SonarQube is a powerful and open-source web-based platform designed to analyze the quality of source code. Developed in Java, it has the capability to manage and evaluate code written in over 20 programming languages such as C/C++, PL/SQL, and COBOL through an array of plugins. SonarQube smoothly integrates with various database servers like MSSQL, PostgreSQL, Oracle, and MySQL. Its continuous inspection facility offers a comprehensive view of an application’s health and, with numerous plugins available, its functionality can be significantly expanded. In this tutorial, we’ll guide you through the installation of SonarQube on Ubuntu 20.04.
Prerequisites
- A server running Ubuntu 20.04.
- A valid domain name pointing to your server’s IP.
- A configured root password on your server.
Getting Started
Begin by updating your system packages to their latest versions using the following command:
apt-get update -y
Following the package update, you’ll need to increase system parameters including vm.max_map_count, file descriptors, and ulimits. Execute the commands below to update these settings:
sysctl -w vm.max_map_count=262144 sysctl -w fs.file-max=65536 ulimit -n 65536 ulimit -u 4096
With these updates complete, proceed to the next step.
Install Java
SonarQube is a Java-based application that necessitates Java’s presence on your system. If not already installed, use the following command to install Java:
apt-get install default-jdk unzip gnupg2 -y
Once installed, verify the Java version with this command:
java --version
You should receive output similar to:
openjdk 11.0.9.1 2020-11-04 OpenJDK Runtime Environment (build 11.0.9.1+1-Ubuntu-0ubuntu1.20.04) OpenJDK 64-Bit Server VM (build 11.0.9.1+1-Ubuntu-0ubuntu1.20.04, mixed mode, sharing)
After verification, proceed to the next step.
Install and Configure PostgreSQL Server
SonarQube utilizes PostgreSQL as its database backend. Therefore, you’ll need to install it on your server. Ubuntu 20.04 doesn’t include the latest PostgreSQL by default, so you’ll first need to add its repository:
Add the PostgreSQL repository:
sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'
Then add the GPG key:
wget -q https://www.postgresql.org/media/keys/ACCC4CF8.asc -O - | apt-key add -
Update your system repositories and install PostgreSQL:
apt-get update -y apt-get -y install postgresql postgresql-contrib
Start the PostgreSQL service and ensure it begins on system boot:
systemctl start postgresql systemctl enable postgresql
Next, secure the PostgreSQL user by setting a password:
passwd postgres
This will prompt you to enter a new password:
New password: Retype new password: passwd: password updated successfully
Switch to the postgres user and create a new user for SonarQube:
su - postgres createuser sonar
Login to the PostgreSQL shell:
postgres@sonar:~$ psql
You should see the following:
psql (13.1 (Ubuntu 13.1-1.pgdg20.04+1)) Type "help" for help.
Create a user and database for SonarQube:
postgres=# ALTER USER sonar WITH ENCRYPTED password 'sonar'; postgres=# CREATE DATABASE sonarqube OWNER sonar;
Grant the necessary privileges:
postgres=# grant all privileges on DATABASE sonarqube to sonar;
Exit the PostgreSQL shell:
postgres=# \q postgres@sonar:~$ exit
Proceed to SonarQube installation.
Install and Configure SonarQube
Download the latest SonarQube version from the official site:
wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-7.9.3.zip
Unzip the file post-download:
unzip sonarqube-7.9.3.zip
Relocate the extracted folder to /opt:
mv sonarqube-7.9.3 /opt/sonarqube
Create a dedicated SonarQube user:
adduser sonar
Assign the SonarQube directory ownership to the sonar user:
chown -R sonar:sonar /opt/sonarqube
Edit the SonarQube configuration file to specify database credentials and host settings:
nano /opt/sonarqube/conf/sonar.properties
Modify details to reflect your setup:
sonar.jdbc.username=sonar sonar.jdbc.password=sonar sonar.jdbc.url=jdbc:postgresql://localhost:5432/sonarqube sonar.web.host=0.0.0.0
Update the sonar.sh script to set the running user:
nano /opt/sonarqube/bin/linux-x86-64/sonar.sh
Ensure the user is specified:
RUN_AS_USER=sonar
Save changes and close the file.
Create a Systemd Service File for SonarQube
Create a systemd service file for SonarQube management:
nano /etc/systemd/system/sonar.service
Add these configurations:
[Unit] Description=SonarQube service After=syslog.target network.target [Service] LimitNOFILE=65536 LimitNPROC=4096 Type=forking ExecStart=/opt/sonarqube/bin/linux-x86-64/sonar.sh start ExecStop=/opt/sonarqube/bin/linux-x86-64/sonar.sh stop User=sonar Group=sonar Restart=always LimitNOFILE=65536 LimitNPROC=4096 [Install] WantedBy=multi-user.target
Save the service file and reload systemd to recognize your changes:
systemctl daemon-reload
Start SonarQube and configure it to launch at startup:
systemctl start sonar systemctl enable sonar
Verify the service status:
systemctl status sonar
You should observe the following result:
? sonar.service - SonarQube service
Loaded: loaded (/etc/systemd/system/sonar.service; disabled; vendor preset: enabled)
Active: active (running) since Mon 2020-11-16 16:28:41 UTC; 5s ago
Process: 79015 ExecStart=/opt/sonarqube/bin/linux-x86-64/sonar.sh start (code=exited, status=0/SUCCESS)
Main PID: 79081 (wrapper)
Tasks: 46 (limit: 4691)
Memory: 725.8M
CGroup: /system.slice/sonar.service
??79081 /opt/sonarqube/bin/linux-x86-64/./wrapper /opt/sonarqube/bin/linux-x86-64/../../conf/wrapper.conf wrapper.syslog.ident=So>
??79085 java -Dsonar.wrapped=true -Djava.awt.headless=true -Xms8m -Xmx32m -Djava.library.path=./lib -classpath ../../lib/jsw/wrap>
??79125 /usr/lib/jvm/java-11-openjdk-amd64/bin/java -XX:+UseConcMarkSweepGC -XX:CMSInitiatingOccupancyFraction=75 -XX:+UseCMSInit>
Nov 16 16:28:40 sonar.example.com systemd[1]: Starting SonarQube service...
Nov 16 16:28:40 sonar.example.com sonar.sh[79015]: Starting SonarQube...
Nov 16 16:28:41 sonar.example.com sonar.sh[79015]: Started SonarQube.
Nov 16 16:28:41 sonar.example.com systemd[1]: Started SonarQube service.
SonarQube should now be active on port 9000. Confirm this with:
ss -antpl | grep 9000
You should see:
LISTEN 0 25 *:9000 *:* users:(("java",pid=139294,fd=121))
Check SonarQube logs for any issues:
tail -f /opt/sonarqube/logs/sonar.log
Log outputs should look something like this:
2020.11.16 17:04:24 INFO app[][o.s.a.ProcessLauncherImpl] Launch process[[key='ce', ipcIndex=3, logFilenamePrefix=ce]] from [/opt/sonarqube]: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djava.io.tmpdir=/opt/sonarqube/temp --add-opens=java.base/java.util=ALL-UNNAMED -Xmx512m -Xms128m -XX:+HeapDumpOnOutOfMemoryError -Dhttp.nonProxyHosts=localhost|127.*|[::1] -cp ./lib/common/*:/opt/sonarqube/lib/jdbc/postgresql/postgresql-42.2.5.jar org.sonar.ce.app.CeServer /opt/sonarqube/temp/sq-process10447466834580828864properties 2020.11.16 17:04:30 INFO app[][o.s.a.SchedulerImpl] Process[ce] is up 2020.11.16 17:04:30 INFO app[][o.s.a.SchedulerImpl] SonarQube is up
Proceed to the next step once you’re ready.
Install and Configure Nginx
Install Nginx to serve as a reverse proxy for SonarQube:
apt-get install nginx -y
Create a new virtual host configuration for SonarQube:
nano /etc/nginx/conf.d/sonar.conf
Include the following settings:
upstream sonar_backend {
server 127.0.0.1:9000;
}
server {
listen 80;
server_name sonar.example.com;
location / {
proxy_pass http://sonar_backend/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forward-Proto http;
proxy_set_header X-Nginx-Proxy true;
proxy_redirect off;
}
}
Save and close the configuration file. Test the Nginx settings for syntax errors:
nginx -t
The output should confirm:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful
Check the Nginx service status:
systemctl status nginx
The expected output:
? nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2020-11-16 17:04:16 UTC; 4min 3s ago
Docs: man:nginx(8)
Process: 140017 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Process: 140028 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Main PID: 140035 (nginx)
Tasks: 3 (limit: 4691)
Memory: 4.6M
CGroup: /system.slice/nginx.service
??140035 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
??140037 nginx: worker process
??140038 nginx: worker process
Nov 16 17:04:16 kolab.example.com systemd[1]: Starting A high performance web server and a reverse proxy server...
Nov 16 17:04:16 kolab.example.com systemd[1]: Started A high performance web server and a reverse proxy server.
With that complete, move on to accessing the SonarQube Web UI.
Access SonarQube Web UI
Use your browser to navigate to http://sonar.example.com. You should see the following login page:
Click on the Log in button to reach the login prompt:
Enter the default username as admin and password as admin, then click Login. You will then be redirected to SonarQube’s default dashboard:
Conclusion
Congratulations! You have successfully installed and configured SonarQube with Nginx as a reverse proxy on Ubuntu 20.04. This setup can now be deployed easily in a development environment. If you have any questions, feel free to ask.
FAQ
- What are the default login credentials for SonarQube?
The default username is admin and the default password is admin. - How do I secure SonarQube?
You should change the default admin password and configure an SSL certificate through Nginx for secure connections. - Can I integrate SonarQube with CI/CD tools?
Yes, SonarQube integrates seamlessly with various CI/CD tools, including Jenkins and GitLab CI. - What should I do if SonarQube crashes or doesn’t start?
Check the logs located in/opt/sonarqube/logs/for details on any errors or issues.