diff --git a/.drone.yml b/.drone.yml
index 2b1dac9..19ce879 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -32,13 +32,16 @@ steps:
   - name: docker-build-validate
     image: gcr.io/kaniko-project/executor:v1.23.2-debug
     commands:
-      - /kaniko/executor --context "${DRONE_WORKSPACE}" --dockerfile "${DRONE_WORKSPACE}/Dockerfile" --no-push --destination xteve:validate --build-arg TARGETOS=linux --build-arg TARGETARCH=amd64
+      - /kaniko/executor --context "${DRONE_WORKSPACE}" --dockerfile "${DRONE_WORKSPACE}/Dockerfile" --no-push --destination xteve:validate --build-arg TARGETOS=linux --build-arg TARGETARCH=amd64 --build-arg XTEVE_UID=1000 --build-arg XTEVE_GID=1000
     when:
       event:
         - pull_request
 
   - name: docker-publish
     image: plugins/docker
+    environment:
+      XTEVE_UID: "1000"
+      XTEVE_GID: "1000"
     settings:
       registry: registry.coadcorp.com
       repo: registry.coadcorp.com/nathan/xteve
@@ -52,6 +55,9 @@ steps:
       build_args:
         - TARGETOS=linux
         - TARGETARCH=amd64
+      build_args_from_env:
+        - XTEVE_UID
+        - XTEVE_GID
     when:
       event:
         - push
diff --git a/Dockerfile b/Dockerfile
index 935b0f4..8e849d5 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -23,9 +23,12 @@ FROM mwader/static-ffmpeg:latest AS ffmpeg
 
 FROM alpine:3.23
 
+ARG XTEVE_UID=1000
+ARG XTEVE_GID=1000
+
 RUN apk add --no-cache ca-certificates tzdata \
-  && addgroup -S xteve \
-  && adduser -S -G xteve xteve \
+  && addgroup -S -g "${XTEVE_GID}" xteve \
+  && adduser -S -D -H -u "${XTEVE_UID}" -G xteve xteve \
   && mkdir -p /xteve/config \
   && chown -R xteve:xteve /xteve
 
diff --git a/docker-compose.host.yml b/docker-compose.host.yml
index fee6a00..eb58f26 100644
--- a/docker-compose.host.yml
+++ b/docker-compose.host.yml
@@ -3,11 +3,16 @@ services:
     build:
       context: .
       dockerfile: Dockerfile
+      args:
+        XTEVE_UID: ${XTEVE_UID:-1000}
+        XTEVE_GID: ${XTEVE_GID:-1000}
     container_name: xteve
     restart: unless-stopped
     network_mode: host
     environment:
       XTEVE_CONFIG: /xteve/config
       XTEVE_PORT: "34400"
+      XTEVE_UID: ${XTEVE_UID:-1000}
+      XTEVE_GID: ${XTEVE_GID:-1000}
     volumes:
       - ./docker-data/config:/xteve/config
diff --git a/docker-compose.yml b/docker-compose.yml
index 4649620..bf25840 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -3,11 +3,16 @@ services:
     build:
       context: .
       dockerfile: Dockerfile
+      args:
+        XTEVE_UID: ${XTEVE_UID:-1000}
+        XTEVE_GID: ${XTEVE_GID:-1000}
     container_name: xteve
     restart: unless-stopped
     environment:
       XTEVE_CONFIG: /xteve/config
       XTEVE_PORT: "34400"
+      XTEVE_UID: ${XTEVE_UID:-1000}
+      XTEVE_GID: ${XTEVE_GID:-1000}
     ports:
       - "34400:34400/tcp"
       - "1900:1900/udp"
diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh
index b45bb7b..58280b2 100755
--- a/docker/entrypoint.sh
+++ b/docker/entrypoint.sh
@@ -81,12 +81,15 @@ fi
 
 if ! touch "${CONFIG_DIR}/.xteve-write-test" 2>/dev/null; then
   echo "[entrypoint] ERROR: Config directory is not writable: ${CONFIG_DIR}" >&2
+  echo "[entrypoint] Running as UID:GID $(id -u):$(id -g)" >&2
   ls -ld "${CONFIG_DIR}" >&2 || true
+  echo "[entrypoint] Hint: ensure host path ownership/permissions allow this UID:GID to write, or set matching container UID/GID at build time." >&2
   exit 1
 fi
 rm -f "${CONFIG_DIR}/.xteve-write-test"
 
 echo "[entrypoint] Using config directory: ${CONFIG_DIR}"
+echo "[entrypoint] Running as UID:GID $(id -u):$(id -g)"
 if [ -f "${CONFIG_DIR}/settings.json" ]; then
   echo "[entrypoint] settings.json details: $(ls -l "${CONFIG_DIR}/settings.json" | awk '{print $1, $3, $4, $5, $9}')"
 fi