Disallow deletion of master branch in git

Straightforward with a pre-receive hook. Assuming you're using a bare central repository, place the following code in your-repo.git/hooks/pre-receive, and don't forget to chmod +x your-repo.git/hooks/pre-receive.

#! /usr/bin/perl

# create: 00000... 51b8d... refs/heads/topic/gbacon
# delete: 51b8d... 00000... refs/heads/topic/gbacon
# update: 51b8d... d5e14... refs/heads/topic/gbacon

my $errors = 0;

while (<>) {
  chomp;

  next
    unless m[ ^
              ([0-9a-f]+)       # old SHA-1
              \s+
              ([0-9a-f]+)       # new SHA-1
              \s+
              refs/heads/(\S+)  # ref
              \s*
              $
            ]x;

  my($old,$new,$ref) = ($1,$2,$3);

  next unless $ref =~ /^(master|alpha|beta)$/;

  die "$0: deleting $ref not permitted!\n"
    if $new =~ /^0+$/;
}

exit $errors == 0 ? 0 : 1;

If you're happy to deny all branch deletes via 'push' then you can just set the config variable receive.denyDeletes to true on your repository.

If you do need more sophisticated control I recommend that you take a look at the update-paranoid hook from the git distribution's contrib/hooks folder. It allows you to set up per ref acls which can do things like deny non fast-forwards and deny deletes via push as well as some more sophisticated behaviours.

update-paranoid should do everything you need without you having to write your own hook.