mirror of
https://github.com/laravel/valet.git
synced 2026-02-04 08:10:07 +01:00
Adding ability to create unsecure proxy.
This commit is contained in:
Mikaël Popowicz
@@ -651,9 +651,10 @@ function unsecureAll()
|
||||
*
|
||||
* @param string $url The domain name to serve
|
||||
* @param string $host The URL to proxy to, eg: http://127.0.0.1:8080
|
||||
* @param bool $unsecure
|
||||
* @return string
|
||||
*/
|
||||
function proxyCreate($url, $host)
|
||||
function proxyCreate($url, $host, $unsecure = false)
|
||||
{
|
||||
if (!preg_match('~^https?://.*$~', $host)) {
|
||||
throw new \InvalidArgumentException(sprintf('"%s" is not a valid URL', $host));
|
||||
@@ -664,7 +665,9 @@ function proxyCreate($url, $host)
|
||||
$url .= '.'.$tld;
|
||||
}
|
||||
|
||||
$siteConf = $this->files->get(__DIR__.'/../stubs/proxy.valet.conf');
|
||||
$siteConf = $this->files->get(
|
||||
$unsecure ? __DIR__.'/../stubs/proxy.valet.conf' : __DIR__.'/../stubs/secure.proxy.valet.conf'
|
||||
);
|
||||
|
||||
$siteConf = str_replace(
|
||||
['VALET_HOME_PATH', 'VALET_SERVER_PATH', 'VALET_STATIC_PREFIX', 'VALET_SITE', 'VALET_PROXY_HOST'],
|
||||
@@ -672,9 +675,15 @@ function proxyCreate($url, $host)
|
||||
$siteConf
|
||||
);
|
||||
|
||||
$this->secure($url, $siteConf);
|
||||
if ($unsecure) {
|
||||
$this->put($url, $siteConf);
|
||||
} else {
|
||||
$this->secure($url, $siteConf);
|
||||
}
|
||||
|
||||
info('Valet will now proxy [https://'.$url.'] traffic to ['.$host.'].');
|
||||
$protocol = $unsecure ? 'http' : 'https';
|
||||
|
||||
info('Valet will now proxy ['.$protocol.'://'.$url.'] traffic to ['.$host.'].');
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -696,6 +705,24 @@ function proxyDelete($url)
|
||||
info('Valet will no longer proxy [https://'.$url.'].');
|
||||
}
|
||||
|
||||
/**
|
||||
* Put the given host.
|
||||
*
|
||||
* @param string $url
|
||||
* @param string $siteConf pregenerated Nginx config file contents
|
||||
* @return void
|
||||
*/
|
||||
function put($url, $siteConf)
|
||||
{
|
||||
$this->unsecure($url);
|
||||
|
||||
$this->files->ensureDirExists($this->nginxPath(), user());
|
||||
|
||||
$this->files->putAsUser(
|
||||
$this->nginxPath($url), $siteConf
|
||||
);
|
||||
}
|
||||
|
||||
function valetHomePath()
|
||||
{
|
||||
return VALET_HOME_PATH;
|
||||
|
||||
@@ -3,16 +3,9 @@
|
||||
server {
|
||||
listen 127.0.0.1:80;
|
||||
server_name VALET_SITE www.VALET_SITE *.VALET_SITE;
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 127.0.0.1:443 ssl http2;
|
||||
server_name VALET_SITE www.VALET_SITE *.VALET_SITE;
|
||||
root /;
|
||||
charset utf-8;
|
||||
client_max_body_size 128M;
|
||||
http2_push_preload on;
|
||||
|
||||
location /VALET_STATIC_PREFIX/ {
|
||||
internal;
|
||||
@@ -20,9 +13,6 @@ server {
|
||||
try_files $uri $uri/;
|
||||
}
|
||||
|
||||
ssl_certificate "VALET_CERT";
|
||||
ssl_certificate_key "VALET_KEY";
|
||||
|
||||
access_log off;
|
||||
error_log "VALET_HOME_PATH/Log/VALET_SITE-error.log";
|
||||
|
||||
|
||||
89
cli/stubs/secure.proxy.valet.conf
Normal file
89
cli/stubs/secure.proxy.valet.conf
Normal file
@@ -0,0 +1,89 @@
|
||||
# valet stub: secure.proxy.valet.conf
|
||||
|
||||
server {
|
||||
listen 127.0.0.1:80;
|
||||
server_name VALET_SITE www.VALET_SITE *.VALET_SITE;
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 127.0.0.1:443 ssl http2;
|
||||
server_name VALET_SITE www.VALET_SITE *.VALET_SITE;
|
||||
root /;
|
||||
charset utf-8;
|
||||
client_max_body_size 128M;
|
||||
http2_push_preload on;
|
||||
|
||||
location /VALET_STATIC_PREFIX/ {
|
||||
internal;
|
||||
alias /;
|
||||
try_files $uri $uri/;
|
||||
}
|
||||
|
||||
ssl_certificate "VALET_CERT";
|
||||
ssl_certificate_key "VALET_KEY";
|
||||
|
||||
access_log off;
|
||||
error_log "VALET_HOME_PATH/Log/VALET_SITE-error.log";
|
||||
|
||||
error_page 404 "VALET_SERVER_PATH";
|
||||
|
||||
location / {
|
||||
proxy_pass VALET_PROXY_HOST;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Client-Verify SUCCESS;
|
||||
proxy_set_header X-Client-DN $ssl_client_s_dn;
|
||||
proxy_set_header X-SSL-Subject $ssl_client_s_dn;
|
||||
proxy_set_header X-SSL-Issuer $ssl_client_i_dn;
|
||||
proxy_set_header X-NginX-Proxy true;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_http_version 1.1;
|
||||
proxy_read_timeout 1800;
|
||||
proxy_connect_timeout 1800;
|
||||
chunked_transfer_encoding on;
|
||||
proxy_redirect off;
|
||||
proxy_buffering off;
|
||||
}
|
||||
|
||||
location ~ /\.ht {
|
||||
deny all;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 127.0.0.1:60;
|
||||
server_name VALET_SITE www.VALET_SITE *.VALET_SITE;
|
||||
root /;
|
||||
charset utf-8;
|
||||
client_max_body_size 128M;
|
||||
|
||||
add_header X-Robots-Tag 'noindex, nofollow, nosnippet, noarchive';
|
||||
|
||||
location /VALET_STATIC_PREFIX/ {
|
||||
internal;
|
||||
alias /;
|
||||
try_files $uri $uri/;
|
||||
}
|
||||
|
||||
access_log off;
|
||||
error_log "VALET_HOME_PATH/Log/VALET_SITE-error.log";
|
||||
|
||||
error_page 404 "VALET_SERVER_PATH";
|
||||
|
||||
location / {
|
||||
proxy_pass VALET_PROXY_HOST;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
}
|
||||
|
||||
location ~ /\.ht {
|
||||
deny all;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -183,9 +183,9 @@
|
||||
/**
|
||||
* Create an Nginx proxy config for the specified domain
|
||||
*/
|
||||
$app->command('proxy domain host', function ($domain, $host) {
|
||||
$app->command('proxy domain host [--unsecure]', function ($domain, $host, $unsecure) {
|
||||
|
||||
Site::proxyCreate($domain, $host);
|
||||
Site::proxyCreate($domain, $host, $unsecure);
|
||||
Nginx::restart();
|
||||
|
||||
})->descriptions('Create an Nginx proxy site for the specified host. Useful for docker, mailhog etc.');
|
||||
|
||||
@@ -382,6 +382,40 @@ public function test_add_proxy()
|
||||
}
|
||||
|
||||
|
||||
public function test_add_non_secure_proxy()
|
||||
{
|
||||
$config = Mockery::mock(Configuration::class);
|
||||
$config->shouldReceive('read')
|
||||
->andReturn(['tld' => 'test']);
|
||||
|
||||
swap(Configuration::class, $config);
|
||||
|
||||
swap(CommandLine::class, resolve(CommandLineFake::class));
|
||||
|
||||
/** @var FixturesSiteFake $site */
|
||||
$site = resolve(FixturesSiteFake::class);
|
||||
|
||||
$site->useOutput();
|
||||
|
||||
$site->assertCertificateNotExists('my-new-proxy.com.test');
|
||||
$site->assertNginxNotExists('my-new-proxy.com.test');
|
||||
|
||||
$site->proxyCreate('my-new-proxy.com', 'http://127.0.0.1:9443', true);
|
||||
|
||||
$site->assertCertificateNotExists('my-new-proxy.com.test');
|
||||
$site->assertNginxExists('my-new-proxy.com.test');
|
||||
|
||||
$this->assertEquals([
|
||||
'my-new-proxy.com' => [
|
||||
'site' => 'my-new-proxy.com',
|
||||
'secured' => '',
|
||||
'url' => 'http://my-new-proxy.com.test',
|
||||
'path' => 'http://127.0.0.1:9443',
|
||||
],
|
||||
], $site->proxies()->all());
|
||||
}
|
||||
|
||||
|
||||
public function test_add_proxy_clears_previous_proxy_certificate()
|
||||
{
|
||||
$config = Mockery::mock(Configuration::class);
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
# valet stub: proxy.valet.conf
|
||||
# valet stub: secure.proxy.valet.conf
|
||||
|
||||
server {
|
||||
listen 127.0.0.1:80;
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
# valet stub: proxy.valet.conf
|
||||
# valet stub: secure.proxy.valet.conf
|
||||
|
||||
server {
|
||||
listen 127.0.0.1:80;
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
# valet stub: proxy.valet.conf
|
||||
# valet stub: secure.proxy.valet.conf
|
||||
|
||||
server {
|
||||
listen 127.0.0.1:80;
|
||||
|
||||
Reference in New Issue
Block a user