Valet secure && valet share not working properly

[RafaelPlantard]

I am trying to access the generated url by valet share on my iPhone but is not working.
Apparently it is only redirect to my valet local address, but that url is not available on the web, how can I fix it?

[adamwathan]

When you run valet share it will automatically copy the correct URL to your clipboard, something like:

http://04f7a6a8.ngrok.io

...which is accessible from anywhere.

[RafaelPlantard]

Yes, and the generation of the url is working properly, but when I access this url from my iphone then I am redirected to my https://shop.app that is my url in my mac computer, but my iPhone don't know where is https://shop.app, so I never see my lumen environment from my phone.
When I access ngrok.io url from my mac url is redirecting to https://shop.app and worked because in my mac I have valet link configured.
Should I do some change on my mac to work properly on iPhone devices?

[adamwathan]

Ah you are using valet secure on this site I assume? I don't think we have quite worked out how to use ngrok with valet share to a locally secured site, but I haven't personally looked into it yet.

[RafaelPlantard]

Man, you are amazing.
When I run valet unsecure shop && valet share and I tried access now in my iPhone, it's working now, even when I access the ngrok's urls with https://....
But the fact of not working when use valet secure is a bug?

[adamwathan]

Yeah we will need to figure out a way to support it, currently valet share is not supported on locally secured sites.

[RafaelPlantard]

Are there something that I can do for help solve it?

[adamwathan]

Sure! It seems like the change would need to happen somewhere in here:

https://github.com/laravel/valet/blob/master/valet#L35-L55

Would need to determine if the site has local https enabled, and figure out what the correct options to pass to ngrok should be to forward to the https version of the site.

I don't personally have any experience using ngrok and haven't worked on this part of the codebase before so that's the all of the information I have 😊

[RafaelPlantard]

Thanks for your tip, I will try figure out in this weekend and do a PR.
🎯

[drbyte]

@RafaelPlantard ... Just chiming in to say I ran into this same situation, and due to a time crunch didn't get around to looking at how to fix it.

I look forward to what you come up with!

[RafaelPlantard]

Guys (@drbyte, @adamwathan) trying doing the solution I realize two things:

The TLS tunnels are only for PRO:

Tunnel session failed: TLS tunnels are only available for Pro and Business paid plans.
Sign up at: https://ngrok.com/signup

If you have already signed up, make sure your authtoken is installed.
Your authtoken is available on your dashboard: https://dashboard.ngrok.com

The TLS tunnels are not a suitable solution for this case:

Hey Rafael -

Yeah, that means your application is redirecting to shop.app. 
Usually this means you need to instruct your application to accept requests from a
different hostname or at the very least to not issue a redirect. 
There's unfortunately not much ngrok can do to help with this

- alan
Founder, ngrok.com & equinox.io

So my solution consists in check if the current link to share is secured over TLS or not.
Whether it is, we will create an link without TLS and use this link on ngrok command, after all use on ngrok we just delete that link.

Can see the PR?

[hasusuf]

I found that valet creates separate Nginx configuration file for each .dev domain only when you decide to use Valet secure
then I was able to make Valet share work using https & http, after removing port 80 configuration section from the Nginx configuration file located in /Users/{$username}/.valet/Nginx/

No more, too many redirect after doing that and it works fine.

don't forget to do Valet restart after removing port 80 configuration section.

[RafaelPlantard]

Are you a monster @hasusuf ???? I will try it today.
Now, it's a good solution but when I opened this issue Valet was using Caddy. Remember

[hasusuf]

Excuse me @RafaelPlantard, I didn't notice that! 😄

[RafaelPlantard]

@hasusuf But this is a awesome point to the @adamwathan @drbyte

[RafaelPlantard]

Anyone know how can I install php71-memcached with Homebrew???

[drbyte]

@RafaelPlantard wrote
Anyone know how can I install php71-memcached with Homebrew???

That's kinda off-topic for Valet.

But if you're building a new Laravel app, I'd recommend using Redis instead of memcached. (Admittedly it's an age-old war about which one is best). But if you must install it, run brew install memcached (it's not specific to PHP).
Again, there are probably better forums to discuss using PHP with Redis or Memcached.

[RafaelPlantard]

The question is that I will need a php71 driver to memcached that apparently not exists to php71. But, thanks for your considerations, actually I'm working with PHP but in my own projects I'm using vapor (swift server side).

[RafaelPlantard]

Did you read this comment #148 (comment)?

[RafaelPlantard]

I was trying to use php71 + valet, but I was getting Bad Gateway 502 so I downgrade to php70 and valet 1.1.22.

[drbyte]

I'm using PHP 7.1 with Valet 2.03. No issues with Bad Gateway in normal use.

I ran into similar issue as @hasusuf with ngrok for a site that I had previously run valet secure on, but once converting it back to just port 80 ngrok works fine with valet share. Great for testing with mobile devices.

[RafaelPlantard]

@hasusuf Can you send a example of the change required at nginx conf file?

[PauBenetPrat]

Same issue as @RafaelPlantard. I had to downgrade! Did you finally solved???

[RafaelPlantard]

I uninstall completely all php70 from homebrew and install all php71 packages that I use (memcached, mongodb), before it, I stop and install a newer version of valet. And for my surprise it worked.

[onlinelaser]

So the way I've got valet secure to work with valet share is by configuring valet's installed ngrok instance to use my ngrok auth token.

You don't need a paid account with ngrok, you just need a free registered account.
With this you can get your Tunnel Authtoken from your ngrok dashboard and pass it through valet.

To then pass that Authtoken to the instance of ngrok installed by valet you can then do:
$ ~/.composer/vendor/laravel/valet/bin/ngrok authtoken <YOUR_AUTHTOKEN>
This is stored, so you only need to do it the once.

Workaround courtesy of https://joelennon.com/using-reserved-ngrok-subdomains-in-laravel-valet

[mcblum]

Did people eventually get this to work? The issue for us (and I believe for others) is that if you're running local https you need ngrox to map to port 80 for http and port 443 for https. Currently, when I run share I see both http and https pointing to port 80.

[mattstauffer]

Closing as it seems the core issue is resolved-ish.

@onlinelaser If that is a consistently predictable solution, it may (no guarantees!) be an interesting PR to the docs.

@mcblum If this is something you're actively pursuing and none of the discussions above help, could you open a new issue? This thread is a bit of a monster at the moment.

Thanks!

[mcblum]

@mattstauffer no worries dude - got it sorted. Basically, as stated above, you just have to modify the valet Nginx config to also serve the site on port 80. Its default behavior is to force a 301 on port 80 which breaks ngrok.

[ogoom]

@mattstauffer please how did you modify Nginx config, I can't seem to find anything related to port

[AndrewFeeney]

For @ogoom and anyone else who ended up here. To allow valet to serve the secure ngrok url over port 80 open the site's config which can be found at~/.valet/Nginx/mylocaldomain.test where mylocaldomain.test is the domain you normally use to access your site locally using valet without ngrok. Comment out (#) or delete the server block for port 80. In the port 443 server block, above the line that says listen 443 ssl http2;, add a line that says listen 80;.

i.e.

Change:

server {
    listen 80;
    server_name mytestdomain.test www.mytestdomain.test *.mytestdomain.test;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl http2;

To:

#server {
#    listen 80;
#    server_name mytestdomain.test www.mytestdomain.test *.mytestdomain.test;
#    return 301 https://$host$request_uri;
#}

server {
    listen 80;
    listen 443 ssl http2;

[sdbruder]

I have a proposal:
When an app/site is secure, instead of creating 2 server blocks, lets create 3. the current on port 80 redirecting to 443, the secure one on port 443 and a new one on port, say, 88 (any other port not 80 or 443 is ok) doing an usual non-SSL server block.

So the ngrok fix is now:
if site is secure redirect 88 else redirect 80

That probably fixes it and gets around the pro ngrok issue as we will be serving an usual http:// site, only not on the std issue port.

[sdbruder]

Made a implementation of that idea, submitted as a PR: #630