It happened after secrets file was lost during GitLab upgrade.
The case described in documentation When the secrets file is lost
But not completely clear.
From log file /var/log/gitlab/gitlab-rails/production.log
:
Started PATCH "/admin/application_settings" for ::1 at 2019-08-01 17:14:35 +0200
Processing by Admin::ApplicationSettingsController#update as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"[FILTERED]", "application_setting"=>{"allow_local_requests_from_hooks_and_services"=>"[FILTERED]"}}
Completed 500 Internal Server Error in 47ms (ActiveRecord: 20.2ms)
OpenSSL::Cipher::CipherError ():
lib/gitlab/crypto_helper.rb:27:in `aes256_gcm_decrypt'
app/models/concerns/token_authenticatable_strategies/encrypted.rb:55:in `get_token'
app/models/concerns/token_authenticatable_strategies/base.rb:27:in `ensure_token'
app/models/concerns/token_authenticatable_strategies/encrypted.rb:42:in `ensure_token'
app/models/concerns/token_authenticatable.rb:38:in `block in add_authentication_token_field'
app/services/application_settings/update_service.rb:18:in `execute'
app/controllers/admin/application_settings_controller.rb:40:in `update'
Issue reported on bug tracker (I just found it)
Getting 500 Internal error on /admin/application_settings after Gitlab upgrade [11.5.2->11.6.2]
Solution has been provided in one of the comments:
sudo gitlab-rails c
-------------------------------------------------------------------------------------
GitLab: 11.7.0 (1d9280e)
GitLab Shell: 8.4.4
postgresql: 9.6.11
-------------------------------------------------------------------------------------
Loading production environment (Rails 5.0.7.1)
irb(main):001:0>
irb(main):002:0>
irb(main):003:0> settings = ApplicationSetting.last
......
irb(main):004:0> settings.update_column(:runners_registration_token_encrypted, nil)
=> true
irb(main):005:0> exit
gitlab-ctl restart
Started PATCH "/admin/application_settings" for ::1 at 2019-08-01 17:52:17 +0200
Processing by Admin::ApplicationSettingsController#update as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"[FILTERED]", "application_setting"=>{"allow_local_requests_from_hooks_and_services"=>"[FILTERED]"}}
Redirected to https://gitlab.company.com/admin/application_settings/network
Completed 302 Found in 64ms (ActiveRecord: 25.9ms)
ref gitlab doc: When the secrets file is lost