From df32104d0070c1a80815f766f96329c8b7f65b02 Mon Sep 17 00:00:00 2001
From: Jeff Culverhouse <jeff@graystorm.com>
Date: Fri, 21 Feb 2025 15:31:50 -0500
Subject: [PATCH] run as non root

---
 Dockerfile | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index de276fe..ec7d5cd 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -14,4 +14,12 @@ COPY src /app
 COPY VERSION /app
 WORKDIR /app
 
+ARG USER_ID=1000
+ARG GROUP_ID=1000
+
+RUN addgroup --gid $GROUP_ID appuser && \
+    adduser --uid $USER_ID --gid $GROUP_ID --disabled-password --gecos "" appuser
+
+USER appuser
+
 CMD [ "python", "-u", "/app/amcrest2mqtt.py" ]