Skip to content

Updated sonar-setup.sh #251

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
hack3rinsider wants to merge 1 commit into
base: ci-jenkins
Choose a base branch
from
Open

Updated sonar-setup.sh #251

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
176 changes: 106 additions & 70 deletions userdata/sonar-setup.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,94 +1,118 @@
#!/bin/bash

#------------------------#
# System Configuration #
#------------------------#

# Backup system files
cp /etc/sysctl.conf /root/sysctl.conf_backup
cat <<EOT> /etc/sysctl.conf
cp /etc/security/limits.conf /root/sec_limit.conf_backup

# Apply kernel parameters
cat <<EOF | tee -a /etc/sysctl.conf
vm.max_map_count=262144
fs.file-max=65536
ulimit -n 65536
ulimit -u 4096
EOT
cp /etc/security/limits.conf /root/sec_limit.conf_backup
cat <<EOT> /etc/security/limits.conf
sonarqube - nofile 65536
sonarqube - nproc 409
EOT

sudo apt-get update -y
sudo apt-get install openjdk-11-jdk -y
sudo update-alternatives --config java

java -version

sudo apt update
wget -q https://www.postgresql.org/media/keys/ACCC4CF8.asc -O - | sudo apt-key add -

sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'
sudo apt install postgresql postgresql-contrib -y
#sudo -u postgres psql -c "SELECT version();"
sudo systemctl enable postgresql.service
sudo systemctl start postgresql.service
sudo echo "postgres:admin123" | chpasswd
runuser -l postgres -c "createuser sonar"
sudo -i -u postgres psql -c "ALTER USER sonar WITH ENCRYPTED PASSWORD 'admin123';"
sudo -i -u postgres psql -c "CREATE DATABASE sonarqube OWNER sonar;"
sudo -i -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE sonarqube to sonar;"
systemctl restart postgresql
#systemctl status -l postgresql
netstat -tulpena | grep postgres
sudo mkdir -p /sonarqube/
cd /sonarqube/
sudo curl -O https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-8.3.0.34182.zip
sudo apt-get install zip -y
sudo unzip -o sonarqube-8.3.0.34182.zip -d /opt/
sudo mv /opt/sonarqube-8.3.0.34182/ /opt/sonarqube
sudo groupadd sonar
sudo useradd -c "SonarQube - User" -d /opt/sonarqube/ -g sonar sonar
sudo chown sonar:sonar /opt/sonarqube/ -R
cp /opt/sonarqube/conf/sonar.properties /root/sonar.properties_backup
cat <<EOT> /opt/sonarqube/conf/sonar.properties
EOF
sysctl -p

# Configure limits
cat <<EOF | tee -a /etc/security/limits.conf
sonar - nofile 65536
sonar - nproc 4096
EOF

#------------------------#
# Install Java (OpenJDK) #
#------------------------#
apt update -y
apt install -y openjdk-11-jdk unzip curl gnupg2 ca-certificates lsb-release net-tools ufw nginx

#---------------------------#
# Install & Configure PostgreSQL #
#---------------------------#

# Add PostgreSQL APT repository
curl -fsSL https://www.postgresql.org/media/keys/ACCC4CF8.asc | gpg --dearmor -o /usr/share/keyrings/postgresql.gpg
echo "deb [signed-by=/usr/share/keyrings/postgresql.gpg] http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" \
> /etc/apt/sources.list.d/pgdg.list

apt update -y
apt install -y postgresql postgresql-contrib

systemctl enable postgresql
systemctl start postgresql
echo "postgres:admin123" | chpasswd

# Create sonar DB and user
sudo -u postgres psql <<EOF
CREATE USER sonar WITH ENCRYPTED PASSWORD 'admin123';
CREATE DATABASE sonarqube OWNER sonar;
GRANT ALL PRIVILEGES ON DATABASE sonarqube TO sonar;
EOF

#------------------------#
# Install SonarQube #
#------------------------#
mkdir -p /opt/sonarqube
cd /opt
curl -O https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-8.3.0.34182.zip
unzip -q sonarqube-8.3.0.34182.zip
mv sonarqube-8.3.0.34182/* sonarqube/
rm -rf sonarqube-8.3.0.34182 sonarqube-8.3.0.34182.zip

# Create sonar user
groupadd sonar
useradd -c "SonarQube User" -d /opt/sonarqube -g sonar sonar
chown -R sonar:sonar /opt/sonarqube

# Configure sonar.properties
cp /opt/sonarqube/conf/sonar.properties /root/sonar.properties.bak
cat <<EOF > /opt/sonarqube/conf/sonar.properties
sonar.jdbc.username=sonar
sonar.jdbc.password=admin123
sonar.jdbc.url=jdbc:postgresql://localhost/sonarqube

sonar.web.host=0.0.0.0
sonar.web.port=9000
sonar.web.javaAdditionalOpts=-server
sonar.search.javaOpts=-Xmx512m -Xms512m -XX:+HeapDumpOnOutOfMemoryError
sonar.log.level=INFO
sonar.path.logs=logs
EOT
EOF

cat <<EOT> /etc/systemd/system/sonarqube.service
#-----------------------------#
# Setup systemd for SonarQube #
#-----------------------------#
cat <<EOF > /etc/systemd/system/sonarqube.service
[Unit]
Description=SonarQube service
After=syslog.target network.target
Description=SonarQube Service
After=syslog.target network.target postgresql.service

[Service]
Type=forking

ExecStart=/opt/sonarqube/bin/linux-x86-64/sonar.sh start
ExecStop=/opt/sonarqube/bin/linux-x86-64/sonar.sh stop

User=sonar
Group=sonar
Restart=always

LimitNOFILE=65536
LimitNPROC=4096


[Install]
WantedBy=multi-user.target
EOT
EOF

systemctl daemon-reload
systemctl enable sonarqube.service
#systemctl start sonarqube.service
#systemctl status -l sonarqube.service
apt-get install nginx -y
rm -rf /etc/nginx/sites-enabled/default
rm -rf /etc/nginx/sites-available/default
cat <<EOT> /etc/nginx/sites-available/sonarqube
server{
listen 80;

#----------------------#
# Configure Nginx #
#----------------------#
rm -f /etc/nginx/sites-enabled/default /etc/nginx/sites-available/default

cat <<EOF > /etc/nginx/sites-available/sonarqube
server {
listen 80;
server_name sonarqube.groophy.in;

access_log /var/log/nginx/sonar.access.log;
Expand All @@ -98,22 +122,34 @@ server{
proxy_buffer_size 128k;

location / {
proxy_pass http://127.0.0.1:9000;
proxy_pass http://127.0.0.1:9000;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_redirect off;
proxy_set_header Host \$host;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto http;

proxy_set_header Host \$host;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto http;
}
}
EOT
EOF

ln -s /etc/nginx/sites-available/sonarqube /etc/nginx/sites-enabled/sonarqube
systemctl enable nginx.service
#systemctl restart nginx.service
sudo ufw allow 80,9000,9001/tcp

echo "System reboot in 30 sec"
#---------------------#
# Firewall & Reboot #
#---------------------#
#ufw allow 22
#ufw allow 80
#ufw allow 9000
#ufw --force enable

# Start services
systemctl start postgresql
systemctl start sonarqube.service
systemctl start nginx.service

echo "Setup complete. Rebooting in 30 seconds..."
sleep 30
reboot