Menu
Free Pack
Download BuildMaster Free Trial

How To Easily Set Up a Private NuGet Server For Your NuGet Packages For Free

by Eric Seng, on Jun 27, 2021 5:00:00 PM

Private NuGet (2)

When you store your NuGet packages on a public third-party platform like NuGet you are choosing convenience while sacrificing three critical elements:

  • Control
  • Security 
  • Access

When a third-party owns and curates your packages, your team’s unrestricted packages access can introduce major problems into your code. And the third-party NuGet Gallery cannot keep your private packages private.

While setting a basic NuGet server (like NuGet.Server) is possible, it's almost useless for larger teams/IT organizations since it only supports a single feed. 

Below I'll outline how to set up your own private NuGet server using ProGet for free that allows multiple feeds, enables managers to control access, caches locally, and much more. 

Set Up Your Private NuGet Server: Free, Fast, Easy

Step 1: Install ProGet

Download ProGet, which will install the lightweight Inedo Hub. Depending on your Internet connection, you can have ProGet installed in as little as two minutes. Don’t have a license key? Let ProGet know when you install, and you’ll be prompted to create one after installation. And don't worry about extra costs: you can create as many NuGet feeds as you want in the free-forever version of ProGet.

Step 2: Create a “Private” Feed

Navigate to “Feeds” and add a new feed. Name it and select “Private.” Once you click, “Create Feed,” you can upload your scripts to your heart’s content.

nuget-internal-feed (002)

That's it! Take things to the next level by configuring security and access controls, vulnerability scanning, and more—all designed to keep your .NET5+ packages both safe and accessible.

Why Set Up a Private NuGet Server

Private NuGet server solutions like ProGet help you keep proprietary NuGet packages both private and easily accessible for internal use. ProGet provides a single home for all feeds, while still keeping them separate, and its access controls adds extra security. 

The list of benefits that come with having your own private NuGet server is long. You can read more about it here. But I'll quickly review some of the most important highlights here:

Quality Control

Keeping your proprietary production-ready and -unready packages totally separate help you stay organized and avoid human error introducing problems in Production. ProGet offers different NuGet feed-types to indicate package quality:

• Public (for third-party, production-unready packages)
• Private (for first-party packages)
• Validated (for approved, production-ready packages)

Access

When developers go to the NuGet Gallery and find a creative solution to solve a specific problem, they can inadvertently introduce new problems. Assign permissions to add security and reduce risk.

Feed-level privilege controls in ProGet give granular control over development assets. Plus, integrate with AD/LDAP to use existing teams and roles to define per-feed permissions.

ProGet can act as your NuGet proxy and get developers the packages they need while following organizational rules for security and privacy by letting management filter out unacceptable packages. ProGet can “stand in front of” NuGet as your proxy to get 100% of the NuGet packages you need with 0% direct contact with the site.

Package Promotion & Repackaging 

Promoting a package in ProGet copies a package between feeds in just three clicks. And a package promotion pipeline restricts the ‘promote to’ feed, adding an extra layer of privilege controls.

Using ProGet, you can also further indicate production-ready packages while keeping packages immutable with repackaging. Once a package has passed pre-release testing, ProGet lets you easily repackage it as release-quality—so that exactly what was tested goes to production.

Conclusion

Setting up your own private NuGet server for your NuGet packages is easy and free with ProGet. I only mentioned a few in this article, but the list of reasons to use ProGet as your private repository is long:

  • Control access
  • Increased security
  • Caching
  • Increased quality control
  • Vulnerability scanning
  • License detection and blocking
  • Deployment records
  • Etc. 

While the list of reasons to keep your packages public and stick with using NuGet.org is quite short:

  • It's convenient

Having a private NuGet server for your IT organization is the first step in solving (or preventing) your .NET development frustrations. 

Download ProGet For Free

Topics:.NET

Related Posts

About Inedo

Inedo is a software product company bringing you the "tech behind the tech."

Makers of Windows-first, enterprise DevOps tools BuildMaster CI/CD, ProGet private package management, and Otter IaC. Maximize developer time, minimize release risk, and empower stakeholders to bring their vision to life faster, all with the people and technology you have right now.

Follow us on social media

Follow Inedo on YouTube Follow Inedo on Facebook Follow Inedo Twitter New call-to-action

Free e-books

Free PowerShell Book NuGet for the Enterprise Guide Jenkins CICD Guide Free CICD Book Free dotnet book free IaC book