diff --git a/Changelog.md b/Changelog.md
index 5c9a9707..2196dcba 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -4,6 +4,7 @@ This file only reflects the changes that are made in the the docker image. Pleas
 
 **latest**
 - proper long-term fix for http/https cloning when `GITLAB_RELATIVE_URL_ROOT` is used
+- gitlab: upgrade to CE v8.1.3
 
 **8.1.2**
 - gitlab: upgrade to CE v8.1.2
diff --git a/Dockerfile b/Dockerfile
index ba6d8548..aa596b70 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,7 +1,7 @@
 FROM quay.io/sameersbn/ubuntu:14.04.20151023
 MAINTAINER sameer@damagehead.com
 
-ENV GITLAB_VERSION=8.1.2 \
+ENV GITLAB_VERSION=8.1.3 \
     GITLAB_SHELL_VERSION=2.6.5 \
     GITLAB_GIT_HTTP_SERVER_VERSION=0.3.0 \
     GITLAB_USER="git" \
diff --git a/assets/config/gitlabhq/gitlab.yml b/assets/config/gitlabhq/gitlab.yml
index c9eec258..da7062ce 100644
--- a/assets/config/gitlabhq/gitlab.yml
+++ b/assets/config/gitlabhq/gitlab.yml
@@ -274,6 +274,19 @@ production: &base
     # arguments, followed by optional 'args' which can be either a hash or an array.
     # Documentation for this is available at http://doc.gitlab.com/ce/integration/omniauth.html
     providers:
+      - { name: 'github',
+          label: 'GitHub',
+          app_id: '{{OAUTH_GITHUB_API_KEY}}',
+          app_secret: '{{OAUTH_GITHUB_APP_SECRET}}',
+          args: { scope: '{{OAUTH_GITHUB_SCOPE}}' } }
+      - { name: 'bitbucket',
+          app_id: '{{OAUTH_BITBUCKET_API_KEY}}',
+          app_secret: '{{OAUTH_BITBUCKET_APP_SECRET}}' }
+      - { name: 'gitlab',
+          label: 'GitLab.com',
+          app_id: '{{OAUTH_GITLAB_API_KEY}}',
+          app_secret: '{{OAUTH_GITLAB_APP_SECRET}}',
+          args: { scope: '{{OAUTH_GITLAB_SCOPE}}' } }
       - { name: 'google_oauth2',
           label: 'Google',
           app_id: '{{OAUTH_GOOGLE_API_KEY}}',
@@ -282,19 +295,6 @@ production: &base
       - { name: 'twitter',
           app_id: '{{OAUTH_TWITTER_API_KEY}}',
           app_secret: '{{OAUTH_TWITTER_APP_SECRET}}' }
-      - { name: 'github',
-          label: 'GitHub',
-          app_id: '{{OAUTH_GITHUB_API_KEY}}',
-          app_secret: '{{OAUTH_GITHUB_APP_SECRET}}',
-          args: { scope: '{{OAUTH_GITHUB_SCOPE}}' } }
-      - { name: 'gitlab',
-          label: 'GitLab.com',
-          app_id: '{{OAUTH_GITLAB_API_KEY}}',
-          app_secret: '{{OAUTH_GITLAB_APP_SECRET}}',
-          args: { scope: '{{OAUTH_GITLAB_SCOPE}}' } }
-      - { name: 'bitbucket',
-          app_id: '{{OAUTH_BITBUCKET_API_KEY}}',
-          app_secret: '{{OAUTH_BITBUCKET_APP_SECRET}}' }
       - { name: 'saml',
           label: 'Our SAML Provider',
           args: {