March 10, 20241 yr I need a little hint. I want to use the Froxlor API. For testing purposes I used the cURL-sample and the PHP sample. Nothing works. I get only the error: Unauthenticated. Please provide api user credentials. API Access is allowed and the key/secret pair is created and will be used in the sample code. Where is my mistake? Many thanks for your help.
March 10, 20241 yr https://docs.froxlor.org/latest/api-guide/ NOTE If you are using php-fpm with apache2, in order for the API authentication to work properly, you need to enable Add "-pass-header Authorization" / "CGIPassAuth On" to vhosts in the PHP-configuration assigned to froxlor.
March 10, 20241 yr Author 24 minutes ago, d00p said: https://docs.froxlor.org/latest/api-guide/ NOTE If you are using php-fpm with apache2, in order for the API authentication to work properly, you need to enable Add "-pass-header Authorization" / "CGIPassAuth On" to vhosts in the PHP-configuration assigned to froxlor. I use FCGI.
March 10, 20241 yr so why dont you give a bit more info then instead of saying "i use fcgi" ...how are we supposed to know your system or what your settings are etc.etc.etc.
March 10, 20241 yr so, even for FCGID there's "Passing HTTP AUTH BASIC/DIGEST headers from Apache to PHP" for each php-option. Validate that the froxlor vhost php-config has this flag enabled
March 10, 20241 yr Author 28 minutes ago, d00p said: so, even for FCGID there's "Passing HTTP AUTH BASIC/DIGEST headers from Apache to PHP" for each php-option. Validate that the froxlor vhost php-config has this flag enabled This was really helpful. I didn't know this option. I hope I come now a little bit further. Many thanks for your immediate help. Maybe it helps, if you give this hint in the API-documentation. Now it looks so:
March 10, 20241 yr Author 38 minutes ago, d00p said: so, even for FCGID there's "Passing HTTP AUTH BASIC/DIGEST headers from Apache to PHP" for each php-option. Validate that the froxlor vhost php-config has this flag enabled Sorry I must disturb you once more. I switch "Übergeben von HTTP AUTH BASIC/DIGEST-Headern von Apache an PHP " rto on, save. After saving I open config and switch is off!. I am lost. Why I can't switch this option to on?
March 10, 20241 yr Can't tell without more details. I've never had any issues setting this option and using it.
March 10, 20241 yr Author 2 hours ago, d00p said: Can't tell without more details. I've never had any issues setting this option and using it. I made intensive tests to narrow down the problem. Here my results. I went to php, php configs and used one config. I changed the switch of "Übergeben von HTTP AUTH BASIC/DIGEST-Headern von Apache an PHP" to on and saved. I called this configuration, and the switch was off. I checked the same with "Für aktuelle Kunden automatisch hinzufügen". Switch stays off. I changed other information in the php.ini Einstellungen: they correctly saved. I checked this with other php configurations. Same behavior. I used other Browser (instead of Firefox, Chrome) I checked it on other computer. Same behavior. From my point of you, it has to do with the Switch on/off elememt. So I checked next the behavior of the switch in "Domain bearbeiten". There switches work like expected. So for me it means, the switches on the PHP-Config page are the reason of the problem. I have no idea why. I will investigate the problem further with clientsite debugging. Maybe you can give me on basis of this information another hint. I would great appreciate your help.
March 10, 20241 yr You are comparing two different actions. One switch regulates a simple 0 or 1 in the corresponding database table. The other one (Für aktuelle Kunden automatisch hinzufügen) is a one time action that is not stored in the tables. After setting the http-auth flag in the PHP-config, validate that the field in the database table `panel_phpconfigs` is set accordingly
March 10, 20241 yr Just tested that on the demo...it really seems not be saved, need to check, for now (if you want to continue api testing) just set value of the field `pass_authorizationheader` to `1` in the table `panel_phpconfigs` and force the cronjob manually to regenerate configs
March 10, 20241 yr And this diff should fix the issue that the value is not stored when using FCGID: diff --git a/lib/Froxlor/Api/Commands/PhpSettings.php b/lib/Froxlor/Api/Commands/PhpSettings.php index 588c04a6..d53cf075 100644 --- a/lib/Froxlor/Api/Commands/PhpSettings.php +++ b/lib/Froxlor/Api/Commands/PhpSettings.php @@ -312,7 +312,6 @@ class PhpSettings extends ApiCommand implements ResourceEntity $fpm_enableslowlog = 0; $fpm_reqtermtimeout = 0; $fpm_reqslowtimeout = 0; - $fpm_pass_authorizationheader = 0; $override_fpmconfig = 0; } elseif (Settings::Get('phpfpm.enabled') == 1) { $fpm_reqtermtimeout = Validate::validate($fpm_reqtermtimeout, 'phpfpm_reqtermtimeout', '/^([0-9]+)(|s|m|h|d)$/', '', [], true); @@ -548,7 +547,6 @@ class PhpSettings extends ApiCommand implements ResourceEntity $fpm_enableslowlog = 0; $fpm_reqtermtimeout = 0; $fpm_reqslowtimeout = 0; - $fpm_pass_authorizationheader = 0; $override_fpmconfig = 0; } elseif (Settings::Get('phpfpm.enabled') == 1) { $fpm_reqtermtimeout = Validate::validate($fpm_reqtermtimeout, 'phpfpm_reqtermtimeout', '/^([0-9]+)(|s|m|h|d)$/', '', [], true);
March 10, 20241 yr Author 11 minutes ago, d00p said: And this diff should fix the issue that the value is not stored when using FCGID: diff --git a/lib/Froxlor/Api/Commands/PhpSettings.php b/lib/Froxlor/Api/Commands/PhpSettings.php index 588c04a6..d53cf075 100644 --- a/lib/Froxlor/Api/Commands/PhpSettings.php +++ b/lib/Froxlor/Api/Commands/PhpSettings.php @@ -312,7 +312,6 @@ class PhpSettings extends ApiCommand implements ResourceEntity $fpm_enableslowlog = 0; $fpm_reqtermtimeout = 0; $fpm_reqslowtimeout = 0; - $fpm_pass_authorizationheader = 0; $override_fpmconfig = 0; } elseif (Settings::Get('phpfpm.enabled') == 1) { $fpm_reqtermtimeout = Validate::validate($fpm_reqtermtimeout, 'phpfpm_reqtermtimeout', '/^([0-9]+)(|s|m|h|d)$/', '', [], true); @@ -548,7 +547,6 @@ class PhpSettings extends ApiCommand implements ResourceEntity $fpm_enableslowlog = 0; $fpm_reqtermtimeout = 0; $fpm_reqslowtimeout = 0; - $fpm_pass_authorizationheader = 0; $override_fpmconfig = 0; } elseif (Settings::Get('phpfpm.enabled') == 1) { $fpm_reqtermtimeout = Validate::validate($fpm_reqtermtimeout, 'phpfpm_reqtermtimeout', '/^([0-9]+)(|s|m|h|d)$/', '', [], true); Your support is a dream!!! Many, thanks!!! I want to send you money for your unbelievable quick response. Where I shopuld transfer it!
March 10, 20241 yr Author 36 minutes ago, d00p said: Just tested that on the demo...it really seems not be saved, need to check, for now (if you want to continue api testing) just set value of the field `pass_authorizationheader` to `1` in the table `panel_phpconfigs` and force the cronjob manually to regenerate configs This worked for me! See now the switch on in froxlor php config!
March 10, 20241 yr Author 52 minutes ago, d00p said: And this diff should fix the issue that the value is not stored when using FCGID: diff --git a/lib/Froxlor/Api/Commands/PhpSettings.php b/lib/Froxlor/Api/Commands/PhpSettings.php index 588c04a6..d53cf075 100644 --- a/lib/Froxlor/Api/Commands/PhpSettings.php +++ b/lib/Froxlor/Api/Commands/PhpSettings.php @@ -312,7 +312,6 @@ class PhpSettings extends ApiCommand implements ResourceEntity $fpm_enableslowlog = 0; $fpm_reqtermtimeout = 0; $fpm_reqslowtimeout = 0; - $fpm_pass_authorizationheader = 0; $override_fpmconfig = 0; } elseif (Settings::Get('phpfpm.enabled') == 1) { $fpm_reqtermtimeout = Validate::validate($fpm_reqtermtimeout, 'phpfpm_reqtermtimeout', '/^([0-9]+)(|s|m|h|d)$/', '', [], true); @@ -548,7 +547,6 @@ class PhpSettings extends ApiCommand implements ResourceEntity $fpm_enableslowlog = 0; $fpm_reqtermtimeout = 0; $fpm_reqslowtimeout = 0; - $fpm_pass_authorizationheader = 0; $override_fpmconfig = 0; } elseif (Settings::Get('phpfpm.enabled') == 1) { $fpm_reqtermtimeout = Validate::validate($fpm_reqtermtimeout, 'phpfpm_reqtermtimeout', '/^([0-9]+)(|s|m|h|d)$/', '', [], true); Unfortunately authentication does not work. Do you now in which file the config-data will be written for FCGI on apache24 for the froxlor host?
March 10, 20241 yr If you want, join us on discord (https://discord.froxlor.org) and we can take a closer look at everything. I'll be back at the pc in about 30-45min
March 10, 20241 yr Author In a web from one of my customers I changed for testing purposes the pass_authorizationheader` to `1` in the froxlor database. In the virtual host.conf I can see now the option FcgidPassHeader Authorization see: <VirtualHost 185.184.215.113:80> ServerName latina-halle.de ServerAlias www.latina-halle.de ServerAdmin +++++++++++++++++ DocumentRoot "/var/customers/webs/latina" FcgidIdleTimeout 30 FcgidPassHeader Authorization SuexecUserGroup "latina" "latina" <Directory "/var/customers/webs/latina/"> <FilesMatch "\.(php)$"> SetHandler fcgid-script FcgidWrapper /var/www/php-fcgi-scripts/latina/latina-halle.de/php-fcgi-starter .php Options +ExecCGI </FilesMatch> Require all granted AllowOverride All </Directory> Alias /awstats "/var/customers/webs/latina/awstats/latina-halle.de" Alias /awstats-icon "/usr/share/awstats/icon/" LogLevel warn ErrorLog "/var/customers/logs/latina-error.log" CustomLog "/var/customers/logs/latina-access.log" combined </VirtualHost> When I look for this option in vhost-config for froxlor in the /etc/apache2/sites-enabled I find nothing.
March 10, 20241 yr Did you adjust the correct php config? There's so many things to check, it really would be way easier and faster to just do this via discord and even better with access to the server
Create an account or sign in to comment