Install SonarQube on CentOS 7: Step-by-Step Guide
SonarQube is an open-source utility tailored for software quality management. Developed in Java, it accommodates various database systems. It allows for continuous code evaluation, monitors application health, and flags newly emerging code issues. Its analyzers are adept at identifying subtle problems and integrate seamlessly into DevOps pipelines.
This guide demonstrates how to install the current version of SonarQube on a CentOS 7 system.
Prerequisites
- A 64-bit CentOS 7 instance with a minimum of 2 GB RAM
- Access to a user with sudo privileges
Step 1: Update the System
Before proceeding with package installations, it’s advisable to update the CentOS system. Use your sudo-enabled account to log in and execute the commands below to perform the update:
sudo yum -y install epel-release
sudo yum -y update
sudo shutdown -r now
Once the server restarts, log in again with the sudo user credentials to continue.
Step 2: Install Java
Begin by downloading the Oracle SE JDK RPM package:
wget –no-cookies –no-check-certificate –header “Cookie:oraclelicense=accept-securebackup-cookie” “http://download.oracle.com/otn-pub/java/jdk/8u131-b11/d54c1d3a095b4ff2b6607d096fa80163/jdk-8u131-linux-x64.rpm”
Then install it using:
sudo yum -y localinstall jdk-8u131-linux-x64.rpm
Verify Java installation:
java -version
Step 3: Install and Configure PostgreSQL
First, set up the PostgreSQL repository:
sudo rpm -Uvh https://download.postgresql.org/pub/repos/yum/9.6/redhat/rhel-7-x86_64/pgdg-centos96-9.6-3.noarch.rpm
Next, install the database server and tools:
sudo yum -y install postgresql96-server postgresql96-contrib
Initialize PostgreSQL with:
sudo /usr/pgsql-9.6/bin/postgresql96-setup initdb
Edit the authentication settings:
sudo nano /var/lib/pgsql/9.6/data/pg_hba.conf
Locate and modify the following entries:
# TYPE DATABASE USER ADDRESS METHOD
# “local” is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 ident
# IPv6 local connections:
host all all ::1/128 ident
Change them to:
# TYPE DATABASE USER ADDRESS METHOD
# “local” is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
Start and enable PostgreSQL service:
sudo systemctl start postgresql-9.6
sudo systemctl enable postgresql-9.6
Set a new password for the default postgres user:
sudo passwd postgres
Switch to the postgres account:
su – postgres
Create a dedicated PostgreSQL user for SonarQube:
createuser sonar
Open the PostgreSQL shell:
psql
Assign a secure password to the SonarQube user:
ALTER USER sonar WITH ENCRYPTED password ‘StrongPassword’;
Create the SonarQube database and associate it with the user:
CREATE DATABASE sonar OWNER sonar;
Exit the PostgreSQL interface:
\q
Return to the sudo-enabled user environment:
exit
Step 4: Download and Configure SonarQube
Start by retrieving the SonarQube installer archive:
wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-6.4.zip
You can always obtain the latest version from the official SonarQube downloads page.
Install the unzip utility with:
sudo yum -y install unzip
Extract the archive:
sudo unzip sonarqube-6.4.zip -d /opt
Rename the extracted folder:
sudo mv /opt/sonarqube-6.4 /opt/sonarqube
Edit the SonarQube configuration file:
sudo nano /opt/sonarqube/conf/sonar.properties
Locate the following lines and update them:
sonar.jdbc.username=sonar
sonar.jdbc.password=StrongPassword
sonar.jdbc.url=jdbc:postgresql://localhost/sonar
Step 5: Set Up Systemd Service
Instead of launching SonarQube manually each time, configure a Systemd service:
sudo nano /etc/systemd/system/sonar.service
Insert the following configuration:
[Unit]
Description=SonarQube service
After=syslog.target network.target
[Service]
Type=forking
ExecStart=/opt/sonarqube/bin/linux-x86-64/sonar.sh start
ExecStop=/opt/sonarqube/bin/linux-x86-64/sonar.sh stop
User=root
Group=root
Restart=always
[Install]
WantedBy=multi-user.target
Start and enable the SonarQube service:
sudo systemctl start sonar
sudo systemctl enable sonar
To check the service status:
sudo systemctl status sonar
Step 6: Set Up Apache as a Reverse Proxy
By default, SonarQube runs on port 9000 locally. To expose it over port 80 using Apache, install the HTTP server:
sudo yum -y install httpd
Create a virtual host configuration file:
sudo nano /etc/httpd/conf.d/sonar.yourdomain.com.conf
Add the following configuration:
ServerName sonar.yourdomain.com
ServerAdmin me@yourdomain.com
ProxyPreserveHost On
ProxyPass / http://localhost:9000/
ProxyPassReverse / http://localhost:9000/
TransferLog /var/log/httpd/sonar.yourdomain.com_access.log
ErrorLog /var/log/httpd/sonar.yourdomain.com_error.log
Enable and start the Apache web server:
sudo systemctl start httpd
sudo systemctl enable httpd
Step 7: Adjust Firewall Settings
Allow HTTP traffic through the system firewall:
sudo firewall-cmd –add-service=http –permanent
sudo firewall-cmd –reload
Restart SonarQube:
sudo systemctl start sonar
Disable SELinux temporarily to avoid potential access issues:
sudo setenforce 0
SonarQube is now operational and can be accessed through:
http://sonar.yourdomain.com
Login credentials (default):
- Username:
admin - Password:
admin
Once logged in, you can begin analyzing your source code continuously.
For Newer Versions
When installing SonarQube 7.1 or later, additional adjustments are needed due to Elasticsearch restrictions on root users:
- Update directory ownership:
chown -R sonar:sonar /opt/sonarqube
- Edit the
sonar.shstartup script to run as the sonar user:
Update the line from:
#RUN_AS_USER=
To:
RUN_AS_USER=sonar
- Modify the systemd unit file to reflect the sonar user and group.
Conclusion
By following this comprehensive tutorial, you’ve successfully set up SonarQube on CentOS 7, integrated PostgreSQL, configured a systemd service, and established Apache as a reverse proxy. This configuration allows you to manage and evaluate code quality continuously in a production-ready environment. Don’t forget to secure your installation for long-term stability and compliance with best practices.
