🧪 How to Self-Host SonarQube for Code Quality Analysis (with Monitoring)

SonarQube is one of the best tools to catch bugs, security issues, and code smells — especially for larger projects and teams.

Good news: it’s open-source and easy to self-host.

In this guide, you’ll learn how to:

• Set up SonarQube on your own server

• Run it with Docker

• Monitor it externally to keep your CI/CD reliable

• Do all of this for a one-time lifetime price, no monthly bill

Let’s go 👇

🧰 What You’ll Need

• A Linux server (Ubuntu/Debian) 👉 If you need one, we recommend Hetzner Cloud — fast, reliable and cheap VPS starting at €3.

• Docker + Docker Compose

• 5–10 minutes

⚙️ Step 1: Create a Project Folder

mkdir sonarqube && cd sonarqube

📦 Step 2: Create a docker-compose.yml

Paste this config:

version: "3"

services:
  sonarqube:
    image: sonarqube:lts
    ports:
      - "9000:9000"
    environment:
      - SONAR_JDBC_URL=jdbc:postgresql://db:5432/sonarqube
      - SONAR_JDBC_USERNAME=sonar
      - SONAR_JDBC_PASSWORD=sonar
    depends_on:
      - db

  db:
    image: postgres:13
    environment:
      - POSTGRES_USER=sonar
      - POSTGRES_PASSWORD=sonar
      - POSTGRES_DB=sonarqube
    volumes:
      - postgres_data:/var/lib/postgresql/data

volumes:
  postgres_data:

🚀 Step 3: Start SonarQube

Run:

docker compose up -d

After a minute, open:

http://your-server-ip:9000

Default credentials:

• User: admin

• Pass: admin

🔐 Step 4: Secure Your Instance

• Change the default password

• Add HTTPS using a reverse proxy (e.g. NGINX + Let’s Encrypt)

• Use a firewall (e.g. UFW) to restrict access if needed

🔍 Step 5: Start Analyzing Code

You can now connect your GitHub/GitLab/Bitbucket repos or run CLI scans.

Check code coverage, vulnerabilities, bugs, complexity and more.

✅ Step 6: Monitor SonarQube with Garmingo Status

SonarQube is often tied into your CI/CD pipeline.

If it goes down, builds fail and productivity suffers.

Here’s how to prevent that:

• Use Garmingo Status to:

  • Monitor http(s)://yourdomain.com:9000

  • Track uptime & receive real-time alerts (Email, Slack, Telegram, etc.)

  • Maintain SLA logs and export reports

  • Set up internal or public status pages

• It even has Ping, Port, DNS, Keyword, and SSL checks

🎉 Right now, you can get Lifetime Access for under $50 on AppSumo:

👉 Grab the Garmingo Status Lifetime Deal

🧘 TL;DR

• 🐳 Spin up SonarQube in Docker

• 🔒 Secure your instance

• 📈 Monitor it with Garmingo Status

• ✅ Pay once — not monthly

Peace of mind = priceless. But in this case, it's actually just $49.

👉 Get Lifetime Monitoring on AppSumo