I want to share
php-fpm.sock between nginx and PHP. The way I’ve done this right now is like so:
services: nginx: build: context: . dockerfile: docker/nginx.docker ports: - '8080:80' volumes: - type: volume source: php_fpm_sock target: /mnt/sock consistency: delegated read_only: true volume: nocopy: true links: - php php: build: context: . dockerfile: docker/php.docker links: - mariadb env_file: .env volumes: - type: volume source: php_fpm_sock target: /mnt/sock consistency: delegated read_only: false volume: nocopy: true volumes: php_fpm_sock:
i.e. I’ve moved the sock file from its usual location (
/mnt/sock because I can’t figure out how to mount a single file and I don’t want to mount the whole
Secondly, I’ve configured php-fpm as:
[www] listen = /mnt/sock/php-fpm ;listen.owner = www-data ;listen.group = nginx ; php-fpm runs as `www-data`, nginx runs as `nginx` listen.mode = 0664
i.e., I’ve given “other” full read privileges because the
nginx user group doesn’t exist in the php-fpm container so I don’t know how else I can give permissions to just nginx.
This all feels pretty hacky. So my questions are:
- How can I share just the sock file between these two containers so that I can move the sock file back to
- How can I fix the read permissions on this file so that only nginx can read it? i.e. how can share linux user accounts across containers?