Git
- Git Server Configuration
This article details the configuration of a Git server environment, focusing on best practices for performance, security, and scalability within a MediaWiki infrastructure. It's geared towards system administrators and developers looking to integrate Git version control with their workflows.
Introduction to Git
Git is a distributed version control system widely used for tracking changes in source code during software development. It's essential for collaborative projects, allowing multiple developers to work simultaneously without conflicts. This guide focuses on setting up a dedicated Git server, providing a central repository for your projects. This differs from using a service like GitHub or GitLab as it gives you full control over the data and infrastructure.
Server Requirements
The following outlines the minimum and recommended server specifications for a Git server. These assume a moderate number of users (10-20) and repositories (20-50). Scaling will require adjustments.
| Minimum Requirements | Recommended Requirements |
|---|---|
| CPU: 2 Core | CPU: 4+ Core |
| RAM: 4 GB | RAM: 8+ GB |
| Disk Space: 100 GB (SSD preferred) | Disk Space: 500 GB+ (SSD highly recommended) |
| Operating System: Linux (Ubuntu, CentOS, Debian) | Operating System: Linux (Ubuntu, CentOS, Debian) - Latest LTS release |
Consider using a dedicated server or a virtual machine (VM) on a platform like VMware or Proxmox to isolate the Git server from other services. Choosing an SSD for disk storage is *highly* recommended for significantly improved performance, especially with large repositories.
Software Installation
The core software for a Git server is, unsurprisingly, Git itself. Additionally, a user interface (UI) and access control mechanisms are crucial.
- Git Installation: Use your distribution's package manager. For example, on Ubuntu/Debian: `sudo apt update && sudo apt install git`. On CentOS/RHEL: `sudo yum install git`.
- SSH Server: Git relies heavily on SSH for secure access. Ensure an SSH server (like OpenSSH) is installed and configured.
- Git User: Create a dedicated user account for Git operations. This enhances security and simplifies permission management. Example: `sudo adduser git`.
- Git Web Interface (Optional): Consider installing a web interface like Gitolite, Gogs, Gitea, or GitBucket. These provide a user-friendly way to browse repositories, manage users, and administer the server. This guide will assume command-line access primarily.
User and Repository Management
Managing users and repositories effectively is critical.
- SSH Key Authentication: Disable password authentication for SSH and require SSH key authentication. This significantly improves security. Users generate SSH key pairs on their local machines and add their public keys to the `~git/.ssh/authorized_keys` file on the server.
- Repository Creation: Repositories are created using `git init --bare <repository_name>.git`. The `--bare` option creates a repository without a working directory, intended for sharing.
- User Access Control: Access to repositories can be controlled using SSH keys or, if using a web interface, through the interface's user management features. Gitolite is particularly strong in this area, offering fine-grained access control.
Configuration Options
Several Git server configuration options can influence performance and security.
| Configuration Option | Description | Default Value |
|---|---|---|
| `core.sharedRepository` | Enables sharing the repository among multiple users. | `true` for bare repositories |
| `receive.denyCurrentBranch` | Prevents pushing to the current branch. Useful for enforcing pull requests. | `ignore` |
| `gitDaemon.reuseaddr` | Allows the `git daemon` to reuse addresses, helpful for restarting the daemon. | `true` |
| `http.postBuffer` | Sets the maximum buffer size for HTTP POST requests. Increase for large files. | `1048576` (1MB) |
These options are configured globally using `git config --global <option> <value>` or repository-specifically using `git config <option> <value>` within the repository. Refer to the Git documentation for a complete list of configuration options.
Backup Strategy
Regular backups are essential to protect against data loss.
- Bare Repositories: Backing up bare repositories is straightforward. Simply copy the entire repository directory to a secure location.
- Scheduled Backups: Implement a scheduled backup process using tools like cron or a dedicated backup solution.
- Offsite Backups: Store backups offsite to protect against physical disasters. Consider using cloud storage services like Amazon S3 or Google Cloud Storage.
Performance Tuning
Optimizing performance is crucial for larger projects and numerous users.
| Tuning Technique | Description |
|---|---|
| SSD Storage | Significantly improves read/write speeds compared to traditional hard drives. |
| Git Daemon | Use `git daemon` for anonymous access to repositories. |
| SSH Configuration | Optimize SSH configuration for faster key exchange and connection establishment. |
| Repository Pruning | Regularly prune unreachable objects from the repository to reduce its size. `git gc --prune=now` |
Regularly monitor server resources (CPU, RAM, disk I/O) to identify bottlenecks and adjust the configuration accordingly. Utilize tools like top, htop, and iotop for monitoring.
Security Considerations
- Firewall: Configure a firewall (like iptables or ufw) to restrict access to the Git server to authorized IP addresses.
- SSH Security: Disable password authentication for SSH and enforce strong SSH key authentication.
- Regular Updates: Keep the operating system and Git software up to date with the latest security patches.
- Access Control: Implement strict access control policies to limit user access to only the repositories they need.
- Code Review: Implement a code review process to identify and address potential security vulnerabilities in the code.
Gitolite
Gogs
Gitea
GitBucket
OpenSSH
Linux
Ubuntu
CentOS
Debian
VMware
Proxmox
Git documentation
cron
Amazon S3
Google Cloud Storage
top
htop
iotop
MediaWiki
code review
Intel-Based Server Configurations
| Configuration | Specifications | Benchmark |
|---|---|---|
| Core i7-6700K/7700 Server | 64 GB DDR4, NVMe SSD 2 x 512 GB | CPU Benchmark: 8046 |
| Core i7-8700 Server | 64 GB DDR4, NVMe SSD 2x1 TB | CPU Benchmark: 13124 |
| Core i9-9900K Server | 128 GB DDR4, NVMe SSD 2 x 1 TB | CPU Benchmark: 49969 |
| Core i9-13900 Server (64GB) | 64 GB RAM, 2x2 TB NVMe SSD | |
| Core i9-13900 Server (128GB) | 128 GB RAM, 2x2 TB NVMe SSD | |
| Core i5-13500 Server (64GB) | 64 GB RAM, 2x500 GB NVMe SSD | |
| Core i5-13500 Server (128GB) | 128 GB RAM, 2x500 GB NVMe SSD | |
| Core i5-13500 Workstation | 64 GB DDR5 RAM, 2 NVMe SSD, NVIDIA RTX 4000 |
AMD-Based Server Configurations
| Configuration | Specifications | Benchmark |
|---|---|---|
| Ryzen 5 3600 Server | 64 GB RAM, 2x480 GB NVMe | CPU Benchmark: 17849 |
| Ryzen 7 7700 Server | 64 GB DDR5 RAM, 2x1 TB NVMe | CPU Benchmark: 35224 |
| Ryzen 9 5950X Server | 128 GB RAM, 2x4 TB NVMe | CPU Benchmark: 46045 |
| Ryzen 9 7950X Server | 128 GB DDR5 ECC, 2x2 TB NVMe | CPU Benchmark: 63561 |
| EPYC 7502P Server (128GB/1TB) | 128 GB RAM, 1 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (128GB/2TB) | 128 GB RAM, 2 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (128GB/4TB) | 128 GB RAM, 2x2 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (256GB/1TB) | 256 GB RAM, 1 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (256GB/4TB) | 256 GB RAM, 2x2 TB NVMe | CPU Benchmark: 48021 |
| EPYC 9454P Server | 256 GB RAM, 2x2 TB NVMe |
Order Your Dedicated Server
Configure and order your ideal server configuration
Need Assistance?
- Telegram: @powervps Servers at a discounted price
⚠️ *Note: All benchmark scores are approximate and may vary based on configuration. Server availability subject to stock.* ⚠️