Fossbilling won't open my cpanelto create accounts for users

Community Support Firewall
1

When i connect fossbilling to my hestiacp installation, i get tye error HTTP/2 401 returned for “https://cpanel.devannie.online:4022/api/”. (401)

The user can’t create a cp account and i have tried alotof things including changing ssl requirements

The server is running ubuntu 22
Everything works fine in terms of hosting and running hestia
Can someone help me to connect my api
I am using access keys to connect to my cpanel

Anyone whohas been able to connect hestiacp and fossbilling could enlighten the way

2

Ip white listed in Hestia setting?

3

Yes i have whitelisted my ip address

4

I can give access to my server for a pr to help me out please

5

Did you check /var/log/hestia/api.log or
/var/log/hestia/nginx-error.log

6

These log entries suggest multiple PHP warnings, mostly involving undefined variables or array keys, which could be causing errors in your HestiaCP panel. Here’s a breakdown and some suggestions for resolving these issues:

  1. Undefined Array Keys (v_nginx_cache_duration): The warning about v_nginx_cache_duration being an undefined array key suggests that this variable is not being set properly before it’s accessed. This usually happens if the array doesn’t include the expected key, which may occur if a configuration option isn’t set or initialized correctly.

Fix: In index.php on line 352 (where the variable is accessed), you can use isset($array[‘key’]) or the null coalescing operator ($array[‘key’] ?? default_value) to ensure the key exists before accessing it. For example:

$v_nginx_cache_duration = $array[‘v_nginx_cache_duration’] ?? ‘default_value’;

  1. Undefined Variables ($v_user): This warning in configuration.php indicates that $v_user is accessed before being defined. If this variable should be dynamically assigned, ensure it’s properly defined based on your application logic.

Fix: Check where $v_user is supposed to be defined in configuration.php (line 78) and confirm it’s correctly initialized before any reference. If it’s an optional variable, assign a default value or handle its absence.

  1. Accessing Null Array Offsets: These warnings (e.g., on line 41 and 42 in index.php) occur when trying to access an array offset that doesn’t exist, likely because the variable is null.

Fix: Similarly, use isset() to check if the array element exists before accessing it. Alternatively, set a default value:

$value = $array[‘key’] ?? ‘default_value’;

  1. Handling Undefined user Key: In list_access_keys.php, line 5, the warning about an undefined user array key may relate to a missing or improperly passed parameter.

Fix: Verify that user is correctly set in all places where this script is called. Additionally, use a check to ensure user exists before attempting to access it.

7

https://justpaste.it/g02pf

8

Guys
I can’t seemtoget my qpi to work

Screenshot_20241109_081913_Termius
Screenshot_20241109_081913_Termius1080×2400 172 KB

9

First, next time copy and paste the text, it is really hard to read the commands using a screenshot (and this is even worst… a mobile screenshot) :stuck_out_tongue:

Seems you are not using the right call to Hestia’s API.

If you want to take a look: How to create credentials in Hestia Control Panel to access API

Example using New API and access key/secret key:

curl -sS -k -X POST --connect-timeout 15 -m 300 -d '{"access_key":"YourAccessKey","secret_key":"YourSecretKey","returncode":"no","cmd":"v-add-user","arg1":"bradjames","arg2":"Qwasa1234","arg3":"[email protected]","arg4":"Freehosting","arg5":"Brad James"}' https://cpanel.devannie.online:4022/api/

Example using Legacy API and admin user/password:

curl -sS -k -X POST --connect-timeout 15 -m 300 -d '{"user":"admin","password":"AdminPassword","returncode":"no","cmd":"v-add-user","arg1":"bradjames","arg2":"Qwasa1234","arg3":"[email protected]","arg4":"Freehosting","arg5":"Brad James"}' https://cpanel.devannie.online:4022/api/

Example using Legacy API and hash:

curl -sS -k -X POST --connect-timeout 15 -m 300 -d '{"hash":"YourHashKey","returncode":"no","cmd":"v-add-user","arg1":"bradjames","arg2":"Qwasa1234","arg3":"[email protected]","arg4":"Freehosting","arg5":"Brad James"}' https://cpanel.devannie.online:4022/api/
2 Likes
10

Undertood sahsanu

Now the problem is that fossbilling only uses access keys at the moment
It is really stressing me btw
I have everything working perfectly apart from the api connection :pensive:

11

Take a look to the link I posted to create your access and secret keys in Hestia, once you check it works fine using the above curl command, use the credentials in FossBilling

12

This was the response
oot@cpanel:/home/ubuntu# curl -sS -k -X POST --connect-timeout 15 -m 300 -d ‘{“access_key”:“FNqOBn9KtNauPURcC6cp”,“c7TfwnVv2SA79r1U=NyLTejX-7DUKYn2qrR3Zgvo”:“YourSecretKey”,“returncode”:“no”,“cmd”:“v-add-user”,“arg1”:“bradjames”,“arg2”:“Qwasa1234”,“arg3”:“bradjj@gmailcom”,“arg4”:“Freehosting”,“arg5”:“Brad James”}’ https://cpaneldevannieonline:4022/api/
Error: data received is null or invalid, check https://hestiacpcom/docs/server-administration/rest-api.htmlroot@cpanel:/home/ubuntu#

13

This is whatis in my /usr/local/hestia/data/api/billing file

GNU nano 6.2 billing
ROLE=‘admin’
COMMANDS=‘v-add-user,v-delete-user,v-suspend-user,v-unsuspend-user,v-change-user-shell,v-list-user,v-list-users,v-make-tmp-file,v-add-domain,v-change-user-package,v-make-tmp-file,v-change-user-password’

14

You didn’t write the right command, secret_key is literally secret_key and YourSecretKey must be replaced by the actual data.

Use this command:

curl -sS -k -X POST --connect-timeout 15 -m 300 -d '{"access_key":"FNqOBn9KtNauPURcC6cp","secret_key":"c7TfwnVv2SA79r1U=NyLTejX-7DUKYn2qrR3Zgvo","returncode":"no","cmd":"v-add-user","arg1":"bradjames","arg2":"Qwasa1234","arg3":"[email protected]","arg4":"Freehosting","arg5":"Brad James"}' https://cpanel.devannie.online:4022/api/
15

I have literally wrote both part in Fossbilling and Hestia so I know it works

Add: 0.0.0.0 or allow-all to the white list and check again.

16

I did that
I have allowed all ip addresses
I mean any ip address
That was the first thing i did to check what configuration would work

I can give access to my server and you’ll tell me what’s happening

17

I tried it and my ip is not allowed.

$ curl -sS -k -X POST --connect-timeout 15 -m 300 -d '{"access_key":"Test","secret_key":"Test","returncode":"no","cmd":"v-list-sys-services"}' https://cpanel.devannie.online:4022/api/
Error: IP is not allowed to connect with API

Show the output of these commands:

v-list-sys-config json | jq | grep 'API'
grep -v '^SECRET' /usr/local/hestia/data/access-keys/FNqOBn9KtNauPURcC6cp
18

ubuntu@cpanel:~$ sudo su
root@cpanel:/home/ubuntu# v-list-sys-config json | jq | grep ‘API’
“API”: “yes”,
“API_SYSTEM”: “2”,
“API_ALLOWED_IP”: “18.222.229.171”,
root@cpanel:/home/ubuntu# grep -v ‘^SECRET’ /usr/local/hestia/data/access-keys/FNqOBn9KtNauPURcC6cp
USER=‘admin’
PERMISSIONS=‘billing,mail-accounts,phpmyadmin-sso,purge-nginx-cache,sync-dns-cluster,update-dns-records’
COMMENT=‘billing’
TIME=‘19:25:57’
DATE=‘2024-11-08’
EXPIRES_IN=‘’
IP=‘’
root@cpanel:/home/ubuntu#

19

If FossBiling is on the same machine, add 127.0.0.1 to the API_ALLOWED_IP directive. Also, if your server is using NAT, add also the private ip used by your server… like 10.0.0.x.

Example:

v-change-sys-config-value API_ALLOWED_IP '127.0.0.1,18.222.229.171'
1 Like
20

Add 0.0.0.0 and try it again

Then you can see the ip is used to connect in the logs and try setup that ip

1 Like