diff --git a/conf/gitlab.rb b/conf/gitlab.rb
index a1abf0b..0be4cc1 100644
--- a/conf/gitlab.rb
+++ b/conf/gitlab.rb
@@ -841,6 +841,7 @@ gitlab_rails['gitlab_shell_ssh_port'] = __SSH_PORT__
 # registry['log_formatter'] = "text"
 # registry['rootcertbundle'] = "/var/opt/gitlab/registry/certificate.crt"
 # registry['health_storagedriver_enabled'] = true
+# registry['middleware'] = nil
 # registry['storage_delete_enabled'] = true
 # registry['validation_enabled'] = false
 # registry['autoredirect'] = false
@@ -1293,6 +1294,27 @@ sidekiq['listen_port'] = __SIDEKIQ_PORT__
 # redis['uid'] = nil
 # redis['gid'] = nil
 
+### Redis TLS settings
+###! To run Redis over TLS, specify values for the following settings
+# redis['tls_port'] = nil
+# redis['tls_cert_file'] = nil
+# redis['tls_key_file'] = nil
+
+###! Other TLS related optional settings
+# redis['tls_dh_params_file'] = nil
+# redis['tls_ca_cert_dir'] = '/opt/gitlab/embedded/ssl/certs/'
+# redis['tls_ca_cert_file'] = '/opt/gitlab/embedded/ssl/certs/cacert.pem'
+# redis['tls_auth_clients'] = 'optional'
+# redis['tls_replication'] = nil
+# redis['tls_cluster'] = nil
+# redis['tls_protocols'] = nil
+# redis['tls_ciphers'] = nil
+# redis['tls_ciphersuites'] = nil
+# redis['tls_prefer_server_ciphers'] = nil
+# redis['tls_session_caching'] = nil
+# redis['tls_session_cache_size'] = nil
+# redis['tls_session_cache_timeout'] = nil
+
 ### Disable or obfuscate unnecessary redis command names
 ### Uncomment and edit this block to add or remove entries.
 ### See https://docs.gitlab.com/omnibus/settings/redis.html#renamed-commands
@@ -1438,6 +1460,10 @@ nginx['listen_port'] = __PORT__
 ##! Docs: https://docs.gitlab.com/omnibus/settings/nginx.html#supporting-proxied-ssl
 nginx['listen_https'] = false
 
+##! **Override only if you use a reverse proxy with proxy protocol enabled**
+##! Docs: https://docs.gitlab.com/omnibus/settings/nginx.html#configuring-proxy-protocol
+# nginx['proxy_protocol'] = false
+
 # nginx['custom_gitlab_server_config'] = "location ^~ /foo-namespace/bar-project/raw/ {\n deny all;\n}\n"
 # nginx['custom_nginx_config'] = "include /etc/nginx/conf.d/example.conf;"
 # nginx['proxy_read_timeout'] = 3600
@@ -1733,6 +1759,10 @@ nginx['listen_https'] = false
 # gitlab_pages['rate_limit_source_ip'] = 50.0
 ##! Rate limit per source IP maximum burst allowed per second
 # gitlab_pages['rate_limit_source_ip_burst'] = 600
+##! Rate limit per domain name in number of requests per second, 0 means is disabled
+# gitlab_pages['rate_limit_domain'] = 0
+##! Rate limit per domain name maximum burst allowed per second
+# gitlab_pages['rate_limit_domain_burst'] = 10000
 
 # gitlab_pages['env_directory'] = "/opt/gitlab/etc/gitlab-pages/env"
 # gitlab_pages['env'] = {
@@ -1770,9 +1800,9 @@ nginx['listen_https'] = false
 
 ##! Settings used by the GitLab application
 # gitlab_rails['gitlab_kas_enabled'] = true
-# gitlab_rails['gitlab_kas_external_url'] = ws://gitlab.example.com/-/kubernetes-agent
+# gitlab_rails['gitlab_kas_external_url'] = ws://gitlab.example.com/-/kubernetes-agent/
 # gitlab_rails['gitlab_kas_internal_url'] = grpc://localhost:8153
-# gitlab_rails['gitlab_kas_external_k8s_proxy_url'] = ws://gitlab.example.com/-/kubernetes-agent
+# gitlab_rails['gitlab_kas_external_k8s_proxy_url'] = https://gitlab.example.com/-/kubernetes-agent/
 
 ##! Enable GitLab KAS
 # gitlab_kas['enable'] = true
@@ -2564,6 +2594,27 @@ package['modify_kernel_parameters'] = __MODIFY_KERNEL_PARAMETERS__
 ##!   the exact parallel-syncs progression as specified.
 # sentinel['failover_timeout'] = 60000
 
+### Sentinel TLS settings
+###! To run Sentinel over TLS, specify values for the following settings
+# sentinel['tls_port'] = nil
+# sentinel['tls_cert_file'] = nil
+# sentinel['tls_key_file'] = nil
+
+###! Other TLS related optional settings
+# sentinel['tls_dh_params_file'] = nil
+# sentinel['tls_ca_cert_dir'] = '/opt/gitlab/embedded/ssl/certs/'
+# sentinel['tls_ca_cert_file'] = '/opt/gitlab/embedded/ssl/certs/cacert.pem'
+# sentinel['tls_auth_clients'] = 'optional'
+# sentinel['tls_replication'] = nil
+# sentinel['tls_cluster'] = nil
+# sentinel['tls_protocols'] = nil
+# sentinel['tls_ciphers'] = nil
+# sentinel['tls_ciphersuites'] = nil
+# sentinel['tls_prefer_server_ciphers'] = nil
+# sentinel['tls_session_caching'] = nil
+# sentinel['tls_session_cache_size'] = nil
+# sentinel['tls_session_cache_timeout'] = nil
+
 ################################################################################
 ## Additional Database Settings (EE only)
 ##! Docs: https://docs.gitlab.com/ee/administration/database_load_balancing.html
diff --git a/manifest.json b/manifest.json
index 6122d5f..736beb3 100644
--- a/manifest.json
+++ b/manifest.json
@@ -2,7 +2,7 @@
     "name": "GitLab",
     "id": "gitlab",
     "packaging_format": 1,
-    "version": "14.6.2~ynh1",
+    "version": "14.7.0~ynh1",
     "description": {
         "en": "Git-repository manager providing wiki, issue-tracking and CI/CD pipeline features",
         "fr": "Gestionnaire de dépôts Git proposant des fonctionnalités de wiki, suivi de bugs et de pipeline CI/CD"
diff --git a/scripts/upgrade.d/upgrade.last.sh b/scripts/upgrade.d/upgrade.last.sh
index a6b4bae..23785cc 100644
--- a/scripts/upgrade.d/upgrade.last.sh
+++ b/scripts/upgrade.d/upgrade.last.sh
@@ -1,17 +1,17 @@
 #!/bin/bash
 
-gitlab_version="14.6.2"
+gitlab_version="14.7.0"
 
 # sha256sum found here: https://packages.gitlab.com/gitlab
 gitlab_debian_version="$(lsb_release -sc)"
 
-gitlab_x86_64_bullseye_source_sha256="5483d1ebf5cafd871e6a393389ddfc599bde70b3e0e28f9ba4c442e852be9ed5"
-gitlab_x86_64_buster_source_sha256="1bb42ab71d7cfade9396b342a4087bede0df0c34141342bd713c63ab40a7355d"
+gitlab_x86_64_bullseye_source_sha256="1a6546698a696c108ba7389d6618883e3271867d5a791c9589d8d7317f1786dd"
+gitlab_x86_64_buster_source_sha256="86a358afd842378f1f026141d318595dfad40e79e2096f776f2ff3d189329fd7"
 
-gitlab_arm64_bullseye_source_sha256="5cf9a513630a19b4f937794ba6c5e9ade5acee78ca85ee7e810f8070aafc3564"
-gitlab_arm64_buster_source_sha256="bc260c280eaa30a419a0b12844e1b1f8951dccc3187fd916caf336427f5f89ca"
+gitlab_arm64_bullseye_source_sha256="3205a39d830e2e18d08d25bc247e9315f3b0c429bfa08fa4f5be79e869ef650e"
+gitlab_arm64_buster_source_sha256="b4df358d6b25ffec2b6a714714e08ae44949b4fae748875fc46e5fd3ddef1d65"
 
-gitlab_arm_buster_source_sha256="0a63889fdc3af13f0562432e5c19862747c6639c5c3df7e54384204596a14290"
+gitlab_arm_buster_source_sha256="c6aca4d4d15fada15c3dc818685194ba1239c5a80bafbcdd64ffea532c92e745"
 
 architecture=$(ynh_app_setting_get --app="$app" --key=architecture)
 
@@ -35,8 +35,8 @@ elif [ "$architecture" = "arm64" ]; then
 elif [ "$architecture" = "arm" ]; then
 	# If the version for arm doesn't exist, then use an older one
 	if [ -z "$gitlab_arm_buster_source_sha256" ]; then
-		gitlab_version="14.6.2"
-		gitlab_arm_buster_source_sha256="0a63889fdc3af13f0562432e5c19862747c6639c5c3df7e54384204596a14290"
+		gitlab_version="14.7.0"
+		gitlab_arm_buster_source_sha256="c6aca4d4d15fada15c3dc818685194ba1239c5a80bafbcdd64ffea532c92e745"
 	fi
 	gitlab_source_sha256=$gitlab_arm_buster_source_sha256
 fi