Mattermost (standalone) authentication via Gitlab SSO

Question

I have a self-hosted Mattermost Team Edition v9.0.0 using docker-compose, and I am trying to activate authentication via Gitlab SSO.
My Gitlab is also a self-hosted v16.3.3 instance running on a docker container and login is via LDAP.
Both Mattermost and Gitlab instances run behind my Apache reverse proxy which handles SSL connections.
I am not using the Gitlab Mattermost package (https://docs.gitlab.com/ee/integration/mattermost/), I have a standalone instance.

I followed this documentation: https://docs.mattermost.com/onboard/sso-gitlab.html to configure the Gitlab SSO. When I try to login on Mattermost via Gitlab, I first get on the Gitlab instance login page, I enter my LDAP credentials, and then I hit this error (screenshot + log):

mattermost-mattermost-1  | error [2023-09-18 13:05:53.145 +02:00] Token request failed. 
     caller="web/context.go:117" path=/signup/gitlab/complete request_id=snbmdzh9338hppumcnuaxnwknc ip_addr=192.168.240.1 user_id= method=GET err_where=AuthorizeOAuthUser http_code=500 error="AuthorizeOAuthUser: token request failed, Post "https://gitlab.company.url/oauth/token": dial tcp <external_ip>:443: i/o timeout"

I tried setting "Enable Insecure Outgoing Connections" to true in Mattermost, but I still get this issue.

Is it even possible to have separate instances of mattermost and gitlab and still be able to use gitlab as SSO ?

Here are the relevant configurations: Gitlab docker:

version: '3.6'
services:
  web:
    image: 'gitlab/gitlab-ce:latest'
    restart: always
    hostname: 'gitlab.company.url'
    environment:
      GITLAB_OMNIBUS_CONFIG: |
        external_url 'http://gitlab.company.url:8282'
        gitlab_rails['gitlab_shell_ssh_port'] = 2224
        gitlab_rails['ldap_enabled'] = true
        gitlab_rails['prevent_ldap_sign_in'] = false
        gitlab_rails['ldap_servers'] = YAML.load <<-'EOS'
          main: # 'main' is the GitLab 'provider ID' of this LDAP server
            label: 'DSIMB LDAP'
            host: '10.93.167.19'
            port: 389
            uid: 'uid'
            encryption: 'plain' # "start_tls" or "simple_tls" or "plain"
            allow_username_or_email_login: true
            lowercase_usernames: false
            block_auto_created_users: false
            base: 'ou=Users,dc=dsimb,dc=inserm,dc=fr'
            user_filter: '(objectClass=posixAccount)'
        EOS
    ports:
      - '8282:8282'
      - '2224:22'
    volumes:
      - '$GITLAB_HOME/config:/etc/gitlab'
      - '$GITLAB_HOME/logs:/var/log/gitlab'
      - '$GITLAB_HOME/data:/var/opt/gitlab'
    shm_size: '256m'

Gitlab application:

• Callback URL:

https://mattermost.company.url/signup/gitlab/complete
https://mattermost.company.url/login/gitlab/complete

• Trusted: Yes
• Confidential: Yes
• Scopes: read_user

In Mattermost, Gitlab Authentication section:

GitLab Site URL: https://gitlab.company.url  
User API Endpoint: https://gitlab.company.url/api/v4/user  
Auth Endpoint: https://gitlab.company.url/oauth/authorize  
Token Endpoint: https://gitlab.company.url/oauth/token