Hi,
I am having issues setting up docker image to work with external nginx service.
My gitlab.rb contains
external_url 'https://g.domain.com'
web_server['external_users'] = ['nginx']
nginx['enable'] = false
Also I exposed the gitlab-workhorse unix-socket as volume for the container.
/var/opt/gitlab/gitlab-workhorse:/var/opt/gitlab/gitlab-workhorse
The external nginx config has
upstream gitlab-workhorse {
server unix:/var/opt/gitlab/gitlab-workhorse/socket fail_timeout=0;
}
My container starts as usual but nginx receives
==> /var/log/nginx/gitlab_error.log <==
2018/01/27 13:32:07 [crit] 18254#0: *18 connect() to unix:/var/opt/gitlab/gitlab-workhorse/socket failed (13: Permission denied) while connecting to upstream, client: X.X.X.X, server: g.domain.com, request: "GET /favicon.ico HTTP/1.1", upstream: "http://unix:/var/opt/gitlab/gitlab-workhorse/socket:/favicon.ico", host: "g.domain.com", referrer: "https://g.domain.com/"
I checked the socket permissions in the container and it uses uid and gid 998 (git user), and when is exported by docker is set to chrony:input gid and uid 998.
I tried to change the effective user for nginx workers but is not switching to chrony user.
Is there anything I can do to allow the connection to that unix socket ?
Can someone please help me with some options
Regards