Review: GitStorage

Petros reviews the GitStorage server appliance, which emphasizes data privacy and security.

By profession, I'm a software developer. Aside from a preferred editor, what matters most to a developer is the use of a Source Code Manager (SCM). So, when a new product comes along featuring my favorite SCM, Git, I had no choice but to spend some time using it.

GitStorage

GitStorage develops and distributes a Git server appliance of the same name with an emphasis on data privacy and security. The company produces two flavors, the key differences being the following:

When I received the product, it was packaged well with everything needed to hit the ground running: the device, a micro-USB-connected power plug, mounting screws and a basic set of instructions for connecting to the local device over Ethernet. All you need to do is connect it to your router or switch, apply power to the device, and within a minute, you'll be able to access a web-based front end to the device's assigned IP address from within your preferred web browser.

On initial connection, you're greeted with a setup and configuration menu. This setup allows you to configure the administrator account, generate CA certificates for your web browser, configure SMTP email relays so you even can connect the device to an existing Dropbox account for remote synchronization—all of which can be configured at a later date.

GitStorage Screen

The GitStorage Dashboard

When the configuration is complete, you're redirected to the dashboard of a very intuitive user interface. And because this is a single-purpose appliance, the features and functionality presented in the interface are simple and easy to understand. You can dynamically create or remove users, create new or remove existing code repositories, and assign the appropriate users to those repositories. When those same users log in to the web interface, they will be limited only to the repositories to which they are assigned.

Repository Screen

A View of Repositories

Again, the device is predominately focused on securing your data and limiting access to those who are granted it. Data at rest is always encrypted—that is, it's local to the device, even when synchronized to the cloud. For instance, if Dropbox is configured as your back-end remote archive location, a tarball that is GPG-signed will be synchronized to it. Even if people were to access that Dropbox archive, they will need a password to decrypt the file and then untar the tarball.

Dropbox Repo

A Synchronized Archive File to Dropbox

Now, how does GitStorage compare to existing Git solutions? It simplifies the task of deploying and maintaining your very own Git servers. You don't need to be a Git expert to get this handy device up and running and start providing developers the comfort and security of maintaining their code using the industry's most popular SCM. Out of the box, it is easy to configure and just works. Also, if very sensitive source code is pushed to this device, rest assured that your data at rest always will be encrypted in both local and remote locations.

What environments would benefit from this? I see this as a perfect solution for hobbyists and small-to-medium-sized software development firms. As long as you don't push too many binary files, the larger of the two devices (64GB) definitely can last you some time. And even if it doesn't, you're also able to add more GitStorage devices to your network.

—Petros Koutoupis