diff --git a/README.md b/README.md
index 1c5cc25..a37597e 100644
--- a/README.md
+++ b/README.md
@@ -10,7 +10,7 @@ If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to
 
 GitLab is a web-based Git-repository manager providing wiki, issue-tracking and CI/CD pipeline features, using an open-source license, developed by GitLab Inc.
 
-**Shipped version:** 12.9.2
+**Shipped version:** 12.10.1
 
 ## Screenshots
 
diff --git a/conf/gitlab.rb b/conf/gitlab.rb
index cc49018..66c2677 100644
--- a/conf/gitlab.rb
+++ b/conf/gitlab.rb
@@ -325,6 +325,24 @@ external_url '__GENERATED_EXTERNAL_URL__'
 #   # 'path_style' => false # Use 'host/bucket_name/object' instead of 'bucket_name.host/object'
 # }
 
+### Terraform state
+###! Docs: https://docs.gitlab.com/ee/administration/terraform_state
+# gitlab_rails['terraform_state_enabled'] = true
+# gitlab_rails['terraform_state_storage_path'] = "/var/opt/gitlab/gitlab-rails/shared/terraform_state"
+# gitlab_rails['terraform_state_object_store_enabled'] = false
+# gitlab_rails['terraform_state_object_store_remote_directory'] = "terraform_state"
+# gitlab_rails['terraform_state_object_store_connection'] = {
+#   'provider' => 'AWS',
+#   'region' => 'eu-west-1',
+#   'aws_access_key_id' => 'AWS_ACCESS_KEY_ID',
+#   'aws_secret_access_key' => 'AWS_SECRET_ACCESS_KEY',
+#   # # The below options configure an S3 compatible host instead of AWS
+#   # 'host' => 's3.amazonaws.com',
+#   # 'aws_signature_version' => 4, # For creation of signed URLs. Set to 2 if provider does not support v4.
+#   # 'endpoint' => 'https://s3.amazonaws.com', # default: nil - Useful for S3 compliant services such as DigitalOcean Spaces
+#   # 'path_style' => false # Use 'host/bucket_name/object' instead of 'bucket_name.host/object'
+# }
+
 ### Impersonation settings
 # gitlab_rails['impersonation_enabled'] = true
 
@@ -625,6 +643,8 @@ gitlab_rails['gitlab_shell_ssh_port'] = __SSH_PORT__
 # gitlab_rails['redis_queues_sentinels'] = nil
 # gitlab_rails['redis_shared_state_instance'] = nil
 # gitlab_rails['redis_shared_sentinels'] = nil
+# gitlab_rails['redis_actioncable_instance'] = nil
+# gitlab_rails['redis_actioncable_sentinels'] = nil
 
 ### GitLab email server settings
 ###! Docs: https://docs.gitlab.com/omnibus/settings/smtp.html
@@ -844,8 +864,8 @@ unicorn['port'] = __UNICORN_PORT__
 # puma['ha'] = false
 # puma['worker_timeout'] = 60
 # puma['worker_processes'] = 2
-# puma['min_threads'] = 1
-# puma['max_threads'] = 16
+# puma['min_threads'] = 4
+# puma['max_threads'] = 4
 
 ### Advanced settings
 # puma['listen'] = '127.0.0.1'
@@ -877,6 +897,17 @@ unicorn['port'] = __UNICORN_PORT__
 # sidekiq['listen_address'] = "localhost"
 sidekiq['listen_port'] = __SIDEKIQ_PORT__
 
+### Experimental Sidekiq Cluster settings
+###! These settings allow starting `sidekiq-cluster` instead of sidekiq.
+###! Docs: https://docs.gitlab.com/ee/administration/operations/extra_sidekiq_processes.html#using-sidekiq-cluster-by-default-experimental
+# sidekiq['cluster'] = false
+# sidekiq['experimental_queue_selector'] = false
+# sidekiq['interval'] = nil
+# sidekiq['max_concurrency'] = nil
+# sidekiq['min_concurrency'] = nil
+# sidekiq['negate'] = false
+# sidekiq['queue_groups'] = ['*']
+
 ################################################################################
 ## gitlab-shell
 ################################################################################
@@ -1124,6 +1155,13 @@ sidekiq['listen_port'] = __SIDEKIQ_PORT__
 #####! Set to [''] to clear previously set values
 # redis['save'] = [ '900 1', '300 10', '60 10000' ]
 
+#####! Redis lazy freeing
+#####! Defaults to false
+# redis['lazyfree_lazy_eviction'] = true
+# redis['lazyfree_lazy_expire'] = true
+# redis['lazyfree_lazy_server_del'] = true
+# redis['replica_lazy_flush'] = true
+
 ################################################################################
 ## GitLab Web server
 ##! Docs: https://docs.gitlab.com/omnibus/settings/nginx.html#using-a-non-bundled-web-server
@@ -1336,10 +1374,15 @@ nginx['listen_https'] = false
 ##! { "receive" => ["fsckObjects = true"], "alias" => ["st = status", "co = checkout"] }
 
 # omnibus_gitconfig['system'] = {
-#  "pack" => ["threads = 1"],
+#  "pack" => ["threads = 1", "useSparse = true"],
 #  "receive" => ["fsckObjects = true", "advertisePushOptions = true"],
 #  "repack" => ["writeBitmaps = true"],
 #  "transfer" => ["hideRefs=^refs/tmp/", "hideRefs=^refs/keep-around/", "hideRefs=^refs/remotes/"],
+#  "core" => [
+#    'alternateRefsCommand="exit 0 #"',
+#    "fsyncObjectFiles = true"
+#  ],
+#  "fetch" => ["writeCommitGraph = true"]
 # }
 
 ################################################################################
@@ -1726,7 +1769,7 @@ nginx['listen_https'] = false
 ##! Docs: https://docs.gitlab.com/ee/administration/monitoring/prometheus/#prometheus-as-a-grafana-data-source
 ################################################################################
 
-grafana['enable'] = false
+# grafana['enable'] = true
 # grafana['log_directory'] = '/var/log/gitlab/grafana'
 # grafana['home'] = '/var/opt/gitlab/grafana'
 # grafana['admin_password'] = 'admin'
@@ -1845,9 +1888,11 @@ grafana['enable'] = false
 # praefect['enable'] = false
 # praefect['virtual_storage_name'] = "praefect"
 # praefect['failover_enabled'] = false
+# praefect['failover_election_strategy'] = 'local'
 # praefect['auth_token'] = ""
 # praefect['auth_transitioning'] = false
 # praefect['listen_addr'] = "localhost:2305"
+# praefect['postgres_queue_enabled'] = false
 # praefect['prometheus_listen_addr'] = "localhost:9652"
 # praefect['prometheus_grpc_latency_buckets'] = "[0.001, 0.005, 0.025, 0.1, 0.5, 1.0, 10.0, 30.0, 60.0, 300.0, 1500.0]"
 # praefect['logging_level'] = "warn"
@@ -2286,7 +2331,7 @@ grafana['enable'] = false
 # repmgr['node_number'] = nil
 # repmgr['port'] = 5432
 # repmgr['trust_auth_cidr_addresses'] = []
-# repmgr['user'] = 'gitlab_repmgr'
+# repmgr['username'] = 'gitlab_repmgr'
 # repmgr['sslmode'] = 'prefer'
 # repmgr['sslcompression'] = 0
 # repmgr['failover'] = 'automatic'
@@ -2331,7 +2376,7 @@ grafana['enable'] = false
 ################################################################################
 # consul['enable'] = false
 # consul['dir'] = '/var/opt/gitlab/consul'
-# consul['user'] = 'gitlab-consul'
+# consul['username'] = 'gitlab-consul'
 # consul['group'] = 'gitlab-consul'
 # consul['config_file'] = '/var/opt/gitlab/consul/config.json'
 # consul['config_dir'] = '/var/opt/gitlab/consul/config.d'
diff --git a/conf/nginx.conf b/conf/nginx.conf
index 9d0c3db..21d6e44 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -1,13 +1,25 @@
 location __PATH__/ {
-	proxy_pass http://localhost:__PORT__;
-	proxy_set_header Host $host;
-	proxy_set_header X-Real-IP $remote_addr;
-	proxy_set_header X-Forwarded-Ssl on;
-	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-	proxy_set_header X-Forwarded-Proto $scheme;
+	# Adapted from https://gitlab.com/gitlab-org/gitlab-recipes/blob/master/web-server/nginx/gitlab-omnibus-ssl-nginx.conf
 
 	client_max_body_size __CLIENT_MAX_BODY_SIZE__;
+	gzip off;
 
+	## https://github.com/gitlabhq/gitlabhq/issues/694
+	## Some requests take more than 30 seconds.
+	proxy_read_timeout      300;
+	proxy_connect_timeout   300;
+	proxy_redirect          off;
+
+	proxy_http_version 1.1;
+
+	proxy_pass http://localhost:__PORT__;
+
+	proxy_set_header    Host                $http_host;
+	proxy_set_header    X-Real-IP           $remote_addr;
+	proxy_set_header    X-Forwarded-Ssl     on;
+	proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
+	proxy_set_header    X-Forwarded-Proto   $scheme;
+
+	# Include SSOWAT user panel.
 	include conf.d/yunohost_panel.conf.inc;
-	proxy_set_header Accept-Encoding "";
 }
diff --git a/conf/x86-64.src.default b/conf/x86-64.src.default
index 927df9e..b33624e 100644
--- a/conf/x86-64.src.default
+++ b/conf/x86-64.src.default
@@ -1,4 +1,4 @@
-SOURCE_URL=https://packages.gitlab.com/gitlab/gitlab-ce/packages/debian/stretch/gitlab-ce___VERSION__-ce.0_amd64.deb/download.deb
+SOURCE_URL=https://packages.gitlab.com/gitlab/gitlab-ce/packages/debian/__DEBIAN_VERSION__/gitlab-ce___VERSION__-ce.0_amd64.deb/download.deb
 SOURCE_SUM=__SHA256_SUM__
 SOURCE_SUM_PRG=sha256sum
 SOURCE_FILENAME=__SOURCE_FILENAME__
diff --git a/manifest.json b/manifest.json
index 03e0db3..cc75e7c 100644
--- a/manifest.json
+++ b/manifest.json
@@ -2,10 +2,10 @@
     "name": "Gitlab",
     "id": "gitlab",
     "packaging_format": 1,
-    "version": "12.9.2~ynh1",
+    "version": "12.10.1~ynh1",
     "description": {
-        "en": "GitLab is a Git-repository manager.",
-        "fr": "GitLab est un gestionnaire de dépôts Git."
+        "en": "Git-repository manager.",
+        "fr": "Gestionnaire de dépôts Git."
     },
     "url": "https://gitlab.com",
     "license": "MIT",
diff --git a/scripts/install b/scripts/install
index 05816fa..5d59fc5 100644
--- a/scripts/install
+++ b/scripts/install
@@ -178,6 +178,7 @@ ynh_replace_string --match_string="__SOURCE_FILENAME__" --replace_string="$gitla
 
 if [ $architecture = "x86-64" ]; then
 	ynh_replace_string --match_string="__SHA256_SUM__" --replace_string="$gitlab_x86_64_source_sha256" --target_file="../conf/$architecture.src"
+	ynh_replace_string --match_string="__DEBIAN_VERSION__" --replace_string="$gitlab_x86_64_debian_version" --target_file="../conf/$architecture.src"
 elif [ $architecture = "arm" ]; then
 	ynh_replace_string --match_string="__SHA256_SUM__" --replace_string="$gitlab_arm_source_sha256" --target_file="../conf/$architecture.src"
 fi
diff --git a/scripts/restore b/scripts/restore
index 9914ebb..2e78b15 100644
--- a/scripts/restore
+++ b/scripts/restore
@@ -107,6 +107,7 @@ ynh_replace_string --match_string="__SOURCE_FILENAME__" --replace_string="$gitla
 
 if [ $architecture = "x86-64" ]; then
 	ynh_replace_string --match_string="__SHA256_SUM__" --replace_string="$gitlab_x86_64_source_sha256" --target_file="../conf/$architecture.src"
+	ynh_replace_string --match_string="__DEBIAN_VERSION__" --replace_string="$gitlab_x86_64_debian_version" --target_file="../conf/$architecture.src"
 elif [ $architecture = "arm" ]; then
 	ynh_replace_string --match_string="__SHA256_SUM__" --replace_string="$gitlab_arm_source_sha256" --target_file="../conf/$architecture.src"
 fi
diff --git a/scripts/upgrade b/scripts/upgrade
index bd1f854..8d8bc37 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -6,12 +6,9 @@
 # IMPORT GENERIC HELPERS
 #=================================================
 
-# IMPORT GENERIC HELPERS
+source _common.sh
 source /usr/share/yunohost/helpers
 
-# Load common variables and helpers
-source ./_common.sh
-
 #=================================================
 # LOAD SETTINGS
 #=================================================
@@ -257,9 +254,8 @@ then
 			current_major_version=$(($current_major_version + 1))
 		fi
 
-		# If the current version has the same major version than the next one,
-		# then it's the last upgrade to do
-		if [ "$last_major_version" -eq "$current_major_version" ]; then
+		# Finish with the last migration if the file doesn't exist
+		if [ ! -e "./upgrade.d/upgrade.$current_major_version.sh" ]; then
 			current_major_version=last
 		fi
 
@@ -270,6 +266,7 @@ then
 
 		if [ $architecture = "x86-64" ]; then
 			ynh_replace_string --match_string="__SHA256_SUM__" --replace_string="$gitlab_x86_64_source_sha256" --target_file="../conf/$architecture.src"
+			ynh_replace_string --match_string="__DEBIAN_VERSION__" --replace_string="$gitlab_x86_64_debian_version" --target_file="../conf/$architecture.src"
 		elif [ $architecture = "arm" ]; then
 			ynh_replace_string --match_string="__SHA256_SUM__" --replace_string="$gitlab_arm_source_sha256" --target_file="../conf/$architecture.src"
 		fi
diff --git a/scripts/upgrade.d/upgrade.11.sh b/scripts/upgrade.d/upgrade.11.sh
index 64724d0..b25d5f4 100644
--- a/scripts/upgrade.d/upgrade.11.sh
+++ b/scripts/upgrade.d/upgrade.11.sh
@@ -1,5 +1,8 @@
 gitlab_version="11.11.5"
 
+# There is no buster version for gitlab 11.X
+gitlab_x86_64_debian_version="stretch"
+
 gitlab_x86_64_source_sha256="1ee3d6e8d2cc198f5466de0884c03f6016299db24859126af9a191501dbdef10"
 
 gitlab_arm_source_sha256="366e12b1f3d3b1694fcb6f13da9de908360ba93f75768d97e8d01e61e8652705"
@@ -8,6 +11,7 @@ gitlab_filename="gitlab-ce-${gitlab_version}.deb"
 
 # Action to do in case of failure of the package_check
 package_check_action() {
-        ynh_replace_string --match_string="command \"cat \/etc\/sysctl.conf \/etc\/sysctl.d\/\*.conf  | sysctl -e -p -\"" --replace_string="command \"cat \/etc\/sysctl.conf\"" --target_file="$final_path/embedded/cookbooks/package/resources/sysctl.rb"
+	local sysctl_file="$final_path/embedded/cookbooks/package/resources/sysctl.rb"
+	ynh_replace_string --match_string="command \"sysctl -e \(.*\)\"" --replace_string="command \"sysctl -e \1 || true\"" --target_file=$sysctl_file
 }
 
diff --git a/scripts/upgrade.d/upgrade.12.sh b/scripts/upgrade.d/upgrade.12.sh
new file mode 100644
index 0000000..f814a09
--- /dev/null
+++ b/scripts/upgrade.d/upgrade.12.sh
@@ -0,0 +1,18 @@
+# It's required to upgrade to the latest 12.0.x version before to another 12.X verion.
+gitlab_version="12.0.12"
+
+# There is no buster version for gitlab 12.0.X
+gitlab_x86_64_debian_version="stretch"
+
+gitlab_x86_64_source_sha256="e80cda4c328c2627278a3d74dbdd53420e1fec9ecbeaeb5d4dcb4773726e5904"
+
+gitlab_arm_source_sha256="a0862e3c31b61d9274a55b7307d15daa5258473ccb97b8ae0d807f7474c971df"
+
+gitlab_filename="gitlab-ce-${gitlab_version}.deb"
+
+# Action to do in case of failure of the package_check
+package_check_action() {
+	local sysctl_file="$final_path/embedded/cookbooks/package/resources/sysctl.rb"
+	ynh_replace_string --match_string="command \"sysctl -e \(.*\)\"" --replace_string="command \"sysctl -e \1 || true\"" --target_file=$sysctl_file
+}
+
diff --git a/scripts/upgrade.d/upgrade.last.sh b/scripts/upgrade.d/upgrade.last.sh
index 1f51378..cbe4d72 100644
--- a/scripts/upgrade.d/upgrade.last.sh
+++ b/scripts/upgrade.d/upgrade.last.sh
@@ -1,16 +1,25 @@
-gitlab_version="12.9.2"
+gitlab_version="12.10.1"
 
-gitlab_x86_64_source_sha256="781d21de10c4b88582d25af19cd3d85d9618a995f930d1954ea9dc0fa76d7ea9"
+# sha256sum found here: https://packages.gitlab.com/gitlab
 
-gitlab_arm_source_sha256="09eb415d2e55af64294606e25cfebd508c8cc59218475ed26e99f6baccfe1218"
+if [ "$(lsb_release -sc)" = "buster" ]
+then
+	gitlab_x86_64_source_sha256="4efd4599cecbcdbe4c03acabf8a678da7a1c0f3fe44270dc115128f87704a29c"
+else
+	gitlab_x86_64_source_sha256="114e616b8fad94efcd7bcecd7b69d49c42384d6599ff49809c1951e3007afc9c"
+fi
+
+gitlab_x86_64_debian_version="$(lsb_release -sc)"
+
+gitlab_arm_source_sha256="cc52de7777e0a970be20bc3386144a2d2bb0e9aaaa8906e567a4ab0cd638288e"
 
 gitlab_filename="gitlab-ce-${gitlab_version}.deb"
 
 # Action to do in case of failure of the package_check
 package_check_action() {
 	local sysctl_file="$final_path/embedded/cookbooks/package/resources/gitlab_sysctl.rb"
-	if [ ! -f "$sysctl_file" ]; then
-		sysctl_file="$final_path/embedded/cookbooks/package/resources/sysctl.rb"
-	fi
-	ynh_replace_string --match_string="command \"sysctl -e --system\"" --replace_string="command \"sysctl -e --system || true\"" --target_file=$sysctl_file
+	ynh_replace_string --match_string="command \"sysctl -e \(.*\)\"" --replace_string="command \"sysctl -e \1 || true\"" --target_file=$sysctl_file
+	
+	sysctl_file="/opt/gitlab/embedded/cookbooks/package/recipes/sysctl.rb"
+	ynh_replace_string --match_string="command \"sysctl -e \(.*\)\"" --replace_string="command \"sysctl -e \1 || true\"" --target_file=$sysctl_file
 }