I was exactly in the same situation. I really struggled to understand.
I struggled so much that I decided to make my solution public because in the world of DevOps, I can't imagine not being able to run a service in container mode.
You need:
to mount same volume path in your host and in your agent
installation Docker in your image
Mount your socket docker in your Docker (take attention to your security)
Build a image to auto detect and adjust group for find security to access at your docker socket
There is a lot a thing.
So I published my solution here: