mattpwest/sonarqube.part3.yml

## sonarqube.part3.yml
    - name: Create the sonar user for running the SonarQube services
      user:
        name: sonar
        comment: System user for running SonarQube

    - name: Download SonarQube
      get_url:
        url: "https://sonarsource.bintray.com/Distribution/sonarqube/sonarqube-{{ sonar_version }}.zip"
        dest: "/srv/sonarqube-{{ sonar_version }}.zip"

    - name: Extract SonarQube
      unarchive:
        src: "/srv/sonarqube-{{ sonar_version }}.zip"
        dest: "/srv"
        copy: no
        owner: sonar

    - name: Link this version of sonarqube as the server SonarQube version
      file:
        src: "/srv/sonarqube-{{ sonar_version }}"
        dest: "/srv/sonarqube"
        state: link
        owner: sonar

    - name: Configure SonarQube DB username
      lineinfile:
        path: "/srv/sonarqube/conf/sonar.properties"
        regexp: "^sonar.jdbc.username="
        insertafter: "^#sonar.jdbc.username="
        line: "sonar.jdbc.username={{ sonar_db_user }}"

    - name: Configure SonarQube DB password
      lineinfile:
        path: "/srv/sonarqube/conf/sonar.properties"
        regexp: "^sonar.jdbc.password="
        insertafter: "^#sonar.jdbc.password="
        line: "sonar.jdbc.password={{ sonar_db_pass }}"

    - name: Configure SonarQube DB connection string
      lineinfile:
        path: "/srv/sonarqube/conf/sonar.properties"
        regexp: "sonar.jdbc.url=jdbc:postgresql://localhost/sonar"
        insertafter: "^#sonar.jdbc.url=jdbc:postgresql://localhost/sonar"
        line: "sonar.jdbc.url=jdbc:postgresql://localhost/sonar"

    - name: Configure SonarQube to run as the sonar user
      lineinfile:
        path: "/srv/sonarqube/bin/linux-x86-64/sonar.sh"
        regexp: "RUN_AS_USER=sonar"
        insertafter: "#RUN_AS_USER="
        line: "RUN_AS_USER=sonar"

    - name: Copy the SonarQube service configuration file
      copy:
        src: "../files/sonar/sonarqube.service"
        dest: "/etc/systemd/system/sonarqube.service"

    - name: Configure OS security limits for the sonar user
      copy:
        src: "../files/sonar/sonarqube.limits"
        dest: "/etc/security/limits.d/99-sonarqube.conf"

    - name: Configure kernel level limits for ElasticSearch
      copy:
        src: "../files/sonar/sonarqube.sysctl"
        dest: "/etc/sysctl.d/99-sonarqube.conf"

    - name: Enable the SonarQube service
      systemd:
        state: started
        enabled: yes
        daemon_reload: yes
        name: sonarqube
	- name: Create the sonar user for running the SonarQube services
	user:
	name: sonar
	comment: System user for running SonarQube

	- name: Download SonarQube
	get_url:
	url: "https://sonarsource.bintray.com/Distribution/sonarqube/sonarqube-{{ sonar_version }}.zip"
	dest: "/srv/sonarqube-{{ sonar_version }}.zip"

	- name: Extract SonarQube
	unarchive:
	src: "/srv/sonarqube-{{ sonar_version }}.zip"
	dest: "/srv"
	copy: no
	owner: sonar

	- name: Link this version of sonarqube as the server SonarQube version
	file:
	src: "/srv/sonarqube-{{ sonar_version }}"
	dest: "/srv/sonarqube"
	state: link
	owner: sonar

	- name: Configure SonarQube DB username
	lineinfile:
	path: "/srv/sonarqube/conf/sonar.properties"
	regexp: "^sonar.jdbc.username="
	insertafter: "^#sonar.jdbc.username="
	line: "sonar.jdbc.username={{ sonar_db_user }}"

	- name: Configure SonarQube DB password
	lineinfile:
	path: "/srv/sonarqube/conf/sonar.properties"
	regexp: "^sonar.jdbc.password="
	insertafter: "^#sonar.jdbc.password="
	line: "sonar.jdbc.password={{ sonar_db_pass }}"

	- name: Configure SonarQube DB connection string
	lineinfile:
	path: "/srv/sonarqube/conf/sonar.properties"
	regexp: "sonar.jdbc.url=jdbc:postgresql://localhost/sonar"
	insertafter: "^#sonar.jdbc.url=jdbc:postgresql://localhost/sonar"
	line: "sonar.jdbc.url=jdbc:postgresql://localhost/sonar"

	- name: Configure SonarQube to run as the sonar user
	lineinfile:
	path: "/srv/sonarqube/bin/linux-x86-64/sonar.sh"
	regexp: "RUN_AS_USER=sonar"
	insertafter: "#RUN_AS_USER="
	line: "RUN_AS_USER=sonar"

	- name: Copy the SonarQube service configuration file
	copy:
	src: "../files/sonar/sonarqube.service"
	dest: "/etc/systemd/system/sonarqube.service"

	- name: Configure OS security limits for the sonar user
	copy:
	src: "../files/sonar/sonarqube.limits"
	dest: "/etc/security/limits.d/99-sonarqube.conf"

	- name: Configure kernel level limits for ElasticSearch
	copy:
	src: "../files/sonar/sonarqube.sysctl"
	dest: "/etc/sysctl.d/99-sonarqube.conf"

	- name: Enable the SonarQube service
	systemd:
	state: started
	enabled: yes
	daemon_reload: yes
	name: sonarqube