dockerfile fixes for running as non-root user

Dockerfile

@@ -42,13 +42,9 @@ RUN apt-get update -y \
     && apt-get autoremove --yes \
     && rm -rf /var/lib/apt/lists/*
 
-# For debug shells, quality of life and OS timezone setting (UTC)
-RUN printf "\n. /etc/profile\n" >> /root/.profile
-RUN printf "\n. /etc/profile\n" >> /root/.bashrc
-RUN printf "\nset mouse=\n" >> /usr/share/vim/vim82/defaults.vim
+# OS timezone setting (UTC)
 RUN echo "UTC" > /etc/timezone
 ENV TZ=UTC
-ENV ENV="/etc/profile"
 
 # Poetry for Python packages
 RUN curl -sSL https://install.python-poetry.org | POETRY_HOME=/usr/local/poetry python3 - --yes \
@@ -57,27 +53,33 @@ RUN curl -sSL https://install.python-poetry.org | POETRY_HOME=/usr/local/poetry
     && poetry config virtualenvs.create false \
     && poetry config virtualenvs.in-project false
 
+# Create non-root user
+ENV ENV="/etc/profile"
+RUN adduser --disabled-password --gecos '' user && \
+    mkdir -p /app && \
+    chown -R user:user /app && \
+    printf "\n. /etc/profile\n" >> /home/user/.profile \
+    printf "\n. /etc/profile\n" >> /home/user/.bashrc
+
 # Sets up virtualenv for dependencies
 ENV VIRTUAL_ENV="/opt/venv"
 ENV VIRTUAL_ENV_DISABLE_PROMPT=1
 ENV POETRY_ACTIVE=1
 ENV PATH="$VIRTUAL_ENV/bin:$PATH"
-RUN echo "export PATH=$PATH" >> ~/.bashrc \
+RUN echo "export PATH=$PATH" >> /home/user/.bashrc \
     && python3 -m venv $VIRTUAL_ENV \
-    && /opt/venv/bin/pip install --upgrade --no-cache-dir pip
+    && /opt/venv/bin/pip install --upgrade --no-cache-dir pip \
+    && chown -R user:user /opt/venv
 
-# Run app as non-root user
-WORKDIR /app
-RUN adduser --disabled-password --gecos '' user
-RUN chown -R user:user /app /opt/venv
+# Run as non-root user
 USER user
 
 # Installation of basic Python dependencies specified in pyproject.toml
-COPY pyproject.toml poetry.lock /app/
+COPY --chown=user:user pyproject.toml poetry.lock /app/
 RUN poetry install
 
 # WebUI + extensions
-RUN git clone -b v2.0 https://github.com/camenduru/stable-diffusion-webui
+RUN git clone -b v2.0 https://github.com/camenduru/stable-diffusion-webui /app/stable-diffusion-webui
 RUN wget https://raw.githubusercontent.com/camenduru/stable-diffusion-webui-scripts/main/run_n_times.py -O /app/stable-diffusion-webui/scripts/run_n_times.py
 RUN git clone -b v1.6 https://github.com/camenduru/deforum-for-automatic1111-webui /app/stable-diffusion-webui/extensions/deforum-for-automatic1111-webui
 RUN git clone -b v2.0 https://github.com/camenduru/stable-diffusion-webui-images-browser /app/stable-diffusion-webui/extensions/stable-diffusion-webui-images-browser
@@ -89,7 +91,7 @@ RUN git clone https://github.com/Mikubill/sd-webui-controlnet /app/stable-diffus
 
 # Prepare WebUI environment
 WORKDIR /app/stable-diffusion-webui
-COPY config.json ui-config.json /app/stable-diffusion-webui/
+COPY --chown=user:user config.json ui-config.json /app/stable-diffusion-webui/
 RUN /opt/venv/bin/python launch.py --exit --skip-torch-cuda-test --xformers
 
 # Patch WebUI
@@ -99,7 +101,7 @@ RUN sed -i -e 's/ outputs=\[/queue=False, &/g' modules/ui.py
 RUN sed -i -e 's/               queue=False,  /                /g' modules/ui.py
 
 # Copy startup scripts
-COPY run.py on_start.sh /app/stable-diffusion-webui/
+COPY --chown=user:user run.py on_start.sh /app/stable-diffusion-webui/
 RUN chmod +x on_start.sh
 
 EXPOSE 7860