Stop Leaking IP to the US: A Guide to Self-Hosted Git on Norwegian VPS
If I have to resolve one more Subversion tree conflict because a developer didn't lock a binary file, I might just pull the plug on the rack myself. It is 2010. Centralized version control is a bottleneck we can no longer afford.
By now, you have heard the noise about Git. It's not just hype. Distributed version control is the only way to handle complex branching without bringing development to a halt. But here is the problem: third-party hosting.
Sure, GitHub is gaining traction, but do you really want your proprietary code sitting on servers in California? Between the latency over the Atlantic and the legal gray areas of the US Safe Harbor framework, relying on foreign hosting is a risk a pragmatic CTO shouldn't take. If you care about Datatilsynet audits and keeping your intellectual property under Norwegian jurisdiction, you need to own the metal your code lives on.
This guide will walk you through setting up a bulletproof, private Git server on a CoolVDS instance running Ubuntu 10.04 LTS (Lucid Lynx).
Why Latency Kills Developer Productivity
You might think a few hundred milliseconds of ping doesn't matter for code. You would be wrong. Git is chatty. When you clone a repo or fetch changes, the handshake overhead adds up. If your team is in Oslo and your server is in Ashburn, Virginia, you are wasting seconds on every interaction.
When we benchmarked a `git clone` of a 500MB repository from a standard US shared host versus a CoolVDS instance peering directly at NIX (Norwegian Internet Exchange), the difference was night and day. We are talking about saturating the line versus waiting for TCP acknowledgments.
The Hardware Reality
Git is also essentially a filesystem database. It hammers the disk with metadata lookups. Most cheap VPS providers oversell their HDD arrays. You get "noisy neighbor" syndrome where another customer's database thrashing slows down your commits.
Pro Tip: Never compromise on I/O. For a Git server, you want RAID-10 SAS or, if you can afford the new enterprise SSD tiers, grab them. CoolVDS standardizes on high-performance storage backends specifically to prevent I/O wait from killing your CPU cycles.
Step-by-Step: The Deployment
We will use SSH for the transport protocol. It is secure, standard, and requires zero extra daemons listening on public ports.
1. Prepare the Environment
Log into your CoolVDS instance. We assume you are running a fresh install of Ubuntu 10.04 LTS.
$ sudo apt-get update
$ sudo apt-get upgrade
$ sudo apt-get install git-core openssh-server
2. Create the Git User
Security 101: Don't run services as root. We create a dedicated user to handle the repositories.
$ sudo adduser git
$ su - git
$ mkdir .ssh && chmod 700 .ssh
$ touch .ssh/authorized_keys && chmod 600 .ssh/authorized_keys
3. Managing Access (The Hard Way vs The Smart Way)
For a small team (3-5 devs), you can simply paste their public keys (`id_rsa.pub`) into the `authorized_keys` file we just created. However, this gives them shell access, which you might not want.
To restrict them only to Git commands, edit `/etc/passwd` and change the git user's shell to `git-shell`. But for larger teams, or if you need granular permission (e.g., Junior devs can read but not write to `master`), you should look into Gitolite. It parses the SSH keys and handles access control via a Perl script.
4. Initialize the Repository
Let's create a bare repository. This is a repo without a working directory, designed purely for sharing.
$ cd /home/git
$ mkdir project_x.git
$ cd project_x.git
$ git --bare init
Initialized empty Git repository in /home/git/project_x.git/
5. Local Configuration
Back on your developer workstation (your laptop), add the remote and push.
$ cd my_project
$ git init
$ git add .
$ git commit -m "Initial commit"
$ git remote add origin git@your-coolvds-ip:project_x.git
$ git push origin master
SVN vs. Git: The TCO Breakdown
If management asks why you are spending time migrating, show them this. It comes down to the cost of recovery and branching.
| Feature | Subversion (SVN) | Git (Self-Hosted) |
|---|---|---|
| Network Dependency | Constant connection required | Offline commit/log/diff |
| Branching Cost | High (Full copy) | Near Zero (Pointer change) |
| Backup Strategy | Single Point of Failure | Every clone is a full backup |
Security & Compliance in Norway
Under the Norwegian Personal Data Act (Personopplysningsloven), you are responsible for the data you hold. Even if code isn't strictly "personal data," your config files often contain database credentials or API keys. Storing these on a shared host in the US exposes you to the PATRIOT Act, where data can be subpoenaed without your knowledge.
By hosting on a dedicated CoolVDS instance in Oslo, you ensure:
- Data Sovereignty: Your data stays within Norwegian borders.
- Audit Trails: You control the `auth.log` and know exactly who accessed what.
- Isolation: Unlike shared hosting, our KVM virtualization ensures your RAM and CPU are yours alone. No overselling.
Final Thoughts
Transitioning to Git is not just a technical upgrade; it is a workflow revolution. But tools are only as good as the infrastructure they run on. Don't let a slow disk or a flaky transatlantic connection bottleneck your deployment pipeline.
Get a server that keeps up with your commit rate. Spin up a CoolVDS instance today—provisioning takes less than 60 seconds—and keep your code where it belongs: close to home and under your control.