diff --git a/Dockerfile b/Dockerfile
index 64e5ea98..821125ba 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -28,7 +28,7 @@ ENV TZ=UTC \
 RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections \
     && apt-get update -qq \
     && apt-get install -qq -y --no-install-recommends \
-       apt-transport-https ca-certificates apt-utils gnupg gnupg2 libgconf-2-4 zlib1g-dev \
+       apt-transport-https ca-certificates apt-utils gnupg gosu gnupg2 libgconf-2-4 zlib1g-dev \
        dumb-init jq git wget curl youtube-dl ffmpeg \
     && curl -sSL "https://dl.google.com/linux/linux_signing_key.pub" | apt-key add - \
     && echo "deb https://dl.google.com/linux/chrome/deb/ stable main" > /etc/apt/sources.list.d/google-chrome.list \
@@ -58,12 +58,9 @@ RUN python -m venv --clear --symlinks "$VENV_PATH" \
 
 VOLUME "$DATA_PATH"
 WORKDIR "$DATA_PATH"
-USER archivebox:archivebox
 EXPOSE 8000
 ENV CHROME_BINARY=google-chrome \
     CHROME_SANDBOX=False
 
-RUN archivebox version
-
-ENTRYPOINT ["dumb-init", "--", "archivebox"]
+ENTRYPOINT ["dumb-init", "--", "/app/bin/entrypoint.sh", "archivebox"]
 CMD ["server", "0.0.0.0:8000"]
diff --git a/bin/entrypoint.sh b/bin/entrypoint.sh
new file mode 100755
index 00000000..193f5f1b
--- /dev/null
+++ b/bin/entrypoint.sh
@@ -0,0 +1,18 @@
+#!/bin/bash
+
+# detect userid:groupid of contents of data folder
+DATA_DIR="${DATA_DIR:-/data}"
+ARCHIVEBOX_USER="${ARCHIVEBOX_USER:-archivebox}"
+
+# Autodetect UID and GID of host user based on ownership of files in the volume
+USID=$(stat --format="%u" "$DATA_DIR")
+GRID=$(stat --format="%g" "$DATA_DIR")
+COMMAND="$@"
+
+# run django as the host user's uid:gid so that any files touched have the same permissions as outside the container
+# e.g. ./manage.py runserver
+
+chown "$USID":"$GRID" "$DATA_DIR"
+usermod -u $USID $ARCHIVEBOX_USER
+groupmod -g $GRID $ARCHIVEBOX_USER
+gosu $ARCHIVEBOX_USER bash -c "$COMMAND"
\ No newline at end of file