Setting up SonarQube with Docker Compose on a Linux server

SonarQube is an open-source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities in code during development. It provides a detailed report on issues found in code and offers suggestions for improvements.

Hardware requirements

1. SonarQube server requires at least 2GB of RAM to run efficiently and 1GB of free RAM for the OS. If you are installing an instance for a large team or an enterprise, please consider the additional recommendations below.
2. The amount of disk space you need will depend on how much code you analyse with SonarQube.
3. SonarQube must be installed on hard drives that have excellent read & write performance. Most importantly, the “data” folder houses the Elasticsearch indices on which a huge amount of I/O will be done when the server is up and running. Read and write hard drive performance will therefore have a big impact on the overall SonarQube server performance.
4. SonarQube and the SonarScanner support only 64-bit systems.

Software requirements

1. Java: SonarQube server requires Java version 17.
2. Database: SonarQube supports several databases, including PostgreSQL (versions 11–15), Microsoft SQL Server (versions 2014–2022), and Oracle (XE Editions, 19C, 21C).

In this guide, I will set up SonarQube on the following server configuration

Operating system: Ubuntu 22.04

RAM: 4GB

Storage: 30GB

Architecture: 64-bit

Data disk: 8GB for saving the data of SonarQube and the database.

Setup Instructions

1. Mount the data disk attached to the server

Click the link and follow the instructions to mount your attached data disk onto your server.

2. Install Docker Compose on server

Click the link and follow the instructions to install the Docker and Docker Compose plugins on your server.

3. Install Java 17 on server

To install Java 17 on the server, use the following command

sudo apt install openjdk-17-jre-headless

4. Adjust kernel parameters

To adjust kernel parameters by running the following commands

sudo sysctl -w vm.max_map_count=524288
sudo sysctl -w fs.file-max=131072

Make the changes persistent across reboots by adding the following lines to /etc/sysctl.conf

vm.max_map_count=524288
fs.file-max=131072

5. Adjust user limits

To set user limits using the following commands

ulimit -n 131072
ulimit -u 8192

Make the changes persistent across reboots by adding the above lines to the user’s shell configuration file ~/.bashrcor ~/.bash_profile

6. Create directories on the mounted data disk

I created the directories on the mounted data disk to save the SonarQube and PostgreSQL data using the following commands

For SonarQube

cd /datadrive

mkdir sonarqube

cd sonarqube

mkdir data extensions logs

For PostgreSQL

cd /datadrive

mkdir postgresql

cd postgresql

mkdir data

7. Create a Docker Compose file for SonarQube and Postgres

Create an empty directory to save the SonarQube Docker Compose file using the following commands

mkdir sonarqube

cd sonarqube

nano compose.yaml

Copy the following contents and paste them into the compose.yaml file

version: "3"

services:
  sonarqube:
    image: sonarqube:community
    depends_on:
      - db
    environment:
      SONAR_JDBC_URL: jdbc:postgresql://db:5432/sonar
      SONAR_JDBC_USERNAME: sonar
      SONAR_JDBC_PASSWORD: sonar
    volumes:
      - /datadrive/sonarqube/data:/opt/sonarqube/data
      - /datadrive/sonarqube/extensions:/opt/sonarqube/extensions
      - /datadrive/sonarqube/logs:/opt/sonarqube/logs
    ports:
      - "9000:9000"
  db:
    image: postgres:12
    environment:
      POSTGRES_USER: sonar
      POSTGRES_PASSWORD: sonar
    volumes:
      - /datadrive/postgresql:/var/lib/postgresql
      - /datadrive/postgresql/data:/var/lib/postgresql/data

8. Start the SonarQube server

Execute the following command in the terminal to start SonarQube using Docker Compose

docker compose up -d

Now browse SonarQube at http://<server-ip>:9000 (the default system administrator credentials are admin/admin).

9. Managing Containers

• To view logs: docker logs -f <container-id or container name>
• To stop containers: docker compose down
• To remove containers and images: docker compose down -rmi all

10. Configure Nginx for the SonarQube Server

To configure Nginx for the SonarQube Server, ensure that you have installed Nginx on your server or click the link and follow the instructions for installing Nginx.

After successfully installing Nginx on your server, create an Nginx file for SonarQube using the following commands

sudo nano /etc/nginx/sites-available/SonarQube

Copy the following contents and paste them into the SonarQube file

server {
    listen 90;

    location / {
        proxy_pass http://localhost:9000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

After successfully created the SonarQube Nginx file, to creating a symbolic link (symlink) from the sites-available directory to the sites-enabled directory

sudo ln -s /etc/nginx/sites-available/SonarQube /etc/nginx/sites-enabled/

To ensure that your Nginx configuration is correct after creating a symbolic link, use the following command

sudo nginx -t

That’s all. Now, you can restart Nginx using the following command

sudo systemctl restart nginx

Now browse SonarQube at http://<server-ip>:90

Conclusion

Setting up SonarQube with Docker Compose on a Linux server involves addressing hardware and software prerequisites, configuring system parameters, creating necessary directories, composing Docker files, starting the SonarQube server, and configuring Nginx for smooth access. By adhering to these steps, users can ensure efficient code quality inspection, bug detection, and security vulnerability identification during software development, fostering a streamlined and effective development process.