Creating wiki pages causes error 500 / Can't verify CSRF token authenticity

Hi!

I have two installations of GitLab set up on two separate FreeBSD hosts.

Both hosts run FreeBSD 13.0-RELEASE-p4 and GitLab was installed using pkg (pre-compiled binary packages).

The versions of the packages are:

gitlab-agent-14.0.1 gitlab-ce-14.0.5 gitlab-elasticsearch-indexer-2.12.0 gitlab-pages-1.40.0 gitlab-shell-13.19.0 gitlab-workhorse-14.0.5

These GitLab instances both run inside a jail with Nginx as a front-end.

The exact installation procedure is described here:

https://gitlab.fechner.net/mfechner/Gitlab-docu/-/blob/master/install/14.0-freebsd.md

While everything else seems to work fine, trying to create a new wiki page causes error 500.

Inside production.log I can see the following:

Started POST "/alice/alice-api-daemon/-/wikis" for XXX.XXX.XXX.XXX at 2021-09-27 01:00:15 +0000
Processing by Gitlab::RequestForgeryProtection::Controller#index as HTML
Can't verify CSRF token authenticity.
Completed 422 Unprocessable Entity in 1ms (ActiveRecord: 0.0ms | Elasticsearch: 0.0ms | Allocations: 151)
Processing by Projects::WikisController#create as HTML
  Parameters: {"authenticity_token"=>"[FILTERED]", "wiki"=>{"last_commit_sha"=>"", "title"=>"[FILTERED]", "format"=>"
markdown", "content"=>"[FILTERED]", "message"=>"Create home"}, "namespace_id"=>"alice", "project_id"=>"alic
e-api-daemon"}
Completed 500 Internal Server Error in 160ms (ActiveRecord: 2.3ms | Elasticsearch: 0.0ms | Allocations: 9489)

Gitlab::Git::CommandError (14:error reading from server: EOF.):

lib/gitlab/git/wraps_gitaly_errors.rb:15:in `rescue in wrapped_gitaly_errors'
lib/gitlab/git/wraps_gitaly_errors.rb:6:in `wrapped_gitaly_errors'
lib/gitlab/git/wiki.rb:71:in `write_page'
app/models/wiki.rb:174:in `create_page'
app/models/wiki_page.rb:199:in `block in create'
app/models/wiki_page.rb:366:in `save'
app/models/wiki_page.rb:198:in `create'
app/services/wiki_pages/create_service.rb:9:in `execute'
app/controllers/concerns/wiki_actions.rb:123:in `create'
app/controllers/application_controller.rb:487:in `set_current_admin'
lib/gitlab/session.rb:11:in `with_session'
app/controllers/application_controller.rb:478:in `set_session_storage'
lib/gitlab/i18n.rb:99:in `with_locale'
lib/gitlab/i18n.rb:105:in `with_user_locale'
app/controllers/application_controller.rb:472:in `set_locale'
app/controllers/application_controller.rb:466:in `set_current_context'
lib/gitlab/middleware/speedscope.rb:13:in `call'
lib/gitlab/request_profiler/middleware.rb:17:in `call'
lib/gitlab/jira/middleware.rb:19:in `call'
lib/gitlab/middleware/go.rb:20:in `call'
lib/gitlab/etag_caching/middleware.rb:21:in `call'
lib/gitlab/middleware/multipart.rb:172:in `call'
lib/gitlab/middleware/read_only/controller.rb:50:in `call'
lib/gitlab/middleware/read_only.rb:18:in `call'
lib/gitlab/middleware/same_site_cookies.rb:27:in `call'
lib/gitlab/middleware/handle_malformed_strings.rb:21:in `call'
lib/gitlab/middleware/basic_health_check.rb:25:in `call'
lib/gitlab/middleware/handle_ip_spoof_attack_error.rb:25:in `call'
lib/gitlab/middleware/request_context.rb:21:in `call'
config/initializers/fix_local_cache_middleware.rb:11:in `call'
lib/gitlab/middleware/rack_multipart_tempfile_factory.rb:19:in `call'
lib/gitlab/metrics/requests_rack_middleware.rb:74:in `call'
lib/gitlab/middleware/release_env.rb:12:in `call'
Started GET "/favicon.ico" for XXX.XXX.XXX.XXX at 2021-09-27 01:00:15 +0000
Processing by Gitlab::RequestForgeryProtection::Controller#index as HTML
Completed 200 OK in 0ms (ActiveRecord: 0.0ms | Elasticsearch: 0.0ms | Allocations: 85)

I've googled around and found a bunch of GitLab errors that are in some way connected with the CSRF verification, but nothing I saw was helpful in any way.

Any ideas on how to debug this further and hopefully fix it?