Greetings, I hope you can help me, recently I have had problems with Gitlab, I constantly get the 502 error when consulting a repository or when entering the gitlab url (it is on its own server under ubuntu server), reading in forums I read that to raise the server will use the gitlab-ctl command. which I used to start correctly, at first the gitlab-ctl restart command worked correctly, but the last ones kept showing me the 502 error, in another forum I found that this was solved with gitlab-ctl reconfigure which I have used about 4 times without that it will affect my repositories, currently my server is in threat of a mining software, which I try to remove from the computer, but it happened to me that when I used the gitlab-ctl reconfigure command for the last time, it keeps the users and passwords but the repositories already I can’t see them, it tells me that the repositories don’t exist, I haven’t modified anything in the gitlab-rb file
I hate to be the bearer of bad news, but it sounds like your instance has been compromised by a malicious actor exploiting CVE-2021-22205 which affected GitLab versions 11.9-13.10.2.
The fact that a miner is targeting your system suggests that the system is vulnerable and has been compromised. I suggest you check here for indicators of compromise.
The missing repositories sounds similar to this. If your repositories have been encrypted or deleted by a malicious actor, I suggest you spin up a new server, install GitLab, and restore your latest working backup to it.
If it is the case that your instance has been compromised, we’ve shared some suggestions to help mitigate further threats here.