Frequently Asked Questions

1. You are here:
2. Engineering
3. Infrastructure
4. Frequently Asked Questions

On this page

• GitLab.com Backups
  • Q: How often is GitLab.com backed up?
  • Q: Are GitLab.com backups encrypted?
  • Q: If a customer deletes their project, group, or account on GitLab.com, is their data securely deleted?
  • Q: How is GitLab.com backed up?
• GitLab.com Settings
  • Q: Where can I find the settings used for various services in production?
  • Q: How big is GitLab.com?
  • Q: Does GitLab have an automated way to migrate from a self-hosted instance?
  • Q: If a customer project is deleted can it be restored?
  • Q: Can customers be whitelisted for the API?
• GitLab.com Logging
  • Q: What does GitLab.com log?
  • Q: How long are GitLab logs retained?

GitLab.com Backups

Q: How often is GitLab.com backed up?

A: See our summary of our backup strategy

Q: Are GitLab.com backups encrypted?

A: Yes. We use GCP Persistent Storage volumes underneath all of our filesystems, and that is implicitly encrypted. So the live filesystems, their snapshot-based backups, database replicas, and logical backups are all fully encrypted at the block device layer. Additionally, GCP encrypts and encapsulates traffic between our nodes within our VPCs, so data in motion is also protected from eavesdropping and tampering.

Q: If a customer deletes their project, group, or account on GitLab.com, is their data securely deleted?

A: Neither the git repo backups nor the database backups will be purged immediately (Note: In the future, the time frame might be longer once soft deletes for groups and projects are implemented). When a project is deleted, the corresponding data from the database as well as the files associated with that project's repository, pages, and wiki will be removed, but will continue to exist in backups for up to two weeks after the deletion. For this reason we cannot guarantee that a deleted project is entirely purged from our system until the oldest of those backups expires. Please note that this is not the same as "secure delete", which typically means overwriting the deleted files' blocks with random bytes at least N times, but without the decryption keys, a stolen copy of our disk images would be unreadable.

Q: How is GitLab.com backed up?

A: You can view how our runbooks for specifics on how our database and filesystems are backed up.

GitLab.com Settings

Q: Where can I find the settings used for various services in production?

A: You can find the settings we use for GitLab.com and our runners in our docs.

Q: How big is GitLab.com?

A: Data from March 2019 showed there was 3.5 Million Users, around 4,000 requests per second over https, 8.4 Million Repos, and over 3 PB total storage. See our vanity metrics dashboard.

Q: Does GitLab have an automated way to migrate from a self-hosted instance?

A: Currently you can only use the project import/export feature to migrate projects to GitLab.com.

Q: If a customer project is deleted can it be restored?

A: No, once a project is deleted it cannot be restored. In the future soft deletes for groups and projects will allow users to restore a project during the soft deletion state.

Q: Can customers be whitelisted for the API?

A: Yes, with sufficient evidence that it's necessary, customers can request to be whitelisted. To request a whitelist, see our section on how we handle incoming requests in the handbook.

GitLab.com Logging

Q: What does GitLab.com log?

A: You can see what services we're logging in our runbooks.

Q: How long are GitLab logs retained?

A: You can see the retention policy in our runbooks.