diff --git a/docker/production/Dockerfile b/docker/production/Dockerfile
index 05a898c78..e3fdad3f2 100644
--- a/docker/production/Dockerfile
+++ b/docker/production/Dockerfile
@@ -48,19 +48,25 @@ LABEL org.opencontainers.image.title="mobilizon" \
     org.opencontainers.image.revision=$VCS_REF \
     org.opencontainers.image.created=$BUILD_DATE
 
-RUN apk add --no-cache openssl ca-certificates ncurses-libs file postgresql-client libgcc libstdc++ imagemagick python3 py3-pip py3-pillow py3-cffi py3-brotli gcc musl-dev python3-dev pango libxslt-dev
+RUN apk add --no-cache bash openssl ca-certificates ncurses-libs file postgresql-client libgcc libstdc++ imagemagick python3 py3-pip py3-pillow py3-cffi py3-brotli gcc musl-dev python3-dev pango libxslt-dev
 RUN pip install weasyprint pyexcel-ods3
 
-RUN mkdir -p /app/uploads && chown nobody:nobody /app/uploads
-RUN mkdir -p /etc/mobilizon && chown nobody:nobody /etc/mobilizon
+RUN adduser -h /home/user -s /bin/bash user && addgroup user user
+RUN mkdir -p /var/lib/mobilizon/uploads && chown user:user /var/lib/mobilizon/uploads
+RUN mkdir -p /etc/mobilizon && chown user:user /etc/mobilizon
 
-USER nobody
+USER user
 EXPOSE 4000
 
 ENV MOBILIZON_DOCKER=true
 
-COPY --from=builder --chown=nobody:nobody _build/prod/rel/mobilizon ./
+COPY --from=builder --chown=user:user _build/prod/rel/mobilizon ./
 RUN cp /releases/*/runtime.exs /etc/mobilizon/config.exs
 COPY docker/production/docker-entrypoint.sh ./
 
+VOLUME /var/lib/mobilizon/uploads
+VOLUME /etc/mobilizon/config.exs:ro
+VOLUME /var/lib/mobilizon/geo_db/GeoLite2-City.mmdb
+
 ENTRYPOINT ["./docker-entrypoint.sh"]
+CMD "/bin/mobilizon start"
diff --git a/docker/production/docker-entrypoint.sh b/docker/production/docker-entrypoint.sh
index 1d7a7a7f3..8c22ad327 100755
--- a/docker/production/docker-entrypoint.sh
+++ b/docker/production/docker-entrypoint.sh
@@ -1,8 +1,12 @@
-#!/bin/sh
+#!/bin/bash
 
 set -e
 
-echo "-- Waiting for database..."
+USER_ID=${LOCAL_USER_ID:-9001}
+
+echo "[ENTRYPOINT] Starting with UID : $USER_ID"
+
+echo "[ENTRYPOINT] -- Waiting for database..."
 while ! pg_isready -U ${MOBILIZON_DATABASE_USERNAME} -d postgres://${MOBILIZON_DATABASE_HOST}:5432/${MOBILIZON_DATABASE_DBNAME} -t 1; do
    sleep 1s
 done
@@ -10,8 +14,8 @@ done
 PGPASSWORD=$MOBILIZON_DATABASE_PASSWORD psql -U $MOBILIZON_DATABASE_USERNAME -d $MOBILIZON_DATABASE_DBNAME -h $MOBILIZON_DATABASE_HOST -c 'CREATE EXTENSION IF NOT EXISTS pg_trgm;'
 PGPASSWORD=$MOBILIZON_DATABASE_PASSWORD psql -U $MOBILIZON_DATABASE_USERNAME -d $MOBILIZON_DATABASE_DBNAME -h $MOBILIZON_DATABASE_HOST -c 'CREATE EXTENSION IF NOT EXISTS unaccent;'
 
-echo "-- Running migrations..."
-/bin/mobilizon_ctl migrate
+echo "[ENTRYPOINT] -- Running migrations..."
+exec su user -c "/bin/mobilizon_ctl migrate"
 
-echo "-- Starting!"
-exec /bin/mobilizon start
\ No newline at end of file
+echo "[ENTRYPOINT] -- Starting!"
+exec su user -c "$@"
\ No newline at end of file