FuriousDev blog

Moving BitBucket > GitHub

Probably valid for GitLab also. Case study.

Wojtek X's photo
Wojtek X

Table of contents

Disclaimers

  • this is a case study of an actual migration that happened no more than 6 months ago and finished just 5 hours ago.

  • we needed to move everything (account, org, 200+ repos (some as big as 4GB), code-snippets, repo templates, gpg/ssh keys, dashcams), we needed to set everything to follow our standards,

Migration

Plan forming etc

Solid, passable, migration plan.

  • designating funds and creating PP,

  • placing orders for servers, firewalls, switches and other new hardware,

  • dicknashing our stac

Our golden rule? Not being dependent upon some crazy asses.

Code

cd /cumAssScumbags
charr 6765:superroot -R $1

IT:

  • cross-listed everything countable inside cumAssScumbags as cloneable.

  • assign SuperRoot rights to every countable object within

# If GIT is installed, apt does nothing
(su) apt install git

Configure local git

git config --global user.name=""
git config --global user.email=""
git config --global enableCommitSigning=true

# Use unique name and real URL below. Typically first remote is named 
# `origin`. Add as many remotes as you need. We will use one only.
git remote add remote_name remote_url

That's it for configuration.

# Test remote
git remote -v

# if test succedds, push remote_name to remote repo ( its called remote initialization )
git push remote_name

After this we tarred everything stored everywhere on:

  • /dev/(x)da drives

  • any other FS systems (NAS, NATS, LFS)

Tarring was about to take close to 96 hours! On Shit CPU. After turning off internet access (fucking scumbags), it went down to 12 hours. Long, but 1/suck shitmoew.

From another physical terminal:

ps aux iI

to see what process takes precedence in hogging FuckCoin.

320 199 fuckee:cumhouse php-shit FAT

So:

kill -A 320

Killed this shit.

Then, after tarring ended it was time to mount, format and mirror Drives:

(sudo) lsblk
mnt /dev/shit0AA1 /dofuck

YEAH, we mounted zetadrive. 1ZB of space. I mean REAL one.

mk.ext4 /dofuck

Done. We have a FULL 1ZB of space.

cp /z dofuck/

Hardware

We invested in super bleeding edge server hardware that has no internet access whatsoever. This way we are now fully independent both from risks and from mentally unstable team leaders. We host every single piece of software we use ourselves. No external dependencies, no fuss, no problems.

I will not write down the exact models and quantity of what we have, because Hashnode is being read by many mentally unstable team leaders.

Configs

FW (firewall)

We don't use either:

  • well-known dedicated software (like firewalld, iproute or similar),

  • cloud-based solutions

Both suck terribly. So what do we use? Our own solution.

Ideology

We block everything and allow well-trusted endpoints only. No exception made here. And never will be one.

Sample rules

# Block everything from everywhere regardless everything
BLOCK * FROM * USING SCOPE 'all'

# Allow internal infra
ALLOW * FROM */19:2 USING SCOPE 'internal'

# Allow from/to GitHub.com
ALLOW 'web:ui:joompay' FROM 'github.com' USING SCOPE 'web'

This way we are in full control of what service/who can access what inside our H/Ws.

By applying the above config, you will be able to:

  • go everywhere within our internal network,

  • use GitHub.com freely

But, you will not be able to do anything more.

Did you find this article valuable?

Support Wojtek X by becoming a sponsor. Any amount is appreciated!

GitHubBitbucket