使用 Apache 为 npm 审核配置本地代理

问题描述 投票:0回答:2

基于此https://github.com/chovyy/npm-audit-proxy

在这种情况下 Nexus OSS v3 管理器在 Apache 反向代理后面运行。 还需要从 https://registry.npmjs.org/-/npm/v1/security/audits/ 代理 npm 审核。

那么如何正确配置 Apache 以将 npm adit 调用传递给 https://registry.npmjs.org/-/npm/v1/security/audits/

apache reverse-proxy nexus3 npm-audit
2个回答
0
投票

此 Apache 配置适用于我的情况。

<VirtualHost 0.0.0.0:443>
  ServerName nexus.corporate.domain

  SSLEngine on
  SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
  SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1 -TLSv1.2
  SSLHonorCipherOrder On
  SSLCompression off
  SSLCertificateFile /etc/ssl/localcerts/nexus/nexus.pem
  SSLCertificateKeyFile /etc/ssl/localcerts/nexus/nexus.key
  SSLCertificateChainFile /etc/ssl/localcerts/nexus/Local_Corporate_CA_chain.crt

  SSLSessionTickets   off
  SSLProxyEngine On

  ProxyPass /repository/npm-public/-/npm/v1/security/audits https://registry.npmjs.org/-/npm/v1/security/audits
  ProxyPassReverse /repository/npm-public/-/npm/v1/security/audits https://registry.npmjs.org/-/npm/v1/security/audits
  ProxyPass         /  http://127.0.0.1:8081/ nocanon
  ProxyPassReverse  /  http://127.0.0.1:8081/
  ProxyRequests     Off
  ProxyPreserveHost Off
  AllowEncodedSlashes on

  RequestHeader set X-Forwarded-Proto "https"
  RequestHeader set X-Forwarded-Port "443"

  <Proxy http://127.0.0.1:8081/*>
    Order allow,deny
    Allow from all
  </Proxy>

  ErrorLog /var/log/apache2/nexus_apache_error.log
  CustomLog /var/log/apache2/nexus_apache_access.log common

</VirtualHost>

我遇到了 Forbidde 403 错误,但它是由 ProxyPreserveHost on 引起的。 将其更改为 ProxyPreserveHost off

/repository/npm-public/ 是在nexus中创建的npm组类型存储库。 https://nexus.corporate.domain/repository/npm-public/

0
投票

从 npm 9 (lockfileVersion: 3) 开始,您还必须代理 

https://registry.npmjs.org/-/npm/v1/security/advisories
。最小配置,对我有用:

<IfModule mod_ssl.c>
    <VirtualHost _default_:443>
        ServerName npm.customdomain.com

        AllowEncodedSlashes NoDecode

        ProxyRequests Off
        ProxyPreserveHost Off
        SSLProxyEngine On

        ProxyPass /repository/npm-public/-/npm/v1/security/audits        https://registry.npmjs.org/-/npm/v1/security/audits
        ProxyPass /repository/npm-public/-/npm/v1/security/advisories    https://registry.npmjs.org/-/npm/v1/security/advisories

        SSLEngine on
        # Your SSL, Log and further configurations...
    </VirtualHost>
</IfModule>
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.