diff --git a/Dockerfile b/Dockerfile
index 0cce97746f0342985bc0133c43d30ff25d1f6c84..25f207a90312c5a750996e1b8f53c676fc42840e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,12 +1,18 @@
 FROM python:3.10-slim-bullseye AS base
 
-ENV PYTHONDONTWRITEBYTECODE 1
+ENV AURA_UID=2872
+ENV POETRY_CACHE_DIR=/app/.cache
+ENV POETRY_HOME=/opt/poetry
+ENV PYTHONDONTWRITEBYTECODE=1
 ENV PYTHONUNBUFFERED=1
+ENV PATH="${POETRY_HOME}/bin:${PATH}"
 
-WORKDIR /steering
-COPY poetry.lock pyproject.toml ./
+WORKDIR /app
+
+COPY poetry.lock pyproject.toml /app/
 
 RUN apt-get update && apt-get install -y curl gcc graphviz ldap-utils libldap2-dev libmagic1 libsasl2-dev
+RUN python -m venv ${POETRY_HOME}
 RUN pip install poetry==1.3.2
 RUN poetry install
 
@@ -14,11 +20,19 @@ EXPOSE 8000
 
 FROM base AS dev
 
-VOLUME ["/steering"]
-CMD ["poetry", "run", "python", "manage.py", "runserver", "0.0.0.0:8000"]
+COPY . .
+
+VOLUME ["/app"]
 
+RUN adduser --home /app --no-create-home --system --uid ${AURA_UID} --group app
+RUN chown -R app:app /app
+
+USER app
+
+CMD ["poetry", "run", "python", "manage.py", "runserver", "0.0.0.0:8000"]
 
 FROM base AS prod
 
 COPY . .
+
 CMD ["sh", "-c", "poetry run gunicorn --bind 0.0.0.0:8000 --workers $(nproc) steering.wsgi"]