Proposal: Deconfig — Distributed Git Infrastructure with Durable Objects

Overview

Deconfig is a distributed Git infrastructure built on Cloudflare Durable Objects that provides realtime collaborative environments, multi-tenant isolation, and seamless synchronization with external Git services like GitHub and GitLab.

Architecture

Core Components

1. Control Plane

The control plane provides centralized orchestration for:

• Admin UI: Management interface for the entire system
• Auth/ACL: Policy enforcement and access control
• Tenant Manager: Multi-tenant lifecycle and provisioning
• Monitoring: Logs, metrics, and usage tracking across all components

2. Data Plane: Durable Objects Git Farm

Each Durable Object instance is a fully-functional Git server backed by SQLite:

• Horizontal Scalability: Infinite instances, each isolated
• Lightweight: SQLite provides fast, embedded storage
• Git-Native: Full Git protocol support (push, pull, clone, fetch)
• Submodule Support: Native Git submodule capabilities for hierarchical repo relationships
• Smart Routing: DO placement via shard keys ensures requests hit the correct instance

3. ENVIRONMENT (Realtime Client)

Each environment represents an isolated workspace with:

• Local Filesystem: Working directory for Git operations
• Realtime Collaboration: Powered by Yjs + WebSocket for live multi-user editing
• Multiple Client Types: Web editors, mobile apps, CI runners, bots
• Dual Mode Access: Can connect to DO Git servers OR external Git services

4. Multi-Tenant Hierarchy

Sponsors can create and manage child tenants with:

• Git Submodules: Code sharing between parent and child tenants
• Access Control: Sponsors control child tenant permissions
• Isolated Repos: Each tenant has dedicated Git repositories in the farm

Key Features

🔄 Bidirectional Sync with External Git

Durable Object Git servers can synchronize bidirectionally with external services:

• DO → GitHub/GitLab: Push local changes to external remotes

• GitHub/GitLab → DO: Clone/mirror external repos into DO Git servers

• Use Cases:

• Backup DO repos to GitHub

• Cache frequently-accessed GitHub repos in DO for faster access

• Hybrid workflows: develop in DO, deploy from GitHub

• Multi-cloud redundancy

⚡ Realtime Collaboration

• Live editing with Yjs CRDT
• WebSocket connections for instant sync
• Each editor maintains its own filesystem
• Changes can be committed individually or collaboratively

🔒 Security & Isolation

• Control plane enforces ACL policies across all layers
• Each DO instance is isolated
• Tenant-level access boundaries
• Observable via centralized monitoring

📦 Git Submodules for Multi-Tenancy

• Parent tenants can sponsor child tenants
• Shared code via Git submodules
• Hierarchical ownership model
• Independent versioning and updates

Implementation Benefits

1. Edge-Native: Runs on Cloudflare’s global network
2. No Infrastructure Management: Durable Objects handle state automatically
3. Infinite Scale: Each repo can be its own DO instance
4. Git Protocol Compatible: Works with existing Git clients and tools
5. Realtime UX: Collaborative editing without conflicts
6. Flexible Topology: Hybrid local + remote Git workflows

Architecture Diagram

graph TB
subgraph CP["🎛️ Control Plane"]
AdminUI["Admin UI"]
Auth["Auth / ACL"]
TenantMgr["Tenant Manager"]
Monitor["📊 Monitoring<br/>(Logs, Metrics, Usage)"]
end

subgraph DP["💾 Data Plane: Durable Objects Git Farm"]
Router["🔀 Router<br/>DO Placement / Shard Key"]
DO1["DO: git-server-1<br/>🗄️ SQLite"]
DO2["DO: git-server-2<br/>🗄️ SQLite"]
DO3["DO: git-server-3<br/>🗄️ SQLite"]
DON["DO: git-server-N<br/>🗄️ SQLite"]
DO1 -..- DO2
DO2 -..- DO3
DO3 -..- DON
end

subgraph ENV["🌐 ENVIRONMENT (Realtime Client)"]
YJS["Yjs + WebSocket<br/>Realtime Collaboration"]

subgraph EnvA["Environment A"]
EditorA["Editor A"]
FSA["📁 FILESYSTEM"]
EditorA --- FSA
end

subgraph EnvB["Environment B"]
EditorB["Editor B (mobile)"]
FSB["📁 FILESYSTEM"]
EditorB --- FSB
end

subgraph EnvCI["Environment CI"]
CI["CI Runner"]
FSCI["📁 FILESYSTEM"]
CI --- FSCI
end

subgraph EnvBot["Environment Bot"]
Bot["Bot"]
FSBot["📁 FILESYSTEM"]
Bot --- FSBot
end

YJS --- EditorA
YJS --- EditorB
YJS --- CI
YJS --- Bot
end

subgraph Tenants["👥 Multi-Tenant Hierarchy"]
Sponsor["Tenant: Sponsor"]
ChildA["Child Tenant A"]
ChildB["Child Tenant B"]
Sponsor -->|git submodule| ChildA
Sponsor -->|git submodule| ChildB
end

subgraph ExtGit["☁️ External Git Services"]
GitHub["GitHub Repo"]
GitLab["GitLab Repo"]
Other["Other Git Remote"]
end

%% Control Plane connections
Auth -.->|policy enforcement| DP
Auth -.->|policy enforcement| ENV
Monitor -.->|observability| DP
Monitor -.->|observability| ENV
TenantMgr -.->|provisions| Tenants

%% Routing
Router -->|routes to correct instance| DO1
Router -->|routes to correct instance| DO2
Router -->|routes to correct instance| DON

%% Git operations with filesystem
FSA -->|git push / commit| DO1
DO1 -->|git clone / pull| FSA
FSB -->|git push / commit| DO2
FSCI -->|git operations| DO3

%% Bidirectional sync between DO Git and External Git
DO1 <-->|"🔄 sync<br/>(push/pull)"| GitHub
DO2 <-->|"🔄 sync<br/>(push/pull)"| GitHub
DO3 <-->|"🔄 sync<br/>(push/pull)"| GitLab
DON <-->|"🔄 sync<br/>(push/pull)"| Other

%% Environment can also directly access external git
ENV -->|direct access| ExtGit

%% Tenant to Git Farm
Tenants -.->|repos in| DP

classDef controlPlane fill:#e6d5f5,stroke:#8b5cf6,stroke-width:3px
classDef dataPlane fill:#dbeafe,stroke:#3b82f6,stroke-width:3px
classDef environment fill:#d1fae5,stroke:#10b981,stroke-width:3px
classDef tenants fill:#fed7aa,stroke:#f59e0b,stroke-width:3px
classDef filesystem fill:#fef3c7,stroke:#eab308,stroke-width:2px
classDef external fill:#f3f4f6,stroke:#6b7280,stroke-width:2px

class CP controlPlane
class DP dataPlane
class ENV,EnvA,EnvB,EnvCI,EnvBot environment
class Tenants tenants
class FSA,FSB,FSCI,FSBot filesystem
class ExtGit,GitHub,GitLab,Other external

Loading

Use Cases

1. Internal Development Platform

• Teams edit code in realtime environments
• Changes sync instantly via Yjs
• Commits push to DO Git servers
• Periodic sync to GitHub for external access

2. Multi-Tenant SaaS

• Each customer gets isolated tenant with dedicated repos
• Sponsors can provision child tenants with submodule access
• Centralized billing and access control

3. CI/CD Integration

• CI runners operate as environments with filesystems
• Clone from DO Git servers for fast access
• Can sync with external GitHub for deployment

4. Hybrid Cloud Strategy

• Primary repos in DO Git for speed and control
• Mirror to GitHub/GitLab for redundancy
• Use external Git for public-facing projects

Implementation Phases

Phase 1: Core Infrastructure

• Durable Object Git server implementation
• SQLite storage backend
• Basic Git protocol support (clone, push, pull)
• Router and DO placement logic

Phase 2: Control Plane

• Admin UI for tenant management
• Auth/ACL system with policy enforcement
• Monitoring and observability stack

Phase 3: Realtime Environments

• Yjs integration for CRDT-based collaboration
• WebSocket transport layer
• Filesystem abstraction per environment
• Multi-client support (web, mobile, CI)

Phase 4: External Git Sync

• Bidirectional sync with GitHub
• GitLab integration
• Generic Git remote support
• Conflict resolution strategies

Phase 5: Multi-Tenancy

• Tenant hierarchy (sponsor/child model)
• Git submodule support
• Access delegation and provisioning
• Usage tracking and billing hooks

Open Questions

1. Conflict Resolution: How should conflicts be handled when syncing DO ↔ GitHub?
2. Webhook Integration: Should external Git services trigger sync via webhooks?
3. Storage Limits: What are the practical size limits for SQLite-backed repos?
4. Migration Path: How can existing GitHub repos be migrated into Deconfig?
5. Cost Model: How to price multi-tenant usage fairly?

Next Steps

1. Validate technical feasibility of Git-over-SQLite in Durable Objects
2. Prototype Yjs + WebSocket realtime editing
3. Design ACL model for multi-tenant isolation
4. Build proof-of-concept DO Git server with basic push/pull
5. Document Git sync strategies and conflict resolution