How to Install SonarQube on Debian 11

Updated on February 11, 2022
How to Install SonarQube on Debian 11 header image

Introduction

SonarQube is an open-source web-based platform for code quality analysis based on Java. That is to detect bugs, code smells, and security vulnerabilities. It analyses a wide range of code written in different programming languages, for example, JavaScript, PHP, C#, C/C++, and Java through plugins. It's customizable to test certain aspects of the source code with limits dependent on the expected output. The output is a detailed report that captures all the domains within code quality analysis.

This article guides you on how to install SonarQube on Debian 11.0 server.

Prerequisites

Perform the following steps first:

Step 1. Install Java 11

Update the packages.

$ sudo apt update

Install dependencies.

$ sudo apt install wget unzip curl gnupg2 ca-certificates lsb-release socat -y

Install Java 11.

$ sudo apt-get install openjdk-11-jre -y

Step 2. Install PostgreSQL

Add PostgreSQL repository.

$ sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'

Add the PostgreSQL signing key.

$ wget -q https://www.postgresql.org/media/keys/ACCC4CF8.asc -O - | sudo apt-key add -

Update the system.

$ sudo apt update

Install PostgreSQL.

$ sudo apt-get install postgresql postgresql-contrib -y

Enable PostgreSQL service to start on system boot.

$ sudo systemctl enable postgresql

Start PostgreSQL service.

$ sudo systemctl start postgresql

Step 3. Create SonarQube Database

Change postgres default user password.

$ sudo passwd postgres

Log in with user postgres.

$ su - postgres

Create sonarqube user.

$ createuser sonarqube

Enter the PostgreSQL interactive shell.

$ psql

Set password for user sonarqube. Change SecurePassword with your secure password.

ALTER USER sonarqube WITH ENCRYPTED password 'SecurePassword';

Create database named sonarqube.

CREATE DATABASE sonarqube OWNER sonarqube;

Grant all the privileges on the sonarqube database to the sonarqube user.

GRANT ALL PRIVILEGES ON DATABASE sonarqube to sonarqube;

Exit the PostgreSQL shell.

\q

Return to your non-root account.

$ exit

Step 4. Install and Configure SonarQube

Download the latest version of SonarQube. To find the latest version, visit the download page.

$ wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-9.2.2.50622.zip

Extract the downloaded archive.

$ sudo unzip sonarqube-9.2.2.50622.zip

Create the installation directory /opt/sonarqube.

$ sudo mkdir /opt/sonarqube

Move the extracted files into the installation directory.

$ sudo mv sonarqube-*/* /opt/sonarqube

Create a System User account for SonarQube.

$ sudo useradd -M -d /opt/sonarqube/ -r -s /bin/bash sonarqube

Change the ownership of the installation directory.

$ sudo chown -R sonarqube:sonarqube -R /opt/sonarqube

Edit the properties file to update the database credential.

$ sudo nano /opt/sonarqube/conf/sonar.properties

The final file should have the following changes. Save and close the file.

sonar.jdbc.username=sonarqube
sonar.jdbc.password=SecurePassword
sonar.jdbc.url=jdbc:postgresql://localhost:5432/sonarqube
sonar.web.host=0.0.0.0

Step 5. Add systemd Services

Create a systemd service file.

$ sudo nano /etc/systemd/system/sonarqube.service

Add the bellow code to the file. Save and close the file.

[Unit]
Description=SonarQube Service
After=syslog.target network.target

[Service]
Type=forking

ExecStart=/opt/sonarqube/bin/linux-x86-64/sonar.sh start
ExecStop=/opt/sonarqube/bin/linux-x86-64/sonar.sh stop

User=sonarqube
Group=sonarqube
Restart=always

LimitNOFILE=65536
LimitNPROC=4096

[Install]
WantedBy=multi-user.target

Edit the sonar script file.

$ sudo nano /opt/sonarqube/bin/linux-x86-64/sonar.sh

Find this line. To search for it, use Control+W, enter search phrase then press Enter.

#RUN_AS_USER=

Now uncomment the line and change it. Finally, save and exit the file.

RUN_AS_USER=sonarqube

Reload the system daemon.

$ sudo systemctl daemon-reload

Enable SonarQube service to start on system boot.

$ sudo systemctl enable sonarqube

Start SonarQube service.

$ sudo systemctl start sonarqube

Check the service status.

$ sudo systemctl status sonarqube

Allow SonarQube default port 9000 through the system's firewall.

$ sudo ufw allow 9000/tcp

Step 6. Install and Configure Nginx

Install and configure Nginx as a reverse proxy for SonarQube. This enables you to access the web interface through port 80 instead of port 9000.

Install Nginx.

$ sudo apt-get install nginx -y

Enable Nginx service to start on system boot.

$ sudo systemctl enable nginx

Unlink Nginx default configuration file.

$ sudo unlink /etc/nginx/sites-enabled/default

Create a new Nginx configuration file named sonarqube.conf.

$ sudo nano /etc/nginx/sites-available/sonarqube.conf

Add the following code to the file. Save and close the file.

server {
    listen 80;
    server_name  example.com;

    location / {
        proxy_pass  http://127.0.0.1:9000;
    }
}

Enable the new configuration file.

$ sudo ln -s /etc/nginx/sites-available/sonarqube.conf /etc/nginx/sites-enabled/sonarqube.conf

Allow port 80 through the system's firewall.

$ sudo ufw allow 80/tcp

Test Nginx configuration.

$ sudo service nginx configtest

Restart the Nginx service.

$ sudo systemctl restart nginx

Step 7. Change Kernel Limits

Edit the sysctl configuration file to change some system defaults.

$ sudo nano /etc/sysctl.conf

Add the below code to the file. Then, save and exit the file.

vm.max_map_count=262144
fs.file-max=65536
ulimit -n 65536
ulimit -u 4096

Reload the sysctl configurations for changes to take effect.

$ sudo sysctl --system

Step 8. Access SonarQube

Go to your browser and go to the URL http://Server_IP/. For example:

http://192.0.2.11/

Conclusion

You have installed SonarQube on Debian 11.0 server. Login with the default credential with your username as admin and your password as admin. You can now continue and begin creating accounts for code analysis.

More Information

For more information on SonarQube, please visit the official documentation.