SonarQube Installation and SSL Configuration

Download as docx, pdf, or txt
Download as docx, pdf, or txt
You are on page 1of 7

SonarQube Installation on RHEL

# cat /etc/sysctl.conf
vm.max_map_count=262144
fs.file-max=65536
ulimit -n 65536
ulimit -u 4096
Check the ulimit on the server and set the below parameters.
# ulimit -n 65536
# ulimit -u 4096
# ulimit -a
Java Installation

Download and install java.

Here java17 is used


# wget https://download.oracle.com/java/17/latest/jdk-17_linux-x64_bin.rpm

# rpm -ivh jdk-17_linux-x64_bin.rpm


Database configuration
postgres=# create database sonarqubedb;

postgres=# create user sonarqube with encrypted password 'redhat@123';


CREATE ROLE
postgres=#
postgres=# grant all privileges on database sonarqubedb to sonarqube;
GRANT

postgres=# \q

Download and Setup SonarQube


# wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-
9.9.3.79811.zip

# unzip sonarqube-9.9.3.79811.zip
Rename the directory sonarqube-9.9.3.79811 to sonarqube
# mv sonarqube-9.9.3.79811 sonarqube

Create a user and group sonar and make owner of this group
# chown -R sonar:sonar /opt/sonarqube
# su – sonar
Edit the file sonar.properties and add the following properties at respective fields
$ vi /opt/sonarqube/conf/sonar.properties
sonar.jdbc.username=sonarqube
sonar.jdbc.password=redhat@123
sonar.jdbc.url=jdbc:postgresql://192.168.31.90:5432/sonarqubedb
Create sonarqube service file inside directory - /etc/systemd/system/
# cat /etc/systemd/system/sonarqube.service

# cat /etc/systemd/system/sonarqube.service
[Unit]
Description=SonarQube service
After=syslog.target network.target

[Service]
Type=forking
User=sonar
Group=sonar
PermissionStartOnly=true
ExecStart=/opt/sonarqube/bin/linux-x86-64/sonar.sh start
ExecStop=/opt/sonarqube/bin/linux-x86-64/sonar.sh stop
Restart=always

LimitNOFILE=65536
LimitNPROC=4096

[Install]
WantedBy=multi-user.target

# systemctl daemon-reload

# systemctl restart sonarqube.service

# systemctl status sonarqube.service


SSL Configuration of Sonarqube

Generate self-signed certificate and key for SSL configraton

# openssl req -newkey rsa:4096 -x509 -sha256 -days 3650 -nodes -out sonarq.crt -keyout sonarq.key

Download and install nginx

# wget https://nginx.org/packages/rhel/8/x86_64/RPMS/nginx-1.24.0-1.el8.ngx.x86_64.rpm

Edit the file sonar.properties and add the following properties


# vi /opt/sonarqube/conf/sonar.properties

sonar.web.https.keyPath=/root/openssl/sonarq.key

sonar.web.https.certPath=/root/openssl/sonarq.crt
Configure nginx reverse proxy

# vi /etc/nginx/conf.d/default.conf
server {
listen 443 ssl;
server_name 192.168.31.90;

ssl_certificate /root/openssl/sonarq.crt;
ssl_certificate_key /root/openssl/sonarq.key;

#access_log /var/log/nginx/host.access.log main;

location / {
proxy_pass http://192.168.31.90:9000;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
}

#error_page 404 /404.html;

# redirect server error pages to the static page /50x.html


#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}

# proxy the PHP scripts to Apache listening on 127.0.0.1:80


#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;

# systemctl restart nginx

# systemctl status nginx


Admin/redhat@123

You might also like