Agile Zone is brought to you in partnership with:

Mitch Pronschinske is a Senior Content Analyst at DZone. That means he writes and searches for the finest developer content in the land so that you don't have to. He often eats peanut butter and bananas, likes to make his own ringtones, enjoys card and board games, and is married to an underwear model. Mitch is a DZone Zone Leader and has posted 2569 posts at DZone. You can read more from them at their website. View Full User Profile

Protect Your Private Git Repos From the NSA

07.11.2013
| 8456 views |
  • submit to reddit

Thinking about shielding your private code repositories from the NSA's prying eyes may seem like an overly paranoid thought, but with the scope of major web companies' involvement I can't say I would blame anyone for bringing their repos in-house.  

While there is zero evidence that sites like GitHub or Bitbucket are sharing, or would share, private repos with the NSA, it might be interesting to consider what options a Git user has if some day they did want to self-host their repos.  Certainly, some developers don't care if the NSA finds the code to their new dating software or their movie recommendation engine (unless it's for terrorist movies! *gasp*).  But here are a few options for your perusal, should you ever need hide your code from Big Brother™.

GitHub Enterprise- If you're using github already, it might be easiest to just get the same software for your servers.  But it does have to connect to GitHub in order to verify the license, so that maybe defeats the purpose of shielding your code from the NSA.  I just wanted to keep them in the mix for those of you who aren't worried about the whole PRISM thing.

GitLab - They say they're the most installed git management app in the world.  They're built on RoR and licensed under MIT.

Gitorious - Looks like this one has a few project management-focused features like Wikis.  They are also free.

Atlassian Stash - Simple Git repository management behind the firewall and it integrates with JIRA of course.

CollabNet CloudForge (Enterprise Edition) - CollabNet will also do a Subversion repository if that's your current flavor of version control.

Girocco - Here's another free option but as you might expect, it's more of a raw experience.

UPDATE:

GitBlit (courtesy of John Crygier's comment) - A pure java git solution, built on top of JGit.  See John's comment for his review.

Did I miss any?  Anybody have any good suggestions for self-hosting options that aren't Git-specific?  Subversion or Mercurial for example?

Comments

John Crygier replied on Thu, 2013/07/11 - 10:50am

We've implemented GitBlit (http://gitblit.com) in my company, simply because we weren't willing to ship our code elsewhere.  It's a pure java git solution, built on top of JGit.

I started the evaluation process a year ago, and started with Gitorious.  However, to get it set up was a real pain, especially when i wanted to do it in an automated way.

When I came across GitBlit, it's ease of setup, and good amount of features was an easy win.  We're a java shop, so anything that was missing we could fill in the holes.  The maintainer is very open to working with others to get new features in...for example, I committed the LDAP integration.

Mitch Pronschinske replied on Thu, 2013/07/11 - 11:16am in response to: John Crygier

 Nice addition!  Thanks, John.  I added GitBlit.

Max Rodriguez replied on Thu, 2013/07/11 - 11:53pm in response to: Mitch Pronschinske

Don't forget Gitolite, based on PERL it's easy to install and configure, I implemented it on my work and it's so easy to manage, and you can give permissions based on dirs, you manage everything from one repository http://gitolite.com/ https://github.com/sitaramc/gitolite

Matiss Roberts ... replied on Fri, 2013/07/12 - 3:37am

I've used RhodeCode  for years now. It is awesome. Supports Git and Mercurial, written in Python and extremely simple to maintain and setup. Has many options on permission management and LDAP integration. Has statistics on repos, repository groups and many many more features. 

Tero Parviainen replied on Tue, 2013/07/16 - 4:56am

Deveo  provides an on-premises installable product with Git, Mercurial, and Subversion hosting out of the box. Our feature set is designed to be very enterprise friendly (project, user, and access management, LDAP support, etc.) but we have a lot of individuals and small teams using it as well, since we provide it for free for 6 users or fewer.

Dotan Cohen replied on Thu, 2013/07/18 - 12:07am

 I don't get what all these 'solutions' are for. What is wrong with `git init --bare` on a public webserver? Access is then controlled by the server's SSH server and iptables. What do these 'solutions' provide? I'm seriously curious, maybe there is some feature that I'm missing.

Peter Meyers replied on Tue, 2014/03/04 - 6:08am

Odd that you missed the leading player in that market: RhodeCode. They are supporting Git, Mercurial, it can be installed under Windows and Linux and you can do code reviews and so much more. 

It is free up to 20 users. We are using their enterprise plan with 500+ users and it scales better than anything else that we tested.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.