Docker

This instruction shows how to install the HES server using docker containers on Linux. Examples of commands are given for CentOS 7 and Ubuntu (18.04, 20.04, 22.04) , other versions of the Linux was not tested.

First of all, you need to decide what URL will be for your future HES server. It can be something like hideez.yurcompany.com. Hereinafter, this name is indicated as <your_domain_name>. You can copy this instruction into any text editor and replace all instances of the <your_domain_name> with your name. After that, you can execute most of the commands just copying them from the editor.

You need to add your domain name to the DNS settings of your hosting provider.

1. Preparation (if not already done)

Install Docker

You can also always refer to the official installation documentation: https://docs.docker.com/engine/install

CentOS

$ sudo yum install -y yum-utils
$ sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
$ sudo yum install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
$ sudo systemctl start docker
$ sudo systemctl enable docker

in case of unsuccessful installation, on Centos, you may need to remove some packages

$ sudo yum remove runc podman buildah -y

and retry the installation

Ubuntu

# Add Docker's official GPG key:
sudo apt-get update 
sudo apt-get install ca-certificates curl gnupg -y
sudo install -m 0755 -d /etc/apt/keyrings 
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg

# Add the repository to Apt sources:
echo \
  "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
  "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update 
# Install docker
sudo apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

To verify installed docker version run the following command:

$ docker --version
Docker version 24.0.6, build ed223bc

and docker compose:

$ docker compose version
Docker Compose version v2.21.0

2. Іnstalling HES in the docker

Download templates

We have prepared an archive with a template for building containers

$ cd ~
$ curl -O https://update.hideez.com/hes/docker_latest.tar.gz

Extracting files and moving to the /opt directory and create folders for HES

$ tar -xvf docker_latest.tar.gz
$ sudo mv HES /opt/ 

Build docker image

$ cd /opt/HES/
$ sudo docker build . -t hes

During operation, HES uses an encryption certificate that will be generated in the /opt/hes/hes-site/x509stores directory Since the server will run under the "root" user inside the container, you need to change the owner of the certificate directory:

$ sudo chown root.root /opt/HES/hes-site/x509stores

and load the containers:

sudo docker compose up -d 

Configure the Docker for MS SQL (Optional)

Currently, HES can work with two databases: MySQL or MS SQL. By default, we use My SQL, but if you want to switch to MS SQL, you will need to perform a few additional steps, which will be described below

Skip this step, if you use a MySQL database

So, first you need to tweak the file /opt/HES/docker-compose.yml

We have prepared a template for the yml file to work with the MS SQL container. Just run the rename command:

$ sudo mv /opt/HES/docker-compose.mssql /opt/HES/docker-compose.yml

You need to find the text in this file

SA_PASSWORD: C00ll_Passwrd_here

and set your SA user password instead of 'C00ll_Passwrd_here'. We will later need this password to create a user and HES database

Start MS SQL container only:

$ sudo docker-compose up -d hes-mssql

Use the docker exec -it command to start an interactive bash shell inside your running container

$ sudo docker exec -it hes-mssql /opt/mssql-tools/bin/sqlcmd -S localhost -U SA -P "C00ll_Passwrd_here"

instead of "C00ll_Passwrd_here", enter your password here, which you specified in the /opt/HES/docker-compose.yml file

The following sections walk you through using sqlcmd and Transact-SQL to create a new database and user.

> CREATE LOGIN [user]  WITH PASSWORD = 'user_password';
> GO
> CREATE DATABASE db;
> GO
> USE db; 
> GO
> CREATE USER [user] from login [user];
> GO
> GRANT CONTROL ON DATABASE::db  TO [user];
> GO

Сhange <user_password> with your real password

You should remember the user password, it will come in handy later.

To exit from the Transact-SQL console, press Ctrl+C.

Now you need to tweak the file /opt/HEL/hes-site/appsettings.Production.json with wizard:

sudo docker exec -it hes-site ./HES.Wizard

Configure the Nginx (Optional)

Open the /opt/HES/nginx/nginx.conf file for editing. Uncoment and replace all instances of <your_domain_name> with your name.

Run the Server

Finally, when config files updated and certificate ready you can run the server:

$ cd /opt/HES
$ sudo docker compose up -d 

Check the status

You can check the status of the docker containers running the command:

$ sudo docker compose ps
 Name                 Command               State                                   Ports                                 
---------------------------------------------------------------------------------------------------------------------------
hes-mysql      docker-entrypoint.sh --def ...   Up      0.0.0.0:3306->3306/tcp,:::3306->3306/tcp, 33060/tcp                   
hes-nginx   /docker-entrypoint.sh ngin ...   Up      0.0.0.0:443->443/tcp,:::443->443/tcp, 0.0.0.0:80->80/tcp,:::80->80/tcp
hes-site    ./HES.Web                        Up      5000/tcp           

To make sure that everything is configured correctly, open the URL of your site in a browser (https://<your_domain_name>). You should see the server authorization page. Log in using the default login 'admin@server' and default password 'admin'.

In case you cannot log in to the HES, see log files located in '/opt/HES/hes-site/logs'

Here you can find an update guide for Docker.

By default, access to the new server: login - admin@server password - admin

For test

U64FsPyumLv5yurm9NHeBQ7rYke5nc abc

fffff bbbb