Add entrypoint script to fix volume permissions at runtime

Dockerfile

@@ -37,11 +37,15 @@ ENV DATA_DIR=/app/data
 ENV NODE_ENV=production
 ENV PORT=80
 
-# Switch to non-root user
-USER node
+# Create startup script to fix volume permissions
+RUN echo '#!/bin/sh\nchown -R node:node /app/data\nchmod 755 /app/data\nexec su-exec node "$@"' > /entrypoint.sh && chmod +x /entrypoint.sh
+
+# Install su-exec for user switching
+RUN apk add --no-cache su-exec
 
 EXPOSE 80
 HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
   CMD curl -fsS http://localhost/api/health >/dev/null || exit 1
 
+ENTRYPOINT ["/entrypoint.sh"]
 CMD ["npm", "start"]

server/index.js

@@ -82,11 +82,18 @@ if (process.env.NODE_ENV === 'production') {
   app.use(express.static(staticPath));
 }
 
-// Ensure data directory exists
+// Ensure data directory exists with proper permissions
 async function ensureDataDir() {
   try {
     await fs.mkdir(DATA_DIR, { recursive: true });
-    console.log(`📁 Data directory ready: ${DATA_DIR}`);
+    
+    // Fix permissions for volume-mounted directory
+    try {
+      await fs.chmod(DATA_DIR, 0o755);
+      console.log(`📁 Data directory ready: ${DATA_DIR}`);
+    } catch (permErr) {
+      console.warn('Could not set directory permissions:', permErr.message);
+    }
   } catch (err) {
     console.error('Failed to create data directory:', err.message);
   }