Gitlab-workhorse starts using all the CPU and RAM during http(s) clone

So, I’ve installed Gitlab CE from source. My only modification is that I run it through Passenger and nginx instead of Unicorn (that’s why there’s that error about init). Oddly, yesterday it worked fine, but today neither I, nor Gitlab CI can clone any repo whatsoever through https. The error is fatal: unable to access 'https://gitlab-ci-token:xxxxxxxxxxxxxxxxxxxx@my.gitlab.host/my-username/my-repo.git/': The requested URL returned error: 502

Earlier I was getting other error codes due to my open file limit being exceeded, but I raised them, so now during the clone process gitlab-workhorse starts using all the CPU and rapidly filling RAM.

Results of the check:

Checking GitLab Shell ...
GitLab Shell version >= 8.0.0 ? ... OK (8.0.0)
Repo base directory exists?
default... yes
Repo storage directories are symlinks?
default... no
Repo paths owned by git:root, or git:git?
default... yes
Repo paths access is drwxrws---?
default... yes
hooks directories in repos are links: ... 
1/1 ... ok
1/5 ... ok
Running /home/git/gitlab-shell/bin/check
Check GitLab API access: OK
Redis available via internal API: OK

Access to /home/git/.ssh/authorized_keys: OK
gitlab-shell self-check successful

Checking GitLab Shell ... Finished

Checking Sidekiq ...

Running? ... yes
Number of Sidekiq processes ... 1

Checking Sidekiq ... Finished

Reply by email is disabled in config/gitlab.yml
Checking LDAP ...

LDAP is disabled in config/gitlab.yml

Checking LDAP ... Finished

Checking GitLab ...

Git configured correctly? ... yes
Database config exists? ... yes
All migrations up? ... yes
Database contains orphaned GroupMembers? ... no
GitLab config exists? ... yes
GitLab config up to date? ... yes
Log directory writable? ... yes
Tmp directory writable? ... yes
Uploads directory exists? ... yes
Uploads directory has correct permissions? ... yes
Uploads directory tmp has correct permissions? ... skipped (no tmp uploads folder yet)
Init script exists? ... yes
Init script up-to-date? ... no
  Try fixing it:
  Re-download the init script
  For more information see:
  doc/install/installation.md in section "Install Init Script"
  Please fix the error above and rerun the checks.
Projects have namespace: ... 
1/1 ... yes
1/5 ... yes
Redis version >= 2.8.0? ... yes
Ruby version >= 2.3.5 ? ... yes (2.3.7)
Git version >= 2.9.5 ? ... yes (2.18.0)
Git user has default SSH configuration? ... yes
Active users: ... 1

Checking GitLab ... Finished

The only changes I made to the init script is removing all Unicorn references and altering the gitlab-workhorse options so that it uses a domain socket pointing at my nginx instance.

I solved my problem.

If you’re running GitLab through Nginx + Passenger, and pointing your gitlab-workhorse to it as an auth backend, then make sure that the socket you point gitlab-workhorse towards does not pass requests back to it.