500 errors usually refer to backend errors, which should be visible in the production log. Try tailing the log file while making the browser request to the Web IDE and correlate the error.
Referring to secrets file, in my system the file /etc/gitlab/gitlab-secrets.json doesn’t exist…
There is the file /etc/gitlab/gitlab-secrets.json.bak, I tried copying and renaming it but every time I reboot the file gets deleted…
This is an excerpt from the file /etc/gitlab/gitlab-secrets.json:
Maybe there is a cronjob on the system that tries to backup everything, including the secrets.json file. Or the system has been modified by someone, and something weird is going on in the background. My debugging strategy would be to check all startup scripts after boot, and trace the file access to /etc/gitlab.
Eventually, /etc/gitlab is mounted as a tmpfs which gets purged after reboot, or otherwise on a non-functional network filesystem. Or the setup runs in Docker, and the bind mounts do not work properly.
Clearly, the error you are seeing sources from a non-existent secrets.json file, and outside of the Web IDE, it may also affect other functionality that requires authentication (CI/CD, etc.).
Assuming you have SSH root access on the Linux VM or server, you’ll need some basic Linux tools and analytics knowledge.
For example, you can increase the log level, or use log history inspection (lastlog, history, cat ~/.bash_history, less /var/log/syslog, etc.) to figure out if there was a script or command that deleted that file. For example, Any way to determine how files were deleted on Linux/Apache server? - Server Fault - I googled for linux figure out how a file is deleted on boot.
Mounts - run the mount command as root to see all mounted nodes. Filter the results for tmpfs - mount | grep tmp. It should only show something like this on an Ubuntu node:
root@legendiary:~# mount | grep tmp
udev on /dev type devtmpfs (rw,nosuid,relatime,size=941204k,nr_inodes=235301,mode=755,inode64)
tmpfs on /run type tmpfs (rw,nosuid,nodev,noexec,relatime,size=196192k,mode=755,inode64)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev,inode64)
tmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k,inode64)
tmpfs on /run/user/0 type tmpfs (rw,nosuid,nodev,relatime,size=196188k,nr_inodes=49047,mode=700,inode64)
Before giving Docker bind mount details, I’d like to know if the setup is run in Docker at all, or using the raw Omnibus package.
The system was built using turnkeylinux. In particular the debian system is an LXC container.
So the given indications should be applicable.
root@myGitLab ~# mount | grep tmp
none on /dev type tmpfs (rw,relatime,size=492k,mode=755,uid=100000,gid=100000,inode64)
udev on /dev/full type devtmpfs (rw,nosuid,relatime,size=32908288k,nr_inodes=8227072,mode=755,inode64)
udev on /dev/null type devtmpfs (rw,nosuid,relatime,size=32908288k,nr_inodes=8227072,mode=755,inode64)
udev on /dev/random type devtmpfs (rw,nosuid,relatime,size=32908288k,nr_inodes=8227072,mode=755,inode64)
udev on /dev/tty type devtmpfs (rw,nosuid,relatime,size=32908288k,nr_inodes=8227072,mode=755,inode64)
udev on /dev/urandom type devtmpfs (rw,nosuid,relatime,size=32908288k,nr_inodes=8227072,mode=755,inode64)
udev on /dev/zero type devtmpfs (rw,nosuid,relatime,size=32908288k,nr_inodes=8227072,mode=755,inode64)
none on /proc/sys/kernel/random/boot_id type tmpfs (ro,nosuid,nodev,noexec,relatime,size=492k,mode=755,uid=100000,gid=100000,inode64)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev,uid=100000,gid=100000,inode64)
tmpfs on /run type tmpfs (rw,nosuid,nodev,size=13177164k,nr_inodes=819200,mode=755,uid=100000,gid=100000,inode64)
tmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k,uid=100000,gid=100000,inode64)
and:
root@myGitLab ~# grep CRON /var/log/syslog
Dec 1 00:56:01 myGitLab CRON[71929]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 1 01:56:01 myGitLab CRON[73277]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 1 02:56:01 myGitLab CRON[74630]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 1 03:06:01 myGitLab CRON[74859]: (root) CMD (test -e /run/systemd/system || SERVICE_MODE=1 /usr/lib/x86_64-linux-gnu/e2fsprogs/e2scrub_all_cron)
Dec 1 03:55:01 myGitLab CRON[75974]: (root) CMD (test -x /usr/sbin/cron-apt && /usr/sbin/cron-apt)
Dec 1 03:55:01 myGitLab CRON[75975]: (root) CMD (test -e /run/systemd/system || SERVICE_MODE=1 /sbin/e2scrub_all -A -r)
Dec 1 03:56:01 myGitLab CRON[76011]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 1 04:16:22 myGitLab cron-apt: CRON-APT RUN [/etc/cron-apt/config]: Sun Dec 1 03:55:01 UTC 2024
Dec 1 04:16:23 myGitLab cron-apt: CRON-APT SLEEP: 1278, Sun Dec 1 04:16:19 UTC 2024
Dec 1 04:16:23 myGitLab cron-apt: CRON-APT ACTION: 0-update
Dec 1 04:16:23 myGitLab cron-apt: CRON-APT LINE: /usr/bin/apt-get -o quiet=1 update -o quiet=2
Dec 1 04:16:23 myGitLab cron-apt: CRON-APT ACTION: 5-install
Dec 1 04:16:23 myGitLab cron-apt: CRON-APT LINE: /usr/bin/apt-get -o quiet=1 autoclean -y
Dec 1 04:16:30 myGitLab cron-apt: CRON-APT LINE: /usr/bin/apt-get -o quiet=1 dist-upgrade -y -o APT::Get::Show-Upgraded=true -o Dir::Etc::sourcelist=/etc/apt/sources.list.d/security.sources.list -o Dir::Etc::sourceparts=nonexistent -o DPkg::Options::=--force-confdef -o DPkg::Options::=--force-confold
Dec 1 04:56:01 myGitLab CRON[78498]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 1 05:56:01 myGitLab CRON[79833]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 1 06:00:01 myGitLab CRON[79919]: (root) CMD (test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly ))
Dec 1 06:13:02 myGitLab CRON[80212]: (root) CMD (test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily ))
Dec 1 06:29:01 myGitLab CRON[80714]: (root) CMD (test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly ))
Dec 1 06:56:01 myGitLab CRON[81318]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 1 07:56:01 myGitLab CRON[82735]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 1 08:56:01 myGitLab CRON[84084]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 1 09:56:01 myGitLab CRON[85443]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 1 10:56:01 myGitLab CRON[86767]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 1 11:56:01 myGitLab CRON[88141]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 1 12:56:01 myGitLab CRON[89514]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 1 13:56:01 myGitLab CRON[90870]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 1 14:56:01 myGitLab CRON[92210]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 1 15:56:01 myGitLab CRON[93584]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 1 16:56:01 myGitLab CRON[94949]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 1 17:56:01 myGitLab CRON[96288]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 1 18:56:01 myGitLab CRON[97649]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 1 19:56:01 myGitLab CRON[99002]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 1 20:56:01 myGitLab CRON[100420]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 1 21:56:01 myGitLab CRON[101754]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 1 22:56:01 myGitLab CRON[103101]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 1 23:56:01 myGitLab CRON[104450]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 2 00:56:01 myGitLab CRON[105799]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 2 01:56:01 myGitLab CRON[107139]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 2 02:56:01 myGitLab CRON[108445]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 2 03:55:01 myGitLab CRON[109793]: (root) CMD (test -e /run/systemd/system || SERVICE_MODE=1 /sbin/e2scrub_all -A -r)
Dec 2 03:55:01 myGitLab CRON[109792]: (root) CMD (test -x /usr/sbin/cron-apt && /usr/sbin/cron-apt)
Dec 2 03:56:01 myGitLab CRON[109829]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 2 04:03:47 myGitLab cron-apt: CRON-APT RUN [/etc/cron-apt/config]: Mon Dec 2 03:55:01 UTC 2024
Dec 2 04:03:47 myGitLab cron-apt: CRON-APT SLEEP: 523, Mon Dec 2 04:03:44 UTC 2024
Dec 2 04:03:47 myGitLab cron-apt: CRON-APT ACTION: 0-update
Dec 2 04:03:47 myGitLab cron-apt: CRON-APT LINE: /usr/bin/apt-get -o quiet=1 update -o quiet=2
Dec 2 04:03:48 myGitLab cron-apt: CRON-APT ACTION: 5-install
Dec 2 04:03:48 myGitLab cron-apt: CRON-APT LINE: /usr/bin/apt-get -o quiet=1 autoclean -y
Dec 2 04:03:55 myGitLab cron-apt: CRON-APT LINE: /usr/bin/apt-get -o quiet=1 dist-upgrade -y -o APT::Get::Show-Upgraded=true -o Dir::Etc::sourcelist=/etc/apt/sources.list.d/security.sources.list -o Dir::Etc::sourceparts=nonexistent -o DPkg::Options::=--force-confdef -o DPkg::Options::=--force-confold
Dec 2 04:56:01 myGitLab CRON[112368]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 2 05:56:01 myGitLab CRON[113718]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 2 06:13:01 myGitLab CRON[114114]: (root) CMD (test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily ))
Dec 2 06:56:02 myGitLab CRON[115218]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 2 07:56:01 myGitLab CRON[116566]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 2 08:56:01 myGitLab CRON[117905]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 2 09:41:34 myGitLab cron[147]: (CRON) INFO (pidfile fd = 3)
Dec 2 09:41:34 myGitLab cron[147]: (CRON) INFO (Running @reboot jobs)
Dec 2 09:56:25 myGitLab cron[104]: (CRON) INFO (pidfile fd = 3)
Dec 2 09:56:25 myGitLab cron[104]: (CRON) INFO (Running @reboot jobs)
Dec 2 10:56:01 myGitLab CRON[5013]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 2 11:56:01 myGitLab CRON[6373]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 2 12:56:01 myGitLab CRON[7779]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 2 13:56:01 myGitLab CRON[9126]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 2 14:56:01 myGitLab CRON[10506]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 2 15:56:01 myGitLab CRON[11962]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 2 16:56:01 myGitLab CRON[13341]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 2 17:56:01 myGitLab CRON[14680]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 2 18:56:01 myGitLab CRON[16056]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 2 19:56:01 myGitLab CRON[17403]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 2 20:56:01 myGitLab CRON[18754]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 2 21:56:01 myGitLab CRON[20125]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 2 22:56:01 myGitLab CRON[21489]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 2 23:56:01 myGitLab CRON[22869]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 3 00:56:01 myGitLab CRON[24270]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 3 01:56:01 myGitLab CRON[25621]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 3 02:56:01 myGitLab CRON[26993]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 3 03:55:01 myGitLab CRON[28329]: (root) CMD (test -e /run/systemd/system || SERVICE_MODE=1 /sbin/e2scrub_all -A -r)
Dec 3 03:55:01 myGitLab CRON[28328]: (root) CMD (test -x /usr/sbin/cron-apt && /usr/sbin/cron-apt)
Dec 3 03:56:01 myGitLab CRON[28365]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 3 04:38:32 myGitLab cron-apt: CRON-APT RUN [/etc/cron-apt/config]: Tue Dec 3 03:55:01 UTC 2024
Dec 3 04:38:32 myGitLab cron-apt: CRON-APT SLEEP: 2607, Tue Dec 3 04:38:28 UTC 2024
Dec 3 04:38:32 myGitLab cron-apt: CRON-APT ACTION: 0-update
Dec 3 04:38:32 myGitLab cron-apt: CRON-APT LINE: /usr/bin/apt-get -o quiet=1 update -o quiet=2
Dec 3 04:38:32 myGitLab cron-apt: CRON-APT ACTION: 5-install
Dec 3 04:38:32 myGitLab cron-apt: CRON-APT LINE: /usr/bin/apt-get -o quiet=1 autoclean -y
Dec 3 04:38:32 myGitLab cron-apt: CRON-APT LINE: /usr/bin/apt-get -o quiet=1 dist-upgrade -y -o APT::Get::Show-Upgraded=true -o Dir::Etc::sourcelist=/etc/apt/sources.list.d/security.sources.list -o Dir::Etc::sourceparts=nonexistent -o DPkg::Options::=--force-confdef -o DPkg::Options::=--force-confold
Dec 3 04:56:01 myGitLab CRON[30105]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 3 05:56:01 myGitLab CRON[31508]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 3 06:13:01 myGitLab CRON[31898]: (root) CMD (test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily ))
Dec 3 06:56:01 myGitLab CRON[32948]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 3 07:56:01 myGitLab CRON[34325]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 3 08:56:01 myGitLab CRON[35686]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 3 09:56:01 myGitLab CRON[37044]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 3 10:56:01 myGitLab CRON[38470]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
At first glance there doesn’t seem to be any activity in the /etc/gitlab/gitlab-secrets.json file, am I wrong?
The LXC container is an entire Debian system with gitlab installed.
So, as far as gitlab is concerned, there are no differences with a system installed on Debian.
A small contribution: I did a new, clean installation, without any registered project, only with the root user from https://hub.docker.com/r/gitlab/gitlab-ee/tags/?name=17.6.1 and error 500 happens when saving a configuration as root here /admin/application_settings/general
Can you share a little more on how GitLab is installed into the Debian LXC container. Is it using the Omnibus packages, source installation, something else, any custom scripts involved?
By default, the Omnibus package installation will create the secrets.json file. You can also re-create it through rotation.
What I can’t understand is that if you search here on the forum, the same problem with OpenSSL::Cipher::CipherError occurs in different versions and apparently for different reasons and the gitlab team didn’t solve it.
So, the community looks for a way to solve it and creates different ways to fix it, which will not necessarily be the solution for everyone.
And worse, with commands that don’t work, such as in my case