Docker compose nginx permissions problem using fedora and podman

I am trying to create a boilerplate project with docker, php & nginx.

After I run build & up commands, I’m trying to access localhos:8080 (my exposed port on nginx), but I get this error in logs:

[crit] 24#24: *1 open() "/var/www/app/public/" failed (13: Permission
denied), client: 127.0.0.1, server: api.boilerplate.local, request:
"GET / HTTP/1.1", host: "localhost:8080" 2020/11/21 [error] 24#24: *1
connect() failed (111: Connection refused) while connecting to
upstream, client: 127.0.0.1, server: api.boilerplate.local, request:
"GET / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9001", host:
"localhost:8080"

This is my docker-compose.yml:

version: "3.8"
services:
  db:
    image: mysql
    command: ["--default-authentication-plugin=mysql_native_password"]
    restart: unless-stopped
    ports:
      - 3306:3306
    env_file:
      - ${PATH_CORE}/.env
    volumes:
      - mysql:/var/lib/mysql
    networks:
      - backend

  api:
    build: ${PATH_CORE}/docker/api
    restart: unless-stopped
    depends_on:
      - db
    env_file:
      - ${PATH_CORE}/.env
    volumes:
      - ${PATH_CORE}:/var/www/app
    networks:
      - backend
      - frontend

  nginx:
    build: ${PATH_CORE}/docker/nginx
    restart: unless-stopped
    depends_on:
      - api
    ports:
      - 8080:80
    volumes:
      - ${PATH_CORE}/public:/var/www/app/public
    networks:
      - backend

volumes:
  mysql:

networks:
  frontend:
  backend:

This is my nginx Dockerfile:

FROM nginx:alpine

COPY nginx.conf /etc/nginx/
COPY default.conf /etc/nginx/conf.d/default.conf

RUN apk add shadow && set -x && usermod -u 1000 nginx && groupmod -g 1000 nginx

WORKDIR /etc/nginx/

EXPOSE 80 443

And default.conf file:

server {
    listen 80;
    server_name api.boilerplate.local;
    root /var/www/app/public;

    location / {
        try_files $uri @rewriteapp;
    }

    location @rewriteapp {
        rewrite ^(.*)$ /index.php/$1 last;
    }

    location ~ ^/index.php(/|$) {
        fastcgi_pass api:9001;
        fastcgi_split_path_info ^(.+.php)(/.*)$;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param HTTPS off;
        internal;

    }

    # return 404 for all other php files not matching the front controller
    # this prevents access to other php files you don't want to be accessible.
    location ~ .php$ {
     return 404;
    }

    error_log /var/log/nginx/error.log;
    access_log /var/log/nginx/access.log;
}

What do I do wrong?

PS: I’m using Fedora and podman

Source: Docker Questions