Include /etc/gitlab in the Omnubus backup as an option
Summary
The Backup and Restore document mentions that /etc/gitlab
is not included in the backup for security reasons, mainly because of the encryption keys file. However, this does not apply in case we ship the backup to S3 private encrypted bucket for example deleting the local .tar
file in the same time.
Proposal
I would expect this to be given to users as an option to include in the backup. I don't see any issues with this as the Backup and Restore is already vocal enough in regards of the security implications. It also avoids the need of additional script and cronjob to backup this directory separately for cases where users are confident the backup is being shipped into encrypted store like S3. One less backup step means one less chance for failure. It will also provide a one step restore using the existing process.