Merge branch 'master' into feature/trust-ca-cert

Author: adrum

cli/Valet/Brew.php

@@ -292,7 +292,7 @@ function ($version) use ($resolvedPhpVersion) {
      *
      * @param  string|null  $phpVersion  For example, "php@8.1"
      */
-    public function getPhpExecutablePath(string $phpVersion = null): string
+    public function getPhpExecutablePath(?string $phpVersion = null): string
     {
         if (! $phpVersion) {
             return BREW_PREFIX.'/bin/php';

cli/Valet/CommandLine.php

@@ -33,23 +33,23 @@ public function passthru(string $command): void
     /**
      * Run the given command as the non-root user.
      */
-    public function run(string $command, callable $onError = null): string
+    public function run(string $command, ?callable $onError = null): string
     {
         return $this->runCommand($command, $onError);
     }
 
     /**
      * Run the given command.
      */
-    public function runAsUser(string $command, callable $onError = null): string
+    public function runAsUser(string $command, ?callable $onError = null): string
     {
         return $this->runCommand('sudo -u "'.user().'" '.$command, $onError);
     }
 
     /**
      * Run the given command.
      */
-    public function runCommand(string $command, callable $onError = null): string
+    public function runCommand(string $command, ?callable $onError = null): string
     {
         $onError = $onError ?: function () {
         };

cli/Valet/Expose.php

@@ -11,7 +11,7 @@ public function __construct(public Composer $composer, public CommandLine $cli)
     {
     }
 
-    public function currentTunnelUrl(string $domain = null): ?string
+    public function currentTunnelUrl(?string $domain = null): ?string
     {
         $endpoint = 'http://127.0.0.1:4040/api/tunnels';
 

cli/Valet/Filesystem.php

@@ -19,7 +19,7 @@ public function isDir(string $path): bool
     /**
      * Create a directory.
      */
-    public function mkdir(string $path, string $owner = null, int $mode = 0755): void
+    public function mkdir(string $path, ?string $owner = null, int $mode = 0755): void
     {
         mkdir($path, $mode, true);
 
@@ -31,7 +31,7 @@ public function mkdir(string $path, string $owner = null, int $mode = 0755): voi
     /**
      * Ensure that the given directory exists.
      */
-    public function ensureDirExists(string $path, string $owner = null, int $mode = 0755): void
+    public function ensureDirExists(string $path, ?string $owner = null, int $mode = 0755): void
     {
         if (! $this->isDir($path)) {
             $this->mkdir($path, $owner, $mode);
@@ -49,7 +49,7 @@ public function mkdirAsUser(string $path, int $mode = 0755): void
     /**
      * Touch the given path.
      */
-    public function touch(string $path, string $owner = null): string
+    public function touch(string $path, ?string $owner = null): string
     {
         touch($path);
 
@@ -87,7 +87,7 @@ public function get(string $path): string
     /**
      * Write to the given file.
      */
-    public function put(string $path, string $contents, string $owner = null): void
+    public function put(string $path, string $contents, ?string $owner = null): void
     {
         file_put_contents($path, $contents);
 
@@ -107,7 +107,7 @@ public function putAsUser(string $path, ?string $contents): void
     /**
      * Append the contents to the given file.
      */
-    public function append(string $path, string $contents, string $owner = null): void
+    public function append(string $path, string $contents, ?string $owner = null): void
     {
         file_put_contents($path, $contents, FILE_APPEND);
 

cli/Valet/Ngrok.php

@@ -20,7 +20,7 @@ public function __construct(public CommandLine $cli, public Brew $brew)
     /**
      * Get the current tunnel URL from the Ngrok API.
      */
-    public function currentTunnelUrl(string $domain = null): string
+    public function currentTunnelUrl(?string $domain = null): string
     {
         // wait a second for ngrok to start before attempting to find available tunnels
         sleep(1);
@@ -51,20 +51,30 @@ public function currentTunnelUrl(string $domain = null): string
     }
 
     /**
-     * Find the HTTP tunnel URL from the list of tunnels.
+     * Find the HTTP/HTTPS tunnel URL from the list of tunnels.
      */
     public function findHttpTunnelUrl(array $tunnels, string $domain): ?string
     {
+        $httpTunnel = null;
+        $httpsTunnel = null;
+
         // If there are active tunnels on the Ngrok instance we will spin through them and
         // find the one responding on HTTP. Each tunnel has an HTTP and a HTTPS address
-        // but for local dev purposes we just desire the plain HTTP URL endpoint.
+        // if no HTTP tunnel is found we will return the HTTPS tunnel as a fallback.
+
+        // Iterate through tunnels to find both HTTP and HTTPS tunnels
         foreach ($tunnels as $tunnel) {
-            if ($tunnel->proto === 'http' && strpos($tunnel->config->addr, strtolower($domain))) {
-                return $tunnel->public_url;
+            if (stripos($tunnel->config->addr, $domain)) {
+                if ($tunnel->proto === 'http') {
+                    $httpTunnel = $tunnel->public_url;
+                } elseif ($tunnel->proto === 'https') {
+                    $httpsTunnel = $tunnel->public_url;
+                }
             }
         }
 
-        return null;
+        // Return HTTP tunnel if available; HTTPS tunnel if not; null if neither
+        return $httpTunnel ?? $httpsTunnel;
     }
 
     /**

cli/Valet/PhpFpm.php

@@ -102,7 +102,7 @@ public function createConfigurationFiles(string $phpVersion): void
     /**
      * Restart the PHP FPM process (if one specified) or processes (if none specified).
      */
-    public function restart(string $phpVersion = null): void
+    public function restart(?string $phpVersion = null): void
     {
         $this->brew->restartService($phpVersion ?: $this->utilizedPhpVersions());
     }
@@ -122,7 +122,7 @@ public function stop(): void
     /**
      * Get the path to the FPM configuration file for the current PHP version.
      */
-    public function fpmConfigPath(string $phpVersion = null): string
+    public function fpmConfigPath(?string $phpVersion = null): string
     {
         if (! $phpVersion) {
             $phpVersion = $this->brew->linkedPhp();
@@ -152,7 +152,7 @@ public function stopRunning(): void
     /**
      * Stop a given PHP version, if that specific version isn't being used globally or by any sites.
      */
-    public function stopIfUnused(string $phpVersion = null): void
+    public function stopIfUnused(?string $phpVersion = null): void
     {
         if (! $phpVersion) {
             return;
@@ -305,7 +305,7 @@ public function validateRequestedVersion(string $version): string
     /**
      * Get FPM sock file name for a given PHP version.
      */
-    public static function fpmSockName(string $phpVersion = null): string
+    public static function fpmSockName(?string $phpVersion = null): string
     {
         $versionInteger = preg_replace('~[^\d]~', '', $phpVersion);
 

cli/Valet/Site.php

@@ -189,7 +189,7 @@ public function getSiteUrl(string $directory): string
     /**
      * Identify whether a site is for a proxy by reading the host name from its config file.
      */
-    public function getProxyHostForSite(string $site, string $configContents = null): ?string
+    public function getProxyHostForSite(string $site, ?string $configContents = null): ?string
     {
         $siteConf = $configContents ?: $this->getSiteConfigFileContents($site);
 
@@ -208,7 +208,7 @@ public function getProxyHostForSite(string $site, string $configContents = null)
     /**
      * Get the contents of the configuration for the given site.
      */
-    public function getSiteConfigFileContents(string $site, string $suffix = null): ?string
+    public function getSiteConfigFileContents(string $site, ?string $suffix = null): ?string
     {
         $config = $this->config->read();
         $suffix = $suffix ?: '.'.$config['tld'];
@@ -220,7 +220,7 @@ public function getSiteConfigFileContents(string $site, string $suffix = null):
     /**
      * Get all certificates from config folder.
      */
-    public function getCertificates(string $path = null): Collection
+    public function getCertificates(?string $path = null): Collection
     {
         $path = $path ?: $this->certificatesPath();
 
@@ -284,7 +284,7 @@ public function getSites(string $path, Collection $certs): Collection
     /**
      * Unlink the given symbolic link.
      */
-    public function unlink(string $name = null): string
+    public function unlink(?string $name = null): string
     {
         $name = $this->getSiteLinkName($name);
 
@@ -442,8 +442,7 @@ public function secured(): array
     public function securedWithDates(): array
     {
         return collect($this->secured())->map(function ($site) {
-
-            $filePath = $this->certificatesPath() . '/' . $site . '.crt';
+            $filePath = $this->certificatesPath().'/'.$site.'.crt';
 
             $expiration = $this->cli->run("openssl x509 -enddate -noout -in $filePath");
 
@@ -473,7 +472,7 @@ public function isSecured(string $site): bool
      *
      * @see https://github.com/cabforum/servercert/blob/main/docs/BR.md
      */
-    public function secure(string $url, string $siteConf = null, int $certificateExpireInDays = 396, int $caExpireInYears = 20): void
+    public function secure(string $url, ?string $siteConf = null, int $certificateExpireInDays = 396, int $caExpireInYears = 20): void
     {
         // Extract in order to later preserve custom PHP version config when securing
         $phpVersion = $this->customPhpVersion($url);
@@ -511,7 +510,7 @@ public function renew($expireIn): void
 
             $this->secure($url, null, $expireIn);
 
-            info('The [' . $url . '] site has been secured with a fresh TLS certificate.');
+            info('The ['.$url.'] site has been secured with a fresh TLS certificate.');
         });
     }
 
@@ -669,11 +668,14 @@ public function buildCertificateConf(string $path, string $url): void
     /**
      * Build the TLS secured Nginx server for the given URL.
      */
-    public function buildSecureNginxServer(string $url, string $siteConf = null): string
+    public function buildSecureNginxServer(string $url, ?string $siteConf = null): string
     {
         if ($siteConf === null) {
+            $nginxVersion = str_replace('nginx version: nginx/', '', exec('nginx -v 2>&1'));
+            $configFile = version_compare($nginxVersion, '1.25.1', '>=') ? 'secure.valet.conf' : 'secure.valet-legacy.conf';
+
             $siteConf = $this->replaceOldLoopbackWithNew(
-                $this->files->getStub('secure.valet.conf'),
+                $this->files->getStub($configFile),
                 'VALET_LOOPBACK',
                 $this->valetLoopback()
             );
@@ -815,8 +817,11 @@ public function proxyCreate(string $url, string $host, bool $secure = false): vo
                 $proxyUrl .= '.'.$tld;
             }
 
+            $nginxVersion = str_replace('nginx version: nginx/', '', exec('nginx -v 2>&1'));
+            $configFile = version_compare($nginxVersion, '1.25.1', '>=') ? 'secure.proxy.valet.conf' : 'secure.proxy.valet-legacy.conf';
+
             $siteConf = $this->replaceOldLoopbackWithNew(
-                $this->files->getStub($secure ? 'secure.proxy.valet.conf' : 'proxy.valet.conf'),
+                $this->files->getStub($secure ? $configFile : 'proxy.valet.conf'),
                 'VALET_LOOPBACK',
                 $this->valetLoopback()
             );
@@ -984,31 +989,31 @@ public function plistPath(): string
     /**
      * Get the path to Nginx site configuration files.
      */
-    public function nginxPath(string $additionalPath = null): string
+    public function nginxPath(?string $additionalPath = null): string
     {
         return $this->valetHomePath().'/Nginx'.($additionalPath ? '/'.$additionalPath : '');
     }
 
     /**
      * Get the path to the linked Valet sites.
      */
-    public function sitesPath(string $link = null): string
+    public function sitesPath(?string $link = null): string
     {
         return $this->valetHomePath().'/Sites'.($link ? '/'.$link : '');
     }
 
     /**
      * Get the path to the Valet CA certificates.
      */
-    public function caPath(string $caFile = null): string
+    public function caPath(?string $caFile = null): string
     {
         return $this->valetHomePath().'/CA'.($caFile ? '/'.$caFile : '');
     }
 
     /**
      * Get the path to the Valet TLS certificates.
      */
-    public function certificatesPath(string $url = null, string $extension = null): string
+    public function certificatesPath(?string $url = null, ?string $extension = null): string
     {
         $url = $url ? '/'.$url : '';
         $extension = $extension ? '.'.$extension : '';
@@ -1092,7 +1097,7 @@ public function replaceSockFile(string $siteConf, string $phpVersion): string
     /**
      * Get configuration items defined in .valetrc for a site.
      */
-    public function valetRc(string $siteName, string $cwd = null): array
+    public function valetRc(string $siteName, ?string $cwd = null): array
     {
         if ($cwd) {
             $path = $cwd.'/.valetrc';
@@ -1118,7 +1123,7 @@ public function valetRc(string $siteName, string $cwd = null): array
     /**
      * Get PHP version from .valetrc or .valetphprc for a site.
      */
-    public function phpRcVersion(string $siteName, string $cwd = null): ?string
+    public function phpRcVersion(string $siteName, ?string $cwd = null): ?string
     {
         if ($cwd) {
             $oldPath = $cwd.'/.valetphprc';

cli/app.php

@@ -280,7 +280,7 @@ function (ConsoleCommandEvent $event) {
      * Display all of the currently secured sites.
      */
     $app->command('secured [--expiring] [--days=]', function (OutputInterface $output, $expiring = null, $days = 60) {
-        $now = (new Datetime())->add(new DateInterval('P' . $days . 'D'));
+        $now = (new Datetime())->add(new DateInterval('P'.$days.'D'));
         $sites = collect(Site::securedWithDates())
             ->when($expiring, fn ($collection) => $collection->filter(fn ($row) => $row['exp'] < $now))
             ->map(function ($row) {

cli/includes/helpers.php

@@ -32,7 +32,7 @@
 /**
  * Set or get a global console writer.
  */
-function writer(OutputInterface $writer = null): OutputInterface|\NullWriter|null
+function writer(?OutputInterface $writer = null): OutputInterface|\NullWriter|null
 {
     $container = Container::getInstance();
 

cli/stubs/etc-phpfpm-valet.conf

@@ -24,3 +24,9 @@ pm.start_servers = 2
 pm.min_spare_servers = 1
 pm.max_spare_servers = 3
 
+;; these are an attempt to mitigate 502 errors caused by segfaults in upstream processes caused by krb5 v1.21 added in June 2023 to php's core build. Ref Issue #1433
+; for gettext
+env['LC_ALL'] = C
+; for postgres
+env['PGGSSENCMODE'] = disable
+