English (US)

中文 (简体)

English (US)

中文 (简体)

Theme

Common Issues in Third-Party Software Configuration for HENGSHI SENSE

Is there a file size limit for uploads?

You need to set restrictions through a front-end reverse proxy, such as nginx:



# Configure nginx Configuration File in HENGSHI SENSE Server
client_max_body_size 100m;

How to Set HTTP Connection Timeout?

HTTP connection timeout is also configured in the HENGSHI SENSE frontend reverse proxy settings, such as nginx:



# Nginx Configuration File Setup in HENGSHI SENSE Server

proxy_connect_timeout  600;
proxy_send_timeout 600;
proxy_read_timeout 600;
send_timeout       600;

How to Run the Service on Ports 80 and 443?

HENGSHI SENSE cannot be started as root, so it cannot bind to ports lower than 1024. If you need to listen on ports 80 and 443, it is recommended to use nginx as a reverse proxy. Create the configuration file /etc/nginx/conf.d/hengshi.conf with the following content.

# hengshi proxy
upstream hengshi-proxy {
        server <HENGSHI_IP>:<HENGSHI_PORT>;
}
server {
        server_name <SERVNAME>;
        access_log /var/log/nginx/access.log main;
        listen 80;
        location / {
                proxy_pass http://hengshi_proxy;
        }
}
server {
        server_name <SERVNAME>;
        listen 443 ssl http2; # Be sure to enable HTTP/2.0 to improve browser request concurrency
        access_log /var/log/nginx/access.log main;

        gzip on; # Enable gzip compression to optimize page loading speed
        gzip_vary on;
        client_max_body_size 200M;
        proxy_connect_timeout    900;
        proxy_read_timeout       900;
        proxy_send_timeout       900;

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
        ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:!DSS';
        ssl_prefer_server_ciphers on;
        ssl_session_timeout 5m;
        ssl_session_cache shared:SSL:50m;
        ssl_session_tickets off;
        ssl_certificate <PATH_TO_CER>;
        ssl_certificate_key <PATH_TO_CER_KEY>;
        add_header Strict-Transport-Security "max-age=31536000" always;

        location ~* \.(html|htm)$ {
            add_header Cache-Control "no-store, no-cache, must-revalidate";
            add_header Pragma "no-cache";
            add_header Expires "0";
        }
        location / {
                # The following X-Forwarded-Host and X-Forwarded-Proto settings are necessary for SSO scenarios. Do not omit them!
                proxy_set_header X-Forwarded-Host $host;
                proxy_set_header X-Forwarded-Proto $scheme;
                proxy_pass http://hengshi-proxy;
        }
}

Replace the variables with actual values.

  • <HENGSHI_IP>: The IP address of the machine where HENGSHI is deployed.
  • <HENGSHI_PORT>: The port bound by the HENGSHI service.
  • <SERVNAME>: The hostname used by Nginx to provide the service.
  • <PATH_TO_CER>, <PATH_TO_CER_KEY>: The absolute paths to the cer/key files for providing SSL service, respectively.

Offline Installation of Docker and Docker Compose

CategoryArchitectureDownload Link
Linuxdocker x86_64https://download.hengshi.com/3rd/docker-linux-x64/docker-28.1.1.tgz
Linuxdocker-compose x86_64https://download.hengshi.com/3rd/docker-linux-x64/docker-compose-linux-x86_64_v2.36.2.tar.gz
Linuxdocker arm64https://download.hengshi.com/3rd/docker-linux-aarch64/docker-23.0.6.tgz
Linuxdocker-compose arm64https://download.hengshi.com/3rd/docker-linux-aarch64/docker-compose

This example is for the x86_64 platform. If you are using arm64, please download the corresponding installation package.

  1. Download the installation packages for Docker and Docker Compose to your server. You should see the following files:
shell
 ls
docker-28.1.1.tgz  docker-compose-linux-x86_64_v2.36.2.tar.gz
  1. Install Docker
shell
tar xf docker-28.1.1.tgz # Extract the files
cp docker/* /usr/bin/  # Copy the executable files to the system path
  1. Prepare the docker.service file
shell
cat <<EOF > /usr/lib/systemd/system/docker.service/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
ExecStart=/usr/bin/dockerd
ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=infinity
LimitNPROC=infinity
TimeoutStartSec=0
Delegate=yes
KillMode=process
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
[Install]
WantedBy=multi-user.target
EOF
  1. Start the Docker service
shell
systemctl daemon-reload
systemctl start docker
systemctl enable docker # Enable Docker to start on boot

systemctl status docker # Check the service status
  1. Copy docker-compose to the system directory
shell
tar xf docker-compose-linux-x86_64_v2.36.2.tar.gz
cp docker-compose /usr/local/bin/
ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
  1. Check the versions of Docker and Docker Compose. If you see the following output, the installation was successful.
shell
 docker -v
Docker version 28.1.1, build 4eba377

 docker-compose version
Docker Compose version v2.36.2

User Manual for Hengshi Analysis Platform

Copyright © 2016-present hengshi.com