基于这个https://github.com/chovyy/npm-audit-proxy
在这种情况下,Nexus OSS v3 管理器运行在 Apache 反向代理之后。还需要从 https://registry.npmjs.org/-/npm/v1/security/audits/代理 npm 审计。
那么如何正确配置 Apache 以将 npm adit 调用传递给 https://registry.npmjs.org/-/npm/v1/security/audits/
1 回答
0
这个 Apache 配置适用于我的情况。
<VirtualHost 0.0.0.0:443>
ServerName nexus.corporate.domain
SSLEngine on
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1 -TLSv1.2
SSLHonorCipherOrder On
SSLCompression off
SSLCertificateFile /etc/ssl/localcerts/nexus/nexus.pem
SSLCertificateKeyFile /etc/ssl/localcerts/nexus/nexus.key
SSLCertificateChainFile /etc/ssl/localcerts/nexus/Local_Corporate_CA_chain.crt
SSLSessionTickets off
SSLProxyEngine On
ProxyPass /repository/npm-public/-/npm/v1/security/audits https://registry.npmjs.org/-/npm/v1/security/audits
ProxyPassReverse /repository/npm-public/-/npm/v1/security/audits https://registry.npmjs.org/-/npm/v1/security/audits
ProxyPass / http://127.0.0.1:8081/ nocanon
ProxyPassReverse / http://127.0.0.1:8081/
ProxyRequests Off
ProxyPreserveHost Off
AllowEncodedSlashes on
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"
<Proxy http://127.0.0.1:8081/*>
Order allow,deny
Allow from all
</Proxy>
ErrorLog /var/log/apache2/nexus_apache_error.log
CustomLog /var/log/apache2/nexus_apache_access.log common
</VirtualHost>
我有错误 Forbidde 403 但它是由ProxyPreserveHost on引起的。将其更改为ProxyPreserveHost 关闭
/repository/npm-public/是在 nexus 中创建的 npm 组类型存储库。 https://nexus.corporate.domain/repository/npm-public/
于 2021-08-12T12:28:41.300 回答