Closed mikepostma closed 4 years ago
This site can’t be reached cufm.test’s server IP address could not be found.
This suggests to me that you have a networking issue.
Normally dnsmasq would be providing the IP resolution. But if the browser is saying the IP address could not be found
then it suggests your Mac is unable to lookup the IP for the domain ... which suggests dnsmasq is not operating or is not being consulted for DNS queries.
Would you run valet diagnose
and paste the output of that in a separate reply?
After that, does running valet tld test
solve the problem? This is valet's default, but if part of the config for it has been damaged perhaps this might reset it.
Among other things, I'd be exploring:
brew services list
- what's it saying about dnsmasq? Should be running as root, with no errors
what are your system's resolvers set to? In System Preferences, Network, Wifi, DNS, what are the DNS Servers? If 127.0.0.1
is not there or not first in the list, do you have an intentional reason?
ping foo.test
- what's the output
You said this all started "2 days ago". What changed on your mac 2 days ago? Reboot? Software upgrades? Software installs? New apps? Removed apps?
does /private/etc/resolver/test
exist? what's in it? It should say nameserver 127.0.0.1
inside.
You could enable dnsmasq logging by creating /Users/mike/.config/dnsmasq.d/config-logging-on.conf
containing:
# specify a log file location
log-facility=/Users/mike/.config/valet/Logs/dnsmasq.log
## the following line enables logging
log-queries
(delete the file or rename it without a .conf
extension when you don't need logging anymore; the file gets large fast)
You could delete dnsmasq and let Valet reinstall it:
sudo brew services stop dnsmasq
brew remove dnsmasq
rm -rf /usr/local/etc/dnsmasq.conf /usr/local/etc/dnsmasq.d ~/config/valet/dnsmasq.d
valet install
valet tld test
Advanced tip taken from a Genius Bar employee when I had a very odd networking issue (nothing would connect anywhere) that absolutely all other tactics couldn't resolve: Go to System Preferences, Network, and in the Locations dropdown, note which one is selected currently, choose Edit, create a new one, and delete the prior one. Reboot. Sometimes this magically fixes the world. I wouldn't do it unless you need to, but since you said you have a current reliable backup it feels safe to try.
Thanks for all the great suggestions.
valet tld test
did not fix the issue, but I noticed that the error message in Chrome has shifted from:This site can’t be reached cufm.test’s server IP address could not be found. ERR_NAME_NOT_RESOLVED
to
This site can’t be reached cufm.test refused to connect. ERR_CONNECTION_REFUSED
Mind you, I didn't recheck just before running valet tld test
, so I'm not a 100% sure whether that command specifically caused the error message to change or if it was something else done before then.
brew services list
outputs:
Name Status User Plist
dnsmasq started root /Library/LaunchDaemons/homebrew.mxcl.dnsmasq.plist
nginx started root /Library/LaunchDaemons/homebrew.mxcl.nginx.plist
php started root /Library/LaunchDaemons/homebrew.mxcl.php.plist
The DNS Servers in System Preferences are set to:
127.0.0.1
1.1.1.1
1.0.0.1
Pinging any .test domain works fine:
[~]$ ping foo.test
PING foo.test (127.0.0.1): 56 data bytes
64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.031 ms
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.120 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.121 ms
64 bytes from 127.0.0.1: icmp_seq=3 ttl=64 time=0.218 ms
I first noticed the issue 2 days ago (Monday). The only thing that would've changed between Friday (when it was working) and then is the installation (and subsequent removal) of ExpressVPN. The uninstall was done using these instructions. Apologies for not mentioning that earlier, although having done a full wipe of the disk and Time Machine restore to 7 days ago should've gotten rid of any traces of it (in theory at least). I also have Private Internet Access as a VPN on this machine, but that's been there for years and has never caused on issue with Valet (either turned on or off).
/private/etc/resolver/test
exists and the contents are nameserver 127.0.0.1
dnsmasq logging outputs the following relevant lines:
Nov 4 15:36:42 dnsmasq[10176]: started, version 2.82 cachesize 150
Nov 4 15:36:42 dnsmasq[10176]: compile time options: IPv6 GNU-getopt no-DBus no-UBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack no-ipset auth no-DNSSEC loop-detect no-inotify dumpfile
Nov 4 15:36:42 dnsmasq[10176]: setting --bind-interfaces option because of OS limitations
Nov 4 15:36:42 dnsmasq[10176]: reading /etc/resolv.conf
Nov 4 15:36:42 dnsmasq[10176]: ignoring nameserver 127.0.0.1 - local interface
Nov 4 15:36:42 dnsmasq[10176]: using nameserver 1.1.1.1#53
Nov 4 15:36:42 dnsmasq[10176]: using nameserver 1.0.0.1#53
Nov 4 15:36:42 dnsmasq[10176]: read /etc/hosts - 4 addresses
...
Nov 4 15:37:05 dnsmasq[10176]: query[A] cufm.test from 127.0.0.1
Nov 4 15:37:05 dnsmasq[10176]: config cufm.test is 127.0.0.1
Nov 4 15:37:05 dnsmasq[10176]: query[AAAA] cufm.test from 127.0.0.1
Nov 4 15:37:05 dnsmasq[10176]: config cufm.test is NODATA-IPv6
Deleting dnsmasq and letting Valet reinstall it does not seem to make a difference.
I tried the "Locations" hack and was really hoping it would magically make things work, but unfortunately not. It didn't break anything else though, so no need to go back to the full backup.
Output from valet diagnose:
ProductName: Mac OS X ProductVersion: 10.15.7 BuildVersion: 19H2
Laravel Valet 2.12.0
{ "tld": "test", "paths": [ "/Users/mpostma/Sites" ] }
{ "repositories": [ { "type": "composer", "url": "https://packagist.org" }, { "packagist": false } ], "require": { "laravel/valet": "^2.12" } }
Changed current directory to /Users/mpostma/.composer Checking composer.json: WARNING No license specified, it is recommended to do so. For closed-source software you may use "proprietary" as license. Checking platform settings: OK Checking git settings: OK Checking http connectivity to packagist: OK Checking https connectivity to packagist: OK Checking github.com rate limit: OK Checking disk free space: OK Checking pubkeys: Tags Public Key Fingerprint: 57815BA2 7E54DC31 7ECC7CC5 573090D0 87719BA6 8F3BB723 4E5D42D0 84A14642 Dev Public Key Fingerprint: 4AC45767 E5EC2265 2F0C1167 CBBB8A2B 0C708369 153E328C AD90147D AFE50952 OK Checking composer version: OK Composer version: 2.0.4 PHP version: 7.4.12 PHP binary path: /usr/local/Cellar/php/7.4.12/bin/php OpenSSL version: OpenSSL 1.1.1h 22 Sep 2020 cURL version: 7.73.0 libz 1.2.11 ssl OpenSSL/1.1.1h zip extension: OK
Changed current directory to /Users/mpostma/.composer
total 0 drwxr-xr-x 2 root wheel 64 23 Aug 2019 . drwxr-xr-x 121 root wheel 3872 4 Nov 16:09 ..
HOMEBREW_VERSION: 2.5.8 ORIGIN: https://github.com/Homebrew/brew HEAD: 1c822206a05cd7fffe526b8e0fa2f45365be72a5 Last commit: 8 days ago Core tap ORIGIN: https://github.com/Homebrew/homebrew-core Core tap HEAD: cf5f5197a874af0cfdabd51cf56802d04263ca21 Core tap last commit: 45 minutes ago Core tap branch: master HOMEBREW_PREFIX: /usr/local HOMEBREW_CASK_OPTS: [] HOMEBREW_DISPLAY: /private/tmp/com.apple.launchd.IX4DLM4LUu/org.macosforge.xquartz:0 HOMEBREW_MAKE_JOBS: 8 Homebrew Ruby: 2.6.3 => /System/Library/Frameworks/Ruby.framework/Versions/2.6/usr/bin/ruby CPU: octa-core 64-bit haswell Clang: 12.0 build 1200 Git: 2.24.3 => /Library/Developer/CommandLineTools/usr/bin/git Curl: 7.64.1 => /usr/bin/curl Java: 1.8.0_92 macOS: 10.15.7-x86_64 CLT: 12.1.0.0.1.1602137645 Xcode: 12.1 XQuartz: 2.7.11 => /opt/X11
Name Status User Plist dnsmasq started root /Library/LaunchDaemons/homebrew.mxcl.dnsmasq.plist nginx started root /Library/LaunchDaemons/homebrew.mxcl.nginx.plist php started root /Library/LaunchDaemons/homebrew.mxcl.php.plist
curl-openssl 7.73.0 dnsmasq 2.82 nginx 1.19.4 openssl@1.1 1.1.1h php 7.4.12
PHP 7.4.12 (cli) (built: Oct 29 2020 18:37:21) ( NTS ) Copyright (c) The PHP Group Zend Engine v3.4.0, Copyright (c) Zend Technologies with Zend OPcache v7.4.12, Copyright (c), by Zend Technologies
/usr/local/bin/php /usr/bin/php
Configuration File (php.ini) Path: /usr/local/etc/php/7.4 Loaded Configuration File: /usr/local/etc/php/7.4/php.ini Scan for additional .ini files in: /usr/local/etc/php/7.4/conf.d Additional .ini files parsed: /usr/local/etc/php/7.4/conf.d/ext-opcache.ini, /usr/local/etc/php/7.4/conf.d/php-memory-limits.ini
nginx version: nginx/1.19.4
curl 7.64.1 (x86_64-apple-darwin19.0) libcurl/7.64.1 (SecureTransport) LibreSSL/2.8.3 zlib/1.2.11 nghttp2/1.39.2 Release-Date: 2019-03-27 Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp Features: AsynchDNS GSS-API HTTP2 HTTPS-proxy IPv6 Kerberos Largefile libz MultiSSL NTLM NTLM_WB SPNEGO SSL UnixSockets
curl cURL support => enabled cURL Information => 7.73.0 Age => 7 Features AsynchDNS => Yes CharConv => No Debug => No GSS-Negotiate => No IDN => No IPv6 => Yes krb4 => No Largefile => Yes libz => Yes NTLM => Yes NTLMWB => Yes SPNEGO => Yes SSL => Yes SSPI => No TLS-SRP => Yes HTTP2 => Yes GSSAPI => Yes KERBEROS5 => Yes UNIX_SOCKETS => Yes PSL => No HTTPS_PROXY => Yes MULTI_SSL => No BROTLI => Yes Protocols => dict, file, ftp, ftps, gopher, http, https, imap, imaps, ldap, ldaps, mqtt, pop3, pop3s, rtmp, rtsp, scp, sftp, smb, smbs, smtp, smtps, telnet, tftp Host => x86_64-apple-darwin19.6.0 SSL Version => OpenSSL/1.1.1h ZLib Version => 1.2.11 libSSH Version => libssh2/1.9.0 Directive => Local Value => Master Value curl.cainfo => no value => no value
ngrok version 2.3.35
total 8 drwx------ 3 mpostma staff 96 16 Apr 2018 . drwxr-xr-x+ 114 mpostma staff 3648 4 Nov 16:24 .. -rw------- 1 mpostma staff 55 16 Apr 2018 ngrok.yml
nginx: stable 1.19.4 (bottled), HEAD HTTP(S) server and reverse proxy, and IMAP/POP3 proxy server https://nginx.org/ /usr/local/Cellar/nginx/1.19.4 (25 files, 2.2MB) * Poured from bottle on 2020-11-04 at 16:19:53 From: https://github.com/Homebrew/homebrew-core/blob/HEAD/Formula/nginx.rb License: BSD-2-Clause ==> Dependencies Required: openssl@1.1, pcre ==> Options --HEAD Install HEAD version ==> Caveats Docroot is: /usr/local/var/www The default port has been set in /usr/local/etc/nginx/nginx.conf to 8080 so that nginx can run without sudo. nginx will load all files in /usr/local/etc/nginx/servers/. To have launchd start nginx now and restart at login: brew services start nginx Or, if you don't want/need a background service you can just run: nginx ==> Analytics install: 48,421 (30 days), 113,783 (90 days), 428,697 (365 days) install-on-request: 47,590 (30 days), 111,695 (90 days), 416,785 (365 days) build-error: 0 (30 days)
php: stable 7.4.12 (bottled), HEAD General-purpose scripting language https://www.php.net/ /usr/local/Cellar/php/7.4.12 (497 files, 72.3MB) * Poured from bottle on 2020-11-04 at 16:05:28 From: https://github.com/Homebrew/homebrew-core/blob/HEAD/Formula/php.rb License: PHP-3.01 ==> Dependencies Build: httpd, pkg-config Required: apr, apr-util, argon2, aspell, autoconf, curl-openssl, freetds, gd, gettext, glib, gmp, icu4c, krb5, libffi, libpq, libsodium, libzip, oniguruma, openldap, openssl@1.1, pcre2, sqlite, tidy-html5, unixodbc ==> Options --HEAD Install HEAD version ==> Caveats To enable PHP in Apache add the following to httpd.conf and restart Apache: LoadModule php7_module /usr/local/opt/php/lib/httpd/modules/libphp7.soSetHandler application/x-httpd-php Finally, check DirectoryIndex includes index.php DirectoryIndex index.php index.html The php.ini and php-fpm.ini file can be found in: /usr/local/etc/php/7.4/ To have launchd start php now and restart at login: brew services start php Or, if you don't want/need a background service you can just run: php-fpm ==> Analytics install: 56,220 (30 days), 159,335 (90 days), 579,152 (365 days) install-on-request: 55,174 (30 days), 155,870 (90 days), 550,857 (365 days) build-error: 0 (30 days)
openssl@1.1: stable 1.1.1h (bottled) [keg-only] Cryptography and SSL/TLS Toolkit https://openssl.org/ /usr/local/Cellar/openssl@1.1/1.1.1h (8,067 files, 18.5MB) Poured from bottle on 2020-11-04 at 10:20:03 From: https://github.com/Homebrew/homebrew-core/blob/HEAD/Formula/openssl@1.1.rb License: OpenSSL ==> Caveats A CA file has been bootstrapped using certificates from the system keychain. To add additional certificates, place .pem files in /usr/local/etc/openssl@1.1/certs and run /usr/local/opt/openssl@1.1/bin/c_rehash openssl@1.1 is keg-only, which means it was not symlinked into /usr/local, because macOS provides LibreSSL. If you need to have openssl@1.1 first in your PATH run: echo 'export PATH="/usr/local/opt/openssl@1.1/bin:$PATH"' >> ~/.zshrc For compilers to find openssl@1.1 you may need to set: export LDFLAGS="-L/usr/local/opt/openssl@1.1/lib" export CPPFLAGS="-I/usr/local/opt/openssl@1.1/include" ==> Analytics install: 835,013 (30 days), 1,906,254 (90 days), 7,237,126 (365 days) install-on-request: 136,062 (30 days), 257,990 (90 days), 1,007,070 (365 days) build-error: 0 (30 days)
LibreSSL 2.8.3 built on: date not available platform: information not available options: bn(64,64) rc4(16x,int) des(idx,cisc,16,int) blowfish(idx) compiler: information not available OPENSSLDIR: "/private/etc/ssl"
ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:GOST2012256-GOST89-GOST89:DHE-RSA-CAMELLIA256-SHA256:DHE-RSA-CAMELLIA256-SHA:GOST2001-GOST89-GOST89:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA256:CAMELLIA256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA256:DHE-RSA-CAMELLIA128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:CAMELLIA128-SHA256:CAMELLIA128-SHA:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:RC4-SHA:RC4-MD5:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:DES-CBC3-SHA
nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok nginx: configuration file /usr/local/etc/nginx/nginx.conf test is successful
/usr/local/sbin/php-fpm /usr/sbin/php-fpm
PHP 7.4.12 (fpm-fcgi) (built: Oct 29 2020 18:37:31) Copyright (c) The PHP Group Zend Engine v3.4.0, Copyright (c) Zend Technologies with Zend OPcache v7.4.12, Copyright (c), by Zend Technologies
[04-Nov-2020 16:24:47] NOTICE: configuration file /usr/local/etc/php/7.4/php-fpm.conf test is successful
-rw-r--r-- 1 root admin 657 4 Nov 16:20 homebrew.mxcl.dnsmasq.plist -rw-r--r-- 1 root admin 571 4 Nov 16:20 homebrew.mxcl.nginx.plist -rw-r--r-- 1 root admin 628 4 Nov 16:20 homebrew.mxcl.php.plist -rw-r--r-- 1 root admin 636 3 Nov 22:14 homebrew.mxcl.php@7.3.plist
ERR_CONNECTION_REFUSED
generally suggests nginx isn't responding.
It can also occasionally mean nginx couldn't proxy to the intended destination service ... in this case php-fpm.
But, given that both of those services show as running normally without error, diagnosing is a little more complicated.
I get SEC_ERROR_UNKNOWN_ISSUER
when trying to access the expressvpn site.
That said, VPN clients do definitely tinker with networking configurations. I'm not sure what exactly expressVPN "touches" though.
Yeah I don't know what/if ExpressVPN touches anything, which is why I ultimately decided to restore from a the backup.
The most frustrating part is that I can't seem to pin down where the problem is (dnsmasq, nginx, php), which makes it pretty hard to start looking for solutions. Is there a way to turn on a general/access log file for nginx, similar to what we did for dnsmasq, so we can see if these requests even hit nginx?
ERR_CONNECTION_REFUSED
will fire if nginx
is not running on the IP address that was resolved from the domain name entered.
If nginx connects but PHP-FPM isn't running then usually it gives 502 Bad Gateway
.
If nginx and php connect but Valet can't find a site in the registered "parked" paths, it defaults to returning 404 - Not Found
By default Valet tells Nginx to store error logs at /Users/USER/.config/valet/Log/nginx-error.log
(This is set in /usr/local/etc/nginx/valet/valet.conf
)
Is there any chance you've got a service running on port 80 that's causing nginx not to be able to bind to it?
There's nothing in the nginx-error.log file.
Prior to starting valet there's no output for sudo lsof -i tcp:80
After valet start
it gives me:
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
nginx 2933 root 6u IPv4 0x8b74f38ccd235059 0t0 TCP localhost:http (LISTEN)
nginx 2938 root 6u IPv4 0x8b74f38ccd235059 0t0 TCP localhost:http (LISTEN)
nginx 2939 root 6u IPv4 0x8b74f38ccd235059 0t0 TCP localhost:http (LISTEN)
nginx 2940 root 6u IPv4 0x8b74f38ccd235059 0t0 TCP localhost:http (LISTEN)
nginx 2941 root 6u IPv4 0x8b74f38ccd235059 0t0 TCP localhost:http (LISTEN)
nginx 2942 root 6u IPv4 0x8b74f38ccd235059 0t0 TCP localhost:http (LISTEN)
nginx 2943 root 6u IPv4 0x8b74f38ccd235059 0t0 TCP localhost:http (LISTEN)
nginx 2944 root 6u IPv4 0x8b74f38ccd235059 0t0 TCP localhost:http (LISTEN)
nginx 2945 root 6u IPv4 0x8b74f38ccd235059 0t0 TCP localhost:http (LISTEN)
After running valet stop
the output of that command is empty again.
Random thought seeing that output, could this be a localhost vs 127.0.0.1 issue?
worth checking
try this to compare: lsof -Pn -i4 | grep :80
homed 679 mpostma 21u IPv4 0x8b74f38cc6ca78d9 0t0 TCP 192.168.86.217:49185->192.168.86.231:8080 (ESTABLISHED)
SoundTouc 1159 mpostma 12u IPv4 0x8b74f38cccefe679 0t0 TCP *:8085 (LISTEN)
for your sudo lsof -i tcp:80
I get:
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
nginx 73382 root 9u IPv4 0xb58c2774df858807 0t0 TCP localhost:http (LISTEN)
nginx 73391 chris 9u IPv4 0xb58c2774df858807 0t0 TCP localhost:http (LISTEN)
nginx 73392 chris 9u IPv4 0xb58c2774df858807 0t0 TCP localhost:http (LISTEN)
nginx 73393 chris 9u IPv4 0xb58c2774df858807 0t0 TCP localhost:http (LISTEN)
nginx 73394 chris 9u IPv4 0xb58c2774df858807 0t0 TCP localhost:http (LISTEN)
nginx 73395 chris 9u IPv4 0xb58c2774df858807 0t0 TCP localhost:http (LISTEN)
nginx 73396 chris 9u IPv4 0xb58c2774df858807 0t0 TCP localhost:http (LISTEN)
nginx 73397 chris 9u IPv4 0xb58c2774df858807 0t0 TCP localhost:http (LISTEN)
nginx 73398 chris 9u IPv4 0xb58c2774df858807 0t0 TCP localhost:http (LISTEN)
Note the root
for the first, and my username for all the rest.
Granted, a few minutes ago I ran sudo brew services stop nginx
and sudo brew services start nginx
so maybe the child processes started differently than they would on boot.
lsof -Pn -i4 | grep :80
gives me:
nginx 73391 chris 9u IPv4 0xb58c2774df858807 0t0 TCP 127.0.0.1:80 (LISTEN)
nginx 73392 chris 9u IPv4 0xb58c2774df858807 0t0 TCP 127.0.0.1:80 (LISTEN)
nginx 73393 chris 9u IPv4 0xb58c2774df858807 0t0 TCP 127.0.0.1:80 (LISTEN)
nginx 73394 chris 9u IPv4 0xb58c2774df858807 0t0 TCP 127.0.0.1:80 (LISTEN)
nginx 73395 chris 9u IPv4 0xb58c2774df858807 0t0 TCP 127.0.0.1:80 (LISTEN)
nginx 73396 chris 9u IPv4 0xb58c2774df858807 0t0 TCP 127.0.0.1:80 (LISTEN)
nginx 73397 chris 9u IPv4 0xb58c2774df858807 0t0 TCP 127.0.0.1:80 (LISTEN)
nginx 73398 chris 9u IPv4 0xb58c2774df858807 0t0 TCP 127.0.0.1:80 (LISTEN)
Noting here the 127.0.0.1 vs localhost observation you mentioned. So, same in that regard. But username vs root still.
Ok, I just tried stopping and restarting via brew like you did and that doesn't change anything. Everything is still root on sudo lsof -i tcp:80
and lsof -Pn -i4 | grep :80
doesn't list any nginx processes for me. I'm not super familiar with the lsof command so a bit out of my depth here. What is the second variation showing and could you offer any guesses as to why that's empty for me?
If I run your second command but with sudo in front of it, I get:
nginx 6093 root 6u IPv4 0x8b74f38ccac052b9 0t0 TCP 127.0.0.1:80 (LISTEN)
nginx 6100 root 6u IPv4 0x8b74f38ccac052b9 0t0 TCP 127.0.0.1:80 (LISTEN)
nginx 6101 root 6u IPv4 0x8b74f38ccac052b9 0t0 TCP 127.0.0.1:80 (LISTEN)
nginx 6102 root 6u IPv4 0x8b74f38ccac052b9 0t0 TCP 127.0.0.1:80 (LISTEN)
nginx 6103 root 6u IPv4 0x8b74f38ccac052b9 0t0 TCP 127.0.0.1:80 (LISTEN)
nginx 6104 root 6u IPv4 0x8b74f38ccac052b9 0t0 TCP 127.0.0.1:80 (LISTEN)
nginx 6105 root 6u IPv4 0x8b74f38ccac052b9 0t0 TCP 127.0.0.1:80 (LISTEN)
nginx 6106 root 6u IPv4 0x8b74f38ccac052b9 0t0 TCP 127.0.0.1:80 (LISTEN)
nginx 6107 root 6u IPv4 0x8b74f38ccac052b9 0t0 TCP 127.0.0.1:80 (LISTEN)
There's nothing in the nginx-error.log file.
I guess that's normal unless actual errors occur.
Maybe we can try turning on debug mode with it:
/usr/local/etc/nginx/valet/valet.conf
access_log off;
- error_log "/Users/USERNAME/.config/valet/Log/nginx-error.log";
+ error_log "/Users/USERNAME/.config/valet/Log/nginx-error.log" debug;
Then valet stop/start again.
Then try to visit http://foo.test
and see what shows up in your ~/.config/valet/Log/nginx-error.log
Ok, will try that, also I case this might be relevant, the contents of /usr/local/etc/nginx/nginx.conf
are:
user "mpostma" staff;
worker_processes auto;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
types_hash_max_size 2048;
client_max_body_size 512M;
server_names_hash_bucket_size 128;
ssi on;
gzip on;
gzip_comp_level 5;
gzip_min_length 256;
gzip_proxied any;
gzip_vary on;
gzip_types
application/atom+xml
application/javascript
application/json
application/rss+xml
application/vnd.ms-fontobject
application/x-font-ttf
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/svg+xml
image/x-icon
text/css
text/plain
text/x-component;
include "/Users/mpostma/.config/valet/Nginx/*";
include servers/*;
include valet/valet.conf;
}
Ok, will try that, also I case this might be relevant, the contents of
/usr/local/etc/nginx/nginx.conf
are:
That looks normal. It's built from the stub at ~/.composer/vendor/laravel/valet/cli/stubs/nginx.conf
So valet start
generates the following output in the error log with debug on:
2020/11/04 18:24:25 [debug] 9784#0: kevent set event: 7: ft:-1 fl:0005
2020/11/04 18:24:25 [debug] 9783#0: kevent set event: 7: ft:-1 fl:0005
2020/11/04 18:24:25 [debug] 9785#0: kevent set event: 7: ft:-1 fl:0005
2020/11/04 18:24:25 [debug] 9786#0: kevent set event: 7: ft:-1 fl:0005
2020/11/04 18:24:25 [debug] 9787#0: kevent set event: 7: ft:-1 fl:0005
2020/11/04 18:24:25 [debug] 9788#0: kevent set event: 7: ft:-1 fl:0005
2020/11/04 18:24:25 [debug] 9789#0: kevent set event: 7: ft:-1 fl:0005
2020/11/04 18:24:25 [debug] 9790#0: kevent set event: 7: ft:-1 fl:0005
Visiting a .test domain doesn't log anything.
I get the same basic log content upon startup.
But when I hit a .test domain that it responds to I get a thousand debug lines in the log.
So ... it's as though the request isn't actually hitting nginx ... like still maybe DNS isn't pointing to localhost, or nginx is being intercepted
What happens when you try http://127.0.0.1
in various browsers?
Yeah, was just to mention that mine is still showing "refused to connect" in the browser so it may never actually get to nginx.
http://127.0.0.1 is the same as any .test domain.
http://127.0.0.1 is the same as any .test domain.
Okay, I think we've at least narrowed it fairly certainly to nginx not getting the traffic, so it doesn't know to even respond.
Yeah, so if I go valet tld nope
and hit any .test domain the error in Chrome is ERR_NAME_NOT_RESOLVED
. If I switch back with valet tld test
it goes back to ERR_CONNECTION_REFUSED
.
Really appreciate the realtime support by the way!
Yeah, so if I go
valet tld nope
and hit any .test domain the error in Chrome isERR_NAME_NOT_RESOLVED
. If I switch back withvalet tld test
it goes back toERR_CONNECTION_REFUSED
.
Ya, that was a good test.
Really appreciate the realtime support by the way!
Glad to help. I'm scared I'm running out of ideas though! 😊
FWIW the "signal '9'" thing during uninstall is most likely caused by a chicken/egg situation ... '9' is a 'kill' signal, and it's possible that it can't kill the thing that's calling the kill request.
Either way, not relevant to this immediate case.
So ... to help minimize confusion to future searchers, would you update the title to remove that part? Maybe change to This site can't be reached / ERR_CONNECTION_REFUSED
might be most reflective of the issue?
I've not had to dig into why traffic isn't routed to nginx as expected, when the DNS is pointing correctly, and lsof shows it listening on the correct port, and nginx is showing as running. I'm just making (mildly educated) guesses at this point.
I'm guessing this will give you the same as the browser does, but try command line:
curl -i http://127.0.0.1/nginx_status
That gives me curl: (7) Failed to connect to 127.0.0.1 port 80: Connection refused
Okay, that's at least consistent with the browser response.
Now I'm wondering about firewall software that might be interfering. Do you have any known firewall apps installed?
In System Preferences->Security & Privacy, on the Firewall tab, is it enabled? If yes, does temporarily turning it off as a test make any difference? If yes, in Options what checkboxes are ticked? (Normally this only affects traffic coming in from external connections, not stuff internal to your Mac, so it may be moot.)
Does this problem persist when your other VPN client is active?
The Firewall is turned off and enabling/disabling the other VPN client doesn't seem to make difference. I do have Little Snitch on this machine, which could be used to block requests, but disabled it completely at some point to make sure that wasn't it.
I use Little Snitch all the time, without issue. Granted, I haven't tried creating a rogue rule to specifically block something ... let alone look for a rogue rule that needs deleting for a case like this.
What's the content of \etc\resolv.conf
?
Where's it linked to? ls -aln /etc/resolv.conf
You may have already seen this post about ExpressVPN: https://github.com/laravel/valet/issues/527#issuecomment-427967761
So I just turned it on though to see what IP addresses the dnsmasq services is trying to access and only 1.1.1.1 and 1.0.0.1 show up (not 127.0.0.1). Not a 100% sure if it would when things are working as they should, but I suspect it would. That might be something you can check.
/etc/resolv.conf:
#
# macOS Notice
#
# This file is not consulted for DNS hostname resolution, address
# resolution, or the DNS query routing mechanism used by most
# processes on this system.
#
# To view the DNS configuration used by this system, use:
# scutil --dns
#
# SEE ALSO
# dns-sd(1), scutil(8)
#
# This file is automatically generated.
#
domain lan
nameserver 127.0.0.1
nameserver 1.1.1.1
nameserver 1.0.0.1
Links to lrwxr-xr-x 1 0 0 22 21 Nov 2019 /etc/resolv.conf -> ../var/run/resolv.conf
So I just turned it on though to see what IP addresses the dnsmasq services is trying to access and only 1.1.1.1 and 1.0.0.1 show up (not 127.0.0.1). Not a 100% sure if it would when things are working as they should, but I suspect it would. That might be something you can check.
Seems normal.
With regard to #527 above, yes I came across that early on when I still had ExpressVPN installed. I tried it and it didn't seem to make a difference. Since restoring the backup didn't resolve anything, I could try reinstalling ExpressVPN and toggling some checkboxes again / turning the service on and off to see if makes any difference at all.
With regard to #527 above, yes I came across that early on when I still had ExpressVPN installed. I tried it and it didn't seem to make a difference. Since restoring the backup didn't resolve anything, I could try reinstalling ExpressVPN and toggling some checkboxes again / turning the service on and off to see if makes any difference at all.
Ya, I was thinking that might be a worthwhile step.
Might even be worth doing something similar with the other VPN too, even if only to have it "reset" some things that it knows need to be in place. I wouldn't want to break it on you though, so you can decide whether it'll be fine since you have a backup.
Double-checking: earlier you said you had deleted the ~/.config/valet
directory as part of a fresh Valet install.
Did you restore any files to that directory? Or is it still "clean"?
Particularly, the ~/.config/valet/Nginx
folder contains site configurations (usually those are generated by Valet, and only when you 'secure' a site).
Sometimes people also add custom configuration rules for Nginx. I just want to be sure there's nothing in there that's interfering with nginx. Granted, if it were then I'd expect something in the debug log or even an error in the configuration test.
Yeah, that folder is still clean. I've done several complete uninstalls and reinstalls since then too. Always trying to make sure I'm testing individual fixes on as clean of an install as possible.
Given nginx is only listening on IPv4 by default, could try IPv6:
/usr/local/etc/nginx/valet/valet.conf
server {
listen 127.0.0.1:80 default_server;
+ listen [::1]:80 default_server;
root /;
and valet stop/start
then curl -i http://\[::1\]/
Idea: Just trying here to explore another port in case something's blocking the usual 80/443 ports:
Create a ~/Sites/foo
directory, valet link
it and valet secure
it. This will create certs and a fresh Nginx config for that domain. Of course then it should respond on ports 80 and 443. But also port 60
(we use that for ngrok tunneling) so you could test curl -i http://foo.test:60
to see if the response is any different (eg: not "connection refused").
Two days ago, seemingly out of nowhere, my Valet sites suddenly had all stopped working. If I try to load any of them in a browser I just get:
(Chrome) This site can’t be reached cufm.test’s server IP address could not be found.
(Firefox) We can’t connect to the server at cufm.test.
Over the past two days I've tried absolutely everything I could find in previous similar issues, but nothing seemed to fix it on my machine. I ultimately even wiped the entire machine and restored a Time Machine backup from last week (when things were working). But even that somehow didn't fix the issue.
Running
valet uninstall --force
fails with aThe process has been signaled with signal "9".
error, but trying any of the fixes mentioned in #876 don't fix that issue for me. So I've attempted a manual uninstall and reinstall with:No luck, so I decided to remove Homebrew and Composer completely and just start over from scratch:
Still nothing, same issue as before. When checking the logs,
~/.config/valet/Log/nginx-error.log
is empty and/usr/local/var/log/php-fpm.log
shows:Running
valet uninstall --force
still fails with aThe process has been signaled with signal "9".
error.I'm out of ideas, but really hoping someone can point me in the right direction.