hosting page as root is a bad idea even in docker

Dockerfile

@@ -12,10 +12,6 @@ COPY requirements.txt /tmp/requirements.txt
 RUN pip install --upgrade pip
 RUN pip install --no-cache-dir -r /tmp/requirements.txt
 
-RUN mkdir ~/.ssh
-RUN echo "Host *" >> ~/.ssh/config
-RUN echo "StrictHostKeyChecking no" >> ~/.ssh/config
-
 # URL under which static (not modified by Python) files will be requested
 # They will be served by Nginx directly, without being handled by uWSGI
 ENV STATIC_URL /static
@@ -33,14 +29,15 @@ WORKDIR /app
 # Make /app/* available to be imported by Python globally to better support several use cases like Alembic migrations.
 ENV PYTHONPATH=/app
 
-# Move the base entrypoint to reuse it
-#RUN mv /entrypoint.sh /uwsgi-nginx-entrypoint.sh
-# Copy the entrypoint that will generate Nginx additional configs
-#COPY entrypoint.sh /entrypoint.sh
-#RUN chmod +x /entrypoint.sh
-
-#ENTRYPOINT ["/entrypoint.sh"]
+# Create a group and user
+ENV USER="appuser"
+ENV GROUP="appgroup"
+RUN addgroup -S $GROUP
+RUN adduser -D $USER -S $USER -G $GROUP
 
+# Change owner of the process
+RUN chown -R $USER:$GROUP /app
+USER appuser
 # Run the start script provided by the parent image tiangolo/uwsgi-nginx.
 # It will check for an /app/prestart.sh script (e.g. for migrations)
 # And then will start Supervisor, which in turn will start Nginx and uWSGI