diff --git a/Dockerfile b/Dockerfile
index 18643e0..57ebfa5 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -10,12 +10,13 @@ RUN CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o main ./cmd/server
 
 FROM alpine:latest
 RUN apk --no-cache add ca-certificates
-
+RUN addgroup -S nonroot \
+    && adduser -S nonroot -G nonroot
 WORKDIR /app
 COPY --from=builder /app/main .
 COPY --from=builder /app/internal/web ./internal/web
 COPY --from=builder /app/certs ./certs
-
+USER nonroot
 EXPOSE 8080
 
 CMD ["./main"]