Verdaccio Chef cookbook
Switch branches/tags
Nothing to show
Clone or download
kgrubb Merge pull request #6 from rwdalpe/update-to-latest
Updating the cookbook to support the latest verdaccio
Latest commit dae2cd6 Jul 12, 2018
Failed to load latest commit information.
attributes Updating the cookbook to support the latest verdaccio Jul 10, 2018
recipes Updating the cookbook to support the latest verdaccio Jul 10, 2018
test/integration/default/bats initial commit. based off of Nov 7, 2016
.gitignore initial commit. based off of Nov 7, 2016
.kitchen.yml Updating the cookbook to support the latest verdaccio Jul 10, 2018
.rubocop.yml trying to exclude Vagrantfile Dec 14, 2016
.travis.yml Updating travis CI build to use ruby 2.3.0 as required by updated gems Jul 11, 2018
Berksfile initial commit. based off of Nov 7, 2016
LICENSE initial commit. based off of Nov 7, 2016 Updating the cookbook to support the latest verdaccio Jul 10, 2018
Rakefile Granting Rakefile user execute permissions to resolve rubocop errors Jul 11, 2018
Strainerfile initial commit. based off of Nov 7, 2016
Thorfile initial commit. based off of Nov 7, 2016
Vagrantfile trying to exclude Vagrantfile Dec 14, 2016
chefignore initial commit. based off of Nov 7, 2016
metadata.rb Updating metadata to resolve foodcritic linting errors Jul 11, 2018

Verdaccio Cookbook

CK Version Build Status

Verdaccio Project

Original Sinopia cookbook

Chef Supermarket Cookbook


Verdaccio is a fork of sinopia. It is a private/caching npm repository server.

It allows you to have a local npm registry with zero configuration. You don't have to install and replicate an entire CouchDB database. Verdaccio keeps its own small database and, if a package doesn't exist there, it asks for it keeping only those packages you use.

Supported Platforms

Tested on:

  • Ubuntu 12.04
  • Ubuntu 14.04
  • Centos 6
  • Centos 7
  • Amazon Linux


Include verdaccio in your node's run_list:

  "run_list": [


  • Configures verdaccio folders (in /etc, /var & /var/log)
  • Installs node + npm from the official repo at the latest version
  • Creates a passwordless verdaccio user who will run the service
  • Installs the latest version of verdaccio from
  • Configures log rotation to 30d
  • Configures and starts verdaccio service

Default Configuration

  • Verdaccio will bind to, so you probably need to setup a web frontend.
  • Access to the npm service is allowed to everyone.
  • All desired packages are cached from
  • A single npm account is provisionned to publish private packages with :
  • login : admin
  • passw : admin


Every single Verdaccio configuration item can be managed from node attributes. Default values are specified each time.

System Configuration

Key Type Description Default
['verdaccio']['user'] String The default user running verdaccio verdaccio
['verdaccio']['confdir'] String The config.yaml file location /etc/verdaccio
['verdaccio']['datadir'] String The verdaccio cache & private stores location /var/lib/verdaccio
['verdaccio']['logdir'] String The verdaccio.log file location /var/log/verdaccio
['verdaccio']['logdays'] Integer The log retention policy (days) 30
['verdaccio']['loglevel'] String The log level. Can be trace, debug, info, http, warn, error, or fatal warn

Verdaccio Global Configuration

Key Type Description Default
['verdaccio']['version'] String The verdaccio npm package version. Use nil for latest nil
['verdaccio']['admin']['pass'] String The verdaccio admin account clear password admin
['verdaccio']['public_url'] String The verdaccio rewrite url, url prefix for provided links nil
['verdaccio']['timeout'] Integer The cached repo timeout in ms 30000
['verdaccio']['maxage'] Integer The verdaccio metadata cache max age in sec 120
['verdaccio']['max_body_size'] String The maximum size of uploaded json document, software default is 1mb nil

Users and Permissions

No users are created by default.

  • You can set user list with a hash under default['verdaccio']['users'], you need to specify a password for each user
  • You can give admin permissions to a specific user with user['admin'] = true hash


node['verdaccio']['users']['bob']['pass'] = 'incredible'
node['verdaccio']['users']['bob']['admin'] = true

node['verdaccio']['users']['andy']['pass'] = 'toys'
node['verdaccio']['users']['andy']['admin'] = true

node['verdaccio']['users']['woody']['pass'] = 'buzz'

NPM Registry

You can store a list of available npm repositories in node['verdaccio']['repos'] following {'name' => 'url'} syntax.

Default hash is loaded with official npmjs repo : default['verdaccio']['repos'] = {'npmjs' => ''}

Example :

node['verdaccio']['repos'] = {
  'npmjs' => '', # official npmjs repo
  'myrepo' => 'https://myrepo.local/',
  'other' => ''

node['verdaccio']['mainrepo'] : (npmjs) Caching repository name selected from available repos list


  • default['verdaccio']['strict_access'] : When set to true, this only allow admin and admin users to access verdaccio repos, default is false
  • You can define access & publish filters based on package name under default['verdaccio']['filters']
  • Filter format is an Array with one Hash for one rule
  • Wildcard is accepted in the filter name rule
  • Access can be provided to :
  • Default (all)
  • Specified available users : ['user1', 'user2']
  • admin account + all admin user : '@admins'
  • publish can be provided to :
  • Default (admin account only)
  • Specified available users + admin : ['user1', 'user2']
  • admin account + all admin user : '@admins'
  • Storage value is the name of the folder where filtered packages will be set.

Example :

node['verdaccio']['filters'] = [
    'name' => 'private-*',
    'storage' => 'private-repo'
    'name' => 'admin-*',
    'access' => ['andy', 'woody']
    'name' => 'test-*',
    'access' => '@admins'


This cookbook is reusing specific logging format of Verdaccio :

type: file | stdout | stderr
level: trace | debug | info | http (default) | warn | error | fatal

{type: 'file', path: 'verdaccio.log', level: 'debug'},

parameters for stdout and stderr: format: json | pretty
{type: 'stdout', format: 'pretty', level: 'debug'}

You can add as much logger as you want (including '{}') in default['verdaccio']['logs'] Array

Default value is :

node['verdaccio']['logs'] = [
  "{type: file, path: '/var/log/verdaccio/verdaccio.log', level: warn}"


See attributes/default.rb to view how to configure node['verdaccio']['use_proxy'] and node['verdaccio']['proxy'].


See attributes/default.rb to view Node & npm install options (version, source/package, ...)


verdaccio::default recipe includes :

  • verdaccio::users : creates users
  • verdaccio::verdaccio : install verdaccio, directories, conf and start service


Verdaccio cookbook is bundled with a Vagrantfile. If you have virtualbox and vagrant ready, just fire a vagrant up and this will setup a box running Verdaccio and listening Port 4873 is forwaded to your for test purposes.

License and Authors

Authors: Barthelemy Vessemont (, Keli Grubb (

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
See the License for the specific language governing permissions and
limitations under the License.