restoring to docker-based gitlab
Summary
When spinning up gitlab in docker using the GITLAB_OMNIBUS_CONFIG
parameter to configure gitlab, the documentation says nothing is written to the gitlab.rb file.
I have confirmed this by viewing the gitlab.rb file inside the container.
This is expected behavior according to the docs:
"The settings contained in GITLAB_OMNIBUS_CONFIG aren’t written to the gitlab.rb configuration file, and are evaluated on load."
https://docs.gitlab.com/omnibus/docker/#pre-configure-docker-container
But the documentation for backing up and restoring gitlab says I need to backup and restore gitlab.rb and gitlab-secrets.json
But if nothing is ever written to gitlab.rb, what exactly is to be backed up?
I tried backing up and restoring to gitlab in docker by backing up the projects and the gitlab.rb and gitlab-secrets.json and then restoring those files using
docker cp gitlab-secrets.json gitlab_inside:/etc/gitlab/gitlab-secrets.json
docker cp gitlab.rb gitlab_inside:/etc/gitlab/gitlab.rb
I ran reconfigure afterward. (I also later ran restart)
I even ran sudo docker exec -it gitlab_inside gitlab-rake gitlab:check SANITIZE=true
But the end result, despite running those commands was a gitlab instance where I could see the projects. But things like runners, system hooks, etc all returned 500 errors.
I recognize that is symptomatic of problems with restoring gitlab.rb
and gitlab-secrets.json
. But those files were backed up and restored.
My concern how is, what is the proper way to restore gitlab backups when, if you use the GITLAB_OMNIBUS_CONFIG
parameter, nothing is actually being written to gitlab.rb? If backing up that file is required for a proper restore, what is gained by restoring a file with nothing but comments?
My hope is that if I ever need to restore my gitlab instance, I don't end up in this place again (Where I have to delete content from database tables to be able to see the runners, etc)
Steps to reproduce
Spin up docker like this (you'll need to modify these parameters)
docker run --detach \
--hostname gitlab.xxxxxxx \
--env GITLAB_OMNIBUS_CONFIG="external_url 'http://gitlab.xxxxxxxxxx/';
gitlab_rails['lfs_enabled'] = true;
gitlab_rails['backup_archive_permissions'] = 493;
gitlab_rails['backup_keep_time'] = 604800;
gitlab_rails['backup_path'] = \"/var/opt/gitlab/backups/\";
gitlab_rails['gitlab_default_can_create_group'] = \"false\";
gitlab_rails['gitlab_default_projects_features_visibility_level'] = \"public\";
gitlab_rails['gitlab_email_enabled'] = false;
gitlab_rails['gitlab_email_from'] = \"xxxxxxx\";
gitlab_rails['gitlab_email_reply_to'] = \"xxxxxxxx\";
gitlab_rails['gitlab_username_changing_enabled'] = false;
gitlab_rails['ldap_enabled'] = true; gitlab_rails['ldap_servers'] = {\"myldapserver\"=>{\"active_directory\"=>true, \"allow_username_or_email_login\"=>true, \"base\"=>\"DC=xx,DC=xxx\", \"bind_dn\"=>\"CN=xxxxxxxxx,OU=xxxxxxx,OU=Tracked Service Accounts,OU=AzureAD - Block Sync,OU=Active Directory,OU=IT Infrastructure,OU=Services,DC=xx,DC=xxxx\", \"block_auto_created_users\"=>false, \"host\"=>\"xxxxx.xxx.xxxx\", \"label\"=>\"LDAP\", \"method\"=>\"ssl\", \"password\"=>\"xxxxxxxxx\", \"port\"=>636, \"uid\"=>\"sAMAccountName\", \"verify_certificates\"=>false}};
gitlab_rails['manage_backup_path'] = true;
unicorn['port'] = 8890;
nginx['enable'] = true
nginx['redirect_http_to_https'] = false;
nginx['listen_port'] = 80
nginx['listen_https'] = false
letsencrypt['enable'] = false;
omnibus_gitconfig['system'] = {\"alias\"=>[\"st = status\", \"co = checkout\"], \"receive\"=>[\"fsckObjects = false\"], \"uploadArchive\"=>[\"allowUnreachable = true\"]};" \
--publish 82:80 --publish 8443:8443 \
--name gitlab_inside \
--restart always \
--volume /home/xxxxx/gitlab_volumes/config:/etc/gitlab \
--volume /home/xxxxxx/gitlab_volumes/logs:/var/log/gitlab \
--volume /home/xxxxxxx/gitlab_volumes/data:/var/opt/gitlab \
--volume /home/xxxxxxx/gitlab_volumes/backups:/var/opt/gitlab/backups \
--volume /etc/gitlab/ssl/cert/:/etc/gitlab/ssl/cert/ \
gitlab/gitlab-ce:12.0.9-ce.0
Create runners, system hooks, a few projects.
Backup the instance
Blow away your image and container.
Spin up the container just as you did before.
Restore your backup and the gitlab.rb and secrets json files?
What is the current bug behavior?
I lose access to runners, system hooks, etc
What is the expected correct behavior?
I should be able to go to the admin/runners page without getting errors
Relevant logs
Relevant logs
Details of package version
Provide the package version installation details
(docker image)gitlab/gitlab-ce:12.0.9-ce.0
Environment details
-
Operating System:
REPLACE-WITH-DETAILS
-
Installation Target, remove incorrect values:
- Other: Docker container
-
Installation Type, remove incorrect values:
- Upgrade from version
gitlab/gitlab-ce:12.0.9-ce.0S
- Upgrade from version
-
Is there any other software running on the machine: No
Configuration details
Provide the relevant sections of `/etc/gitlab/gitlab.rb`
The entire gitlab.rb is commented out. This is expected behavior according to the docs."The settings contained in GITLAB_OMNIBUS_CONFIG aren’t written to the gitlab.rb configuration file, and are evaluated on load."
https://docs.gitlab.com/omnibus/docker/#pre-configure-docker-container