Verdaccio is a popular private repository which also has a repo for common configurations using docker-compose and kubernetes. There are a number of options for registration and authentication, including LDAP and gitlab and it has a number of configurations for putting a reverse proxy in front of verdaccio including apache httpd and nginx. You can also configure support for https via Let's Encrypt as well as a plugins directory for additional registry functionality.
There are some really useful docker-compose examples under https://github.com/verdaccio/docker-examples. The easiest for a local install is a single container set up using file storage and a hpasswd file, mounting the as volumes into the container and using docker-compose
This compose file assumes that the storage for packages will inside the directory where you run docker-compose from.
It acts as a proxy for npm, downloading any packages and caching them locally.
The only amendment I had to make relates to the fact that I run docker without using sudo. First I added my user to the docker group and switched into it (rather than log out/log in)
sudo usermod -a -G docker chanoch newgrp docker
I copied the folder structure according to the repo on github except for the htpasswd file which I created blank to avoid bringing in their example user. In my case I also added a user command to the docker-compose file and changed the group ownership of all the files to docker.
The user id here is mine (first user created in ubuntu) and the docker groups id (999)
If I was running this as a server, I would likely create a new docker user as well as using nginx as a reverse proxy and adding TLS via Let's encrypt. I would also amend the default configuration in config.yaml to allow authenticated users only to publish.
It would also be useful to implement a hook to notify a group each time a new library is published in order to carry out audits but that is for another day.