Escaping the SVN Nightmare: Building a Secure, High-Performance Git Server in Norway
If I have to resolve one more tree conflict in Subversion because a developer renamed a folder while another edited a file inside it, I might just pull the server rack out of the wall. It is 2011. We are done with centralized version control. We are done with CVS. And frankly, for those of us handling sensitive intellectual property in the Nordics, relying solely on US-hosted services like GitHub raises eyebrows regarding the Patriot Act.
Distributed Version Control Systems (DVCS) are not just a trend; they are the baseline for sane development. But here is the catch: Git is only as fast as the pipe you push it through. If your central repository sits on an overloaded server in Texas while your dev team is in Oslo, you are wasting hours every week watching the progress bar on a git clone.
This guide isn't for hobbyists. It's for the sysadmins who need a bulletproof, private Git remote that respects Norwegian data privacy laws (Personopplysningsloven) and offers blistering I/O performance.
The Architecture: Why KVM Matters for Git
Most cheap VPS providers try to sell you OpenVZ containers. For a simple web server, maybe that flies. But for a Git server that handles heavy I/O operations—especially if you have binary assets—you want dedicated kernel resources.
Git creates many small files and performs heavy compression during garbage collection (git gc). On a shared kernel (OpenVZ), a neighbor's runaway process can stall your I/O. We strictly use KVM (Kernel-based Virtual Machine) at CoolVDS because it exposes block devices directly to the guest OS. When you write to disk, you aren't waiting in a software queue behind 500 other customers.
Step 1: The Environment
We will use Ubuntu 10.04 LTS (Lucid Lynx) for stability. While 11.10 is out, I don't deploy non-LTS releases on production infrastructure. Reliability beats new features every time.
First, secure your box. We aren't using passwords here. SSH Keys only.
# On your local machine
ssh-keygen -t rsa -b 4096 -C "admin@coolvds-node"
ssh-copy-id root@your-coolvds-ip
Once you are in, update your sources and install the essentials. We need git-core.
apt-get update && apt-get upgrade -y
apt-get install git-core openssh-server python-setuptools
Step 2: Setting Up the 'Git' User
Never run your repositories as root. Create a dedicated user with a restricted shell. This is Security 101.
adduser --system --shell /bin/bash --gecos 'git version control' --group --disabled-password --home /home/git git
Pro Tip: Mount /home/git on a separate partition or a secondary virtual disk if possible. If your repo grows out of control, you don't want it filling up your root partition and crashing the OS. CoolVDS allows hot-plugging extra storage volumes for exactly this reason.
Step 3: The "Bare" Repository
A "bare" repository has no working tree (no source files checked out), just the version history. This is what you push to.
cd /home/git
mkdir project-omega.git
cd project-omega.git
git init --bare
Now, fix the permissions so the git user owns it:
chown -R git:git /home/git/project-omega.git
Step 4: Managing Access with Gitolite
Manually managing ~/.ssh/authorized_keys becomes a nightmare once you have more than three developers. Use Gitolite. It creates a granular authorization layer on top of SSH. You can restrict who can push to master versus who can only push to feature/* branches.
# Login as the git user
su - git
git clone git://github.com/sitaramc/gitolite
gitolite/src/gl-system-install
gl-setup /tmp/your-admin-key.pub
Now, you administer your server by pushing changes to the special gitolite-admin repository from your workstation. No more logging into the server to add users.
The Latency Factor: Oslo to the World
Why host this in Norway? Physics.
Latency affects the TCP handshake and the SSH negotiation heavily. If you are sitting in Oslo, a round trip to a US East Coast server takes ~100ms. To a CoolVDS server in our Oslo datacenter? <5ms.
| Action | US Hosting (East Coast) | CoolVDS (Norway) |
|---|---|---|
| Ping | 95-120ms | 2-5ms |
| SSH Handshake | ~300ms | ~15ms |
| 1GB Clone | Dependent on Trans-Atlantic fiber | Local IX peering (NIX) |
When your developers run git fetch twenty times a day, those seconds add up. High-speed SAS RAID-10 storage combined with local peering means your version control feels instant.
Data Sovereignty and Compliance
Under the Norwegian Personal Data Act, you are responsible for how you handle personal data. While code isn't always "personal data," the commit logs (names, emails) and potential hardcoded credentials (don't do that, but it happens) can be. Keeping your data within Norwegian borders simplifies your compliance stance significantly compared to explaining to Datatilsynet why your data is on a server in Virginia.
Conclusion
SVN is dead. Long live Git. But don't trade the headache of SVN for the headache of network latency. By deploying a hardened Git server on KVM infrastructure, you get the best of both worlds: the distributed power of Git and the raw speed of local metal.
Stop waiting for your code to travel across the Atlantic. Deploy a CoolVDS KVM instance today and push code at the speed of thought.