UNPKG

@verdaccio/config

Version:

logger

verdaccio.org

182 lines (160 loc) 5.71 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
import assert from 'assert'; import buildDebug from 'debug'; import _ from 'lodash'; import { APP_ERROR, warningUtils } from '@verdaccio/core'; import { Codes } from '@verdaccio/core/build/warning-utils'; import { Config as AppConfig, AuthConf, ConfigYaml, FlagsConfig, PackageAccess, PackageList, RateLimit, Security, ServerSettingsConf, } from '@verdaccio/types'; import { generateRandomHexString, getMatchedPackagesSpec, isObject } from '@verdaccio/utils'; import { getUserAgent } from './agent'; import { normalisePackageAccess } from './package-access'; import { defaultSecurity } from './security'; import serverSettings from './serverSettings'; import { generateRandomSecretKey } from './token'; import { sanityCheckUplinksProps, uplinkSanityCheck } from './uplinks'; const strategicConfigProps = ['uplinks', 'packages']; const allowedEnvConfig = ['http_proxy', 'https_proxy', 'no_proxy']; const debug = buildDebug('verdaccio:config'); export const WEB_TITLE = 'Verdaccio'; // we limit max 1000 request per 15 minutes on user endpoints export const defaultUserRateLimiting = { windowMs: 15 * 60 * 1000, // 15 minutes max: 1000, }; /** * Coordinates the application configuration */ class Config implements AppConfig { public user_agent: string | undefined; public uplinks: any; public packages: PackageList; public users: any; public auth: AuthConf; public server_id: string; public configPath: string; /** * @deprecated use configPath or config.getConfigPath(); */ public self_path: string; public storage: string | void; public plugins: string | void | null; public security: Security; public serverSettings: ServerSettingsConf; // @ts-ignore public secret: string; public flags: FlagsConfig; public userRateLimit: RateLimit; private configOptions: { forceEnhancedLegacySignature: boolean }; public constructor( config: ConfigYaml & { config_path: string }, configOptions = { forceEnhancedLegacySignature: true } ) { const self = this; this.configOptions = configOptions; this.storage = process.env.VERDACCIO_STORAGE_PATH || config.storage; if (!config.configPath) { // backport self_path for previous to version 6 // @ts-expect-error config.configPath = config.config_path ?? config.self_path; if (!config.configPath) { throw new Error('configPath property is required'); } } this.configPath = config.configPath; this.self_path = this.configPath; debug('config path: %s', this.configPath); this.plugins = config.plugins; this.security = _.merge(defaultSecurity, config.security); this.serverSettings = serverSettings; this.flags = { searchRemote: config.flags?.searchRemote ?? true, changePassword: config.flags?.changePassword ?? false, }; this.user_agent = config.user_agent; for (const configProp in config) { if (self[configProp] == null) { self[configProp] = config[configProp]; } } if (typeof this.user_agent === 'undefined') { // by default user agent is hidden debug('set default user agent'); this.user_agent = getUserAgent(false); } this.userRateLimit = { ...defaultUserRateLimiting, ...config?.userRateLimit }; // some weird shell scripts are valid yaml files parsed as string assert(_.isObject(config), APP_ERROR.CONFIG_NOT_VALID); // sanity check for strategic config properties strategicConfigProps.forEach(function (x): void { if (self[x] == null) { self[x] = {}; } assert(isObject(self[x]), `CONFIG: bad "${x}" value (object expected)`); }); this.uplinks = sanityCheckUplinksProps(uplinkSanityCheck(this.uplinks)); this.packages = normalisePackageAccess(self.packages); // loading these from ENV if aren't in config allowedEnvConfig.forEach((envConf): void => { if (!(envConf in self)) { self[envConf] = process.env[envConf] || process.env[envConf.toUpperCase()]; } }); // unique identifier of self server (or a cluster), used to avoid loops // @ts-ignore if (!this.server_id) { this.server_id = generateRandomHexString(6); } } public getConfigPath() { return this.configPath; } /** * Check for package spec */ public getMatchedPackagesSpec(pkgName: string): PackageAccess | void { // TODO: remove this method and replace by library utils return getMatchedPackagesSpec(pkgName, this.packages); } /** * Store or create whether receive a secret key * @secret external secret key */ public checkSecretKey(secret?: string): string { debug('check secret key'); if (typeof secret === 'string' && _.isEmpty(secret) === false) { this.secret = secret; debug('reusing previous key'); return secret; } // generate a new a secret key // FUTURE: this might be an external secret key, perhaps within config file? debug('generate a new key'); // if (this.configOptions.forceEnhancedLegacySignature) { this.secret = generateRandomSecretKey(); } else { this.secret = this.security.enhancedLegacySignature === true ? generateRandomSecretKey() : generateRandomHexString(32); // set this to false allow use old token signature and is not recommended // only use for migration reasons, major release will remove this property and // set it by default if (this.security.enhancedLegacySignature === false) { warningUtils.emit(Codes.VERWAR005); } } debug('generated a new secret key %s', this.secret?.length); return this.secret; } } export { Config };