Skip to main content

Fajl za konfigurisanje

This file is the cornerstone of Verdaccio where you can modify the default behaviour, enable plugins and extend features.

A default configuration file config.yaml is created the very first time you run verdaccio.

Podrazumevane postavke (Default Configuration)#

Podrazumevane postavke podržavaju scoped pakete za sve korisnike, ali samo autorizovanim korisnicima omogućavaju da publikuju.

storage: ./storageauth:  htpasswd:    file: ./htpasswduplinks:  npmjs:    url:  '@*/*':    access: $all    publish: $authenticated    proxy: npmjs  '**':    proxy: npmjslogs:  - {type: stdout, format: pretty, level: http}


Sekcija u nastavku daje objašnjenja za svako svojstvo i opciju.


Is the location of the default storage. Verdaccio is by default based on local file system.

storage: ./storage


Is the location of the plugin directory. Useful for Docker/Kubernetes-based deployments.

plugins: ./plugins


The authentication setup is done here. The default auth is based on htpasswd and is built in. You can modify this behaviour via plugins. For more information about this section read the auth page.

auth:  htpasswd:    file: ./htpasswd    max_users: 1000


Since: verdaccio@4.0.0 #168

The security block allows you to customise the token signature. To enable a new JWT (JSON Web Tokens) signature you need to add the block jwt to the api section; web uses jwt by default.

The configuration is separated in two sections, api and web. To use JWT on api it has to be defined, otherwise the legacy token signature (aes192) will be used. For JWT you might want to customize the signature and the token verification with your own properties.

security:  api:    legacy: true    jwt:      sign:        expiresIn: 29d      verify:        someProp: [value]   web:     sign:       expiresIn: 7d # 7 days by default     verify:        someProp: [value]

Jako Vam preporučujemo da se prebacite na JWT pošto je legacy signature (aes192) zastareo i neće ga biti u novijim verzijama.


Skup svojstava za menjanje ponašanja server aplikacije, posebno API-ja (Express.js).

You can specify HTTP/1.1 server keep alive timeout in seconds for incomming connections. A value of 0 makes the http server behave similarly to Node.js versions prior to 8.0.0, which did not have a keep-alive timeout. WORKAROUND: Through given configuration you can workaround following issue Set to 0 in case 60 is not enough.

server:  keepAliveTimeout: 60

Web UI (korisnički interfejs)#

This property allow you to modify the look and feel of the web UI. For more information about this section read the web UI page.

web:  enable: true  title: Verdaccio  logo: logo.png  scope:


Uplinks add the ability to fetch packages from remote registries when those packages are not available locally. For more information about this section read the uplinks page.

uplinks:  npmjs:    url:


This section allows you to control how packages are accessed. For more information about this section read the packages page.

packages:  '@*/*':    access: $all    publish: $authenticated    proxy: npmjs

Napredna podešavanja#

Publikovanje offline#

By default verdaccio does not allow you to publish packages when the client is offline. This can be can be overridden by setting this value to true.

publish:  allow_offline: false
Počevši od verzije: verdaccio@2.3.6 član (due) #223

URL Prefix#

The prefix is intended to be used when the server runs behinds the proxy and won't work properly if is used without a reverse proxy, check the reverse proxy setup page for more details.

url_prefix: /verdaccio/

Verdaccio 5 has an improved prefix behaviour and the VERDACCIO_PUBLIC_URL is available for use, learn how to here.

Max Body Size#

By default the maximum body size for a JSON document is 10mb, if you run into errors that state "request entity too large" you may increase this value.

max_body_size: 10mb

Listen Port#

verdaccio runs by default on the port 4873. Changing the port can be done via CLI or in the configuration file. The following options are valid:

listen:# - localhost:4873            # default value# - http://localhost:4873     # same thing# -              # listen on all addresses (INADDR_ANY)# -  # if you want to use https# - "[::1]:4873"                # ipv6# - unix:/tmp/verdaccio.sock    # unix socket


To enable https in verdaccio it's enough to set the listen flag with the protocol https://. For more information about this section read the SSL page.

https:    key: ./path/verdaccio-key.pem    cert: ./path/verdaccio-cert.pem    ca: ./path/verdaccio-csr.pem


Ako imate proxy u svojoj mreži, možete podesiti X-Forwarded-For header koristeći sledeće unose za svojstva (properties).

http_proxy and https_proxy#

Ova varijabla bi trebalo da sadrži comma-separated (polja odvojena zapetom) listu ekstenzija domena za koju proxy ne bi trebalo da se koristi.

http_proxy: http://something.local/https_proxy: https://something.local/


This variable should contain a comma-separated list of domain extensions that the proxy should not be used for.

no_proxy: localhost,


Enabling notifications to third-party tools is fairly easy via webhooks. For more information about this section read the notifications page.

notify:  method: POST  headers: [{'Content-Type': 'application/json'}]  endpoint:  content: '{"color":"green","message":"New package published: * {{ name }}*","notify":true,"message_format":"text"}'

Za detaljnije opcije podešavanja, molimo Vas da pogledate source code.


Počevši od verzije: verdaccio@3.0.0

npm audit is a new command released with npm 6.x. Verdaccio includes a built-in middleware plugin to handle this command.

If you have a new installation it comes by default, otherwise you need to add the following props to your config file

middlewares:  audit:    enabled: true


This release includes a new property named experiments that can be placed in the config.yaml and is completely optional.

We want to be able to ship new things without affecting production environments. This flag allows us to add new features and get feedback from the community who decides to use them.

Here one example:

Here is one example:

experiments:  changePassword: false

To disable the experiments warning in the console, you must comment out the whole experiments section.