What would make WSL2 perfect for PHP development?
I've been using WSL2 to develop Drupal sites for some months now, and it has been a surprise to me how well it works. I have native Linux speed and great tools (I use Sublime through X server and VS Code).
However, there's a small issue that if solved, would make the development experience perfect: DNS resolution to dev environments. I'll describe how I work to illustrate what I mean with this.
I use Docksal to manage all my development environments on a WSL2 distribution using docker. So, to create a new Laravel project I would normally do this:
From there I can access the project using the generated local address from Linux. Docksal uses dnsmasq to resolve these addresses:
$ curl http://helloworld.docksal
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
...
However, I cannot access that address from Windows. What I've been doing until now is to add an entry in my Windows hosts file to redirect these new address to localhost:
127.0.0.1 helloworld.docksal
But once I added this entry, the site is still not accessible from Windows. I need to run a powershell script that I took from a github issue to create firewall rules, so I can actually access it.
I haven't found a solution for this yet, but what I would love to see is:
- The local address created in Linux doesn't require me to add a hosts entry in Windows.
- The firewall rules are automatically updated to allow access.
Installing a custom DNS entry
To solve the first issue I tried to use a custom DNS proxy (Acrylic) to redirect all *.docksal addresses back to localhost, like I'm doing with the hosts file. But when I try to execute the server it fails to start because UDP port is already in use:
2020-02-12 10:29:00.233 [E] TDnsResolver.Execute: TDualUdpServerCommunicationChannel.Bind: Binding to IPv4 address failed with Windows Sockets error code 10048.
What is using port 53 (the standard DNS port)? I used tcpview to find out.
It looks it is svchost. Using the PID and the Process Explorer I found that it was related to a service called Shared Access.
I had walked so far to stop digging now, so I opened the services and looked for ICS (maybe the initials for Internet Connection Sharing in English) and found it was configured to start manually.
I was feeling brave and tried to stop it, but I couldn't do it. It refused to stop with an error dialog that said (in a loose translation): “Windows couldn't stop the service in the local computer”. Nice. I switched the service to Disabled and decided to reboot. Upon reboot, it was enabled again, set to start in “Manual” mode. So no luck so far to enable a custom DNS Proxy.
Enabling the firewall by default
I'm running the script I found in github manually when I can't access the sites in WSL2 (normally after a reboot), and since I don't often reboot I could keep doing it.
I don't know if the script creates security issues, but I if I get tired of running it manually I could configure it to run every time I boot or every hour even.
Update 2021-04-28: It is possible to run the script from WSL2. Since I'musing fish shell, I created the alias winfirewall to run it:
alias --save winfirewall 'powershell.exe start-process PowerShell -verb runas "C:\Users\alinares\firewall_rules.ps1"'