Sonarqube https and Nginx

Version Sonarqube 8.0
OS Centos7
I am trying to integrate Sonarqube with gitlab. I have Nginx installed. All of this is hosted on a private network.
So from what I understand Sonarqube and gitlab needs https to authenticate each other. Sonarqube needs to be run with a reserve proxy in order for the https to work. I’m aware that I need a certificate probably Openssl.
So I copied the config from the sonarqube paste into my sonar conf.
I think the serverbaseurl needs to be set then restart sonarqube correct? Then server name in the sonar.name is set to the serverbaseurl name.
Serverbaseurl=http:://mysonar.com
sonar.conf server name = mysonar.com

When I try to access mysonar.com it can’t find the page. I’m not sure what logs to check or even where to begin with debugging.
I can still access the ip:portnumber address but not the serverbaseurl.

Hi @jedert,

You should indeed have sonar.core.serverBaseURL set to the full domain name, including protocol (e.g.: sonar.core.serverBaseURL=https://mysonar.com). And you should indeed restart if it changes. Please note this has no impact on accessing SonarQube itself, but is required for sending the user back and forth between SonarQube and GitLab for authentication.

As for the access, you say you can access the IP and port. Is that IP and port of Nginx, or SonarQube?

  • If SonarQube, can you access Nginx?
  • If Nginx, is your domain name being resolved correctly? For example, if you would add a line to your local etc/hosts file (or c:\Windows\System32\Drivers\etc\hosts if you’re on Windows), and add a new line, like:
# IP           Domain name
10.10.2.10     mysonar.com

Does that work? If yes, you have a problem with your local DNS. If not, you might not have a virtual host in Nginx that maps to that name.

Hi,

We did sort out the DNS lookup problem. We are using a local FQDN for our centos box.

So question about the Gitlab Authentication.
I’m following the documentation https://docs.sonarqube.org/latest/instance-administration/delegated-auth/#header-4

My issue is that I’m getting invalid page whenever I login into the gitlab sign on.
https://sonarqube.mycompany.com/oauth2/callback/gitlab (inserting our domain name)
Whenever I try to access this on the browser I get You’re not authorized to access this page.

I’m not sure if that’s correct way of debugging.

Does Sonarqube and Gitlab need to be https?
Can I pass the callback url as an ip address?

Thank you for replying!!

I’m not sure I understand this part:

You mean you type that URL in your browser and visit it? That won’t work. It needs more than just a visit to this URL.

How are you trying to login? Do you see the GitLab login button on the login screen of SonarQube?

Screenshot 2020-01-08 at 08.35.46

If not, your config isn’t complete. It’s probably missing some values. If you do see it, what happens when you click on it?

I do see the Gitlab login button on SonarQube.
When I click Log In. I put in my Gitlab account. Then I get the 404 page.

BTW we are running our own Gitlab instance.

Does your account exist SonarQube side? If not, did you allow new accounts to be created on the fly?

So we have the gitlab accounts setup also I have one sonarqube account setup as a test.

In Gitlab I setup the application in the Admin Area
Name: sonarqube
Redirect URL: http://mysonarqube.example.com/oauth2/callback/gitlab
Options: api, user read, trusted

On Sonarqube side in the administrator meun I copied in the appID and SerectID.
Redirect URL is https://mygitlab.example.com/oauth2/callback/gitlab

Can I get a bit more details on what account needs to setup?

Thank you so much for all your help!