定制 ryoluo/sail-ssl 二次开发

按需修改功能、优化性能、对接业务系统,提供一站式技术支持

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

ryoluo/sail-ssl

Composer 安装命令:

composer require ryoluo/sail-ssl

包简介

Laravel Sail plugin to enable SSL (HTTPS) connection with Nginx.

README 文档

README

Version Downloads License Test

A Laravel Sail plugin that enables SSL (HTTPS) for your local development environment using an Nginx reverse proxy with self-signed certificates.

Table of Contents

How It Works

Sail-SSL adds an Nginx container to your Docker Compose setup that acts as an SSL-terminating reverse proxy:

Browser → https://localhost:443 → Nginx (SSL termination) → http://laravel.test → Laravel App

Running the sail-ssl:install command automatically adds an Nginx service to your docker-compose.yml. On container startup, a self-signed Root CA and server certificate are generated, enabling HTTPS access out of the box.

Requirements

  • Laravel Sail already set up in your project
  • Docker and Docker Compose installed

Installation

With Local PHP / Composer

composer require ryoluo/sail-ssl --dev
php artisan sail-ssl:install
./vendor/bin/sail up

With Sail Container

./vendor/bin/sail up -d
./vendor/bin/sail composer require ryoluo/sail-ssl --dev
./vendor/bin/sail artisan sail-ssl:install
./vendor/bin/sail down
./vendor/bin/sail up

Once the containers are running, you can access https://localhost.

Note: The sail-ssl:install command adds an Nginx service to your docker-compose.yml (or compose.yaml). If an nginx service already exists, the command will be skipped.

Update AppServiceProvider

Since the application runs behind an Nginx reverse proxy that handles SSL, Laravel needs to be configured to generate HTTPS URLs. Add URL::forceScheme('https') to the boot method of your AppServiceProvider:

use Illuminate\Support\Facades\URL;

public function boot(): void
{
    URL::forceScheme('https');
}

Without this setting, Laravel may generate HTTP URLs for assets, routes, etc., even though the site is served over HTTPS.

Trust the Certificate (Optional)

The plugin generates a local Root CA certificate to sign the server certificate. You can import the Root CA into your browser or OS to remove the security warning.

1. Copy the Root CA certificate to your host machine

./vendor/bin/sail cp nginx:/etc/nginx/certs/root-ca.crt .

2. Import the certificate

OS / Browser Steps
Chrome Settings > Privacy and Security > Security > Manage certificates > Authorities > Import
Firefox Settings > Privacy & Security > Security > View Certificates > Authorities > Import
macOS Double-click root-ca.crt to open Keychain Access, then set "Always Trust"
Windows Double-click root-ca.crt > Install Certificate > Place in "Trusted Root Certification Authorities"

Note: If you change SSL_DOMAIN or SSL_ALT_NAME, remove the Docker volume to regenerate certificates:

docker volume rm sail-nginx

Environment Variables

You can customize the behavior by setting the following environment variables in your .env file:

Variable Description Default
SERVER_NAME Value for the server_name directive in nginx.conf localhost
APP_SERVICE Laravel service name defined in docker-compose.yml laravel.test
HTTP_PORT Nginx HTTP port (requests to this port are redirected to SSL_PORT) 8000
SSL_PORT Nginx HTTPS port 443
SSL_DOMAIN Common Name (CN) for the SSL certificate (e.g. *.mydomain.test). Set this when using a domain other than localhost localhost
SSL_ALT_NAME Subject Alternative Name (SAN) for the SSL certificate (e.g. DNS:localhost,DNS:mydomain.test). Set this when using a domain other than localhost DNS:localhost

Custom Domain Example

To access your app via mydomain.test, add the following to your .env:

SERVER_NAME=mydomain.test
SSL_DOMAIN=mydomain.test
SSL_ALT_NAME=DNS:mydomain.test,DNS:localhost

Then add an entry to your hosts file (/etc/hosts on macOS/Linux, C:\Windows\System32\drivers\etc\hosts on Windows):

127.0.0.1 mydomain.test

Customize Nginx Configuration

You can publish the default Nginx configuration template to your project for customization:

php artisan sail-ssl:publish

This copies default.conf.template to ./nginx/templates/ in your project root and automatically updates the volume mount in docker-compose.yml.

You can use environment variables such as ${SERVER_NAME} and ${APP_SERVICE} directly in the template file.

Troubleshooting

Port Conflicts

If SSL_PORT or HTTP_PORT conflicts with another service, change them in your .env:

HTTP_PORT=8080
SSL_PORT=4443

Regenerate Certificates

Remove the Docker volume and restart the containers:

docker volume rm sail-nginx
./vendor/bin/sail up

Assets or Links Generated with HTTP

Make sure you have configured URL::forceScheme('https') in your AppServiceProvider. See Update AppServiceProvider for details.

Contributing

Pull requests are welcome! For bug reports and feature requests, please open an Issue.

License

MIT License

ryoluo/sail-ssl 适用场景与选型建议

ryoluo/sail-ssl 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 765.07k 次下载、GitHub Stars 达 189, 最近一次更新时间为 2022 年 06 月 07 日, 在 PHP 生态内属于活跃度较高的组件。

它主要适用于以下技术方向: 「laravel」 「ssl」 「nginx」 「docker」 「sail」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。

我们在过去多个企业项目中使用过 ryoluo/sail-ssl 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 ryoluo/sail-ssl 我们能提供哪些服务?
定制开发 / 二次开发

基于 ryoluo/sail-ssl 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 765.07k
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 189
  • 点击次数: 20
  • 依赖项目数: 1
  • 推荐数: 0

GitHub 信息

  • Stars: 189
  • Watchers: 2
  • Forks: 24
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2022-06-07