Linux
HES deployment - Linux
Option 1: CentOS Linux Stream 9
Option 2: Ubuntu Server LTS 20.04
Option 3: Ubuntu Server LTS 22.04
Option 4: Ubuntu Server LTS 24.04
Before you start
You need to know how to create and edit text files in Linux. For example, you can use
vim
editor. Here you can find a quick start guide on how to use the Vim editor.
1. Preparation
1.1. System Update
CentOS
sudo dnf update -y
Ubuntu
sudo apt update
sudo apt upgrade -y
Reboot system
sudo reboot
1.2 Disable SELinux (CentOS only)
sudo sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
sudo reboot
To verify that SELinux is disabled, you can type:
sudo sestatus
SELinux status: disabled
Note: on production servers, usually after installation and verification, you need to re-enable SELinux and configure it accordingly.
1.3 Firewall Configuration (optional)
To access the server from the network, ports 80 and 443 and port 22 (default port for connection via ssh) should be opened:
CentOS:
sudo firewall-cmd --zone=public --permanent --add-port=22/tcp
sudo firewall-cmd --zone=public --permanent --add-port=80/tcp
sudo firewall-cmd --zone=public --permanent --add-port=443/tcp
sudo firewall-cmd --reload
Ubuntu:
sudo ufw allow 22
sudo ufw allow 80
sudo ufw allow 443
sudo ufw enable
2. Installing Prerequisites
2.1. Installing additional packages
CentOS stream 9 :
sudo dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm -y
sudo dnf install libgdiplus libicu jq -y
sudo dnf install compat-openssl11 -y
Ubuntu 20.04:
sudo apt install libgdiplus libicu66 jq gss-ntlmssp-dev -y
Ubuntu 22.04:
sudo apt install libgdiplus libicu70 jq gss-ntlmssp-dev -y
Ubuntu 24.04:
sudo apt install libgdiplus libicu74 jq gss-ntlmssp-dev -y
3. Installing the HES server
3.1. Download HES server
cd ~
curl -O https://update.hideez.com/hes/linux_x64_latest.tar.gz
3.2. Extracting files and moving to the /opt directory
tar -xvf linux_x64_latest.tar.gz
sudo mv HES /opt/
3.3. Configuring the HES
Navigate to the '/opt/HES/' directory and run the HES.Wizard application
cd /opt/HES/
sudo ./HES.Wizard
next, follow the setup tips and configure the server
3.4. Daemonizing of the HES
We already prepared the configuration file to start and manage the HES server in the /opt/HES/Deploy
directory. You need to copy the file HES.service
to the /lib/systemd/system/
:
sudo cp /opt/HES/Deploy/HES.service /lib/systemd/system/HES.service
Enabling autostart:
sudo systemctl enable HES.service
sudo systemctl restart HES.service
You can verify that HES server is running with the command:
sudo systemctl status HES
The output of the command should be something like this:
● HES.service - Hideez Enterprise Server
Loaded: loaded (/usr/lib/systemd/system/HES.service; enabled; vendor preset: disabled)
Active: active (running) since Wed 2022-12-21 14:15:03 UTC; 8s ago
Main PID: 929817 (HES.Web)
Tasks: 18 (limit: 4405)
Memory: 103.1M
CPU: 4.817s
CGroup: /system.slice/HES.service
└─929817 /opt/HES/HES.Web
4. Configuring Reverse Proxy Server
To access your server from the local network as well as from the Internet, you have to configure a reverse proxy. We will use the Nginx server for this.
4.1. Install Nginx
CentOS 7:
sudo yum install nginx -y
sudo systemctl enable nginx
Ubuntu:
sudo apt install nginx -y
4.2. Copying of self-signed certificates for Nginx
We have prepared a self-signed certificate for nginx that you can use to test running HES. Just copy it to nginx:
sudo mkdir /etc/nginx/certs
sudo cp /opt/HES/Deploy/certs/* /etc/nginx/certs
4.3. Updating Nginx config
We prepared some Nginx configurations for different versions of Linux and placed them in the /opt/HES/Deploy
directory. You may just copy the corresponding file or you can review and edit it for your needs.
CentOS 7:
sudo cp /opt/HES/Deploy/CentOS7/nginx.conf /etc/nginx/nginx.conf
Ubuntu 20:
$ sudo cp /opt/HES/Deploy/Ubuntu20/nginx.conf /etc/nginx/nginx.conf
remove default nginx site:
sudo rm /etc/nginx/sites-enabled/default
Ubuntu 22, Ubuntu 24:
sudo cp /opt/HES/Deploy/Ubuntu22/nginx.conf /etc/nginx/nginx.conf
remove default nginx site:
sudo rm /etc/nginx/sites-enabled/default
After copying the file, it is recommended to verify nginx settings:
$ sudo nginx -t
The output should be something like this:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
Otherwise, you should carefully review the settings and correct the errors.
4.4. Restart nginx
sudo systemctl restart nginx
4.5. Check that nginx service is installed and started
sudo systemctl status nginx
The output would be something like this:
* nginx.service - The nginx HTTP and reverse proxy server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
Active: active (running) since Sat 2020-01-25 08:22:56 UTC; 8min ago
Process: 1702 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
Process: 1700 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=0/SUCCESS)
Process: 1699 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)
Main PID: 1704 (nginx)
CGroup: /system.slice/nginx.service
+-1704 nginx: master process /usr/sbin/nginx
+-1705 nginx: worker process
Last updated
Was this helpful?