Sonar安裝設置完成

a4b828fb · Peter Cheng · a8a6f062 · a4b828fb · a4b828fb · a4b828fb
Commit a4b828fb authored Nov 28, 2019 by Peter Cheng
15 changed files
--- a/.env swp
+++ b/.env swp
+[server]
+ci_cd_test ansible_host=127.0.0.1
\ No newline at end of file
--- a/.gitignore
+++ b/.gitignore
+\.env
--- a/README.md
+++ b/README.md
 # build_server
-編譯伺服器
+編譯伺服器，透過Ansible Playbook操作，讓服務器可以自己Git抓程式碼下來，自己做程式碼分析、自動化測試、自動編譯、自動上版
+## 資料夾結構
+resources 用來存放軟體相關設定檔用
+tasks 用來存放分類存放要安裝、設定的Ansible Playbook排程
+.env.swp Ansible Playbook主機參數檔
+install.yml 用來安裝所需之套件
+config.yml 用來設定相關之設定
+## Ansible Playbook 操作流程
+1. 將./env/env.swp檔名改成.env
+2. 設定.env中，對應的主機名與IP，可一次設定多台
+3. 運行以下指令安裝所需之套件
+```
+ansible-playbook -i .env install.yml --ask-become-pass
+```
+4. 輸入登入用密碼
+5. 等全部的所需套件都安裝完成，並且沒有跳Fail
+6. 運行以下指令設定服務器
+```
+ansible-playbook -i .env config.yml --ask-become-pass
+```
+7. 輸入登入用密碼
+8. 等全部的所需套件都安裝完成，並且沒有跳Fail
\ No newline at end of file
--- a/config.yml
+++ b/config.yml
+# 設定安裝SonarQube所需資料庫環境
+- hosts: ci_cd_test
+  remote_user: petercheng
+  become: yes
+  become_user: postgres
+  tasks:
+    - name: "設定SonarQube所需資料庫環境"
+      include_tasks: tasks/config/postgres.yml
+# 設定SonarQube相關設定
+- hosts: ci_cd_test
+  remote_user: petercheng
+  become: yes
+  become_user: root
+  tasks:
+    - name: "設定SonarQube相關設定"
+      include_tasks: tasks/config/sonarQube.yml
\ No newline at end of file
--- a/install.yml
+++ b/install.yml
+---
+- hosts: ci_cd_test
+  remote_user: petercheng
+  become: yes
+  tasks:
+    # 初始化系統
+    - name: "全系統更新"
+      include_tasks: tasks/install/init.yml
+    - name: "安裝Git"
+      include_tasks: tasks/install/git.yml
+    # 安裝Golang 1.13.4
+    - name: "安裝Golang 1.13.4"
+      include_tasks: tasks/install/golang.yml
+    # 安裝PostgreSQL
+    - name: "安裝PostgreSQL"
+      include_tasks: tasks/install/postgres.yml
+    # 安裝SonarQube
+    - name: "安裝SonarQube 7.9.1 LTS"
+      include_tasks: tasks/install/sonarQube.yml
\ No newline at end of file
--- a/resources/jvm.options
+++ b/resources/jvm.options
+## JVM configuration
+################################################################
+## IMPORTANT: JVM heap size
+################################################################
+##
+## You should always set the min and max JVM heap
+## size to the same value. For example, to set
+## the heap to 4 GB, set:
+##
+## -Xms4g
+## -Xmx4g
+##
+## See https://www.elastic.co/guide/en/elasticsearch/reference/current/heap-size.html
+## for more information
+##
+################################################################
+# Xms represents the initial size of total heap space
+# Xmx represents the maximum size of total heap space
+-Xms1g
+-Xmx1g
+################################################################
+## Expert settings
+################################################################
+##
+## All settings below this section are considered
+## expert settings. Don't tamper with them unless
+## you understand what you are doing
+##
+################################################################
+## GC configuration
+-XX:+UseConcMarkSweepGC
+-XX:CMSInitiatingOccupancyFraction=75
+-XX:+UseCMSInitiatingOccupancyOnly
+## G1GC Configuration
+# NOTE: G1GC is only supported on JDK version 10 or later.
+# To use G1GC uncomment the lines below.
+# 10-:-XX:-UseConcMarkSweepGC
+# 10-:-XX:-UseCMSInitiatingOccupancyOnly
+# 10-:-XX:+UseG1GC
+# 10-:-XX:InitiatingHeapOccupancyPercent=75
+## DNS cache policy
+# cache ttl in seconds for positive DNS lookups noting that this overrides the
+# JDK security property networkaddress.cache.ttl; set to -1 to cache forever
+-Des.networkaddress.cache.ttl=60
+# cache ttl in seconds for negative DNS lookups noting that this overrides the
+# JDK security property networkaddress.cache.negative ttl; set to -1 to cache
+# forever
+-Des.networkaddress.cache.negative.ttl=10
+## optimizations
+# pre-touch memory pages used by the JVM during initialization
+-XX:+AlwaysPreTouch
+## basic
+# explicitly set the stack size
+-Xss1m
+# set to headless, just in case
+-Djava.awt.headless=true
+# ensure UTF-8 encoding by default (e.g. filenames)
+-Dfile.encoding=UTF-8
+# use our provided JNA always versus the system one
+-Djna.nosys=true
+# turn off a JDK optimization that throws away stack traces for common
+# exceptions because stack traces are important for debugging
+-XX:-OmitStackTraceInFastThrow
+# flags to configure Netty
+-Dio.netty.noUnsafe=true
+-Dio.netty.noKeySetOptimization=true
+-Dio.netty.recycler.maxCapacityPerThread=0
+# log4j 2
+-Dlog4j.shutdownHookEnabled=false
+-Dlog4j2.disable.jmx=true
+-Djava.io.tmpdir=/tmp
+## heap dumps
+# generate a heap dump when an allocation from the Java heap fails
+# heap dumps are created in the working directory of the JVM
+-XX:+HeapDumpOnOutOfMemoryError
+# specify an alternative path for heap dumps; ensure the directory exists and
+# has sufficient space
+#-XX:HeapDumpPath=data
+# specify an alternative path for JVM fatal error logs
+#-XX:ErrorFile=logs/hs_err_pid%p.log
+## JDK 8 GC logging
+#8:-XX:+PrintGCDetails
+#8:-XX:+PrintGCDateStamps
+#8:-XX:+PrintTenuringDistribution
+#8:-XX:+PrintGCApplicationStoppedTime
+#8:-Xloggc:logs/gc.log
+#8:-XX:+UseGCLogFileRotation
+#8:-XX:NumberOfGCLogFiles=32
+#8:-XX:GCLogFileSize=64m
+# JDK 9+ GC logging
+#9-:-Xlog:gc*,gc+age=trace,safepoint:file=logs/gc.log:utctime,pid,tags:filecount=32,filesize=64m
+# due to internationalization enhancements in JDK 9 Elasticsearch need to set the provider to COMPAT otherwise
+# time/date parsing will break in an incompatible way for some date patterns and locals
+#9-:-Djava.locale.providers=COMPAT
+# temporary workaround for C2 bug with JDK 10 on hardware with AVX-512
+#10-:-XX:UseAVX=2
--- a/resources/sonar.properties
+++ b/resources/sonar.properties
+# Property values can:
+# - reference an environment variable, for example sonar.jdbc.url= ${env:SONAR_JDBC_URL}
+# - be encrypted. See https://redirect.sonarsource.com/doc/settings-encryption.html
+#--------------------------------------------------------------------------------------------------
+# DATABASE
+#
+# IMPORTANT:
+# - The embedded H2 database is used by default. It is recommended for tests but not for
+#   production use. Supported databases are Oracle, PostgreSQL and Microsoft SQLServer.
+# - Changes to database connection URL (sonar.jdbc.url) can affect SonarSource licensed products.
+# User credentials.
+# Permissions to create tables, indices and triggers must be granted to JDBC user.
+# The schema must be created first.
+sonar.jdbc.username=sonar
+sonar.jdbc.password=sonar
+#----- Embedded Database (default)
+# H2 embedded database server listening port, defaults to 9092
+#sonar.embeddedDatabase.port=9092
+#----- Oracle 11g/12c/18c/19c
+# The Oracle JDBC driver must be copied into the directory extensions/jdbc-driver/oracle/.
+# Only the thin client is supported, and we recommend using the latest Oracle JDBC driver. See
+# https://jira.sonarsource.com/browse/SONAR-9758 for more details.
+# If you need to set the schema, please refer to http://jira.sonarsource.com/browse/SONAR-5000
+#sonar.jdbc.url=jdbc:oracle:thin:@localhost:1521/XE
+#----- PostgreSQL 9.3 or greater
+# By default the schema named "public" is used. It can be overridden with the parameter "currentSchema".
+sonar.jdbc.url=jdbc:postgresql://localhost/sonar
+#----- Microsoft SQLServer 2014/2016/2017 and SQL Azure
+# A database named sonar must exist and its collation must be case-sensitive (CS) and accent-sensitive (AS)
+# Use the following connection string if you want to use integrated security with Microsoft Sql Server
+# Do not set sonar.jdbc.username or sonar.jdbc.password property if you are using Integrated Security
+# For Integrated Security to work, you have to download the Microsoft SQL JDBC driver package from
+# https://www.microsoft.com/en-us/download/details.aspx?id=55539
+# and copy sqljdbc_auth.dll to your path. You have to copy the 32 bit or 64 bit version of the dll
+# depending upon the architecture of your server machine.
+#sonar.jdbc.url=jdbc:sqlserver://localhost;databaseName=sonar;integratedSecurity=true
+# Use the following connection string if you want to use SQL Auth while connecting to MS Sql Server.
+# Set the sonar.jdbc.username and sonar.jdbc.password appropriately.
+#sonar.jdbc.url=jdbc:sqlserver://localhost;databaseName=sonar
+#----- Connection pool settings
+# The maximum number of active connections that can be allocated
+# at the same time, or negative for no limit.
+# The recommended value is 1.2 * max sizes of HTTP pools. For example if HTTP ports are
+# enabled with default sizes (50, see property sonar.web.http.maxThreads)
+# then sonar.jdbc.maxActive should be 1.2 * 50 = 60.
+#sonar.jdbc.maxActive=60
+# The maximum number of connections that can remain idle in the
+# pool, without extra ones being released, or negative for no limit.
+#sonar.jdbc.maxIdle=5
+# The minimum number of connections that can remain idle in the pool,
+# without extra ones being created, or zero to create none.
+#sonar.jdbc.minIdle=2
+# The maximum number of milliseconds that the pool will wait (when there
+# are no available connections) for a connection to be returned before
+# throwing an exception, or <= 0 to wait indefinitely.
+#sonar.jdbc.maxWait=5000
+#sonar.jdbc.minEvictableIdleTimeMillis=600000
+#sonar.jdbc.timeBetweenEvictionRunsMillis=30000
+#--------------------------------------------------------------------------------------------------
+# WEB SERVER
+# Web server is executed in a dedicated Java process. By default heap size is 512MB.
+# Use the following property to customize JVM options.
+#    Recommendations:
+#
+#    The HotSpot Server VM is recommended. The property -server should be added if server mode
+#    is not enabled by default on your environment:
+#    http://docs.oracle.com/javase/8/docs/technotes/guides/vm/server-class.html
+#
+#    Startup can be long if entropy source is short of entropy. Adding
+#    -Djava.security.egd=file:/dev/./urandom is an option to resolve the problem.
+#    See https://wiki.apache.org/tomcat/HowTo/FasterStartUp#Entropy_Source
+#
+#sonar.web.javaOpts=-Xmx512m -Xms128m -XX:+HeapDumpOnOutOfMemoryError
+# Same as previous property, but allows to not repeat all other settings like -Xmx
+sonar.web.javaAdditionalOpts=-server
+# Binding IP address. For servers with more than one IP address, this property specifies which
+# address will be used for listening on the specified ports.
+# By default, ports will be used on all IP addresses associated with the server.
+sonar.web.host=0.0.0.0
+# Web context. When set, it must start with forward slash (for example /sonarqube).
+# The default value is root context (empty value).
+#sonar.web.context=
+# TCP port for incoming HTTP connections. Default value is 9000.
+sonar.web.port=9000
+# The maximum number of connections that the server will accept and process at any given time.
+# When this number has been reached, the server will not accept any more connections until
+# the number of connections falls below this value. The operating system may still accept connections
+# based on the sonar.web.connections.acceptCount property. The default value is 50.
+#sonar.web.http.maxThreads=50
+# The minimum number of threads always kept running. The default value is 5.
+#sonar.web.http.minThreads=5
+# The maximum queue length for incoming connection requests when all possible request processing
+# threads are in use. Any requests received when the queue is full will be refused.
+# The default value is 25.
+#sonar.web.http.acceptCount=25
+# By default users are logged out and sessions closed when server is restarted.
+# If you prefer keeping user sessions open, a secret should be defined. Value is
+# HS256 key encoded with base64. It must be unique for each installation of SonarQube.
+# Example of command-line:
+# echo -n "type_what_you_want" | openssl dgst -sha256 -hmac "key" -binary | base64
+#sonar.auth.jwtBase64Hs256Secret=
+# The inactivity timeout duration of user sessions, in minutes. After the configured
+# period of time, the user is logged out.
+# The default value is set to 3 days (4320 minutes)
+# and cannot be greater than 3 months. Value must be strictly positive.
+#sonar.web.sessionTimeoutInMinutes=4320
+# A passcode can be defined to access some web services from monitoring
+# tools without having to use the credentials of a system administrator.
+# Check the Web API documentation to know which web services are supporting this authentication mode.
+# The passcode should be provided in HTTP requests with the header "X-Sonar-Passcode".
+# By default feature is disabled.
+#sonar.web.systemPasscode=
+#--------------------------------------------------------------------------------------------------
+# SSO AUTHENTICATION
+# Enable authentication using HTTP headers
+#sonar.web.sso.enable=false
+# Name of the header to get the user login.
+# Only alphanumeric, '.' and '@' characters are allowed
+#sonar.web.sso.loginHeader=X-Forwarded-Login
+# Name of the header to get the user name
+#sonar.web.sso.nameHeader=X-Forwarded-Name
+# Name of the header to get the user email (optional)
+#sonar.web.sso.emailHeader=X-Forwarded-Email
+# Name of the header to get the list of user groups, separated by comma (optional).
+# If the sonar.sso.groupsHeader is set, the user will belong to those groups if groups exist in SonarQube.
+# If none of the provided groups exists in SonarQube, the user will only belong to the default group.
+# Note that the default group will always be set.
+#sonar.web.sso.groupsHeader=X-Forwarded-Groups
+# Interval used to know when to refresh name, email and groups.
+# During this interval, if for instance the name of the user is changed in the header, it will only be updated after X minutes.
+#sonar.web.sso.refreshIntervalInMinutes=5
+#--------------------------------------------------------------------------------------------------
+# LDAP CONFIGURATION
+# Enable the LDAP feature
+# sonar.security.realm=LDAP
+# Set to true when connecting to a LDAP server using a case-insensitive setup.
+# sonar.authenticator.downcase=true
+# URL of the LDAP server. Note that if you are using ldaps, then you should install the server certificate into the Java truststore.
+# ldap.url=ldap://localhost:10389
+# Bind DN is the username of an LDAP user to connect (or bind) with. Leave this blank for anonymous access to the LDAP directory (optional)
+# ldap.bindDn=cn=sonar,ou=users,o=mycompany
+# Bind Password is the password of the user to connect with. Leave this blank for anonymous access to the LDAP directory (optional)
+# ldap.bindPassword=secret
+# Possible values: simple | CRAM-MD5 | DIGEST-MD5 | GSSAPI See http://java.sun.com/products/jndi/tutorial/ldap/security/auth.html (default: simple)
+# ldap.authentication=simple
+# See :
+#   * http://java.sun.com/products/jndi/tutorial/ldap/security/digest.html
+#   * http://java.sun.com/products/jndi/tutorial/ldap/security/crammd5.html
+# (optional)
+# ldap.realm=example.org
+# Context factory class (optional)
+# ldap.contextFactoryClass=com.sun.jndi.ldap.LdapCtxFactory
+# Enable usage of StartTLS (default : false)
+# ldap.StartTLS=true
+# Follow or not referrals. See http://docs.oracle.com/javase/jndi/tutorial/ldap/referral/jndi.html (default: true)
+# ldap.followReferrals=false
+# USER MAPPING
+# Distinguished Name (DN) of the root node in LDAP from which to search for users (mandatory)
+# ldap.user.baseDn=cn=users,dc=example,dc=org
+# LDAP user request. (default: (&(objectClass=inetOrgPerson)(uid={login})) )
+# ldap.user.request=(&(objectClass=user)(sAMAccountName={login}))
+# Attribute in LDAP defining the user’s real name. (default: cn)
+# ldap.user.realNameAttribute=name
+# Attribute in LDAP defining the user’s email. (default: mail)
+# ldap.user.emailAttribute=email
+# GROUP MAPPING
+# Distinguished Name (DN) of the root node in LDAP from which to search for groups. (optional, default: empty)
+# ldap.group.baseDn=cn=groups,dc=example,dc=org
+# LDAP group request (default: (&(objectClass=groupOfUniqueNames)(uniqueMember={dn})) )
+# ldap.group.request=(&(objectClass=group)(member={dn}))
+# Property used to specifiy the attribute to be used for returning the list of user groups in the compatibility mode. (default: cn)
+# ldap.group.idAttribute=sAMAccountName
+#--------------------------------------------------------------------------------------------------
+# COMPUTE ENGINE
+# The Compute Engine is responsible for processing background tasks.
+# Compute Engine is executed in a dedicated Java process. Default heap size is 512MB.
+# Use the following property to customize JVM options.
+#    Recommendations:
+#
+#    The HotSpot Server VM is recommended. The property -server should be added if server mode
+#    is not enabled by default on your environment:
+#    http://docs.oracle.com/javase/8/docs/technotes/guides/vm/server-class.html
+#
+#sonar.ce.javaOpts=-Xmx512m -Xms128m -XX:+HeapDumpOnOutOfMemoryError
+# Same as previous property, but allows to not repeat all other settings like -Xmx
+#sonar.ce.javaAdditionalOpts=
+#--------------------------------------------------------------------------------------------------
+# ELASTICSEARCH
+# Elasticsearch is used to facilitate fast and accurate information retrieval.
+# It is executed in a dedicated Java process. Default heap size is 512MB.
+#
+# --------------------------------------------------
+# Word of caution for Linux users on 64bits systems
+# --------------------------------------------------
+# Please ensure Virtual Memory on your system is correctly configured for Elasticsearch to run properly
+# (see https://www.elastic.co/guide/en/elasticsearch/reference/5.5/vm-max-map-count.html for details).
+#
+# When SonarQube runs standalone, a warning such as the following may appear in logs/es.log:
+#      "max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]"
+# When SonarQube runs as a cluster, however, Elasticsearch will refuse to start.
+#
+# JVM options of Elasticsearch process
+#sonar.search.javaOpts=-Xms512m -Xmx512m -XX:+HeapDumpOnOutOfMemoryError
+# Same as previous property, but allows to not repeat all other settings like -Xmx
+#sonar.search.javaAdditionalOpts=
+# Elasticsearch port. Default is 9001. Use 0 to get a free port.
+# As a security precaution, should be blocked by a firewall and not exposed to the Internet.
+#sonar.search.port=9001
+# Elasticsearch host. The search server will bind this address and the search client will connect to it.
+# Default is loopback address.
+# As a security precaution, should NOT be set to a publicly available address.
+#sonar.search.host=
+#--------------------------------------------------------------------------------------------------
+# UPDATE CENTER
+# Update Center requires an internet connection to request https://update.sonarsource.org
+# It is enabled by default.
+#sonar.updatecenter.activate=true
+# HTTP proxy (default none)
+#http.proxyHost=
+#http.proxyPort=
+# HTTPS proxy (defaults are values of http.proxyHost and http.proxyPort)
+#https.proxyHost=
+#https.proxyPort=
+# NT domain name if NTLM proxy is used
+#http.auth.ntlm.domain=
+# SOCKS proxy (default none)
+#socksProxyHost=
+#socksProxyPort=
+# Proxy authentication (used for HTTP, HTTPS and SOCKS proxies)
+#http.proxyUser=
+#http.proxyPassword=
+# Proxy exceptions: list of hosts that can be accessed without going through the proxy
+#                   separated by the '|' character, wildcard character '*' can be used for pattern matching
+#                   used for HTTP and HTTPS (default none)
+#                   (note: localhost and its literal notations (127.0.0.1, ...) are always excluded)
+#http.nonProxyHosts=
+#--------------------------------------------------------------------------------------------------
+# LOGGING
+# SonarQube produces logs in 4 logs files located in the same directory (see property sonar.path.logs below),
+# one per process:
+#   Main process (aka. App) logs in sonar.log
+#   Web Server (aka. Web) logs in web.log
+#   Compute Engine (aka. CE) logs in ce.log
+#   Elasticsearch (aka. ES) logs in es.log
+#
+# All 4 files follow the same rolling policy (see sonar.log.rollingPolicy and sonar.log.maxFiles) but it applies
+# individually (eg. if sonar.log.maxFiles=4, there can be at most 4 of each files, ie. 16 files in total).
+#
+# All 4 files have logs in the same format:
+#           1           2    3           4                       5                                                   6
+# |-----------------| |---| |-|--------------------||------------------------------| |------------------------------------------------------------------------------------------------------------------------------|
+# 2016.11.16 16:47:00 INFO  ce[AVht0dNXFcyiYejytc3m][o.s.s.c.t.CeWorkerCallableImpl] Executed task | project=org.sonarqube:example-java-maven | type=REPORT | id=AVht0dNXFcyiYejytc3m | submitter=admin | time=1699ms
+#
+# 1: timestamp. Format is YYYY.MM.DD HH:MM:SS
+#    YYYY: year on 4 digits
+#    MM: month on 2 digits
+#    DD: day on 2 digits
+#    HH: hour of day on 2 digits in 24 hours format
+#    MM: minutes on 2 digits
+#    SS: seconds on 2 digits
+# 2: log level.
+#    Possible values (in order of descending criticality): ERROR, WARN, INFO, DEBUG and TRACE
+# 3: process identifier. Possible values: app (main), web (Web Server), ce (Compute Engine) and es (Elasticsearch)
+# 4: SQ thread identifier. Can be empty.
+#    In the Web Server, if present, it will be the HTTP request ID.
+#    In the Compute Engine, if present, it will be the task ID.
+# 5: logger name. Usually a class canonical name.
+#    Package names are truncated to keep the whole field to 20 characters max
+# 6: log payload. Content of this field does not follow any specific format, can vary in length and include line returns.
+#    Some logs, however, will follow the convention to provide data in payload in the format " | key=value"
+#    Especially, log of profiled pieces of code will end with " | time=XXXXms".
+# Global level of logs (applies to all 4 processes).
+# Supported values are INFO (default), DEBUG and TRACE
+#sonar.log.level=INFO
+# Level of logs of each process can be controlled individually with their respective properties.
+# When specified, they overwrite the level defined at global level.
+# Supported values are INFO, DEBUG and TRACE
+#sonar.log.level.app=INFO
+#sonar.log.level.web=INFO
+#sonar.log.level.ce=INFO
+#sonar.log.level.es=INFO
+# Path to log files. Can be absolute or relative to installation directory.
+# Default is <installation home>/logs
+#sonar.path.logs=logs
+# Rolling policy of log files
+#    - based on time if value starts with "time:", for example by day ("time:yyyy-MM-dd")
+#      or by month ("time:yyyy-MM")
+#    - based on size if value starts with "size:", for example "size:10MB"
+#    - disabled if value is "none".  That needs logs to be managed by an external system like logrotate.
+#sonar.log.rollingPolicy=time:yyyy-MM-dd
+# Maximum number of files to keep if a rolling policy is enabled.
+#    - maximum value is 20 on size rolling policy
+#    - unlimited on time rolling policy. Set to zero to disable old file purging.
+#sonar.log.maxFiles=7
+# Access log is the list of all the HTTP requests received by server. If enabled, it is stored
+# in the file {sonar.path.logs}/access.log. This file follows the same rolling policy as other log file
+# (see sonar.log.rollingPolicy and sonar.log.maxFiles).
+#sonar.web.accessLogs.enable=true
+# Format of access log. It is ignored if sonar.web.accessLogs.enable=false. Possible values are:
+#    - "common" is the Common Log Format, shortcut to: %h %l %u %user %date "%r" %s %b
+#    - "combined" is another format widely recognized, shortcut to: %h %l %u [%t] "%r" %s %b "%i{Referer}" "%i{User-Agent}"
+#    - else a custom pattern. See http://logback.qos.ch/manual/layouts.html#AccessPatternLayout.
+# The login of authenticated user is not implemented with "%u" but with "%reqAttribute{LOGIN}" (since version 6.1).
+# The value displayed for anonymous users is "-".
+# The SonarQube's HTTP request ID can be added to the pattern with "%reqAttribute{ID}" (since version 6.2).
+# If SonarQube is behind a reverse proxy, then the following value allows to display the correct remote IP address:
+#sonar.web.accessLogs.pattern=%i{X-Forwarded-For} %l %u [%t] "%r" %s %b "%i{Referer}" "%i{User-Agent}" "%reqAttribute{ID}"
+# Default value (which was "combined" before version 6.2) is equivalent to "combined + SQ HTTP request ID":
+#sonar.web.accessLogs.pattern=%h %l %u [%t] "%r" %s %b "%i{Referer}" "%i{User-Agent}" "%reqAttribute{ID}"
+#--------------------------------------------------------------------------------------------------
+# OTHERS
+# Delay in seconds between processing of notification queue. Default is 60 seconds.
+#sonar.notifications.delay=60
+# Paths to persistent data files (embedded database and search index) and temporary files.
+# Can be absolute or relative to installation directory.
+# Defaults are respectively <installation home>/data and <installation home>/temp
+#sonar.path.data=data
+#sonar.path.temp=temp
+# Telemetry - Share anonymous SonarQube statistics
+# By sharing anonymous SonarQube statistics, you help us understand how SonarQube is used so we can improve the product to work even better for you.
+# We don't collect source code or IP addresses. And we don't share the data with anyone else.
+# To see an example of the data shared: login as a global administrator, call the WS api/system/info and check the Statistics field.
+#sonar.telemetry.enable=true
+#--------------------------------------------------------------------------------------------------
+# DEVELOPMENT - only for developers
+# The following properties MUST NOT be used in production environments.
+# Elasticsearch HTTP connector
+#sonar.search.httpPort=-1
--- a/resources/sonar.service
+++ b/resources/sonar.service
+[Unit]
+Description=SonarQube service
+After=syslog.target network.target
+[Service]
+Type=forking
+ExecStart=/opt/sonarqube/bin/linux-x86-64/sonar.sh start
+ExecStop=/opt/sonarqube/bin/linux-x86-64/sonar.sh stop
+User=root
+Group=root
+Restart=always
+[Install]
+WantedBy=multi-user.target
\ No newline at end of file
--- a/tasks/config/postgres.yml
+++ b/tasks/config/postgres.yml
+---
+  #新增資料庫與使用者
+  - postgresql_db:
+      name: sonar
+      encoding: UTF-8
+      lc_collate: en_US.UTF-8
+      lc_ctype: en_US.UTF-8
+      template: template0
+  - postgresql_user:
+      db: sonar
+      name: sonar
+      password: sonar
+      priv: "ALL"
\ No newline at end of file
--- a/tasks/config/sonarQube.yml
+++ b/tasks/config/sonarQube.yml
+---
+  - name: "置換SonarQube設定檔"
+    copy:
+      src: ./resources/sonar.properties
+      dest: /opt/sonarqube/conf/sonar.properties
+      follow: yes
+  - name: "置換Elasticsearch設定檔"
+    copy:
+      src: ./resources/jvm.options
+      dest: /opt/sonarqube/elasticsearch/config/jvm.options
+      follow: yes
+  - name: "設定Elasticsearch目錄權限"
+    file: 
+      path: /opt/sonarqube
+      recurse: yes
+      mode: 0777
+  - name: "將SonarQube設成服務"
+    copy:
+      src: ./resources/sonar.service
+      dest: /etc/systemd/system/sonar.service
+      follow: yes
+  - name: "啟用SonarQube服務"
+    command: "{{ item }}"
+    with_items: 
+      - systemctl enable sonar
+      - systemctl start sonar
\ No newline at end of file
--- a/tasks/install/git.yml
+++ b/tasks/install/git.yml
+---
+# 安裝Git
+- name: "安裝Git"
+  apt:
+    name: git
+    state: present
\ No newline at end of file
--- a/tasks/install/golang.yml
+++ b/tasks/install/golang.yml
+---
+# 安裝GVM
+- name: "移除舊版GVM"
+  file:
+    path: /root/.gvm
+    state: absent
+- name: "下載GVM安裝程式"
+  get_url:
+    url: https://raw.githubusercontent.com/moovweb/gvm/master/binscripts/gvm-installer
+    dest: /tmp/gvm-installer
+    mode: "0755"
+- name: "執行GVM安裝程式"
+  command: /tmp/gvm-installer
+# 安裝編譯用相依套件
+- name: "安裝編譯用相依套件"
+  apt:
+    pkg:
+      - mercurial 
+      - make 
+      - binutils 
+      - bison 
+      - gcc 
+      - build-essential
+    state: present
+# 安裝Golang
+- name: "安裝Golang"
+  shell: "source /root/.gvm/scripts/gvm && gvm install go1.13.4 -B && gvm use go1.13.4"
+  args:
+    executable: /bin/bash
\ No newline at end of file
--- a/tasks/install/init.yml
+++ b/tasks/install/init.yml
+---
+# 初始化系統
+- name: "全系統更新"
+  apt: 
+    upgrade: dist
\ No newline at end of file
--- a/tasks/install/postgres.yml
+++ b/tasks/install/postgres.yml
+---
+- name: "安裝PostgreSQL"
+  apt:
+    pkg: 
+      - postgresql
+      - python-psycopg2
+    state: present
+    update_cache: yes
+- name: "修改資料庫管理員預設密碼"
+  user:
+    name: postgres
+    password: "{{ '1qazse4rfvgy7' | password_hash('sha512') }}"
\ No newline at end of file
--- a/tasks/install/sonarQube.yml
+++ b/tasks/install/sonarQube.yml
+---
+  #安裝SonarQube
+  - name: "移除舊版SonarQube壓縮包"
+    file: 
+      path: /tmp/sonarQube-LTS.zip
+      state: absent
+  - name: "移除舊版SonarQube安裝包"
+    file:
+      path: /opt/sonarqube
+      state: absent
+  - name: "下載SonarQube"
+    get_url: 
+      url: https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-7.9.1.zip
+      dest: /tmp/sonarQube-LTS.zip
+      mode: 444
+  - name: "安裝Unzip套件"
+    apt:
+      pkg:
+        - unzip 
+        - openjdk-11-jdk
+        - openjdk-11-jdk-headless
+      state: present
+  - name: "解壓SonarQube"
+    unarchive: 
+      src: /tmp/sonarQube-LTS.zip
+      dest: /opt
+      remote_src: yes
+  - name: "修改目錄名稱"
+    command: mv /opt/sonarqube-7.9.1 /opt/sonarqube
\ No newline at end of file