Quick Start: SonarQube

how to configure sonarqube with https based on traefik

Quick Start: SonarQube

Prerequisite

OR

Note: If using HTTP, remove the tls: {} in dynamic configuration.

Preparation

Configure host sysctl

Add the following lines to /etc/sysctl.conf:

1
2
vm.max_map_count = 524288
fs.file-max = 131072

Apply changes with: sudo sysctl -p

compose.yml

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
services:
    sonarqube:
        image: sonarqube:community
        hostname: sonarqube
        container_name: sonarqube
        depends_on:
            - db
        environment:
            SONAR_JDBC_URL: jdbc:postgresql://db:5432/sonar
            SONAR_JDBC_USERNAME: sonar
            SONAR_JDBC_PASSWORD: sonar  # Change this in production!
            # LDAP configuration (optional)
            SONAR_SECURITY_REALM: LDAP
            LDAP_URL: ldap://ldap
            LDAP_BINDDN: cn=admin,dc=chaos,dc=io
            LDAP_BINDPASSWORD: secret
            LDAP_USER_BASEDN: dc=chaos,dc=io
            LDAP_USER_REQUEST: (&(objectClass=person)(uid={login}))
        volumes:
            - sonarqube_data:/opt/sonarqube/data
            - sonarqube_extensions:/opt/sonarqube/extensions
            - sonarqube_logs:/opt/sonarqube/logs
        ulimits:
            nofile:
                soft: 131072
                hard: 131072
            nproc:
                soft: 8192
                hard: 8192
        expose:
            - 9000
        restart: unless-stopped
        networks:
            - traefik-net
    db:
        image: postgres:14
        hostname: postgresql
        container_name: postgresql
        environment:
            POSTGRES_USER: sonar
            POSTGRES_PASSWORD: sonar  # Change this in production!
            POSTGRES_DB: sonar
        volumes:
            - postgresql:/var/lib/postgresql
            - postgresql_data:/var/lib/postgresql/data
        restart: unless-stopped
        networks:
            - traefik-net

volumes:
    sonarqube_data:
    sonarqube_extensions:
    sonarqube_logs:
    postgresql:
    postgresql_data:

networks:
    traefik-net:
        external: true

Note: In production, use Docker secrets or environment variables for sensitive information like passwords.

sonar.yml in dir dynamic-conf

You should touch sonar.yml in traefik dir dynamic-conf.

For much more information, please reference the Prerequisite.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
http:
    routers:
        sonarqube:
            rule: "Host(`sonar.x.internal`)"
            service: "sonarqube"
            tls: { }

    services:
        sonarqube:
            loadBalancer:
                servers:
                    -   url: "http://sonarqube:9000"

DNS Configuration

Configure your DNS or modify your hosts file:

  • For Unix-like systems: Edit /etc/hosts
  • For Windows: Edit C:\Windows\System32\drivers\etc\hosts

Add the following line:

1
127.0.0.1 sonar.x.internal

Run

1
2
3
4
docker compose up -d
# Alternative commands:
# docker compose -p sonar up -d
# docker compose -f ./compose.yml -p sonar up -d

Access: https://sonar.x.internal