diff --git a/README.md b/README.md
index 5a7fd5f..bdce8f1 100644
--- a/README.md
+++ b/README.md
@@ -10,7 +10,7 @@ If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to
 
 GitLab is a web-based Git-repository manager providing wiki, issue-tracking and CI/CD pipeline features, using an open-source license, developed by GitLab Inc.
 
-**Shipped version:** 12.1.6
+**Shipped version:** 12.2.3
 
 ## Screenshots
 
diff --git a/conf/gitlab.rb b/conf/gitlab.rb
index a45339c..3d28a80 100644
--- a/conf/gitlab.rb
+++ b/conf/gitlab.rb
@@ -109,7 +109,7 @@ external_url '__GENERATED_EXTERNAL_URL__'
 ###!       https://docs.gitlab.com/ce/ci/yaml/README.html#artifacts:expire_in
 # gitlab_rails['stuck_ci_jobs_worker_cron'] = "0 0 * * *"
 # gitlab_rails['expire_build_artifacts_worker_cron'] = "50 * * * *"
-# gitlab_rails['pipeline_schedule_worker_cron'] = "41 * * * *"
+# gitlab_rails['pipeline_schedule_worker_cron'] = "19 * * * *"
 # gitlab_rails['ci_archive_traces_cron_worker_cron'] = "17 * * * *"
 # gitlab_rails['repository_check_worker_cron'] = "20 * * * *"
 # gitlab_rails['admin_email_worker_cron'] = "0 0 * * 0"
@@ -131,6 +131,34 @@ external_url '__GENERATED_EXTERNAL_URL__'
 ###!   will appear signed in from that address.**
 # gitlab_rails['trusted_proxies'] = []
 
+### Content Security Policy
+####! Customize if you want to enable the Content-Security-Policy header, which
+####! can help thwart JavaScript cross-site scripting (XSS) attacks.
+####! See: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
+# gitlab_rails['content_security_policy'] = {
+#  'enabled' => false,
+#  'report_only' => false,
+#  # Each directive is a String (e.g. "'self'").
+#  'directives' => {
+#    'base_uri' => nil,
+#    'child_src' => nil,
+#    'connect_src' => nil,
+#    'default_src' => nil,
+#    'font_src' => nil,
+#    'form_action' => nil,
+#    'frame_ancestors' => nil,
+#    'frame_src' => nil,
+#    'img_src' => nil,
+#    'manifest_src' => nil,
+#    'media_src' => nil,
+#    'object_src' => nil,
+#    'script_src' => nil,
+#    'style_src' => nil,
+#    'worker_src' => nil,
+#    'report_uri' => nil,
+#  }
+# }
+
 ### Monitoring settings
 ###! IP whitelist controlling access to monitoring endpoints
 # gitlab_rails['monitoring_whitelist'] = ['127.0.0.0/8', '::1/128']
@@ -438,7 +466,7 @@ gitlab_rails['gitlab_shell_ssh_port'] = __SSH_PORT__
 #### Set path to an initial license to be used while bootstrapping GitLab.
 ####! **Only applicable on initial setup, future license updations need to be done via UI.
 ####! Updating the file specified in this path won't yield any change after the first reconfigure run.
-# gitlab_rails['iniitial_license_file'] = '/etc/gitlab/company.gitlab-license'
+# gitlab_rails['initial_license_file'] = '/etc/gitlab/company.gitlab-license'
 
 #### Enable or disable automatic database migrations
 # gitlab_rails['auto_migrate'] = true
@@ -527,7 +555,7 @@ gitlab_rails['gitlab_shell_ssh_port'] = __SSH_PORT__
 ##! Docs: https://docs.gitlab.com/ce/administration/container_registry.html
 ################################################################################
 
-# registry_external_url 'https://registry.gitlab.example.com'
+# registry_external_url 'https://registry.example.com'
 
 ### Settings used by GitLab application
 # gitlab_rails['registry_enabled'] = true
@@ -570,6 +598,7 @@ gitlab_rails['gitlab_shell_ssh_port'] = __SSH_PORT__
 #   's3' => {
 #     'accesskey' => 'AKIAKIAKI',
 #     'secretkey' => 'secret123',
+#     'region' => 'us-east-1',
 #     'bucket' => 'gitlab-registry-bucket-AKIAKIAKI'
 #   }
 # }
@@ -894,6 +923,9 @@ sidekiq['listen_port'] = __SIDEKIQ_PORT__
 # See https://www.postgresql.org/docs/9.6/static/auth-pg-hba-conf.html for an explanation
 # of the values
 
+### Version settings
+# Set this if you have disabled the bundled PostgreSQL but still want to use the backup rake tasks
+# postgresql['version'] = 10
 
 ################################################################################
 ## GitLab Redis
@@ -918,6 +950,16 @@ sidekiq['listen_port'] = __SIDEKIQ_PORT__
 # redis['uid'] = nil
 # redis['gid'] = nil
 
+### Disable or obfuscate unnecessary redis command names
+### Uncomment and edit this block to add or remove entries.
+### See https://docs.gitlab.com/omnibus/settings/redis.html#renamed-commands
+### for detailed usage
+###
+# redis['rename_commands'] = {
+#   'KEYS': ''
+#}
+#
+
 ###! **To enable only Redis service in this machine, uncomment
 ###!   one of the lines below (choose master or slave instance types).**
 ###! Docs: https://docs.gitlab.com/omnibus/settings/redis.html
@@ -1003,12 +1045,12 @@ nginx['client_max_body_size'] = '__CLIENT_MAX_BODY_SIZE__'
 
 # nginx['ssl_certificate'] = "/etc/gitlab/ssl/#{node['fqdn']}.crt"
 # nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/#{node['fqdn']}.key"
-# nginx['ssl_ciphers'] = "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256"
+# nginx['ssl_ciphers'] = "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256"
 # nginx['ssl_prefer_server_ciphers'] = "on"
 
 ##! **Recommended by: https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
 ##!                   https://cipherli.st/**
-# nginx['ssl_protocols'] = "TLSv1.2"
+# nginx['ssl_protocols'] = "TLSv1.2 TLSv1.3"
 
 ##! **Recommended in: https://nginx.org/en/docs/http/ngx_http_ssl_module.html**
 # nginx['ssl_session_cache'] = "builtin:1000  shared:SSL:10m"
@@ -1266,6 +1308,9 @@ nginx['listen_https'] = false
 # gitlab_pages['gitlab_server'] = nil # Defaults to external_url
 # gitlab_pages['auth_secret'] = nil # Generated if not present
 
+##! Define custom gitlab-pages HTTP headers for the whole instance
+# gitlab_pages['headers'] = []
+
 ################################################################################
 ## GitLab Pages NGINX
 ################################################################################
@@ -1440,9 +1485,9 @@ nginx['listen_https'] = false
 ### Custom Prometheus flags
 #
 # prometheus['flags'] = {
-#   'storage.tsdb.path' => "#{node['gitlab']['prometheus']['home']}/data",
+#   'storage.tsdb.path' => "/var/opt/gitlab/prometheus/data",
 #   'storage.tsdb.retention.time' => "15d",
-#   'config.file' => "#{node['gitlab']['prometheus']['home']}/prometheus.yml"
+#   'config.file' => "/var/opt/gitlab/prometheus/prometheus.yml"
 # }
 
 ##! Advanced settings. Should be changed only if absolutely needed.
@@ -1457,9 +1502,9 @@ nginx['listen_https'] = false
 # alertmanager['log_directory'] = '/var/log/gitlab/alertmanager'
 # alertmanager['admin_email'] = 'admin@example.com'
 # alertmanager['flags'] = {
-#   'web.listen-address' => "#{node['gitlab']['alertmanager']['listen_address']}"
-#   'storage.path' => "#{node['gitlab']['alertmanager']['home']}/data"
-#   'config.file' => "#{node['gitlab']['alertmanager']['home']}/alertmanager.yml"
+#   'web.listen-address' => "localhost:9093"
+#   'storage.path' => "/var/opt/gitlab/alertmanager/data"
+#   'config.file' => "/var/opt/gitlab/alertmanager/alertmanager.yml"
 # }
 # alertmanager['env_directory'] = '/opt/gitlab/etc/alertmanager/env'
 # alertmanager['env'] = {
@@ -1478,7 +1523,7 @@ nginx['listen_https'] = false
 # node_exporter['home'] = '/var/opt/gitlab/node-exporter'
 # node_exporter['log_directory'] = '/var/log/gitlab/node-exporter'
 # node_exporter['flags'] = {
-#   'collector.textfile.directory' => "#{node['gitlab']['node-exporter']['home']}/textfile_collector"
+#   'collector.textfile.directory' => "/var/opt/gitlab/node-exporter/textfile_collector"
 # }
 # node_exporter['env_directory'] = '/opt/gitlab/etc/node-exporter/env'
 # node_exporter['env'] = {
@@ -1496,7 +1541,7 @@ nginx['listen_https'] = false
 # redis_exporter['enable'] = true
 # redis_exporter['log_directory'] = '/var/log/gitlab/redis-exporter'
 # redis_exporter['flags'] = {
-#   'redis.addr' => "unix://#{node['gitlab']['gitlab-rails']['redis_socket']}",
+#   'redis.addr' => "unix:///var/opt/gitlab/redis/redis.socket",
 # }
 # redis_exporter['env_directory'] = '/opt/gitlab/etc/redis-exporter/env'
 # redis_exporter['env'] = {
@@ -1565,6 +1610,8 @@ grafana['enable'] = false
 # grafana['home'] = '/var/opt/gitlab/grafana'
 # grafana['admin_password'] = 'admin'
 # grafana['allow_user_sign_up'] = false
+# grafana['basic_auth_enabled'] = false
+# grafana['disable_login_form'] = true
 # grafana['gitlab_application_id'] = 'GITLAB_APPLICATION_ID'
 # grafana['gitlab_secret'] = 'GITLAB_SECRET'
 # grafana['env_directory'] = '/opt/gitlab/etc/grafana/env'
diff --git a/manifest.json b/manifest.json
index 936b4fd..2d40e75 100644
--- a/manifest.json
+++ b/manifest.json
@@ -2,7 +2,7 @@
     "name": "Gitlab",
     "id": "gitlab",
     "packaging_format": 1,
-    "version": "12.1.6~ynh1",
+    "version": "12.2.3~ynh1",
     "description": {
         "en": "GitLab is a Git-repository manager.",
         "fr": "GitLab est un gestionnaire de dépôts Git."
diff --git a/scripts/backup b/scripts/backup
index c20f755..770025f 100644
--- a/scripts/backup
+++ b/scripts/backup
@@ -93,7 +93,7 @@ fi
 # For the complete doc: https://docs.gitlab.com/ce/raketasks/backup_restore.html
 # For the filename: https://docs.gitlab.com/ce/raketasks/backup_restore.html#backup-filename
 # For the backup strategy: https://docs.gitlab.com/ce/raketasks/backup_restore.html#excluding-specific-directories-from-the-backup
-gitlab-rake gitlab:backup:create BACKUP=last SKIP=$to_skip
+gitlab-backup create BACKUP=last SKIP=$to_skip
 
 ynh_backup --src_path="/var/opt/$app/backups/last_gitlab_backup.tar"
 
diff --git a/scripts/install b/scripts/install
index 36813ba..ee26355 100644
--- a/scripts/install
+++ b/scripts/install
@@ -54,8 +54,8 @@ else
         your hardware and the result of the command \"uname -m\"." 1
 fi
 
-# https://docs.gitlab.com/ee/install/requirements.html#unicorn-workers
-unicorn_worker_processes=$(($(nproc) + 1 ))
+# https://docs.gitlab.com/ce/install/requirements.html#unicorn-workers
+unicorn_worker_processes=$(bc <<< "($(nproc) * 1.5 + 1) / 1")
 
 # If the server has at least 2GB of RAM
 if [ $(ynh_check_ram --no_swap) -ge 2000 ]; then
@@ -120,7 +120,7 @@ total_memory=$(ynh_check_ram)
 total_swap=$(ynh_check_ram --only_swap)
 swap_needed=0
 
-# https://docs.gitlab.com/ee/install/requirements.html#memory
+# https://docs.gitlab.com/ce/install/requirements.html#memory
 if [ $total_memory -lt 8192 ]; then
 	# Need a minimum of 8Go of memory
 	swap_needed=$((8192 - $total_memory))
diff --git a/scripts/restore b/scripts/restore
index 1aed979..ddd8ec1 100644
--- a/scripts/restore
+++ b/scripts/restore
@@ -71,7 +71,7 @@ total_memory=$(ynh_check_ram)
 total_swap=$(ynh_check_ram --only_swap)
 swap_needed=0
 
-# https://docs.gitlab.com/ee/install/requirements.html#memory
+# https://docs.gitlab.com/ce/install/requirements.html#memory
 if [ $total_memory -lt 8192 ]; then
 	# Need a minimum of 8Go of memory
 	swap_needed=$((8192 - $total_memory))
@@ -141,7 +141,12 @@ gitlab-ctl stop sidekiq
 
 # Use gitlab-rake to backup
 # Doc: https://docs.gitlab.com/ce/raketasks/backup_restore.html#restore-for-omnibus-gitlab-installations
-ynh_exec_warn_less gitlab-rake gitlab:backup:restore force=yes BACKUP=$last_backup
+ynh_exec_warn_less gitlab-backup restore force=yes BACKUP=$last_backup
+
+# https://docs.gitlab.com/ce/raketasks/backup_restore.html#container-registry-push-failures-after-restoring-from-a-backup
+if ynh_user_exists --username="registry" && [ -d "/var/opt/gitlab/gitlab-rails/shared/registry/docker" ]; then
+	chown -R registry:registry /var/opt/gitlab/gitlab-rails/shared/registry/docker
+fi
 
 #=================================================
 # GENERIC FINALIZATION
diff --git a/scripts/upgrade b/scripts/upgrade
index 187c1d9..5128c9d 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -74,8 +74,8 @@ if [ -z "$config_path" ]; then
 fi
 
 if [ -z "$unicorn_worker_processes" ]; then
-	# https://docs.gitlab.com/ee/install/requirements.html#unicorn-workers
-	unicorn_worker_processes=$(($(nproc) + 1 ))
+	# https://docs.gitlab.com/ce/install/requirements.html#unicorn-workers
+	unicorn_worker_processes=$(bc <<< "($(nproc) * 1.5 + 1) / 1")
 
 	# If the server has at least 2GB of RAM
 	if [ $(free -g --si | grep Mem: | awk '{print $2}') -ge 2 ]; then
@@ -230,7 +230,7 @@ total_memory=$(ynh_check_ram)
 total_swap=$(ynh_check_ram --only_swap)
 swap_needed=0
 
-# https://docs.gitlab.com/ee/install/requirements.html#memory
+# https://docs.gitlab.com/ce/install/requirements.html#memory
 if [ $total_memory -lt 8192 ]; then
 	# Need a minimum of 8Go of memory
 	swap_needed=$((8192 - $total_memory))
diff --git a/scripts/upgrade.d/upgrade.last.sh b/scripts/upgrade.d/upgrade.last.sh
index c0ea22f..101291c 100644
--- a/scripts/upgrade.d/upgrade.last.sh
+++ b/scripts/upgrade.d/upgrade.last.sh
@@ -1,8 +1,8 @@
-gitlab_version="12.1.6"
+gitlab_version="12.2.3"
 
-gitlab_x86_64_source_sha256="af4251dd4d0c5ff42f69e6ac09d4767e8be41314b63993a5959790ac78657c91"
+gitlab_x86_64_source_sha256="c7cb22bf7aee5bba4b9ebc2f04add53b68092bca18130a2ab3697a8583687770"
 
-gitlab_arm_source_sha256="adfa0120282fcc84e9dca85196dcc28dc2763d072581857fc592ef35ab3821ab"
+gitlab_arm_source_sha256="2be45cc1bb8a9f785c1ce8469bc11996be323c474b1d0d812b37e75a44bdd4dd"
 
 gitlab_filename="gitlab-ce-${gitlab_version}.deb"