From b86812cc0e1148ce7a44bb65e0e7ad0e9326a549 Mon Sep 17 00:00:00 2001
From: Fred Carlsen <fred@sjelfull.no>
Date: Sat, 10 Mar 2018 15:16:21 +0100
Subject: [PATCH] =?UTF-8?q?Add=20=E2=80=94not-redirected=20argument=20to?=
 =?UTF-8?q?=20secure=20command?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This makes it possible to still access the site via http if it is secure

This touches #382, #148, #156, #504
---
 cli/Valet/Site.php                     | 23 ++++++++++++++++-------
 cli/stubs/redirect-unsecure.valet.conf |  5 +++++
 cli/stubs/secure.valet.conf            |  6 +-----
 cli/valet.php                          | 14 +++++++++-----
 4 files changed, 31 insertions(+), 17 deletions(-)
 create mode 100644 cli/stubs/redirect-unsecure.valet.conf

diff --git a/cli/Valet/Site.php b/cli/Valet/Site.php
index 0c5383512..2835aabad 100644
--- a/cli/Valet/Site.php
+++ b/cli/Valet/Site.php
@@ -176,10 +176,12 @@ function secured()
     /**
      * Secure the given host with TLS.
      *
-     * @param  string  $url
+     * @param  string $url
+     * @param bool    $notRedirected
+     *
      * @return void
      */
-    function secure($url)
+    function secure($url, $notRedirected = false)
     {
         $this->unsecure($url);
 
@@ -188,7 +190,7 @@ function secure($url)
         $this->createCertificate($url);
 
         $this->files->putAsUser(
-            VALET_HOME_PATH.'/Nginx/'.$url, $this->buildSecureNginxServer($url)
+            VALET_HOME_PATH.'/Nginx/'.$url, $this->buildSecureNginxServer($url, $notRedirected)
         );
     }
 
@@ -270,16 +272,23 @@ function buildCertificateConf($path, $url)
     /**
      * Build the TLS secured Nginx server for the given URL.
      *
-     * @param  string  $url
+     * @param  string $url
+     * @param bool    $notRedirected
+     *
      * @return string
      */
-    function buildSecureNginxServer($url)
+    function buildSecureNginxServer($url, $notRedirected = false)
     {
         $path = $this->certificatesPath();
+        $redirectStub = !$notRedirected ? str_replace(
+            ['VALET_SITE'],
+            [$url],
+            $this->files->get(__DIR__.'/../stubs/redirect-unsecure.valet.conf')
+        ) : '';
 
         return str_replace(
-            ['VALET_HOME_PATH', 'VALET_SERVER_PATH', 'VALET_STATIC_PREFIX', 'VALET_SITE', 'VALET_CERT', 'VALET_KEY'],
-            [VALET_HOME_PATH, VALET_SERVER_PATH, VALET_STATIC_PREFIX, $url, $path.'/'.$url.'.crt', $path.'/'.$url.'.key'],
+            ['VALET_REDIRECT_STUB', 'VALET_HOME_PATH', 'VALET_SERVER_PATH', 'VALET_STATIC_PREFIX', 'VALET_SITE', 'VALET_CERT', 'VALET_KEY'],
+            [$redirectStub, VALET_HOME_PATH, VALET_SERVER_PATH, VALET_STATIC_PREFIX, $url, $path.'/'.$url.'.crt', $path.'/'.$url.'.key'],
             $this->files->get(__DIR__.'/../stubs/secure.valet.conf')
         );
     }
diff --git a/cli/stubs/redirect-unsecure.valet.conf b/cli/stubs/redirect-unsecure.valet.conf
new file mode 100644
index 000000000..9012976d3
--- /dev/null
+++ b/cli/stubs/redirect-unsecure.valet.conf
@@ -0,0 +1,5 @@
+server {
+    listen 80;
+    server_name VALET_SITE www.VALET_SITE *.VALET_SITE;
+    return 301 https://$host$request_uri;
+}
diff --git a/cli/stubs/secure.valet.conf b/cli/stubs/secure.valet.conf
index 8471a8273..26d0240a8 100644
--- a/cli/stubs/secure.valet.conf
+++ b/cli/stubs/secure.valet.conf
@@ -1,8 +1,4 @@
-server {
-    listen 80;
-    server_name VALET_SITE www.VALET_SITE *.VALET_SITE;
-    return 301 https://$host$request_uri;
-}
+VALET_REDIRECT_STUB
 
 server {
     listen 443 ssl http2;
diff --git a/cli/valet.php b/cli/valet.php
index 5df055d04..2f215e865 100755
--- a/cli/valet.php
+++ b/cli/valet.php
@@ -93,7 +93,7 @@
     /**
      * Register a symbolic link with Valet.
      */
-    $app->command('link [name] [--secure]', function ($name, $secure) {
+    $app->command('link [name] [--secure] [--not-redirected]', function ($name, $secure, $notRedirected) {
         $linkPath = Site::link(getcwd(), $name = $name ?: basename(getcwd()));
 
         info('A ['.$name.'] symbolic link has been created in ['.$linkPath.'].');
@@ -101,7 +101,9 @@
         if ($secure) {
             $this->runCommand('secure '.$name);
         }
-    })->descriptions('Link the current working directory to Valet');
+    })->descriptions('Link the current working directory to Valet' [
+        '--not-redirected' => 'Make the site accessible via port 80'
+    ]);
 
     /**
      * Display all of the registered symbolic links.
@@ -124,17 +126,19 @@
     /**
      * Secure the given domain with a trusted TLS certificate.
      */
-    $app->command('secure [domain]', function ($domain = null) {
+    $app->command('secure [domain] [--not-redirected]', function ($domain = null, $notRedirected = null) {
         $url = ($domain ?: Site::host(getcwd())).'.'.Configuration::read()['domain'];
 
-        Site::secure($url);
+        Site::secure($url, $notRedirected);
 
         PhpFpm::restart();
 
         Nginx::restart();
 
         info('The ['.$url.'] site has been secured with a fresh TLS certificate.');
-    })->descriptions('Secure the given domain with a trusted TLS certificate');
+    })->descriptions('Secure the given domain with a trusted TLS certificate', [
+        '--not-redirected' => 'Make the site accessible via port 80'
+    ]);
 
     /**
      * Stop serving the given domain over HTTPS and remove the trusted TLS certificate.