Linux
  • Option 1: CentOS Linux 7
  • Option 2: Ubuntu Server LTS 18.04
  • Option 3: Ubuntu Server LTS 20.04

Before you start

  • You need to know how to create and edit text files in Linux. For example, you can use vim editor. Here you can find a quick start guide on how to use the Vim editor.

1. Preparation

1.1. System Update

CentOS
$ sudo yum update -y
Ubuntu
$ sudo apt update
$ sudo apt upgrade -y
Reboot system
$ sudo reboot

1.2 Disable SELinux (CentOS only)

$ sudo sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
$ sudo reboot
To verify that SELinux is disabled, you can type:
$ sudo sestatus
SELinux status: disabled
Note: on production servers, usually after installation and verification, you need to re-enable SELinux and configure it accordingly.

1.3 Firewall Configuration (optional)

To access the server from the network, ports 80 and 443 and port 22 (default port for connection via ssh) should be opened:
CentOS:
$ sudo firewall-cmd --zone=public --permanent --add-port=22/tcp
$ sudo firewall-cmd --zone=public --permanent --add-port=80/tcp
$ sudo firewall-cmd --zone=public --permanent --add-port=443/tcp
$ sudo firewall-cmd --reload
Ubuntu:
$ sudo ufw allow 22
$ sudo ufw allow 80
$ sudo ufw allow 443
$ sudo ufw enable

2. Installing Prerequisites

2.1. Installing additional packages

Centos 7 :
$ sudo yum install epel-release wget git libgdiplus libicu jq gssntlmssp -y
Ubuntu 18.04:
$ sudo apt install git libgdiplus libicu60 jq gss-ntlmssp-dev -y
Ubuntu 20.04:
sudo apt install libgdiplus libicu66 jq gss-ntlmssp-dev -y

3. Installing the HES server

3.1. Download HES server

$ cd ~
$ curl -O https://update.hideez.com/hes/linux_x64_latest.tar.gz

3.2. Extracting files and moving to the /opt directory

$ tar -xvf linux_x64_latest.tar.gz
$ sudo mv HES /opt/

3.3. Configuring the HES

Navigate to the '/opt/HES/' directory and run the HES.Wizard application
$ cd /opt/HES/
$ sudo ./HES.Wizard
next, follow the setup tips and configure the server

3.4. Daemonizing of the HES

We already prepared the configuration file to start and manage the HES server in the /opt/HES/Deploy directory. You need to copy the file HES.service to the /lib/systemd/system/:
$ sudo cp /opt/HES/Deploy/HES.service /lib/systemd/system/HES.service
Enabling autostart:
$ sudo systemctl enable HES.service
$ sudo systemctl restart HES.service
You can verify that HES server is running with the command:
$ sudo systemctl status HES
The output of the command should be something like this:
● HES.service - Hideez Enterprise Server
Loaded: loaded (/lib/systemd/system/HES.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2022-05-24 11:00:26 UTC; 1min 16s ago
Main PID: 3451 (HES.Web)
Tasks: 20 (limit: 2314)
CGroup: /system.slice/HES.service
└─3451 /opt/HES/HES.Web

4. Configuring Reverse Proxy Server

To access your server from the local network as well as from the Internet, you have to configure a reverse proxy. We will use the Nginx server for this.

4.1. Install Nginx

CentOS 7:
$ sudo yum install nginx -y
$ sudo systemctl enable nginx
Ubuntu:
$ sudo apt install nginx -y

4.2. Creating a Self-Signed SSL Certificate for Nginx

Note 1:
In the production environment, you should take care of acquiring a certificate from a certificate authority. For a self-signed certificate, the browser will alert you that site has security issues.
Note 2:
When generating a certificate, answer a few simple questions, of which Common Name (CN) will be important - here be the name of your site, in our example it is hideez.example.com
$ sudo mkdir /etc/nginx/certs
$ sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/certs/hes.key -out /etc/nginx/certs/hes.crt
Country Name (2 letter code) [AU]:.
State or Province Name (full name) [Some-State]:.
Locality Name (eg, city) []:.
Organization Name (eg, company) [Internet Widgits Pty Ltd]:.
Organizational Unit Name (eg, section) []:.
Common Name (e.g. server FQDN or YOUR name) []:hideez.example.com
Email Address []:.

4.3. Updating Nginx config

We prepared some Nginx configurations for different versions of Linux and placed them in the /opt/HES/Deploy directory. You may just copy the corresponding file or you can review and edit it for your needs.
CentOS 7:
$ sudo cp /opt/HES/Deploy/CentOS7/nginx.conf /etc/nginx/nginx.conf
Ubuntu 18:
$ sudo cp /opt/HES/Deploy/Ubuntu18/nginx.conf /etc/nginx/nginx.conf
  • remove default nginx site:
sudo rm /etc/nginx/sites-enabled/default
Ubuntu 20:
$ sudo cp /opt/HES/Deploy/Ubuntu20/nginx.conf /etc/nginx/nginx.conf
  • remove default nginx site:
sudo rm /etc/nginx/sites-enabled/default
After copying the file, it is recommended to verify nginx settings:
$ sudo nginx -t
The output should be something like this:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
Otherwise, you should carefully review the settings and correct the errors.

4.4. Restart nginx

$ sudo systemctl restart nginx

4.5. Check that nginx service is installed and started

$ sudo systemctl status nginx
The output would be something like this:
* nginx.service - The nginx HTTP and reverse proxy server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
Active: active (running) since Sat 2020-01-25 08:22:56 UTC; 8min ago
Process: 1702 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
Process: 1700 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=0/SUCCESS)
Process: 1699 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)
Main PID: 1704 (nginx)
CGroup: /system.slice/nginx.service
+-1704 nginx: master process /usr/sbin/nginx
+-1705 nginx: worker process
Here you can find an update guide for Linux.
Last modified 1mo ago