This header is required for rails to recognize the connection is encrypted and send the _gitlab_session cookie.
155e8cab (gitlab/nginx: link config in new location, 2021-11-21) moved the default location for the nginx config to match upstream. Because in already deployed setups, the config is missing, the entrypoint will copy the default gitlab nginx config to the new location. This file was missing the required header, resulting in a 422 unprocessible entity error when trying to login, because the session cookie is missing.
Add the X-Forwarded-Ssl header to the default nginx config to address that.