From 42d4c6fd4cd15fac61662d416289e10baa05bbba Mon Sep 17 00:00:00 2001
From: Vylyne <94922829+Vylyne@users.noreply.github.com>
Date: Wed, 1 Oct 2025 14:20:21 -0400
Subject: [PATCH] Moved to a non-root model. - Added buildargs to specify the
 User ID and Group IDs. - entrypoint now defaults to running as 1000:1000
 rather then 0:0.

---
 Dockerfile | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 816bdd3c3..ce277b0c9 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -25,7 +25,7 @@ RUN apk add --no-cache --update \
   unzip
 
 WORKDIR /server
-COPY index.js package* /server
+COPY index.js package* /server/
 COPY /server /server/server
 
 RUN case "$TARGETPLATFORM" in \
@@ -50,7 +50,14 @@ ARG NUSQLITE3_PATH
 RUN apk add --no-cache --update \
   tzdata \
   ffmpeg \
-  tini
+  tini \
+  shadow \
+  && groupmod -g ${PGID} -n audiobookshelf node\
+  && usermod -u ${PUID} -l audiobookshelf -d /home/audiobookshelf -m node \
+  && apk del shadow \
+  && mkdir -p /config /metadata \
+  && chown -R audiobookshelf:audiobookshelf /config /metadata \
+  && chmod a=rwx /config /metadata
 
 WORKDIR /app