Docker使用fedora和podman解决nginx权限问题

我正试图用docker、php&nginx。

在我运行build&up命令，我试图访问localhos:8080(我在nginx上暴露的端口(，但我在日志中得到了这个错误：

[crit]24#24:*1打开(("var/www/app/public/"；失败(13:权限拒绝(，客户端：127.0.0.1，服务器：api.boilerplate.local，请求："GET/HTTP/1.1"；，主机："；localhost:8080"；2020/11/21[错误]24#24:*1connect((在连接到时失败(111:连接被拒绝(上游，客户端：127.0.0.1，服务器：api.boilerplate.local，请求："GET/HTTP/1.1"；，上游："；fastcgi://127.0.0.1:9001"，主机："localhost:8080"；

这是我的docker-compose.yml:

version: "3.8"
services:
db:
image: mysql
command: ["--default-authentication-plugin=mysql_native_password"]
restart: unless-stopped
ports:
- 3306:3306
env_file:
- ${PATH_CORE}/.env
volumes:
- mysql:/var/lib/mysql
networks:
- backend
api:
build: ${PATH_CORE}/docker/api
restart: unless-stopped
depends_on:
- db
env_file:
- ${PATH_CORE}/.env
volumes:
- ${PATH_CORE}:/var/www/app
networks:
- backend
- frontend
nginx:
build: ${PATH_CORE}/docker/nginx
restart: unless-stopped
depends_on:
- api
ports:
- 8080:80
volumes:
- ${PATH_CORE}/public:/var/www/app/public
networks:
- backend
volumes:
mysql:
networks:
frontend:
backend:

这是我的nginx Dockerfile:

FROM nginx:alpine
COPY nginx.conf /etc/nginx/
COPY default.conf /etc/nginx/conf.d/default.conf
RUN apk add shadow && set -x && usermod -u 1000 nginx && groupmod -g 1000 nginx
WORKDIR /etc/nginx/
EXPOSE 80 443

和default.conf文件：

server {
listen 80;
server_name api.boilerplate.local;
root /var/www/app/public;
location / {
try_files $uri @rewriteapp;
}
location @rewriteapp {
rewrite ^(.*)$ /index.php/$1 last;
}
location ~ ^/index.php(/|$) {
fastcgi_pass api:9001;
fastcgi_split_path_info ^(.+.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTPS off;
internal;
}
# return 404 for all other php files not matching the front controller
# this prevents access to other php files you don't want to be accessible.
location ~ .php$ {
return 404;
}
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
}

我做错了什么？

附言：我用的是Fedora和podman