Setting up SonarQube Step-by-Step on Ubuntu.

How to Set up SonarQube on Ubuntu 18.04 Server

SonarQube is an open-source platform developed by SonarSource. It scans your source code looking for code quality, detect bugs, code smells, and security vulnerabilities on 20+ programming languages and then presents the results in a report which will allow you to identify potential issues in your application.

Step1: Install and configure Database.

We are using PostgreSQL database for sonarqube. Install the PostgreSQL repository.

# sudo sh -c 'echo "deb `lsb_release -cs`-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'
# wget -q -O - | sudo apt-key add -

Install the PostgreSQL packages;

# apt-get -y install postgresql postgresql-contrib

Once installed the database, Start PostgreSQL server and enable it to start automatically at boot time.

# systemctl start postgresql
# systemctl enable postgresql
Synchronizing state of postgresql.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable postgresql
# systemctl status postgresql
 postgresql.service - PostgreSQL RDBMS
Loaded: loaded (/lib/systemd/system/postgresql.service; enabled; vendor preset: enabled)
Active: active (exited) since Wed 2020-09-30 09:18:50 UTC; 58s ago
Main PID: 14381 (code=exited, status=0/SUCCESS)
Tasks: 0 (limit: 4703)
CGroup: /system.slice/postgresql.service

Sep 30 09:18:50 Codescanner systemd[1]: Starting PostgreSQL RDBMS...
Sep 30 09:18:50 Codescanner systemd[1]: Started PostgreSQL RDBMS.

When we installed PostgreSQL server the postgres user was created, Change the password for the default PostgreSQL user.

# sudo passwd postgres
Enter new UNIX password: 
Retype new UNIX password: 
passwd: password updated successfully

Switch to the postgres user.

# su - postgres

Create a new user and Switch to the PostgreSQL shell.

$ createuser sonarqube
$ psql
psql (10.14 (Ubuntu 10.14-0ubuntu0.18.04.1))
Type "help" for help.

Set a password for the newly created user(sonarqube) and Create a new database named as sonardb.

postgres=# ALTER USER sonarqube WITH ENCRYPTED password 'YourPassword'
postgres=# CREATE DATABASE sonardb OWNER sonarqube;
postgres=# \q
postgres@Codescanner:~$ exit

Step2) Install and Configure SonarQube.

First Download the SonarQube installer files archive. You Can Download Latest version here.

# wget

Install unzip

# apt-get install unzip

Extract the archive and rename the directory name:

# unzip -d /opt/
#mv /opt/sonarqube- sonarqube/

We need jdk 11 to run sonarqube to install JDK 11 download from here.

Once you download the jdk extract that using.

#tar -xvf jdk-11.0.8_linux-x64_bin.tar.gz

Now Install the alternative for java.

# update-alternatives --install /usr/bin/java java /opt/jdk-11.0.8/bin/java 1
update-alternatives: using /opt/jdk-11.0.8/bin/java to provide /usr/bin/java (java) in auto mode
# java --version
java 11.0.8 2020-07-14 LTS
Java(TM) SE Runtime Environment 18.9 (build 11.0.8+10-LTS)
Java HotSpot(TM) 64-Bit Server VM 18.9 (build 11.0.8+10-LTS, mixed mode)

Open the SonarQube configuration file.

# vim /opt/sonarqube/conf/

Search the following lines and provide the PostgreSQL username and password of the database that we have created earlier. It should look like:


Search Next on same file and replace with:

sonar.jdbc.url=jdbc:postgresql://localhost/sonardb ## Mention your Database Name that we have created earlier.

Finally on the sonar properties file, tell SonarQube to run in server mode:


Now create sonarqube user on system which used to run the SonarQube service.

#adduser --system --no-create-home --group --disabled-login sonarqube

Update the permissions for /opt/sonarqube directory so that the “sonarqube” user will own these files,and be able to read and write files in this directory:

#chown -R sonarqube:sonarqube /opt/sonarqube

Now Add these lines at bottom of the files of elasticsearch.

#vim /opt/sonarqube/elasticsearch/config/elasticsearch.yml
. . . .
http.port: 9200 localhost
transport.tcp.port: 9300

Once you have updated those values, save and close the file.

Next, We will use Systemd to configure SonarQube to run as a service so that it will start automatically upon a reboot.

#vim /etc/systemd/system/sonarqube.service
Description=SonarQube service

ExecStart=/opt/sonarqube/bin/linux-x86-64/ start
ExecStop=/opt/sonarqube/bin/linux-x86-64/ stop


Close and save the file, then start the SonarQube service:

#systemctl start sonarqube.service

Sonarqube will take some time to start the service. Check the status of services using below command;

# systemctl status sonarqube.service 
● sonarqube.service - SonarQube service
Loaded: loaded (/etc/systemd/system/sonarqube.service; disabled; vendor preset: enabled)
Active: active (running) since Wed 2020-09-30 10:21:27 UTC; 3 days ago
Main PID: 27079 (wrapper)
Tasks: 175 (limit: 4703)
CGroup: /system.slice/sonarqube.service
├─27079 /opt/sonarqube/bin/linux-x86-64/./wrapper /opt/sonarqube/bin/linux-x86-64/../../conf/wrapper.conf wrapper.syslog.ident=Sonar
├─27082 java -Dsonar.wrapped=true -Djava.awt.headless=true -Xms8m -Xmx32m -Djava.library.path=./lib -classpath ../../lib/jsw/wrapper
├─27114 /opt/jdk-11.0.8/bin/java -XX:+UseConcMarkSweepGC -XX:CMSInitiatingOccupancyFraction=75 -XX:+UseCMSInitiatingOccupancyOnly -D
├─27225 /opt/jdk-11.0.8/bin/java -Djava.awt.headless=true -Dfile.encoding=UTF-8 -XX:-OmitStackT
└─27387 /opt/jdk-11.0.8/bin/java -Djava.awt.headless=true -Dfile.encoding=UTF-8 -XX:-OmitStackT

Sep 30 10:21:27 Codescanner systemd[1]: Starting SonarQube service...
Sep 30 10:21:27 Codescanner[27019]: Starting SonarQube...
Sep 30 10:21:27 Codescanner[27019]: Started SonarQube.
Sep 30 10:21:27 Codescanner systemd[1]: Started SonarQube service.

Enable the service using below command:

#systemctl enable sonarqube

Note: SonarQube server will take a few minutes to fully initialize. You can check if the server has started by querying the HTTP port:


Step3) Setting up sonarqube service on https port.

Now that we have the SonarQube server running, it’s time to configure Nginx, to install nginx use below command:

#apt-get install nginx -y

Once nginx installed create a new Nginx configuration file for the site:

#vim /etc/nginx/sites-enabled/sonarqube

Add this configuration on sonarqube file:

    listen      80;

    access_log  /var/log/nginx/sonar.access.log;
    error_log   /var/log/nginx/sonar.error.log;

    proxy_buffers 16 64k;
    proxy_buffer_size 128k;

    location / {
        proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
        proxy_redirect off;

        proxy_set_header    Host            $host;
        proxy_set_header    X-Real-IP       $remote_addr;
        proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header    X-Forwarded-Proto http;

Save and close the file. Check the configuration file has no syntax errors using command:

# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Once there is no error, start and enable the service of nginx.

# systemctl start nginx
# systemctl enable nginx
Synchronizing state of nginx.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable nginx

Step4) Secure Nginx with Let’s Encrypt.

Install Certbot’s Nginx package on your system.

# apt-get install python-certbot-nginx -y

Once Certbot’s nginx package installed, runs certbot with the –nginx plugin, using -d to specify the names we’d like the certificate to be valid for.

#certbot --nginx -d

Certbot will ask how you’d like to configure your HTTPS settings. select 2 option which redirect all requests to secure https access.

Try to reload your domain name using

Hope this post will help Devops beginners. Please share you feedback and Comments. Stay tune for more updates with …!!!

Leave a Reply


This site uses Akismet to reduce spam. Learn how your comment data is processed.

Notify of