Setup Your Private NPM Registry Using Nexus 3

chamsddine

Bouzaine Chamsddine

Posted on July 6, 2020

Setup Your Private NPM Registry
Using Nexus 3

I was tasked to build a private npm Registry and maybe later I had to implement a private docker hub, so I went as asked google and tada!, I found this amazing tool "nexus3" it's a bright tool it can achieve both my goals an npm registry and a docker hub and much more, so along my journey setting up the npm registry I struggled a little with the official documentation so I thought of writing this blog to help next users of nexus3

How?

Start the docker image

Let's spin up the Nexus3 docker image

> $ docker build --rm=true --tag=sonatype/nexus3

we will be using the official docker image Here

Sign in to nexus3

Now we have our nexus3 instance running on http://localhost:8081/ Let's visit the app now we have to connect as admin the password is saved inside data-dir/admin.password so all we have to do is hook to the bash inside the nexus3 docker container and get the password.

$ cat data-dir/admin.password

now let's sign-in in the app

Note: if asked to activate the anonymous access always chose not to.

Setup the npm registries

We will need to create 3 new npm registry for our use case (a proxy registry, a hosted registry, group registry) we will need the proxy registry to link it to the public npm registry so we can fetch all the npm packages through one gateway, and we will use the hosted registry to host our npm packages, and the group registry is the one that will group the hosted and proxy registries so basically it's our npm gateway where we can fetch both public and private packages ;) so let's go to the admin panel then to "Repository Management" menu and add this three npm repositories.

Setup the roles and users

We are one step close to our goal now we need the last stones ACL we have to protect our precious packages, we have to set up two things first create two new roles :

  • package reader/fetcher role (so a user can npm Install our gems ) to do that we have to go to roles and create a new role "npm-fetcher" and give it the right to read and browse the npm registries
  • package editor/publisher role this is the role for the user that publish, update our packages so we create a new role "npm-publisher" and give it edit and create and browse and read for the npm hosted repo.

Now we have to create two users the npm-reader (Roles: "npm-fetcher") & npm-publisher (Roles: "npm-fetcher","npm-publisher")

Note: save user password in a secure vault we need them for later and enable the "npm Bearer Token Realm".

Configure npm package

Now that we have our registry setup let's configure our packages so we are gone use the npm-publisher user and the hosted npm repo to publish our package and we are gone use the npm gateway and the npm-reader user in the other packages that are going to install our package I know this may seem complicated so let's work with an example to make it easier so suppose we hade developed two projects a "fancy-UI-library" and an "e-commerce app" and now we are wanting to use the "fancy-UI-library" in our "e-commerce-app" so to do this we have to publish "fancy-UI-library" to nexus3 first let's do it =>

publish

We have to create a .npmrc file if we don't have it already and add this line so npm can communicate with our private registry

//YOUR_NPM_HOSTED_REPO_ADDRESS_HERE:_auth=${NPM_TOKEN}

Of course, we need a token to be exported as a Variable like this

> $ export NPM_TOKEN=YOUR_PUBLISHER_TOKEN

To create a publisher token all we need to do is :

> $ echo -n 'YOUR_PUBLISHER_USER:YOUR_PUBLISHER_PASSWORD' | openssl base64

Now all we have to do is run

> $ npm publish

that's it now our package is hosted in the Registry

fetch

Let's go to the other package now "e-commerce app" in this app we only want to install the "fancy-UI-library" so we will use the npm-reader user, all we have to do is to create a token for that user

> $ echo -n 'YOUR_READER_USER:YOUR_READER_PASSWORD' | openssl base64

Add the npm group repo address to our .npmrc and we export our NPM_TOKEN as we did before

//YOUR_NPM_GROUP_REPO_ADDRESS_HERE:_auth=${NPM_TOKEN}

that's it now all we have to do is to install :

> $ npm i fancy-UI-library

Tips

  • Every time you commit changes to your published package you have to change the version with npm version before publishing them that's how you get multiple versions package

Refrences :

💖 💪 🙅 🚩
chamsddine
Bouzaine Chamsddine

Posted on July 6, 2020

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related