The Hive is delivered as an executable web application in .RUN format.
Connection to web application is carried out via any latest browser.
The following are the estimated system requirements:
Description | Minimal Requirements | Recommended Requirements |
---|---|---|
RAM | 4 GB | 8 GB |
CPU | 2 cores | 4 cores |
Disk speed | - | 50 IOPS |
Disk size | 100 GB | 200 GB |
Before installation, prepare a virtual machine or server with one of the supported operating systems:
Some Linux distributions in minimal installation may not include the following utilities: curl
, find
, groupadd
, tar
, gzip
, useradd
, xargs
. However, these utilities are used in the Platform, and we recommend you to install them.
Install docker engine including docker compose plugin on the machine.
Note 1:
docker from snap
currently is not supported.Note 2: docker-compose standalone is supported, but not recommended.
To extract installation files from the supplied image for verification, perform the following steps:
Run the command (root privileges required):
bash ./install_hw_bw_en-US_<version>.run --noexec --target </your/new/directory>
where, </your/new/directory>
– the directory where the installation files will be extracted;
*.tar
files – container images;ascii-logo.txt
– logo that is displayed in the console during installation;bin.tgz
– bash scripts for extracting to /opt/hw-bw/bin
;installer
, installer.sh
, common-functions.sh
, load-images.sh
– installer (bash script);defaults.ini
– global settings of the platform (is copied to /opt/hw-bw/config
);user-template.ini
– list of all settings supported by current version (is copied to /opt/hw-bw/config
);systemd.tgz
– service systemd (is copied to /opt/hw-bw/systemd
);ssl.tgz
– self-signed SSL-certificates (is copied to /opt/hw-bw/ssl
but only during first installation);kb.tgz
- pre-installed report templates and vulnerability descriptions.To start installation, run the command:
bash ./install_hw_bw_en-US_<version>.run
When installation completes, Platform will start automatically. You will see the following message:
hexway Hive ready to use.
UI accessible on http://<ip-server> or https://<ip-server>
Login as <username> password: <password>
Note: when installing the platform without additional parameters, the root user password will be generated automatically.
Open the Platform in the browser by the address specified in the message: http://<ip-server>/
or http://<your-domain-name>/
.
To add a unique password to the root user manually, use --noconfig
option during installation:
bash ./install_hw_bw_en-US_<version>.run -- --noconfig
When installation completes, open the file /opt/hw-bw/config/users.ini
, add the line to the [main]
field and save the file:
[main]
b.root.password = <new_password>
To apply changes, run the following command (root privileges are required):
/opt/hw-bw/bin/reconfig
Platform will automatically start and new password will be applied to the root user.
To update Platform:
Run the command:
bash ./install_hw_bw_en-US_<version>.run
During the update process, Platform will be saved to a backup and then the latest updates will be installed.
Notes:
- Platform backups are saved to the
/opt/hw-bw_backup
folder;- The Platform stores only the three latest backups.
When installation completes, Platform will start automatically.
Note: after installation of updates, connection between Hive and Apiary projects should restore automatically, however it may take some time. If connection did not restore, see section Hive troubleshooting.
The default password of the root user is generated during the installation and saved to the file /opt/hw-bw/config/local.ini
.
You can view the default password of the administrator using the command:
/opt/hw-bw/bin/show-info
You can set the custom rules for password creation using the user.ini
file.
To apply it, you need to do the following:
Open the /opt/hw-bw/config/user.ini
file using the command:
sudo nano /opt/hw-bw/config/user.ini
Add the b.password_policy
property, which is a comma-separated key-value list of the following parameters:
require_min_len
- minimal number of symbols. Integer.require_digits
- if, at least, 1 digit is required. True or False.require_lowercase
- if, at least, 1 symbol in lowercase is required. True or False.require_special
- if, at least, 1 special symbol is required. True or False.require_uppercase
- if, at least, 1 symbol in uppercase is required. True or False.For example:
b.password_policy=require_min_len=13,require_digits=true,require_lowercase=true,require_special=true,require_uppercase=true
/opt/hw-bw/config/user.ini
file./opt/hw-bw/bin/reconfig
All the additional parameters can be specified in any order or not added at all.
E.g., if you don't want to add special symbols to your password policy, you can either set it to False, or not add it to the list:
b.password_policy=require_min_len=13,require_digits=true,require_lowercase=true,require_uppercase=true