From 1011213c065fd3cfcb18e972814ae919190da6bf Mon Sep 17 00:00:00 2001
From: "Adrian A. Baumann" <ade@adebaumann.com>
Date: Fri, 5 Dec 2025 23:06:24 +0100
Subject: [PATCH] Run Docker container as non-root user with uid 1000

---
 Dockerfile | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index c6791ed..5ff9ae4 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -13,10 +13,17 @@ WORKDIR /app
 COPY thinkcenter_monitor.sh /app/thinkcenter_monitor.sh
 
 # Create log directory
-RUN mkdir -p /var/log
+RUN mkdir -p /var/log && chmod 755 /var/log
 
 # Make script executable
 RUN chmod +x /app/thinkcenter_monitor.sh
 
+# Create a non-root user with uid 1000
+RUN adduser -u 1000 -s /sbin/nologin -D appuser && \
+    chown -R appuser:appuser /app
+
+# Switch to non-root user
+USER appuser
+
 # Set the entrypoint
 CMD ["/app/thinkcenter_monitor.sh"]