Quick setup instructions for a modern, tiny-yet-good SonarQube on-premises deployment.
We'll do it in the IaC way, using Docker Swarm and Ansible.
At the end, it will look like this (here we have a dummy, single-node Swarm):
NGINX will be used as TLS-offloading HTTPS reverse proxy.
PostgreSQL will be our database.
Let's go!
-
set your vm.max_map_count to the right value:
sudo echo "vm.max_map_count=262144" >> /etc/sysctl.conf -
clone this repo to your Ansible machine
git clone https://github.com/marcobellaccini/sonarqube-stack.git -
prepare your Ansible-Vault-encrypted configuration files:
ansible-vault create secrets/postgres_db # file containing db name ansible-vault create secrets/postgres_user # file containing PostgreSQL username ansible-vault create secrets/postgres_password # file containing PostgreSQL password ansible-vault create secrets/sonar.properties # sonarqube config file (with db connection specs: see https://docs.sonarqube.org/latest/setup/install-server/ ) ansible-vault encrypt secrets/sonarqube.key # encrypt cert private key for HTTPS # certificate for HTTPS should be put in secrets/sonarqube.crt -
edit Ansible inventory (inventory.yml)
-
deploy everything with Ansible:
ansible-playbook -i inventory.yml sonarqube.yml -u <SSHUSER> --ask-pass --ask-become-passOf course, you will be better off with ssh public key authentication!