Garmingo Logo
Thumbnail of the blog post How to Self-Host SonarQube for Code Quality Analysis (with Monitoring)

How to Self-Host SonarQube for Code Quality Analysis (with Monitoring)

7/8/2025

Community

479 views

πŸ§ͺ How to Self-Host SonarQube for Code Quality Analysis (with Monitoring)

SonarQube is one of the best tools to catch bugs, security issues, and code smells β€” especially for larger projects and teams.

Good news: it’s open-source and easy to self-host.

In this guide, you’ll learn how to:

  • Set up SonarQube on your own server

  • Run it with Docker

  • Monitor it externally to keep your CI/CD reliable

  • Do all of this for a one-time lifetime price, no monthly bill

Let’s go πŸ‘‡


🧰 What You’ll Need

  • A Linux server (Ubuntu/Debian) πŸ‘‰ If you need one, we recommend Hetzner Cloud β€” fast, reliable and cheap VPS starting at €3.

  • Docker + Docker Compose

  • 5–10 minutes


βš™οΈ Step 1: Create a Project Folder

mkdir sonarqube && cd sonarqube

πŸ“¦ Step 2: Create a docker-compose.yml

Paste this config:

version: "3"

services:
  sonarqube:
    image: sonarqube:lts
    ports:
      - "9000:9000"
    environment:
      - SONAR_JDBC_URL=jdbc:postgresql://db:5432/sonarqube
      - SONAR_JDBC_USERNAME=sonar
      - SONAR_JDBC_PASSWORD=sonar
    depends_on:
      - db

  db:
    image: postgres:13
    environment:
      - POSTGRES_USER=sonar
      - POSTGRES_PASSWORD=sonar
      - POSTGRES_DB=sonarqube
    volumes:
      - postgres_data:/var/lib/postgresql/data

volumes:
  postgres_data:

πŸš€ Step 3: Start SonarQube

Run:

docker compose up -d

After a minute, open:

http://your-server-ip:9000

Default credentials:

  • User: admin

  • Pass: admin


πŸ” Step 4: Secure Your Instance

  • Change the default password

  • Add HTTPS using a reverse proxy (e.g. NGINX + Let’s Encrypt)

  • Use a firewall (e.g. UFW) to restrict access if needed


πŸ” Step 5: Start Analyzing Code

You can now connect your GitHub/GitLab/Bitbucket repos or run CLI scans.

Check code coverage, vulnerabilities, bugs, complexity and more.


βœ… Step 6: Monitor SonarQube with Garmingo Status

SonarQube is often tied into your CI/CD pipeline.

If it goes down, builds fail and productivity suffers.

Here’s how to prevent that:

  • Use Garmingo Status to:

    • Monitor http(s)://yourdomain.com:9000

    • Track uptime & receive real-time alerts (Email, Slack, Telegram, etc.)

    • Maintain SLA logs and export reports

    • Set up internal or public status pages

  • It even has Ping, Port, DNS, Keyword, and SSL checks

πŸŽ‰ Right now, you can get Lifetime Access for under $50 on AppSumo:

πŸ‘‰ Grab the Garmingo Status Lifetime Deal


🧘 TL;DR

  • 🐳 Spin up SonarQube in Docker

  • πŸ”’ Secure your instance

  • πŸ“ˆ Monitor it with Garmingo Status

  • βœ… Pay once β€” not monthly

Peace of mind = priceless. But in this case, it's actually just $49.

πŸ‘‰ Get Lifetime Monitoring on AppSumo

Got an idea? Let us know