NuGet-Server: A Lightweight, Self-Hosted Package Repository for Modern .NET Development

For .NET developers managing internal libraries, proprietary components, or CI/CD artifacts, maintaining a private NuGet repository is essential—yet traditional solutions often demand complex infrastructure. Enter nuget-server: A minimalist, open-source NuGet v3 server built on Node.js that strips away complexity while delivering enterprise-grade features.

Why This Solves Real Workflow Pain Points

Unlike heavyweight alternatives requiring databases or commercial licenses, nuget-server leverages the filesystem for storage—eliminating database management while ensuring straightforward backups via simple archiving. Its standout features address critical gaps in the OSS ecosystem:

# Start a fully functional server in 10 seconds
npm install -g nuget-server
nuget-server --port 3000

• Zero-Config V3 Protocol Compliance: Seamlessly integrates with dotnet restore, Visual Studio, and NuGet CLI via /v3/index.json endpoint
• Filesystem-First Storage: Packages stored in hierarchical directories (e.g., packages/MyLib/1.0.0/MyLib.nupkg), enabling atomic operations and direct filesystem backups
• Granular Authentication: Modes range from open access (none) to publish-only (publish) or fully locked (full), with zxcvbn-powered password strength enforcement
• API Key Separation: Distinct UI passwords from machine-readable API keys for secure CI/CD integration

Docker-Optimized Deployment

Pre-built multi-architecture images (linux/amd64, linux/arm64) simplify cloud-native deployments. Permission-aware volume mounts ensure security:

# docker-compose.yml
docker run -d -p 5963:5963 \
  -v ./data:/data \
  -v ./packages:/packages \
  kekyo/nuget-server:latest

Critical for production: The container runs as non-root user (UID 1001), requiring explicit directory permissions to avoid "500 Permission Denied" errors during publishes.

Enterprise-Grade Extras

• Reverse Proxy Ready: Configurable baseUrl and trustedProxies support load-balanced, TLS-terminated deployments
• Package Migration Tool: CLI-based importer transfers entire repositories from external sources (supports authenticated sources)
• Admin Web UI: Browser interface for user management, API key rotation, and bulk .nupkg uploads via drag-and-drop

Authentication Deep Dive

Security-conscious teams can enforce policies via config.json:

{
  "authMode": "publish",
  "passwordMinScore": 3, // Requires "Strong" passwords
  "sessionSecret": "$(openssl rand -base64 32)"
}

Initial admin setup uses CLI interactivity or environment variables for automation:

export NUGET_SERVER_ADMIN_PASSWORD="$SECURE_PWD"
nuget-server --auth-init --config-file ./config.json

When to Choose NuGet-Server

This solution shines for:
- Small/mid-size teams needing ephemeral testing repositories
- Air-gapped environments requiring offline package sources
- CI/CD pipelines demanding lightweight, scriptable package hosting
- Projects avoiding cloud vendor lock-in

Though not designed for massive-scale package hosting (lacking advanced search or sharding), its simplicity fills a crucial niche. By reducing infrastructure overhead, it empowers developers to focus on shipping code—not managing package infrastructure.

Source: GitHub Repository