Skip to content


Omnibus Server

Our GitLab server runs in EC2 as a standalone omnibus server.

GitLab has great docs and administrators should familiarize themselves with their best practices.

GitLab Upgrade Process

Consult with GitLab's guidance for details about preparing for their releases.

Plan for a couple minutes of disruption with each upgrade.

Consider subscribing to GitLab's release blog as well to stay up to date with their monthly releases.

Connecting To GitLab Server

After reviewing the release notes, connect to GitLab over ssh using the key stored in vault's kv store at path secret/gitlab. To pull this pem down to your localhost, run the following. (note: if you need the vault cli, see our vault cli page

note: this command will only work for vault users with administrator policies

vault kv get -field="base-64-encoded-key" secret/gitlab/terraform-ssh-key.pem | base64 -d > terraform-ssh-key.pem && chmod 600 terraform-ssh-key.pem

You can now connect to gitlab using the pem key in your local directory, replace the ip in the command below with your gitlab server's public ip and run:

ssh -i "./terraform-ssh-key.pem" ubuntu@ # <- replace ip

Once connected to the GitLab host, you can upgrade to the latest version by executing the following 2 commands:

# these commands are run in your ssh session
sudo apt-get update
sudo apt-get install gitlab-ce

Configuring GitLab Server

See the following documentation to learn more about configuring the GitLab server