for/verdaccio; docker run -it --rm --name verdaccio \
-e "VERDACCIO_PORT=8080" -p 8080:8080 \
verdaccio/verdaccio
Of course the numbers you give to the -p parameter need to match.
Usando HTTPS com Docker
You can configure the protocol verdaccio is going to listen on, similarly to the port configuration. You have to overwrite the default value("http") of the PROTOCOL environment variable to "https", after you specified the certificates in the config.yaml.
docker run -it --rm --name verdaccio \
--env "VERDACCIO_PROTOCOL=https" -p 4873:4873
verdaccio/verdaccio
Usando docker-compose
- Obtenha a última versão do docker-compose.
- Construa e execute o contêiner:
$ docker-compose up --build
You can set the port to use (for both container and host) by prefixing the above command with VERDACCIO_PORT=5000.
version: '3.1'
services:
verdaccio:
image: verdaccio/verdaccio
container_name: 'verdaccio'
networks:
- node-network
environment:
- VERDACCIO_PORT=4873
ports:
- '4873:4873'
volumes:
- './storage:/verdaccio/storage'
- './config:/verdaccio/conf'
- './plugins:/verdaccio/plugins'
networks:
node-network:
driver: bridge
Docker will generate a named volume in which to store persistent application data. You can use docker inspect or docker volume inspect to reveal the physical location of the volume and edit the configuration, such as:
$ docker volume inspect verdaccio_verdaccio
[
{
"Name": "verdaccio_verdaccio",
"Driver": "local",
"Mountpoint": "/var/lib/docker/volumes/verdaccio_verdaccio/_data",
"Labels": null,
"Scope": "local"
}
]
Construa a sua própria imagem Docker
docker build -t verdaccio .
There is also an npm script for building the docker image, so you can also do:
yarn run build:docker
Note: The first build takes some minutes to build because it needs to run npm install, and it will take that long again whenever you change any file that is not listed in .dockerignore.
Please note that for any of the above docker commands you need to have docker installed on your machine and the docker executable should be available on your $PATH.
Exemplos de Docker
There is a separate repository that hosts multiple configurations to compose Docker images with verdaccio, for instance, as reverse proxy:
https://github.com/verdaccio/docker-examples
Construções de Docker Personalizadas
If you have made an image based on Verdaccio, feel free to add it to this list.
- coldrye-debian-verdaccio imagem docker que executa o verdaccio a partir do coldrye-debian-nodejs.
- docker-verdaccio
- docker-verdaccio-s3 Private NPM container that can backup to s3
- docker-verdaccio-ldap
- verdaccio-ldap
- verdaccio-compose-local-bridge
- docker-verdaccio
- verdaccio-docker
- verdaccio-server
- coldrye-debian-verdaccio docker image providing verdaccio from coldrye-debian-nodejs.
- verdaccio-github-oauth-ui
- verdaccio-auth-gitlab