Nodejitsu

Save time managing and deploying your node.js app

Simple hosted private npm and registry.nodejitsu.com

About the author

Name
Location
Worldwide
nodejitsu nodejitsu

Other popular posts

- Scaling Isomorphic Javascript Code - Keep a node.js server up with Forever - Package.json dependencies done right
- npm cheat sheet - 6 Must Have Node.js Modules
Sign up to our platform for free - get $20 usage

We started running a private npm registry at Nodejitsu back in 2011. I remember vividly first hearing the idea from Paul Querna, a node core team member who was speaking on Node.js in Production at Cloudkick (now part of Rackspace). That decision was one of the best we ever made for maximizing the productivity of our team by empowering them to ship production code themselves with no ceremony.

Running your own private npm registry, however, has been a source of much pain and frustration. From replication issues, to permission mismatches and more, it has just been too much. We wanted a simpler solution which is why we're excited to announce that anyone can signup for a hosted private npm registry from Nodejitsu.

TL;DR? Then signup at nodejitsu.com right now!


Private npm? How does it work?

It's simple. First: every one of our private npm registry plans come with unlimited users so you just pay for the modules that you and your team need to keep private. Second: more security minded teams can upgrade if they care about sophisticated features like whitelisting or blacklisting.

That's it! Did we mentiong that juggling .npmrc files is a thing of the past?! Your private npm registry behaves like a fully transparent public replica so there is no need to switch back and forth between multiple accounts or constantly type --reg http://suchtyping.muchwastedtime.com.

Just run (once!):

npm config set registry "http://[your-subdomain].registry.nodejitsu.com"  

And you're completely ready to start publishing, installing and deploying your private, production JavaScript code with your team from npm. Nothing about your experience of the public registry will change. What you will get is an elegant web interface for managing access controls and your private npm policy.


Easy right? We thought so! Want to try out the performance of smart-private-npm before you sign up? Go for it, registry.nodejitsu.com will always be a free public read-write npm replica powered by smart-private-npm in transparent mode.

When running in "transparent mode", smart-private-npm will proxy all requests directly to a single (or set) of public npm registries.

Simply point your npm client at that server, and keep an eye on how it performs.

  npm config set registry "https://registry.nodejitsu.com"

So this is about more than just simple hosted private npm registries for any team using Node.js in production. It's about about making npm better for the community at large through isolated and replicated infrastructure available to everyone! All of the know-how that made registry.nodejitsu.com possible came directly out of our efforts scaling npm in late 2013. Mikeal Rogers’ proposed to scale the registry by moving rewrites from CouchDB to a separate Node.js process that understood them. After reading the rewrites themselves writing the correct proxy logic was relatively trivial.

We haven't forgotten we have a responsibility to give back to the Node.js community after that deluge of support. That is why:

  npm config set registry "https://registry.nodejitsu.com"

Can I run my own private npm registry?

YES YOU CAN! Just use our Open Source module: smart-private-npm. Lets example a sample private npm server that uses smart-private-npm:

var smartPrivateNpm = require("smart-private-npm"),  
    url = require("url");

//
// Configure your private npm. You could load this in from a file
// somewhere.
//
var config = {  
  rewrites: require("./config/rewrites"),
  proxy: {
    //
    // Location of the target public npm registry. 
    //
    npm: url.parse("http://user:pass@registry.nodejitsu.com"),
    //
    // Private npm options.
    //
    policy: {
      npm: url.parse("http://user:pass@private.registry.nodejitsu.com"),
      private: {
        //
        // This is the list of 'known private modules'
        // that will always be proxied to the private npm.
        // It is built over time by remembering 'publish' requests.
        //
      },
      blacklist: {
        //
        // This is the list of modules that will ALWAYS be proxies
        // to the private npm, no matter what.
        //
      },
      whitelist: {
        //
        // If enabled: only requests for these modules will be served
        // by the proxy (unless they are 'known private modules').
        //
      },
      //
      // In 'transparent mode' the proxy will always forward to
      // the public registry.
      //
      transparent: false
    }
  },
  //
  // Server options (from 'create-servers')
  //
  http: 80
  https: {
    port: 443,
    root: "/path/to/your/ssl/files",
    key: "your-ssl.key",  // or .pem
    key: "your-ssl.cert", // or .pem
  }
};

smartPrivateNpm.createServer(config, function (err, servers) {  
  if (err) {
    console.log("Error starting private npm: %j", servers);
    return process.exit(1);
  }

  console.log("Private npm running on %j servers.", Object.keys(servers));
});

Once you have this server running you can publish to it by running:

npm publish some-private-code --reg http://localhost/  

There’s more documentation on the Github repo for those of you who want to know how we make the npm sausage.

Ok. I’m in, what’s next?

This is an exciting time for npm. There are a lot of resources being put behind it to make it better, but without your feedback these efforts are worthless. Remember: You are npm! Since efforts to get a public roadmap haven’t taken off, we’ve opened up a place to take feature requests. You can login with our SSO and start telling us what you want!

Want to signup right now? Great! You'll need to head over to nodejitsu.com/signup. If you already have a Nodejitsu account you can get your hosted private npm registry in WebOps at https://webops.nodejitsu.com/account:


npm <3s you. Nodejitsu does too.