I try to containerize my nginx running currently on my server. For this I created the following docker compose file:
version: "3.8"
services:
nginx:
image: nginx:stable-alpine
container_name: nginx
restart: unless-stopped
group_add: ["33"]
volumes:
- "/etc/nginx-docker:/etc/nginx/conf.d:ro"
- "/run/php:/run/php"
- "/var/www:/var/www:ro"
ports:
- "8111:80"
- "8443:443"
Everything works fine but the problem is, that I still have php-fpm's running "natively" (not dockerized) on my host system and I want to use their sockets for my nginx container (hence the line volumes: - "/run/php:/run/php"
).
The sockets' permissions are srw-rw---- www-data:www-data
. Therefore I added the container user to the group 33 (which is www-data on my host system -> group_add: ["33"]
). When I check in the container the group ids, the id 33
is indeed added to the currently logged in user:
/ # id -G
0 1 2 3 4 6 10 11 20 26 27 33
/ # id -u
0
/ # whoami
root
Nonetheless when I call a website powered by PHP I get in the nginx logs following error message:
2024/01/21 08:58:53 [crit] 21#21: *1 connect() to unix:/run/php/php8.2-fpm.sock failed (13: Permission denied) while connecting to upstream, client: 192.168.192.68, server: _, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/run/php/php8.2-fpm.sock:", host: "op---s:8111"
Any hints or solutions what could be missing to make it work?
getenforce
)?