DEV Community

Cover image for How to Self-Host SonarQube for Code Quality Analysis (with Monitoring)
Alexander Neitzel
Alexander Neitzel

Posted on • Originally published at garmingo.com

How to Self-Host SonarQube for Code Quality Analysis (with Monitoring)

#codequality #monitoring #selfhosted #docker

๐Ÿงช How to Self-Host SonarQube for Code Quality Analysis (with Monitoring)

SonarQube is one of the best tools to catch bugs, security issues, and code smells โ€” especially for larger projects and teams.

Good news: itโ€™s open-source and easy to self-host.

In this guide, youโ€™ll learn how to:

  • Set up SonarQube on your own server
  • Run it with Docker
  • Monitor it externally to keep your CI/CD reliable
  • Do all of this for a one-time lifetime price, no monthly bill

Letโ€™s go ๐Ÿ‘‡

๐Ÿงฐ What Youโ€™ll Need

  • A Linux server (Ubuntu/Debian) ๐Ÿ‘‰ If you need one, we recommend Hetzner Cloud โ€” fast, reliable and cheap VPS starting at โ‚ฌ3.
  • Docker + Docker Compose
  • 5โ€“10 minutes

โš™๏ธ Step 1: Create a Project Folder 

mkdir sonarqube && cd sonarqube
Enter fullscreen mode Exit fullscreen mode

๐Ÿ“ฆ Step 2: Create a docker-compose.yml

Paste this config:

version: "3"

services:
  sonarqube:
    image: sonarqube:lts
    ports:
      - "9000:9000"
    environment:
      - SONAR_JDBC_URL=jdbc:postgresql://db:5432/sonarqube
      - SONAR_JDBC_USERNAME=sonar
      - SONAR_JDBC_PASSWORD=sonar
    depends_on:
      - db

  db:
    image: postgres:13
    environment:
      - POSTGRES_USER=sonar
      - POSTGRES_PASSWORD=sonar
      - POSTGRES_DB=sonarqube
    volumes:
      - postgres_data:/var/lib/postgresql/data

volumes:
  postgres_data:
Enter fullscreen mode Exit fullscreen mode

๐Ÿš€ Step 3: Start SonarQube

Run:

docker compose up -d
Enter fullscreen mode Exit fullscreen mode

After a minute, open:

http://your-server-ip:9000

Default credentials:

  • User: admin
  • Pass: admin

๐Ÿ” Step 4: Secure Your Instance

  • Change the default password
  • Add HTTPS using a reverse proxy (e.g. NGINX + Letโ€™s Encrypt)
  • Use a firewall (e.g. UFW) to restrict access if needed

๐Ÿ” Step 5: Start Analyzing Code

You can now connect your GitHub/GitLab/Bitbucket repos or run CLI scans.

Check code coverage, vulnerabilities, bugs, complexity and more.

โœ… Step 6: Monitor SonarQube with Garmingo Status

SonarQube is often tied into your CI/CD pipeline.

If it goes down, builds fail and productivity suffers.

Hereโ€™s how to prevent that:

  • Use Garmingo Status to:
    • Monitor http(s)://yourdomain.com:9000
    • Track uptime & receive real-time alerts (Email, Slack, Telegram, etc.)
    • Maintain SLA logs and export reports
    • Set up internal or public status pages
  • It even has Ping, Port, DNS, Keyword, and SSL checks

๐ŸŽ‰ Right now, you can get Lifetime Access for under $50 on AppSumo:

๐Ÿ‘‰ Grab the Garmingo Status Lifetime Deal

๐Ÿง˜ TL;DR

  • ๐Ÿณ Spin up SonarQube in Docker
  • ๐Ÿ”’ Secure your instance
  • ๐Ÿ“ˆ Monitor it with Garmingo Status
  • โœ… Pay once โ€” not monthly

Peace of mind = priceless. But in this case, it's actually just $49.

๐Ÿ‘‰ Get Lifetime Monitoring on AppSumo

Top comments (0)