# 'encryption_key' should be set to the 256-bit encryption key for Amazon S3 to use to encrypt or decrypt. remote_directory : ' my.s3.bucket' # Specifies Amazon S3 storage class to use for backups, this is optional # storage_class: 'STANDARD' # Turns on AWS Server-Side Encryption with Amazon Customer-Provided Encryption Keys for backups, this is optional # 'encryption' must be set in order for this to have any effect. aws_access_key_id: '' # use_iam_profile: 'true' # The remote 'directory' to store your backups. connection : provider : AWS region : eu-west-1 aws_access_key_id : AKIAKIAKI aws_secret_access_key : ' secret123' # If using an IAM Profile, leave aws_access_key_id & aws_secret_access_key empty # ie. For example:īackup : # snip upload : # Fog storage connection settings, see. To use the copy strategy instead of the default streaming strategy, specify This is why the copy strategy is not the default in 8.17. So the problem doesn’t compound, but it could be a considerable change for large The process does its best to clean up the temporary files at each stage To a temporary location before calling tar and gzip, avoiding the error.Ī side-effect is that the backup process takes up to an additional 1X disk Introduces a new backup strategy called copy. It may occur, and causes the backup process to fail. When data changes while tar is reading it, the error file changed as we read This worksįine in most cases, but can cause problems when data is rapidly changing. The default backup strategy is to essentially stream data from the respectiveĭata locations to the backup using the Linux command tar and gzip. The command line tool GitLab provides to backup your instance can accept more In the unlikely event that the secrets file is lost, see the If you use Omnibus GitLab, review additional information to
To avoid man-in-the-middle attack warnings if you have to perform a full machine restore. You may also want to back up any TLS keys and certificates ( /etc/gitlab/ssl, /etc/gitlab/trusted-certs), and your On a Kubernetes cluster, you must follow the
The GitLab container according to the documentation, it should be in the The secrets file is essential to preserve your database encryption key.īack up the volume where the configuration files are stored. Storing encrypted information in the same locationĪs its key defeats the purpose of using encryption in the first place. Items including encrypted information for two-factor authentication and theĬI/CD secure variables. The primary reason for this is that your database contains The backup Rake task GitLab provides does not store yourĬonfiguration files. Ĭreating backup archive: $TIMESTAMP_gitlab_backup.tar The best way to migrate your repositoriesįrom one server to another is through a backup and restore. You can only restore a backup to exactly the same version and type (CE/EE)
GitLab provides Rake tasks for backing up and restoring GitLab instances.Īn application data backup creates an archive file that contains the database,
gitaly-backup for repository backup and restore.Backup fails to complete with Gzip error.Container Registry push failures after restoring from a backup.Disable user two-factor authentication (2FA).Verify that all values can be decrypted.Restoring database backup using Omnibus packages outputs warnings.Back up and restore for installations using PgBouncer.Online backup through marking repositories as read-only (experimental).Prevent writes and copy the Git repository data.Restoring only one or a few projects or groups from a backup.Restore for Docker image and GitLab Helm chart installations.Restore for Omnibus GitLab installations.Limit backup lifetime for local files (prune old backups).Specifying a custom directory for backups.Uploading backups to a remote (cloud) storage.Excluding specific directories from the backup.