Everything you need to protect your Git repositories
From real-time replication to encrypted off-site archives, Git Replica gives your team a complete safety net for your code.
The moment you push, your backup is current
Every push event triggers replication immediately. No cron jobs. No polling. Your mirror stays in sync within seconds.
Instant, event-driven sync
Git Replica registers a webhook on your source repository. The moment a push lands, we receive the event, clone the delta, and push to every configured mirror. No scheduled windows, no missed commits.
Webhook-driven — no polling
We listen for push events, not scan on a timer. Your mirror is updated as fast as your provider can deliver the webhook.
Every branch, tag, and commit
Full git clone --mirror semantics. All refs are replicated — branches, tags, notes, and the full commit graph.
Under 10 seconds from push to mirror
Typical replication latency is under 10 seconds end-to-end, including webhook delivery, queue processing, and remote push.
Mirror across GitHub, GitLab, Bitbucket, and self-hosted
Define a binding between any two Git endpoints. Git Replica handles authentication, protocol differences, and ref mapping transparently.
GitHub → GitLab
Mirror your GitHub repos to GitLab as a live backup or CI fallback. Teams can pull from GitLab when GitHub is unavailable.
GitLab → Bitbucket
Keep a Bitbucket copy of your GitLab repos for compliance, redundancy, or cross-team collaboration across org boundaries.
GitHub → GitHub (org backup)
Mirror repositories from a personal account or one org to another org. Protect against accidental deletion or org suspension.
Any → Self-hosted Git
Push mirrors to any HTTPS or SSH Git endpoint — your own Gitea instance, an internal GitLab, or a bare server you control.
Point-in-time snapshots, encrypted end-to-end
Live mirrors protect against outages. Encrypted archives protect against corruption, deletion, and malicious actors. You need both.
-
End-to-end encryption
Archives are encrypted with AES-256-GCM before they leave our infrastructure. Your cloud storage provider sees only ciphertext.
-
Customer-controlled keys
Bring your own encryption key or use a Git Replica-managed key. Rotate at any time without losing access to existing archives.
-
Incremental snapshots
Only new objects are transferred each snapshot cycle. Storage costs stay low even for repos with long history.
-
Tamper-evident
Each archive bundle is checksummed and the manifest is signed. Restoration verifies integrity before a single byte is pushed.
Protect internal Git servers too
Your on-premise or VPC-hosted Git server is often the most critical — and the least backed up. Git Replica connects to any reachable Git endpoint.
GitLab Self-Managed
Connect your self-managed GitLab instance via a personal access token. Git Replica mirrors selected projects to any configured destination.
Gitea / Forgejo
Compatible with the Gitea and Forgejo API. Works whether your instance is publicly reachable or accessible only over a VPN.
Any HTTPS / SSH Git endpoint
If it speaks the Git protocol over HTTPS or SSH, Git Replica can clone from it. No proprietary API required — just a valid remote URL and credentials.
Your self-hosted endpoint must be reachable from Git Replica's worker IPs. For VPN or firewall-protected hosts, allowlist our published CIDR range or use an SSH tunnel configured in your account settings.
Keep two repositories in lockstep
Some teams commit to two providers simultaneously. Bidirectional sync propagates changes in both directions, with rules to handle conflicts deterministically.
Conflict-aware merging
When both sides receive commits simultaneously, Git Replica detects divergence and applies your configured merge strategy rather than silently overwriting.
Directional override rules
Pin specific branches to always follow one direction. Useful for main always flowing from A → B while feature branches sync both ways.
Team boundary support
Keep two separate organizational accounts in sync. Contractors, partners, or acquired teams can work in their own environment while history stays unified.
From backup to working repo in minutes
A backup is only as good as the restore process. Git Replica's restore flow is deliberate, audited, and fast — no command-line gymnastics required.
Pick a restore point
Browse the snapshot timeline for the repository. Every archive is timestamped and labelled with the HEAD commit SHA at capture time.
Choose destination provider
Select which provider account receives the restored repository — push to GitHub, GitLab, Bitbucket, or any connected self-hosted endpoint.
Git Replica decrypts & pushes
The archive is decrypted in memory, integrity is verified against the signed manifest, and a full git push --mirror is executed.
Clone your restored repo
The repository is live at the destination. Clone it, verify history, and continue work. The restore event is logged in your audit trail.
Designed for teams that can't afford mistakes
Security controls are not add-ons — they are the foundation. Here is what is enforced for every account, on every plan.
OAuth 2.0 only — no passwords
Authentication is delegated entirely to your Git provider. Git Replica never handles or stores your credentials directly.
AES-256-GCM for credentials at rest
OAuth tokens stored in our database are encrypted with AES-256-GCM using envelope encryption. Plaintext never hits disk.
No permanent source code storage
Git clone operations happen in ephemeral worker scratch space. No source code is retained after a job completes — only encrypted archives you explicitly configure.
Signed webhook verification
Every incoming webhook is verified against an HMAC-SHA256 signature before the job is queued. Spoofed events are rejected before any work is done.
Start backing up in under 2 minutes.
Connect your first provider account, configure a binding, and your repositories are protected. No infrastructure to manage.
Get started free