This guide configures a Gerrit replica that:
- Mirrors repositories from a primary server
- Uses
git://for pushing refs - Uses
ssh://(port 22) to create missing repos - Serves developers via
ssh://(port 29418) from the replica
Prerequisite
Install Gerrit on both servers using: Install Gerrit 3.11.2 on Ubuntu 24.04
Environment
| Role | Hostname |
|---|---|
| Primary | gerrit |
| Replica | gerrit-replica |
- Configure Gerrit on the Replica
Edit /srv/gerrit/etc/gerrit.config:
[container]
user = gerrit
javaHome = /usr/lib/jvm/java-21-openjdk
replica = true
[sshd]
listenAddress = *:29418
Start Gerrit:
sudo -u gerrit /srv/gerrit/bin/gerrit.sh start
This enables ssh://user@gerrit-replica:29418
- Enable
git-daemonfor Git Protocol
/etc/systemd/system/git-daemon.socket
[Socket]
ListenStream=9418
Accept=yes
[Install]
WantedBy=sockets.target
/etc/systemd/system/git-daemon@.service
[Service]
ExecStart=/usr/lib/git-core/git-daemon \
--inetd \
--base-path=/srv/gerrit/git \
--export-all \
--enable=receive-pack \
--verbose
StandardInput=socket
User=gerrit
Enable the daemon:
sudo systemctl daemon-reexec
sudo systemctl enable --now git-daemon.socket
- Configure UFW on the Replica
# Allow OS-level SSH (for repo creation via adminUrl)
sudo ufw allow ssh
# Allow git-daemon only from primary
sudo ufw allow from gerrit to any port 9418 proto tcp
sudo ufw deny in to any port 9418 proto tcp
# Allow end-user SSH access via Gerrit
sudo ufw allow 29418
# Enable the firewall
sudo ufw enable
- Authorize Repo Creation from Primary
On the primary, run:
ssh-copy-id gerrit@gerrit-replica
Test:
ssh gerrit@gerrit-replica
- Install Replication Plugin and Configure Sync
- Install Replication Plugin on Primary
cd /srv/gerrit
sudo -u gerrit java -jar bin/gerrit.war init --install-plugin replication -d /srv/gerrit
This installs the plugin correctly for your Gerrit version.
- Configure
/srv/gerrit/etc/replication.config
[remote "replica"]
url = git://gerrit-replica/${name}.git
adminUrl = ssh://gerrit@gerrit-replica/srv/gerrit/git/${name}.git
threads = 2
mirror = true
replicatePermissions = true
rescheduleDelay = 15
This setup:
- Pushes refs via Git protocol
- Creates missing repositories over OS-level SSH
- Mirrors all refs and permissions
- Trigger Initial Replication
ssh -p 29418 admin@localhost replication start --all
Monitor logs:
tail -f /srv/gerrit/logs/replication_log
- Developers Clone from Replica
Ensure your .gitconfig includes the following:
[user]
email = your email
name = your name
[color]
ui = auto
[url "ssh://maksonlee@gerrit-replica:29418/"]
insteadof = "git://gerrit/"
[url "ssh://maksonlee@gerrit:29418/"]
pushinsteadof = "git://gerrit/"
You can now clone via Gerrit SSH on the replica.
mkdir ~/aosp-15 && cd ~/aosp-15
repo init -u git://gerrit/platform/manifest -b android-15.0.0_r30
repo sync -c