Table of Contents

What happens to projects of deleted User IDs?

When a user's ID is deleted or the right to use GitLab removed, the user will be locked out of LRZ GitLab and will not be able to log in again. Projects and groups that belong to this user are still preserved for three months in GitLab and for three additional months in the backups (total 6 months). After that, they are permanently deleted.

If one or more groups or projects of the user are to remain active, they must be transferred to another active GitLab user before the User ID is deleted.

In order to keep a group active, simply enter another user in the member list of the group with the role owner. All the projects within the group will remain active as long as there is at least one active user as group owner.

If a user's personal project is to remain active, we recommend moving the project to a group. The group can also be created specifically for this purpose. The transfer takes place in the advanced settings of the project (Project Settings → General → Advanced → Transfer project). After moving the project to the group, please enter the still active GitLab user as one of the owners in the group or in the project. Alternatively, the project can be exported (Project Settings → General → Advanced → Export project) and the downloaded file passed on to the still active GitLab user who can import the project (New project/repository → Import project → Import project from GitLab export).

Please note: Adding another person as Maintainer in a personal project does not protect it from being deleted.

Especially in the case of public projects we recommend organizing the projects into groups.

Are projects backed up? How can I recover a deleted project?

LRZ generates daily backups of the complete GitLab instance. These backups are stored on a separate storage system and regularly checked for integrity. However, these backups only serve to restore GitLab after a critical error. The entire GitLab instance is reset to the time of the backup. Restoring individual projects during operation is currently not possible.

Recovering repositories that have been deleted by the user is possible within seven days, provided the project already exists in the backup. However, only the Git repository itself can be restored, whereas issues, merge requests and snippets will be lost after deleting the project.

Can I use two-factor authentication (2FA)?

Yes, LRZ GitLab supports two-factor authentication (2FA). When you log in, after entering your usual LRZ/TUM/LMU User ID and password you will be asked for an additional password. This can be generated either with an app such as privacyIDEA Authenticator installed on a smartphone or with a U2F device such as Yubikey. The use of 2FA is a voluntary possibility to increase the security of your GitLab account. 

To activate 2FA, select "Account → Enable two-factor authentication" in your GitLab account preferences. Then scan the displayed QR code using your app and enter the newly generated one-time password. GitLab automatically registers the app and shows a list of recovery codes. These codes should be kept in a safe place. They allow you to regain access to your account if, for example, you lose your smartphone and thus the app.

A U2F device can be registered on the same page in addition to the app as a second 2FA method. You can then use your device instead of the app. Unfortunately, it is not possible to register a 2FA device in GitLab without first registering an app.

Please note: The second 2FA-password is only asked when logging in on the LRZ GitLab website. If you have added an SSH key to your account, access using the key is still possible without additional passwords. Authentication on the command line (e.g. for cloning projects) using HTTPS is no longer possible after activating 2FA. Please add an SSH key to your account to access your repositories on the command line.

Detailed instructions are available on the GitLab website

If you have lost both your 2FA app or device and the recovery codes, please contact us through the LRZ Servicedesk.

What is the SSH key fingerprint of GitLab?

The first time you connect to GitLab from a terminal / command prompt on your PC (for example, if you want to clone a project or write changes to the repository), you will probably be asked for the authenticity of the host you want to connect to. The fingerprints of the LRZ GitLab can be found on its instance configuration page.

Can I collaborate with people on GitLab who do not have a LRZ/TUM/LMU User ID?

Yes, this is possible with GitInvited.

GitInvited was developed to give external cooperation partners access to GitLab. Each user who logs in to GitLab using an LDAP account (for example, LRZ, TUM, or LMU identifier) has a contingent of 20 invitations. These invitations can be sent to any email address via GitInvited. The email address must not be registered in GitLab prior to the invitation. 

User accounts created through this method have the status external user in LRZ GitLab. That means among other things, that they are not able to create their own projects or groups. See GitLab Permissions Dokumentation for details.

The user who sent the invitation (hereinafter referred to as the "Parent User") is linked to the invited user ("Child User") in the GitInvited database. This ensures that external users can be contacted by LRZ through their Parent Users.

If a Parent User is blocked in GitLab (for example because their ID has expired), all Child Users they are responsible for will also be blocked. This can only be prevented if those users are migrated to a new Parent User. This can only be done by the GitLab administrators. Please ask the new Parent User to contact the LRZ Servicedesk.

Although GitInvited and GitLab can be reached under different URLs, the services communicate with each other. When logging in for the first time, you will be redirected between the applications via the OAuth login procedure.

How can I reduce the size of my repository?

If your project includes large or very dynamic files, the Git repository can get large. This not only affects the storage space and download times, but also causes additional load on our servers. Especially if you work with binary files and have forgotten to activate the Git Large File Storage (LFS), reducing the size of the repository is often necessary. The size of the project including the repository and LFS files is displayed on the project page. Rule of thumb: If the repository is larger than 1 GB without Git LFS, its size should be reduced.

Unfortunately, it is not enough to simply delete unnecessary files in the project directory. This doesn't make the repository smaller because the old versions of the files are still managed in Git.

Method 1: Recreating the project

The simplest and in most cases the recommended method is to recreate the project and to make sure that binary files are managed using Git LFS:

  1. Create a new, empty project (New Project → Blank project → <Fill in the project name and select "Initialize repository with a README">)
  2. Clone the new Projekt
    git clone
    (or via SSH: git clone
  3. Copy files from the old project to the new project (without the .git/ directory)
  4. Initialize Git LFS and activate LFS tracking for binary files:
    git lfs install
    git lfs track '*.jpg'
    git lfs track '*.zip'
    git lfs track 'my_binary_data_file'
    ... additional lfs track commands for other files and data types if necessary ...

  5. Upload the files to GitLab
    git add .
    git commit -m "Initial commit"
    git push

  6. Delete the old project (Settings → General → Advanced → Remove project) 

This method will not preserve the version history of the files and associated, commit messages, branches and issues.

Method 2: Rewriting the version history

If the availability of the previous versions of the files, commit messages and/or branches of the project is important, this somewhat more complex method can be used. In this method the version history is partially rewritten with tools such as git-filter-repo or BFG Repo Cleaner. For example, source code files can be retained with their entire versioning while old versions of the large binary files are deleted. The details of how to use these tools depend on how the files are organized in the project. Below is an example of how the steps in this method may look like:

  1. Clone the existing project using the option "mirror"
    git clone --mirror
    (or via SSH: git clone --mirror
    Note: In case your project already contains LFS files, they will not be cloned through this command and must be manually added in step 5.
  2. Delete selected files and folders using git-filter-repo. In our example the contents of the folder data as well as jpg- and zip-files will be removed from the project and its history. For details, please consult the documentation of the tools.
    cd the-big-project.git
    git-filter-repo --use-base-name --path-glob '*.jpg' --path-glob '*.zip' --invert-paths
    git-filter-repo --path data/ --invert-paths
  3. Upload the modified repository to a new project
    git push --mirror
    Clone the new project (without option "mirror"):
  4. cd ..
    git clone
    cd new-project-with-lfs
  5. Copy selected binary files and directories from the old project to the new project (without the .git / directory and the files that already exist in the new project repository).
  6. Initialize Git LFS and activate LFS tracking for binary files:
    git lfs install
    git lfs track '*.jpg'
    git lfs track '*.zip'
    git lfs track 'my_binary_data_file'
    ... additional lfs track commands for other files and data types if necessary ...
    Note: If you have multiple branches in your repository, please make sure that Git LFS is properly initialized in all branches.
  7. Upload the files to GitLab
    git add .
    git commit -m "Adds some data files"
    git push
  8. Delete the old project (Settings → General → Advanced → Remove project)

With this method, the versioning of files, branches and tags are retained. Branch requests on the GitLab web interface are lost, but because branches still exist, new branch requests can be easily created. Issues, comments, snippets and other content that is not part of the Git repository itself but is stored in the GitLab database are not retained.

Issues can be exported separately as CSV files and re-imported into the new project. However, comments in the issues are not retained.

Important: Also when using this method please make sure to create a new project with a new path and push the new size-reduced repository there. If you push it over the old project, the old versions of the files will still be retained as internal references on the server.

(For advanced users there is a method described on the GitLab page which rewrites the repository within the project and thus preserves all other data such as issues, comments, etc. as well as the original path. It's relatively complicated and we don't recommend it unless you are experienced with Git and GitLab. If you want to try this method, please ensure that all steps, including the repository cleanup with the file, are carried out. Furthermore it is important that all members of the project delete their local copies and re-clone the project. Otherwise their next git push will upload the old versions of the files, commits etc. back to the GitLab which will lead to a chaos.)