Gitlab on-prem error

How to Use GitLab
1

:hugs:

Problem to solve

When installing gitlab-ee based on the instructions on the website alone, on a brand new Debian 12 (Bookworm) LXC, I get the following error…

 ================================================================================
    Error executing action `run` on resource 'execute[reload all sysctl conf]'
    ================================================================================
    
    Mixlib::ShellOut::ShellCommandFailed
    ------------------------------------
    Expected process to exit with [0], but received '1'
    ---- Begin output of sysctl -e --system ----
    STDOUT: * Applying /usr/lib/sysctl.d/50-pid-max.conf ...
    * Applying /etc/sysctl.d/90-omnibus-gitlab-kernel.sem.conf ...
    * Applying /etc/sysctl.d/90-omnibus-gitlab-kernel.shmall.conf ...
    * Applying /etc/sysctl.d/90-omnibus-gitlab-kernel.shmmax.conf ...
    * Applying /usr/lib/sysctl.d/99-protect-links.conf ...
    * Applying /etc/sysctl.d/99-sysctl.conf ...
    * Applying /etc/sysctl.conf ...
    STDERR: sysctl: permission denied on key "kernel.pid_max"
    sysctl: permission denied on key "kernel.sem"
    sysctl: permission denied on key "kernel.shmall"
    sysctl: permission denied on key "kernel.shmmax"
    sysctl: permission denied on key "fs.protected_fifos"
    sysctl: permission denied on key "fs.protected_hardlinks"
    sysctl: permission denied on key "fs.protected_regular"
    sysctl: permission denied on key "fs.protected_symlinks"
    ---- End output of sysctl -e --system ----
    Ran sysctl -e --system returned 1
    
    Resource Declaration:
    ---------------------
    # In /opt/gitlab/embedded/cookbooks/cache/cookbooks/package/recipes/sysctl.rb
    
     18: execute "reload all sysctl conf" do
     19:   command "sysctl -e --system"
     20:   action :nothing
     21: 
     22:   only_if { node['package']['modify_kernel_parameters'] }
     23: end
    
    Compiled Resource:
    ------------------
    # Declared in /opt/gitlab/embedded/cookbooks/cache/cookbooks/package/recipes/sysctl.rb:18:in `from_file'
    
    execute("reload all sysctl conf") do
      action [:nothing]
      default_guard_interpreter :execute
      command "sysctl -e --system"
      declared_type :execute
      cookbook_name "package"
      recipe_name "sysctl"
      only_if { #code block }
    end
    
    System Info:
    ------------
    chef_version=18.3.0
    platform=debian
    platform_version=12
    ruby=ruby 3.1.4p223 (2023-03-30 revision 957bb7cb81) [x86_64-linux]
    program_name=/opt/gitlab/embedded/bin/cinc-client
    executable=/opt/gitlab/embedded/bin/cinc-client
    

Running handlers:
[2024-04-13T10:59:07-05:00] ERROR: Running exception handlers
There was an error running gitlab-ctl reconfigure:

Multiple failures occurred:
* Mixlib::ShellOut::ShellCommandFailed occurred in Cinc Client run: gitlab_sysctl[kernel.sem] (postgresql::sysctl line 19) had an error: Mixlib::ShellOut::ShellCommandFailed: execute[load sysctl conf kernel.sem] (postgresql::sysctl line 56) had an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '1'
---- Begin output of sysctl -e -p /opt/gitlab/embedded/etc/90-omnibus-gitlab-kernel.sem.conf ----
STDOUT: 
STDERR: sysctl: permission denied on key "kernel.sem"
---- End output of sysctl -e -p /opt/gitlab/embedded/etc/90-omnibus-gitlab-kernel.sem.conf ----
Ran sysctl -e -p /opt/gitlab/embedded/etc/90-omnibus-gitlab-kernel.sem.conf returned 1
* Mixlib::ShellOut::ShellCommandFailed occurred in delayed notification: execute[reload all sysctl conf] (package::sysctl line 18) had an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '1'
---- Begin output of sysctl -e --system ----
STDOUT: * Applying /usr/lib/sysctl.d/50-pid-max.conf ...
* Applying /etc/sysctl.d/90-omnibus-gitlab-kernel.sem.conf ...
* Applying /etc/sysctl.d/90-omnibus-gitlab-kernel.shmall.conf ...
* Applying /etc/sysctl.d/90-omnibus-gitlab-kernel.shmmax.conf ...
* Applying /usr/lib/sysctl.d/99-protect-links.conf ...
* Applying /etc/sysctl.d/99-sysctl.conf ...
* Applying /etc/sysctl.conf ...
STDERR: sysctl: permission denied on key "kernel.pid_max"
sysctl: permission denied on key "kernel.sem"
sysctl: permission denied on key "kernel.shmall"
sysctl: permission denied on key "kernel.shmmax"
sysctl: permission denied on key "fs.protected_fifos"
sysctl: permission denied on key "fs.protected_hardlinks"
sysctl: permission denied on key "fs.protected_regular"
sysctl: permission denied on key "fs.protected_symlinks"
---- End output of sysctl -e --system ----
Ran sysctl -e --system returned 1



Warnings:
Environment variable LANG specifies a non-UTF-8 locale. GitLab requires UTF-8 encoding to function properly. Please check your locale settings.


Notes:
Default admin account has been configured with following details:
Username: root
Password: You didn't opt-in to print initial root password to STDOUT.
Password stored to /etc/gitlab/initial_root_password. This file will be cleaned up in first reconfigure run after 24 hours.

NOTE: Because these credentials might be present in your log files in plain text, it is highly recommended to reset the password following https://docs.gitlab.com/ee/security/reset_user_password.html#reset-your-root-password.

Running handlers complete
[2024-04-13T10:59:07-05:00] ERROR: Exception handlers complete
Infra Phase failed. 7 resources updated in 11 seconds

Warnings:
Environment variable LANG specifies a non-UTF-8 locale. GitLab requires UTF-8 encoding to function properly. Please check your locale settings.


Notes:
Default admin account has been configured with following details:
Username: root
Password: You didn't opt-in to print initial root password to STDOUT.
Password stored to /etc/gitlab/initial_root_password. This file will be cleaned up in first reconfigure run after 24 hours.

NOTE: Because these credentials might be present in your log files in plain text, it is highly recommended to reset the password following https://docs.gitlab.com/ee/security/reset_user_password.html#reset-your-root-password.

[2024-04-13T10:59:07-05:00] FATAL: Stacktrace dumped to /opt/gitlab/embedded/cookbooks/cache/cinc-stacktrace.out
[2024-04-13T10:59:07-05:00] FATAL: ---------------------------------------------------------------------------------------
[2024-04-13T10:59:07-05:00] FATAL: PLEASE PROVIDE THE CONTENTS OF THE stacktrace.out FILE (above) IF YOU FILE A BUG REPORT
[2024-04-13T10:59:07-05:00] FATAL: ---------------------------------------------------------------------------------------
[2024-04-13T10:59:07-05:00] FATAL: Chef::Exceptions::MultipleFailures: Multiple failures occurred:
* Mixlib::ShellOut::ShellCommandFailed occurred in Cinc Client run: gitlab_sysctl[kernel.sem] (postgresql::sysctl line 19) had an error: Mixlib::ShellOut::ShellCommandFailed: execute[load sysctl conf kernel.sem] (postgresql::sysctl line 56) had an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '1'
---- Begin output of sysctl -e -p /opt/gitlab/embedded/etc/90-omnibus-gitlab-kernel.sem.conf ----
STDOUT: 
STDERR: sysctl: permission denied on key "kernel.sem"
---- End output of sysctl -e -p /opt/gitlab/embedded/etc/90-omnibus-gitlab-kernel.sem.conf ----
Ran sysctl -e -p /opt/gitlab/embedded/etc/90-omnibus-gitlab-kernel.sem.conf returned 1
* Mixlib::ShellOut::ShellCommandFailed occurred in delayed notification: execute[reload all sysctl conf] (package::sysctl line 18) had an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '1'
---- Begin output of sysctl -e --system ----
STDOUT: * Applying /usr/lib/sysctl.d/50-pid-max.conf ...
* Applying /etc/sysctl.d/90-omnibus-gitlab-kernel.sem.conf ...
* Applying /etc/sysctl.d/90-omnibus-gitlab-kernel.shmall.conf ...
* Applying /etc/sysctl.d/90-omnibus-gitlab-kernel.shmmax.conf ...
* Applying /usr/lib/sysctl.d/99-protect-links.conf ...
* Applying /etc/sysctl.d/99-sysctl.conf ...
* Applying /etc/sysctl.conf ...
STDERR: sysctl: permission denied on key "kernel.pid_max"
sysctl: permission denied on key "kernel.sem"
sysctl: permission denied on key "kernel.shmall"
sysctl: permission denied on key "kernel.shmmax"
sysctl: permission denied on key "fs.protected_fifos"
sysctl: permission denied on key "fs.protected_hardlinks"
sysctl: permission denied on key "fs.protected_regular"
sysctl: permission denied on key "fs.protected_symlinks"
---- End output of sysctl -e --system ----
Ran sysctl -e --system returned 1

dpkg: error processing package gitlab-ee (--configure):
 installed gitlab-ee package post-installation script subprocess returned error exit status 1
Errors were encountered while processing:
 gitlab-ee
E: Sub-process /usr/bin/dpkg returned an error code (1)

Helpful resources

  1. Before opening a new topic, make sure to search for keywords in the forum search
  2. Check the GitLab project for existing issues. If you encounter a bug, please create a bug report issue.
  3. Troubleshooting docs: Self-managed GitLab instances.

Thanks for taking the time to be thorough in your request, it really helps! :blush:

2

Hi,

From what I see in the documentation: Installation methods | GitLab there is no reference to LXC which would hint that it is not supported.

Try installing the Omnibus package (deb/rpm), or use Docker to install it.

3

Thank you for the quick response, what is strange is I used the exact same method prior to accidentally deleting my full git repo on an lxc and it worked.

I finally got this installed on a VM but am having issues accessing it due to ssl, so trying to work through that – however, I am confused as to why I was able to use ansible and Jeff Geerling’s role/script to install on an lxc prior with no issues but now am facing multiple issues with permissions and this.

Running handlers:
[2024-04-13T13:39:08-05:00] ERROR: Running exception handlers
There was an error running gitlab-ctl reconfigure:

Multiple failures occurred:
* RuntimeError occurred in Cinc Client run: letsencrypt_certificate[pve-git.svc.hq.catalystgroup.gg] (letsencrypt::http_authorization line 6) had an error: RuntimeError: acme_certificate[staging] (letsencrypt::http_authorization line 43) had an error: RuntimeError: ruby_block[create certificate for pve-git.svc.hq.catalystgroup.gg] (letsencrypt::http_authorization line 110) had an error: RuntimeError: [pve-git.svc.hq.catalystgroup.gg] Validation failed, unable to request certificate, Errors: [{url: https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/11995996754/Exe5Zw, status: invalid, error: {"type"=>"urn:ietf:params:acme:error:unauthorized", "detail"=>"99.186.252.127: Invalid response from http://pve-git.svc.hq.catalystgroup.gg/.well-known/acme-challenge/l2daKx-xV2CqVdzSeS3lcEwGzSL7oIuegc_Py29HTHw: 404", "status"=>403}} ]
* Mixlib::ShellOut::ShellCommandFailed occurred in delayed notification: execute[reload all sysctl conf] (package::sysctl line 18) had an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '1'
---- Begin output of sysctl -e --system ----
STDOUT: * Applying /usr/lib/sysctl.d/50-pid-max.conf ...
* Applying /etc/sysctl.d/90-omnibus-gitlab-kernel.sem.conf ...
* Applying /etc/sysctl.d/90-omnibus-gitlab-kernel.shmall.conf ...
* Applying /etc/sysctl.d/90-omnibus-gitlab-kernel.shmmax.conf ...
* Applying /etc/sysctl.d/90-omnibus-gitlab-net.core.somaxconn.conf ...
* Applying /usr/lib/sysctl.d/99-protect-links.conf ...
* Applying /etc/sysctl.d/99-sysctl.conf ...
* Applying /etc/sysctl.conf ...
net.core.somaxconn = 2048
STDERR: sysctl: permission denied on key "kernel.pid_max"
sysctl: permission denied on key "kernel.sem"
sysctl: permission denied on key "kernel.shmall"
sysctl: permission denied on key "kernel.shmmax"
sysctl: permission denied on key "fs.protected_fifos"
sysctl: permission denied on key "fs.protected_hardlinks"
sysctl: permission denied on key "fs.protected_regular"
sysctl: permission denied on key "fs.protected_symlinks"
---- End output of sysctl -e --system ----
Ran sysctl -e --system returned 1



Warnings:
Environment variable LANG specifies a non-UTF-8 locale. GitLab requires UTF-8 encoding to function properly. Please check your locale settings.


Notes:
Default admin account has been configured with following details:
Username: root
Password: You didn't opt-in to print initial root password to STDOUT.
Password stored to /etc/gitlab/initial_root_password. This file will be cleaned up in first reconfigure run after 24 hours.

NOTE: Because these credentials might be present in your log files in plain text, it is highly recommended to reset the password following https://docs.gitlab.com/ee/security/reset_user_password.html#reset-your-root-password.

Running handlers complete
[2024-04-13T13:39:08-05:00] ERROR: Exception handlers complete
Infra Phase failed. 252 resources updated in 02 minutes 41 seconds

Warnings:
Environment variable LANG specifies a non-UTF-8 locale. GitLab requires UTF-8 encoding to function properly. Please check your locale settings.


Notes:
Default admin account has been configured with following details:
Username: root
Password: You didn't opt-in to print initial root password to STDOUT.
Password stored to /etc/gitlab/initial_root_password. This file will be cleaned up in first reconfigure run after 24 hours.

NOTE: Because these credentials might be present in your log files in plain text, it is highly recommended to reset the password following https://docs.gitlab.com/ee/security/reset_user_password.html#reset-your-root-password.

[2024-04-13T13:39:08-05:00] FATAL: Stacktrace dumped to /opt/gitlab/embedded/cookbooks/cache/cinc-stacktrace.out
[2024-04-13T13:39:08-05:00] FATAL: ---------------------------------------------------------------------------------------
[2024-04-13T13:39:08-05:00] FATAL: PLEASE PROVIDE THE CONTENTS OF THE stacktrace.out FILE (above) IF YOU FILE A BUG REPORT
[2024-04-13T13:39:08-05:00] FATAL: ---------------------------------------------------------------------------------------
[2024-04-13T13:39:08-05:00] FATAL: Chef::Exceptions::MultipleFailures: Multiple failures occurred:
* RuntimeError occurred in Cinc Client run: letsencrypt_certificate[pve-git.svc.hq.catalystgroup.gg] (letsencrypt::http_authorization line 6) had an error: RuntimeError: acme_certificate[staging] (letsencrypt::http_authorization line 43) had an error: RuntimeError: ruby_block[create certificate for pve-git.svc.hq.catalystgroup.gg] (letsencrypt::http_authorization line 110) had an error: RuntimeError: [pve-git.svc.hq.catalystgroup.gg] Validation failed, unable to request certificate, Errors: [{url: https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/11995996754/Exe5Zw, status: invalid, error: {"type"=>"urn:ietf:params:acme:error:unauthorized", "detail"=>"99.186.252.127: Invalid response from http://pve-git.svc.hq.catalystgroup.gg/.well-known/acme-challenge/l2daKx-xV2CqVdzSeS3lcEwGzSL7oIuegc_Py29HTHw: 404", "status"=>403}} ]
* Mixlib::ShellOut::ShellCommandFailed occurred in delayed notification: execute[reload all sysctl conf] (package::sysctl line 18) had an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '1'
---- Begin output of sysctl -e --system ----
STDOUT: * Applying /usr/lib/sysctl.d/50-pid-max.conf ...
* Applying /etc/sysctl.d/90-omnibus-gitlab-kernel.sem.conf ...
* Applying /etc/sysctl.d/90-omnibus-gitlab-kernel.shmall.conf ...
* Applying /etc/sysctl.d/90-omnibus-gitlab-kernel.shmmax.conf ...
* Applying /etc/sysctl.d/90-omnibus-gitlab-net.core.somaxconn.conf ...
* Applying /usr/lib/sysctl.d/99-protect-links.conf ...
* Applying /etc/sysctl.d/99-sysctl.conf ...
* Applying /etc/sysctl.conf ...
net.core.somaxconn = 2048
STDERR: sysctl: permission denied on key "kernel.pid_max"
sysctl: permission denied on key "kernel.sem"
sysctl: permission denied on key "kernel.shmall"
sysctl: permission denied on key "kernel.shmmax"
sysctl: permission denied on key "fs.protected_fifos"
sysctl: permission denied on key "fs.protected_hardlinks"
sysctl: permission denied on key "fs.protected_regular"
sysctl: permission denied on key "fs.protected_symlinks"
---- End output of sysctl -e --system ----
Ran sysctl -e --system returned 1
4 
Running handlers:
[2024-04-13T13:39:08-05:00] ERROR: Running exception handlers
There was an error running gitlab-ctl reconfigure:

Multiple failures occurred:
* RuntimeError occurred in Cinc Client run: letsencrypt_certificate[pve-git.svc.hq.catalystgroup.gg] (letsencrypt::http_authorization line 6) had an error: RuntimeError: acme_certificate[staging] (letsencrypt::http_authorization line 43) had an error: RuntimeError: ruby_block[create certificate for pve-git.svc.hq.catalystgroup.gg] (letsencrypt::http_authorization line 110) had an error: RuntimeError: [pve-git.svc.hq.catalystgroup.gg] Validation failed, unable to request certificate, Errors: [{url: https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/11995996754/Exe5Zw, status: invalid, error: {"type"=>"urn:ietf:params:acme:error:unauthorized", "detail"=>"99.186.252.127: Invalid response from http://pve-git.svc.hq.catalystgroup.gg/.well-known/acme-challenge/l2daKx-xV2CqVdzSeS3lcEwGzSL7oIuegc_Py29HTHw: 404", "status"=>403}} ]
* Mixlib::ShellOut::ShellCommandFailed occurred in delayed notification: execute[reload all sysctl conf] (package::sysctl line 18) had an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '1'
---- Begin output of sysctl -e --system ----
STDOUT: * Applying /usr/lib/sysctl.d/50-pid-max.conf ...
* Applying /etc/sysctl.d/90-omnibus-gitlab-kernel.sem.conf ...
* Applying /etc/sysctl.d/90-omnibus-gitlab-kernel.shmall.conf ...
* Applying /etc/sysctl.d/90-omnibus-gitlab-kernel.shmmax.conf ...
* Applying /etc/sysctl.d/90-omnibus-gitlab-net.core.somaxconn.conf ...
* Applying /usr/lib/sysctl.d/99-protect-links.conf ...
* Applying /etc/sysctl.d/99-sysctl.conf ...
* Applying /etc/sysctl.conf ...
net.core.somaxconn = 2048
STDERR: sysctl: permission denied on key "kernel.pid_max"
sysctl: permission denied on key "kernel.sem"
sysctl: permission denied on key "kernel.shmall"
sysctl: permission denied on key "kernel.shmmax"
sysctl: permission denied on key "fs.protected_fifos"
sysctl: permission denied on key "fs.protected_hardlinks"
sysctl: permission denied on key "fs.protected_regular"
sysctl: permission denied on key "fs.protected_symlinks"
---- End output of sysctl -e --system ----
Ran sysctl -e --system returned 1



Warnings:
Environment variable LANG specifies a non-UTF-8 locale. GitLab requires UTF-8 encoding to function properly. Please check your locale settings.


Notes:
Default admin account has been configured with following details:
Username: root
Password: You didn't opt-in to print initial root password to STDOUT.
Password stored to /etc/gitlab/initial_root_password. This file will be cleaned up in first reconfigure run after 24 hours.

NOTE: Because these credentials might be present in your log files in plain text, it is highly recommended to reset the password following https://docs.gitlab.com/ee/security/reset_user_password.html#reset-your-root-password.

Running handlers complete
[2024-04-13T13:39:08-05:00] ERROR: Exception handlers complete
Infra Phase failed. 252 resources updated in 02 minutes 41 seconds

Warnings:
Environment variable LANG specifies a non-UTF-8 locale. GitLab requires UTF-8 encoding to function properly. Please check your locale settings.


Notes:
Default admin account has been configured with following details:
Username: root
Password: You didn't opt-in to print initial root password to STDOUT.
Password stored to /etc/gitlab/initial_root_password. This file will be cleaned up in first reconfigure run after 24 hours.

NOTE: Because these credentials might be present in your log files in plain text, it is highly recommended to reset the password following https://docs.gitlab.com/ee/security/reset_user_password.html#reset-your-root-password.

[2024-04-13T13:39:08-05:00] FATAL: Stacktrace dumped to /opt/gitlab/embedded/cookbooks/cache/cinc-stacktrace.out
[2024-04-13T13:39:08-05:00] FATAL: ---------------------------------------------------------------------------------------
[2024-04-13T13:39:08-05:00] FATAL: PLEASE PROVIDE THE CONTENTS OF THE stacktrace.out FILE (above) IF YOU FILE A BUG REPORT
[2024-04-13T13:39:08-05:00] FATAL: ---------------------------------------------------------------------------------------
[2024-04-13T13:39:08-05:00] FATAL: Chef::Exceptions::MultipleFailures: Multiple failures occurred:
* RuntimeError occurred in Cinc Client run: letsencrypt_certificate[pve-git.svc.hq.catalystgroup.gg] (letsencrypt::http_authorization line 6) had an error: RuntimeError: acme_certificate[staging] (letsencrypt::http_authorization line 43) had an error: RuntimeError: ruby_block[create certificate for pve-git.svc.hq.catalystgroup.gg] (letsencrypt::http_authorization line 110) had an error: RuntimeError: [pve-git.svc.hq.catalystgroup.gg] Validation failed, unable to request certificate, Errors: [{url: https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/11995996754/Exe5Zw, status: invalid, error: {"type"=>"urn:ietf:params:acme:error:unauthorized", "detail"=>"99.186.252.127: Invalid response from http://pve-git.svc.hq.catalystgroup.gg/.well-known/acme-challenge/l2daKx-xV2CqVdzSeS3lcEwGzSL7oIuegc_Py29HTHw: 404", "status"=>403}} ]
* Mixlib::ShellOut::ShellCommandFailed occurred in delayed notification: execute[reload all sysctl conf] (package::sysctl line 18) had an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '1'
---- Begin output of sysctl -e --system ----
STDOUT: * Applying /usr/lib/sysctl.d/50-pid-max.conf ...
* Applying /etc/sysctl.d/90-omnibus-gitlab-kernel.sem.conf ...
* Applying /etc/sysctl.d/90-omnibus-gitlab-kernel.shmall.conf ...
* Applying /etc/sysctl.d/90-omnibus-gitlab-kernel.shmmax.conf ...
* Applying /etc/sysctl.d/90-omnibus-gitlab-net.core.somaxconn.conf ...
* Applying /usr/lib/sysctl.d/99-protect-links.conf ...
* Applying /etc/sysctl.d/99-sysctl.conf ...
* Applying /etc/sysctl.conf ...
net.core.somaxconn = 2048
STDERR: sysctl: permission denied on key "kernel.pid_max"
sysctl: permission denied on key "kernel.sem"
sysctl: permission denied on key "kernel.shmall"
sysctl: permission denied on key "kernel.shmmax"
sysctl: permission denied on key "fs.protected_fifos"
sysctl: permission denied on key "fs.protected_hardlinks"
sysctl: permission denied on key "fs.protected_regular"
sysctl: permission denied on key "fs.protected_symlinks"
---- End output of sysctl -e --system ----
Ran sysctl -e --system returned 1
5

We run GitLab in an LXC guest on Ubuntu, installed from the omnibus package and that just works.

Your problems seem to stem from trying to set some sysctl’s. I know that you can limit what lxc guests can do/change, probably (it’s been some years since I did that) including sysctl’s. What puzzles me is where it’s determined what settings to change and to what. On the servers we have that runs the webapp, there is a 90-omnibus-gitlab-net.core.somaxconn.conf (in /etc/sysctl.d), the same file is present if I bring up a qemu guest on my laptop with a full gitlab, but it’s not present on the servers where we run praefect or gitaly (that’s also just the omnibus package).

I don’t know where the creation of those files are controlled, so I’m not sure on how to avoid those errors, but my guess would be that whoever gives you that LXC guest has restricted it so much that GitLab won’t run. It might require several iterations, but maybe look at what those files try to change at contact the supplies of your guest and ask for a guest that is not limited.

But it’s just a guess and getting another LXC guest might be expensive (that depends on the specific solution you use).