diff --git a/README.md b/README.md index 9876e56d9..14b8b18d5 100644 --- a/README.md +++ b/README.md @@ -1027,6 +1027,8 @@ Below is the complete list of available options that can be used to customize yo | `AWS_BACKUP_SECRET_ACCESS_KEY` | AWS secret access key. No defaults. | | `AWS_BACKUP_BUCKET` | AWS bucket for backup uploads. No defaults. | | `AWS_BACKUP_MULTIPART_CHUNK_SIZE` | Enables mulitpart uploads when file size reaches a defined size. See at [AWS S3 Docs](http://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html) | +| `AWS_BACKUP_ENCRYPTION` | Turns on AWS Server-Side Encryption. Defaults to `false`. See at [AWS S3 Docs](http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) | +| `AWS_BACKUP_STORAGE_CLASS` | Configure the storage class for the item. Defaults to `STANDARD` See at [AWS S3 Docs](http://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) | | `GCS_BACKUPS` | Enables automatic uploads to an Google Cloud Storage (GCS) instance. Defaults to `false`. | | `GCS_BACKUP_ACCESS_KEY_ID` | GCS access key id. No defaults | | `GCS_BACKUP_SECRET_ACCESS_KEY` | GCS secret access key. No defaults | diff --git a/assets/runtime/config/gitlabhq/gitlab.yml b/assets/runtime/config/gitlabhq/gitlab.yml index 2bc50aa23..a2973187c 100644 --- a/assets/runtime/config/gitlabhq/gitlab.yml +++ b/assets/runtime/config/gitlabhq/gitlab.yml @@ -512,11 +512,17 @@ production: &base aws_secret_access_key: '{{AWS_BACKUP_SECRET_ACCESS_KEY}}' # The remote 'directory' to store your backups. For S3, this would be the bucket name. remote_directory: '{{AWS_BACKUP_BUCKET}}' - # # Use multipart uploads when file size reaches 100MB, see - # # http://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html - # multipart_chunk_size: 104857600 - # # Turns on AWS Server-Side Encryption with Amazon S3-Managed Keys for backups, this is optional - # # encryption: 'AES256' + #start-multipart-aws + # Use multipart uploads when file size reaches 100MB, see + # http://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html + multipart_chunk_size: {{AWS_BACKUP_MULTIPART_CHUNK_SIZE}} + #end-multipart-aws + #start-encryption-aws + # Turns on AWS Server-Side Encryption with Amazon S3-Managed Keys for backups, this is optional + encryption: 'AES256' + #end-encryption-aws + # Specifies Amazon S3 storage class to use for backups, this is optional + storage_class: '{{AWS_BACKUP_STORAGE_CLASS}}' # Fog storage connection settings, see http://fog.io/storage/ . #end-aws #start-gcs diff --git a/assets/runtime/env-defaults b/assets/runtime/env-defaults index a039b1b11..5b0f2dbe6 100644 --- a/assets/runtime/env-defaults +++ b/assets/runtime/env-defaults @@ -158,6 +158,8 @@ AWS_BACKUP_ACCESS_KEY_ID=${AWS_BACKUP_ACCESS_KEY_ID} AWS_BACKUP_SECRET_ACCESS_KEY=${AWS_BACKUP_SECRET_ACCESS_KEY} AWS_BACKUP_BUCKET=${AWS_BACKUP_BUCKET} AWS_BACKUP_MULTIPART_CHUNK_SIZE=${AWS_BACKUP_MULTIPART_CHUNK_SIZE} +AWS_BACKUP_ENCRYPTION=${AWS_BACKUP_ENCRYPTION} +AWS_BACKUP_STORAGE_CLASS=${AWS_BACKUP_STORAGE_CLASS:-STANDARD} ### GCS BACKUPS GCS_BACKUPS=${GCS_BACKUPS:-false} diff --git a/assets/runtime/functions b/assets/runtime/functions index e92f26190..620eed154 100644 --- a/assets/runtime/functions +++ b/assets/runtime/functions @@ -786,6 +786,18 @@ gitlab_configure_backups_aws() { exec_as_git sed -i "/#start-aws/d" ${GITLAB_CONFIG} exec_as_git sed -i "/#end-aws/d" ${GITLAB_CONFIG} + if [[ -z ${AWS_BACKUP_MULTIPART_CHUNK_SIZE} ]]; then + exec_as_git sed -i "/#start-multipart/,/#end-multipart/d" ${GITLAB_CONFIG} + fi + + if [[ -z ${AWS_BACKUP_MULTIPART_CHUNK_SIZE} ]]; then + exec_as_git sed -i "/#start-multipart-aws/,/#end-multipart-aws/d" ${GITLAB_CONFIG} + fi + + if [[ ${AWS_BACKUP_ENCRYPTION} != true ]]; then + exec_as_git sed -i "/#start-encryption-aws/,/#end-encryption-aws/d" ${GITLAB_CONFIG} + fi + if [[ -z ${AWS_BACKUP_REGION} && -z ${AWS_BACKUP_ENDPOINT} ]]; then echo "\nMissing AWS region or endpoint. Aborting...\n" return 1 @@ -807,7 +819,8 @@ gitlab_configure_backups_aws() { AWS_BACKUP_ACCESS_KEY_ID \ AWS_BACKUP_SECRET_ACCESS_KEY \ AWS_BACKUP_BUCKET \ - AWS_BACKUP_MULTIPART_CHUNK_SIZE + AWS_BACKUP_MULTIPART_CHUNK_SIZE \ + AWS_BACKUP_STORAGE_CLASS } gitlab_configure_backup_gcs() {