diff --git a/Dockerfile b/Dockerfile
index a2f380d..29243f9 100755
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,23 +1,29 @@
 # Use an official Python runtime as a parent image
 FROM python:3.12-slim
 
+# Install system dependencies and gosu for user switching
+RUN apt-get update && apt-get install -y git ffmpeg gosu && \
+    rm -rf /var/lib/apt/lists/*
+
 # Set the working directory in the container
 WORKDIR /app
 
-# Install git
-RUN apt-get update && apt-get install -y git ffmpeg
-
 # Copy the requirements file into the container
 COPY requirements.txt .
 
-# Install any needed packages specified in requirements.txt
+# Install Python dependencies
 RUN pip install --no-cache-dir -r requirements.txt
 
-# Copy the current directory contents into the container at /app
+# Copy application code
 COPY . .
 
-# Make port 5000 available to the world outside this container
+# Copy entrypoint script and make it executable
+COPY entrypoint.sh /entrypoint.sh
+RUN chmod +x /entrypoint.sh
+
+# Expose the application port
 EXPOSE 7171
 
-# Run app.py when the container launches
+# Set entrypoint to handle user permission setup
+ENTRYPOINT ["/entrypoint.sh"]
 CMD ["python", "app.py"]
\ No newline at end of file
diff --git a/entrypoint.sh b/entrypoint.sh
new file mode 100644
index 0000000..15df7ac
--- /dev/null
+++ b/entrypoint.sh
@@ -0,0 +1,35 @@
+    #!/bin/bash
+set -e
+
+# Check if both PUID and PGID are not set
+if [ -z "${PUID}" ] && [ -z "${PGID}" ]; then
+    # Run as root directly
+    exec "$@"
+else
+    # Verify both PUID and PGID are set
+    if [ -z "${PUID}" ] || [ -z "${PGID}" ]; then
+        echo "ERROR: Must supply both PUID and PGID or neither"
+        exit 1
+    fi
+
+    # Check for root user request
+    if [ "${PUID}" -eq 0 ] && [ "${PGID}" -eq 0 ]; then
+        exec "$@"
+    else
+        # Create group if it doesn't exist
+        if ! getent group appgroup >/dev/null; then
+            groupadd -g "${PGID}" appgroup
+        fi
+
+        # Create user if it doesn't exist
+        if ! id appuser >/dev/null 2>&1; then
+            useradd -u "${PUID}" -g appgroup -d /app appuser
+        fi
+
+        # Ensure proper permissions
+        chown -R appuser:appgroup /app
+
+        # Run as specified user
+        exec gosu appuser "$@"
+    fi
+fi
\ No newline at end of file