repman

Repman - PHP Repository Manager: packagist proxy and host for private packages

519
106
PHP

Repman - PHP Repository Manager

Minimum PHP Version
Uptime Robot ratio (24h)
buddy pipeline
codecov
Hits-of-Code
Maintainability
Docker Pulls
License

Repman is a PHP repository manager. Main features:

  • free and open source
  • works as a proxy for packagist.org (speeds up your local builds)
  • hosts your private packages
  • allows to create individual access tokens
  • supports private package import from GitHub, GitLab and Bitbucket with one click
  • REST API
  • security scanner (with e-mail reports)

Documentation: https://repman.io/docs/

Requirements

  • PHP >= 7.4
  • PostgreSQL 11
  • var dir must be writeable
  • any web server

Installation

Docker

https://repman.io/docs/standalone/#docker-installation

Ansible

https://repman.io/docs/standalone/#ansible-playbooks-installation

Manual

git clone [email protected]:repman-io/repman.git
cd repman
composer install

Setup database:

bin/console doctrine:migrations:migrate #for postgres
bin/console doctrine:schema:create #for sqlite init as migrations are only postgres-compatible
bin/console messenger:setup-transports

Configuration

Mailer

To configure mailer transport, enter connection details in the MAILER_DSN environment variable

MAILER_DSN=smtp://user:[email protected]

Read more: transport setup

In addition, setup also MAILER_SENDER environment variable

[email protected]

Workers

To process messages asynchronously you must run worker:

bin/console messenger:consume async

Read more: deploying to production

Usage

Navigate your browser to instance address, you will see home page with usage instructions.

Local proxy

On dev env you may want to enable proxy to allow to create subdomains and tests composer organizations:

composer proxy-setup

This will create repman.wip domain. Then you can add other domains with:

symfony proxy:domain:attach your-organization.repman

CLI commands

  • bin/console repman:metadata:clear-cache - clear packages metadata cache (json files)
  • bin/console repman:create:admin <email> [<password>] - create a new user with admin privileges
  • bin/console repman:create:user <email> [<password>] - create a new (normal) user
  • bin/console repman:proxy:sync-releases - sync proxy releases with packagist.org
  • bin/console repman:security:scan-all - scan all synchronized packages
  • bin/console repman:security:update-db - update security advisories database, scan all packages if updated
  • bin/console repman:package:synchronize <packageId> - synchronize given package
  • bin/console repman:package:clear-old-dists - clear old private dev distributions files

API Integration

Callbacks:

  • /auth/{provider}/check
  • /register/{provider}/check
  • /user/token/{provider}/check

GitHub

Scopes:

  • registration: user:email
  • repositories: read:org, repo

GitLab

Scopes:

  • registration: read_user
  • repositories: api

Bitbucket

Scopes:

  • registration: email
  • repositories: repository, webhook

Self-hosted GitLab

To integrate with self-hosted GitLab, enter the instance url in the APP_GITLAB_API_URL environment variable

APP_GITLAB_API_URL='https://gitlab.organization.lan'

Docker

  • Override with docker-compose.override.yml if needed.
  • Set your domain (APP_HOST) in .env.docker.

If you wish to use your own certificate put key and certificate in:

  • docker/nginx/ssl/private/server.key
  • docker/nginx/ssl/certs/server.crt

Otherwise self-sign certificate will be generated.

To start all containers run:

docker-compose up

Support

In case of any problems, you can use:

License

The Repman project is licensed under the terms of the MIT.

However, Repman includes several third-party Open-Source libraries, which are licensed under their own respective Open-Source licenses.

Libraries or projects directly included in Repman

  • Tabler: MIT
  • Feather: MIT
  • Lucide: License: ISC
  • Postmark Transactional Email Templates: MIT
  • Libraries dynamically referenced via Composer: run composer license to get the latest licensing info about all dependencies.

made with ❤️ by Buddy