The server this is running on is behind a corporate firewall, and only has access out to this specific private registry, which also acts as a proxy out to the public npm registry (for packages that we don't have).

NPM itself is working fine; but when the node-gyp module is used, it tries to do a GET out to nodejs.org - gyp http GET https://nodejs.org/download/release/v9.11.2/node-v9.11.2-headers.tar.gz. That fails, because the system doesn't have access to reach that. Question is why isn't node-gyp using the registry that was defined in the npm config? Or do I have to setup a separate config for the headers to use a separate source?

Here is my npm config settings:

; cli configs
metrics-registry = "https://corporate/registry/"
scope = ""
user-agent = "npm/5.6.0 node/v9.11.2 linux x64"

; userconfig /home/user123/.npmrc
always-auth = true
cafile = "/home/user123/pub-cert.crt"
registry = "https://corporate/registry/"
sass_binary_path = "/root/linux-x64-59_binding.node"
strict-ssl = false