Revision as of 09:37, 26 March 2019 by WikiFreak (talk | contribs)

The following instructions are for Ubuntu.

  • 2016-12-25 : update for Ubuntu 16.10
  • 2019-03-26 : update for SonarQube 7.x on CentOs 7.x ; with PostgreSQL server

You can find all these instructions and more on the Official how-to

Requirements: database server


You need to have a MySQL server available.

Create an empty DB and MySQL user "sonarqube"

mysql -u root -p

CREATE USER 'sonarqube'@'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON sonarqube.* TO 'sonarqube'@'localhost';



# Setup server
sudo yum install postgresql-server postgresql-contrib

# Init Postgres database
#   > default user: postgres
#   > create a database for SonarQube (db name: sonarqube)
sudo postgresql-setup initdb

Remote access

Adjust configuration to enable remote access

  • Postgresql.conf*
vim /var/lib/pgsql/data/postgresql.conf


listen_addresses = '*'
  1. Adjust configuration to enable remote acces

sudo cp /var/lib/pgsql/data/postgresql.conf /var/lib/pgsql/data/postgresql.conf.backup sudo cp $ASSETS_PATH/postgres.conf /var/lib/pgsql/data/postgresql.conf

  1. >Set:
  2. IPv4 local connections:

host all all md5

  1. IPv6 local connections:

host all all  ::/0 md5

sudo cp /var/lib/pgsql/data/pg_hba.conf /var/lib/pgsql/data/pg_hba.conf.backup sudo cp $ASSETS_PATH/pg_hba.conf /var/lib/pgsql/data/pg_hba.conf

       echo -e " "
       echo -e "$YELLOW ... Start Postgres server$WHITE"
       echo -e " "
       sudo systemctl start postgresql
       echo -e " "
       echo -e "$YELLOW ... Set 'postgres' LINUX user password (${WHITE}recommandation:${CYAN} postgres)$WHITE"
       echo -e " "
       sudo passwd postgres
       echo -e " "
       echo -e "$YELLOW ... Set 'postgres' SQL DB ADMIN user password (${WHITE}recommandation:${CYAN} postgres)$WHITE"
       # Ask for user input
       read "       > Enter and SQL DB ADMIN login: " userSqlPwd
       # Prepare home folder
       sudo mkdir -p /home/postgres
       sudo chmod -R 777 /home/postgres
       sudo chown -R postgres:users /home/postgres
       # Change password
       cd /home/postgres
       sudo -u postgres bash -c "psql -d template1 -c \"ALTER USER postgres WITH PASSWORD '${userSqlPwd}';\""
       cd $localFolder
       echo -e " "
       echo -e "$YELLOW ... Start Postgres on boot$WHITE"
       echo -e " "
       sudo systemctl enable postgresql

       # Register Firewall rules #
       echo -e " "
       echo -e "$YELLOW ... Add firewall rules for Postgres$WHITE"
       echo -e " "
       # Remove previous rules, if any
       sudo firewall-cmd --permanent --disable-port=$POSTGRES_DEFAULT_PORT/tcp
       sudo firewall-cmd --permanent --remove-port=$POSTGRES_DEFAULT_PORT/tcp
       sudo firewall-cmd --permanent --remove-service=postgres --zone=trusted
       sudo firewall-cmd --permanent --remove-service=postgres
       # Add new rules
       sudo firewall-cmd --permanent --new-service=postgres
       sudo firewall-cmd --permanent --service=postgres --set-short="Postgresql database server"
       sudo firewall-cmd --permanent --service=postgres --set-description="Postgres database server"
       sudo firewall-cmd --permanent --service=postgres --add-port=$POSTGRES_DEFAULT_PORT/tcp
       sudo firewall-cmd --permanent --add-service=postgres --zone=trusted
       # Enable redirection (port forwarding)
       #sudo firewall-cmd --permanent --zone=trusted --add-forward-port=port=$POSTGRES_DEFAULT_PORT:proto=tcp:toport=$POSTGRES_DEFAULT_PORT
       # Add a rule for localhost / aliases
       #sudo firewall-cmd --permanent --direct --add-rule ipv4 nat OUTPUT 0 -p tcp -o lo --dport $POSTGRES_DEFAULT_PORT -j REDIRECT --to-ports $POSTGRES_DEFAULT_PORT
       sudo firewall-cmd --reload
       sudo firewall-cmd --list-all

Source: Linode tutorial


I advise you to use the manual set-up and update. Experience proved that it can be cumbersome to upgrade SonarQube.

Get SonarQube and SonarRunner

  • SonarQube == Application to detect issues and display them (web-based)
  • SonarRunner == Command line tool to interact with SonarQube. This is required for Jenkins and other tools.

Download the latest version (or the LTS) on

cd /opt

# SonarQube
ln -s /opt/sonarqube-5.1.2 /opt/sonarqube

# SonarRunner
ln -s /opt/sonar-runner-2.4/ /opt/sonar-runner

# Make the SonarRunner available from anywhere
ln -s /opt/sonar-runner/bin/sonar-runner /usr/bin/sonar-runner

(i) It's always good to use a symlink. This make the update and rollback a bit easier.

Configuration (

Edit the SonarQube configuration file

vim /opt/sonarqube/conf/


Disable embedded H2DB and enable MySQL database, lines 20 to 40:


Port number and root context

Adjust port number and context (~ line 107)   
#sonar.web.port:             9000
sonar.web.context:           /sonarqube

!!! This is VERY important that you uncomment and set the sonar.web.context !!! Without it you cannot use Apache2 proxy.

Sonar symlink

The default path to manage SonarQube is, in that example: /opt/sonarqube/bin/linux-x86-64/ idem for the logs...

ln -s /opt/sonarqube/bin/linux-x86-64/ /usr/bin/sonarqube
ln -s /opt/sonarqube/bin/linux-x86-64/ /etc/init.d/sonarqube

mkdir -p /var/log/sonar
ln -s /opt/sonarqube/logs/sonar.log /var/log/sonar/sonar.log
ln -s /opt/sonarqube/logs/access.log /var/log/sonar/access.log

Configuration (

There is a new configuration file to edit since 5.x. Edit the WRAPPER configuration file

vim /opt/sonarqube/conf/

Adjust your JVM path, if required, on the first line. This should point to a JDK.

Apply changes

You must start Sonar to use the new settings.

sonarqube restart

... wait for some times on 1st start (5 to 7 mn) !! Logs are in

Check that Sonar is up:

netstat -pl --numeric | grep 9000

You should have:

tcp        0      0  *               LISTEN      xxxxx/java

Bug fix

If the port 9000 is already used by PHP you must remove PHP7 FPM

sudo apt-get remove php7.0-fpm

Access SonarQube


Apache2 proxy

Instead of opening port 9000, it's better to access Sonar through Apache2 proxy.

To use the proxy rule, the target /sonar must match the root URL (see

Apache2 configuration

Edit configuration file: module or virtual host

vim /etc/apache2/mods-enabled/proxy.conf


vim /etc/apache2/sites-enabled/mySite.conf

Set the following:

# Proxy to a Java application running over Tomcat, with IP filter
<Location /sonarqube >
	ProxyPass http://localhost:9000/sonarqube/
	ProxyPassReverse http://localhost:9000/sonarsonarqube/

        #Require all denied
        #AllowOverride none
        Require local
        Require ip 192.168.1
        Require host

        #Require all granted
        #Satisfy any

Test Sonar

The default user and password are “admin” and “admin“.


Sonar logs are in:


Sonar Runner


Edit the Sonar-Runner configuration file

vim /opt/sonar-runner/conf/

Enable MySQL database:

!! (i) note that I'm using sonarqube instead of sonar !!



Environment variable

Create a new environment variable SONAR_RUNNER_HOME

vim /etc/environment


Start SonarQube on boot


(i) you must do that on each update as well

You need to update the SonarQube bin exec so Debian|ubuntu can start it on boot.

vim /opt/sonarqube/bin/linux-x86-64/

Add the following lines right after the #!/bin/sh

# Provides:             sonarqube
# Required-Start:       $all
# Required-Stop:
# Default-Start:        4 5
# Default-Stop:         0 1 6
# Short-Description:    Sonarqube code quality analysis

Register sonarqube to boot sequence

(i) You just need to do that once.

cd /etc/init.d/
update-rc.d sonarqube defaults

Sonar Maven plugin


Upgrade Sonar

Sometimes when there are a lot of changes the new sonar version required some database change.

The service will not be available until you go to http://myServer/sonarqube/setup

You have to agree to the terms and upgrade database