SonarQube Installation and SSL Configuration
SonarQube Installation and SSL Configuration
SonarQube Installation and SSL Configuration
# cat /etc/sysctl.conf
vm.max_map_count=262144
fs.file-max=65536
ulimit -n 65536
ulimit -u 4096
Check the ulimit on the server and set the below parameters.
# ulimit -n 65536
# ulimit -u 4096
# ulimit -a
Java Installation
postgres=# \q
# unzip sonarqube-9.9.3.79811.zip
Rename the directory sonarqube-9.9.3.79811 to sonarqube
# mv sonarqube-9.9.3.79811 sonarqube
Create a user and group sonar and make owner of this group
# chown -R sonar:sonar /opt/sonarqube
# su – sonar
Edit the file sonar.properties and add the following properties at respective fields
$ vi /opt/sonarqube/conf/sonar.properties
sonar.jdbc.username=sonarqube
sonar.jdbc.password=redhat@123
sonar.jdbc.url=jdbc:postgresql://192.168.31.90:5432/sonarqubedb
Create sonarqube service file inside directory - /etc/systemd/system/
# cat /etc/systemd/system/sonarqube.service
# cat /etc/systemd/system/sonarqube.service
[Unit]
Description=SonarQube service
After=syslog.target network.target
[Service]
Type=forking
User=sonar
Group=sonar
PermissionStartOnly=true
ExecStart=/opt/sonarqube/bin/linux-x86-64/sonar.sh start
ExecStop=/opt/sonarqube/bin/linux-x86-64/sonar.sh stop
Restart=always
LimitNOFILE=65536
LimitNPROC=4096
[Install]
WantedBy=multi-user.target
# systemctl daemon-reload
# openssl req -newkey rsa:4096 -x509 -sha256 -days 3650 -nodes -out sonarq.crt -keyout sonarq.key
# wget https://nginx.org/packages/rhel/8/x86_64/RPMS/nginx-1.24.0-1.el8.ngx.x86_64.rpm
sonar.web.https.keyPath=/root/openssl/sonarq.key
sonar.web.https.certPath=/root/openssl/sonarq.crt
Configure nginx reverse proxy
# vi /etc/nginx/conf.d/default.conf
server {
listen 443 ssl;
server_name 192.168.31.90;
ssl_certificate /root/openssl/sonarq.crt;
ssl_certificate_key /root/openssl/sonarq.key;
location / {
proxy_pass http://192.168.31.90:9000;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
}