added example deployments

Author: mashpie

README.md

@@ -26,7 +26,18 @@ A security-focused npm registry proxy that protects your development environment
 - **Sharded Storage** - 2-character directory sharding for optimal filesystem performance
 - **Cache Monitoring** - `X-Cache` headers for performance insights
 
-## Pre-Built Docker
+## Docker Compose
+
+For production setups, check out some ready-to-use **Docker Compose** examples:
+
+- **[`single-nginx`](./examples/deployments/single-nginx/)** - Simple setup with nginx configuration
+- **[`single-redis`](./examples/deployments/single-redis/)** - High-performance caching with Redis
+- **[`single-traefik`](./examples/deployments/single-traefik/)** - Automatic HTTPS with Traefik
+- **[`multi-traefik-redis`](./examples/deployments/multi-traefik-redis/)** - Production cluster with load balancing
+
+See [`examples/deployments/`](./examples/deployments/) for detailed setup instructions.
+
+## Docker
 
 ### Quick Start
 
@@ -48,19 +59,10 @@ npm install lodash
 pnpm install lodash
 ```
 
-### Production Setup
+### General Production Setup
 
 For production or containerized environments, you should deploy NPG with persistent storage and custom configuration.
 
-**⚠️ Important for Production**: Always deploy NPG behind a reverse proxy (traefik, nginx, Cloudflare, etc.) that handles:
-- **TLS termination** for secure HTTPS connections
-- **Compression** (gzip/brotli) for optimal performance - this is critical for npm metadata. Missing compression can lead to very slow installs.
-- **Custom Domain & Path Setup** - e.g. `https://npg.yourdomain.com/npm` - this is crucial for rewriting URLs correctly for npm clients (esp. pnpm).
-
-For now, NPG itself serves uncompressed HTTP traffic and relies on the reverse proxy for these essential production features.
-
-> **Coming Soon**: Docker Compose examples for common production scenarios (traefik reverse proxy, Redis caching, multi-instance deployments) will be added to simplify deployment.
-
 #### 1. Create directories for persistent data
 ```bash
 mkdir -p npg-data/{storage,malware-list,etc}
@@ -109,6 +111,13 @@ pnpm install lodash
 - `STORAGE_DIR=/app/var/storage` - Storage directory (use Docker volumes)
 - `BLACKLIST_PATH=/app/etc/blacklist.yml` - Blacklist configuration path
 
+**⚠️ Important for Production**: Always deploy NPG behind a reverse proxy (traefik, nginx, Cloudflare, etc.) that handles:
+- **TLS termination** for secure HTTPS connections
+- **Compression** (gzip/brotli) for optimal performance - this is critical for npm metadata. Missing compression can lead to very slow installs.
+- **Custom Domain & Path Setup** - e.g. `https://npg.yourdomain.com/npm` - this is crucial for rewriting URLs correctly for npm clients (esp. pnpm).
+
+For now, NPG itself serves uncompressed HTTP traffic and relies on the reverse proxy for these essential production features.
+
 ## Configuration
 
 Configuration is managed through environment variables or a `.env` file:
@@ -277,8 +286,7 @@ Blocked packages return detailed security information:
 NPG is compatible with:
 - npm (all versions)
 - pnpm (all versions)
-- npm audit
-- npm search
+- yarn (all versions)
 - Private registries (configure `REGISTRY_URL`)
 - Scoped packages
 

examples/README.md

@@ -0,0 +1,83 @@
+# NPG Examples
+
+This directory contains configuration examples and deployment scenarios for NPG (Node Package Guard).
+
+## Contents
+
+### [`blacklist.yml`](./blacklist.yml)
+Example package blacklist configuration showing how to block malicious packages, specific versions, and suspicious patterns.
+
+### [`deployments/`](./deployments/)
+Docker Compose deployment examples for various scenarios:
+
+- **[`single-nginx/`](./deployments/single-nginx/)** - Simple NPG deployment with nginx configuration
+- **[`single-redis/`](./deployments/single-redis/)** - NPG with Redis cache for high performance
+- **[`single-traefik/`](./deployments/single-traefik/)** - NPG with Traefik proxy and automatic HTTPS
+- **[`multi-traefik-redis/`](./deployments/multi-traefik-redis/)** - Production cluster with multiple NPG instances, Redis cache, and Traefik load balancing
+
+## Quick Start
+
+Choose the deployment that fits your needs:
+
+### Simple Development Setup
+```bash
+cd examples/deployments/single-nginx
+docker compose up -d
+echo "registry=http://localhost:3000/npm/" >> ~/.npmrc
+npm install lodash  # Test it works
+```
+
+### High Performance with Redis
+```bash
+cd examples/deployments/single-redis
+docker compose up -d
+echo "registry=http://localhost:3000/npm/" >> ~/.npmrc
+npm install lodash  # Should be faster on subsequent installs
+```
+
+### Production with HTTPS
+```bash
+cd examples/deployments/single-traefik
+# Edit .env with your domain and email
+docker compose up -d
+echo "registry=https://npg.yourdomain.com/npm/" >> ~/.npmrc
+```
+
+### Enterprise Cluster
+```bash
+cd examples/deployments/multi-traefik-redis
+# Edit .env with your domain and email
+docker compose up -d  # Starts 3 NPG instances by default
+echo "registry=https://npg.yourdomain.com/npm/" >> ~/.npmrc
+```
+
+## Deployment Comparison
+
+| Feature | single-nginx | single-redis | single-traefik | multi-traefik-redis |
+|---------|--------------|--------------|----------------|------------|
+| **Complexity** | Simple | Medium | Medium | Advanced |
+| **Performance** | Basic | High | Basic | Highest |
+| **HTTPS** | Manual | Manual | Automatic | Automatic |
+| **Scaling** | Manual | Manual | Easy | Easy |
+| **Production Ready** | Partial | Partial | Yes | Yes |
+
+## Configuration Examples
+
+### Development .npmrc
+```
+registry=http://localhost:3000/npm/
+```
+
+### Production .npmrc
+```
+registry=https://npg.yourdomain.com/npm/
+```
+
+### Environment Variables
+Each deployment includes a `.env` file with example configuration. See [main config docs](../app/config.js) for all available options.
+
+## Getting Help
+
+- Check deployment-specific READMEs for detailed instructions
+- Review the main [NPG documentation](../README.md)
+- Report issues at [GitHub Issues](https://github.com/uscreen/npg/issues)

examples/deployments/README.md

@@ -0,0 +1,96 @@
+# NPG Deployment Examples
+
+This directory contains Docker Compose examples for deploying NPG (Node Package Guard) in various scenarios.
+
+## Available Deployments
+
+### [`single/`](./single/)
+**Simple standalone NPG deployment**
+- Single NPG container with persistent storage
+- Basic configuration for development/testing
+- No external dependencies
+- Perfect for local development or simple production setups
+
+### Coming Soon
+
+### `single+nginx/`
+**NPG with nginx reverse proxy**
+- NPG container behind nginx for SSL termination
+- Gzip compression for optimal performance
+- Custom domain and path configuration
+- Production-ready setup
+
+### `single+redis/`
+**NPG with Redis cache**
+- NPG container with Redis for metadata caching
+- Improved performance for high-traffic scenarios
+- Persistent Redis data
+- NPM changes polling enabled
+
+### `multi-instance/`
+**Load-balanced NPG deployment**
+- Multiple NPG instances behind a load balancer
+- Redis for shared caching
+- High availability setup
+- Horizontal scaling
+
+### `traefik/`
+**NPG with Traefik reverse proxy**
+- Automatic SSL certificates with Let's Encrypt
+- Service discovery and load balancing
+- Modern cloud-native deployment
+- Docker labels configuration
+
+### `k8s/`
+**Kubernetes deployment**
+- Helm charts for NPG deployment
+- Kubernetes-native configuration
+- Ingress controller setup
+- Persistent volumes and services
+
+## Quick Start
+
+1. **Choose your deployment scenario** from the directories above
+2. **Navigate to the directory** (e.g., `cd single/`)
+3. **Follow the README** in that directory for specific instructions
+4. **Customize as needed** for your environment
+
+## General Requirements
+
+- Docker and Docker Compose
+- At least 1GB RAM for NPG container
+- Persistent storage for package cache (recommended)
+- Network access to npmjs.org for package fetching
+
+## Security Considerations
+
+### For Production Deployments:
+
+- **Always use HTTPS** - Deploy behind a reverse proxy with SSL termination
+- **Enable compression** - Gzip/brotli compression is crucial for npm metadata performance
+- **Custom domain** - Use a dedicated domain/subdomain for NPG
+- **Firewall rules** - Restrict access to NPG ports as needed
+- **Regular updates** - Keep NPG image updated for security patches
+- **Monitor logs** - Set up log aggregation and monitoring
+
+### Network Configuration:
+
+```bash
+# Configure npm/pnpm to use your NPG proxy
+echo "registry=https://your-npg-domain.com/npm/" >> ~/.npmrc
+```
+
+## Performance Tips
+
+- **Use Redis caching** for high-traffic environments
+- **Enable compression** at the reverse proxy level
+- **Mount storage on fast disks** (SSD recommended)
+- **Monitor cache hit rates** via X-Cache headers
+- **Consider multiple instances** for load distribution
+
+## Support
+
+For deployment-specific questions:
+- Check the README in each deployment directory
+- Review the main [NPG documentation](../../README.md)
+- Report issues at [GitHub Issues](https://github.com/uscreen/npg/issues)

examples/deployments/multi-traefik-redis/.env

@@ -0,0 +1,48 @@
+# NPG Multi-Node Cluster Configuration
+# @see https://github.com/uscreen/npg/blob/main/app/config.js for all available options
+
+# Domain Configuration (REQUIRED)
+NPG_DOMAIN=npg.yourdomain.com
+ACME_EMAIL=admin@yourdomain.com
+
+# Optional: Traefik Dashboard Domain
+TRAEFIK_DOMAIN=traefik.yourdomain.com
+
+# NPG Configuration
+PROXY_URL=https://npg.yourdomain.com/npm
+
+# Redis Cache Configuration (optimized for cluster)
+ENABLE_REDIS_CACHE=true
+REDIS_HOST=redis
+REDIS_PORT=6379
+REDIS_MAX_MEMORY=1gb
+
+# NPM Changes Polling (enabled for cache invalidation)
+ENABLE_NPM_CHANGES_POLLER=true
+NPM_CHANGES_POLL_INTERVAL=5000
+NPM_CHANGES_BATCH_SIZE=500
+
+# Scaling and Resource Limits
+NPG_REPLICAS=3
+NPG_MAX_MEMORY=1gb
+
+# Server Configuration (defaults work for Docker networking)
+# HTTP_PORT=3000
+# HTTP_BIND=0.0.0.0
+# LOG_LEVEL=info
+
+# Upstream Registry Configuration (default: npmjs)
+# REGISTRY_URL=https://registry.npmjs.org
+# REGISTRY_POLL_URL=https://replicate.npmjs.com/registry
+
+# Storage Configuration (shared across all NPG instances)
+# STORAGE_DIR=/app/var/storage
+# BLACKLIST_PATH=/app/etc/blacklist.yml
+# MALWARE_LIST_DIR=/app/var/malware-list
+
+# Redis Configuration (optional customization)
+# REDIS_PASSWORD=
+# REDIS_DB=0
+
+# Malware Database Configuration (in ms, every 30 minutes)
+# UPDATE_INTERVAL=1800000