Gitlab workflow through security domains

I’m fairly new to git and gitlab and have been tasked to set up a gitlab server in each of our security domains, (unclassified and classified). Our unclassified gitlab is the source of truth which we promote to our classified gitlab which has the exact same projects but will have additions that are considered classified. My question(s) are how would I do this as a backup and restore would wipe out all classified changes on the classified gitlab. Is exporting each project from the unclassified gitlab and importing it into the classified gitlab. Then how would I merge the differences?