docker: add non root user info

[Splinter7914]

I had to add tmp and banned mounts in order to run it as non root.

Summary by CodeRabbit

Documentation

• Added instructions for running containers as a non-root user, including configuration for directory mounting and user ID mapping.

[coderabbitai]

📝 Walkthrough

Walkthrough

A new "Run as non root" section is added to the Docker wiki documentation, providing instructions and example commands for executing Docker containers with a non-root user (uid 1000:1000) and explicit volume mount configurations for config, downloads, tmp, and banned directories.

Changes

Cohort / File(s)	Summary
Docker Documentation docs/docker-wiki-full.md	Added new "Run as non root" section with user mapping (-u 1000:1000) and volume mount instructions for config, downloads, tmp, and banned directories.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~5 minutes

Poem

🐰 A rabbit hops with glee,
Non-root at last, so safe and free!
With volumes bound and users mapped,
Security concerns are finally wrapped! 🐳

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and specifically describes the main change: adding documentation about running Docker containers with a non-root user.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🤖 Fix all issues with AI agents

In `@docs/docker-wiki-full.md`:
- Line 58: The section header "## Run as non root" should be hyphenated; update
the header text to "## Run as non-root" so the compound adjective correctly
modifies "user" (locate and edit the header string "## Run as non root" in
docs/docker-wiki-full.md).
- Line 59: Update the sentence that currently reads "mount `tmp` and `banned`
directories to run as a non root user" to use the hyphenated term "non-root" and
expand it with a short rationale; e.g., change the phrase to "mount `tmp` and
`banned` directories to run as a non-root user" and append a brief explanation
such as "to ensure the container process has write access while avoiding running
as root, improving security and preserving host permissions." Make sure the
edited sentence replaces the original wording verbatim and keeps backticks
around `tmp` and `banned`.
- Around line 61-69: Add a language identifier (bash) to the fenced Docker
command block so it renders with proper syntax highlighting, and add a short
note after the block explaining the UID:GID 1000:1000 token: instruct users to
replace 1000:1000 with their host UID:GID (use id -u and id -g) and to ensure
the mounted dirs referenced in the command (/Upload-Assistant/tmp,
/Upload-Assistant/data/banned, /downloads, etc.) are owned or writable by that
user when running the container as a non-root user.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Fix hyphenation in section header.

The term "non-root" should be hyphenated as it's a compound adjective modifying "user."

📝 Proposed fix

-## Run as non root
+## Run as non-root

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	## Run as non root
	## Run as non-root

🧰 Tools

🪛 LanguageTool

[grammar] ~58-~58: Use a hyphen to join words.
Context: ...ath/to/content --help ``` ## Run as non root mount tmp and `banned` directorie...

(QB_NEW_EN_HYPHEN)

🤖 Prompt for AI Agents

In `@docs/docker-wiki-full.md` at line 58, The section header "## Run as non root"
should be hyphenated; update the header text to "## Run as non-root" so the
compound adjective correctly modifies "user" (locate and edit the header string
"## Run as non root" in docs/docker-wiki-full.md).

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Fix hyphenation and enhance clarity.

The term "non-root" should be hyphenated. Additionally, consider adding a brief explanation of why these directories need to be mounted for better user understanding.

📝 Proposed fix

-mount `tmp` and `banned` directories to run as a non root user
+Mount `tmp` and `banned` directories to run as a non-root user. These directories require write access, so they must be explicitly mounted when running with a non-root user ID.

🧰 Tools

🪛 LanguageTool

[grammar] ~59-~59: Use a hyphen to join words.
Context: ...and banned directories to run as a non root user ``` docker run --rm -it --net...

(QB_NEW_EN_HYPHEN)

🤖 Prompt for AI Agents

In `@docs/docker-wiki-full.md` at line 59, Update the sentence that currently
reads "mount `tmp` and `banned` directories to run as a non root user" to use
the hyphenated term "non-root" and expand it with a short rationale; e.g.,
change the phrase to "mount `tmp` and `banned` directories to run as a non-root
user" and append a brief explanation such as "to ensure the container process
has write access while avoiding running as root, improving security and
preserving host permissions." Make sure the edited sentence replaces the
original wording verbatim and keeps backticks around `tmp` and `banned`.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Add language identifier to code block and consider documenting UID selection.

The code block should specify a language identifier for proper syntax highlighting. Additionally, consider adding guidance about the UID/GID values (1000:1000) and how users should adjust them to match their host system user.

📝 Proposed fix

Fix 1: Add language identifier

-```
+```bash
 docker run --rm -it --network=host \

Optional enhancement: Add note about UID/GID

After line 59, consider adding a note like:

Mount `tmp` and `banned` directories to run as a non-root user. These directories require write access, so they must be explicitly mounted when running with a non-root user ID.

Replace `1000:1000` with your host user's UID:GID (use `id -u` and `id -g` to find yours). Ensure the mounted directories have appropriate permissions for this user.

🧰 Tools

🪛 markdownlint-cli2 (0.20.0)

[warning] 61-61: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

🤖 Prompt for AI Agents

In `@docs/docker-wiki-full.md` around lines 61 - 69, Add a language identifier
(bash) to the fenced Docker command block so it renders with proper syntax
highlighting, and add a short note after the block explaining the UID:GID
1000:1000 token: instruct users to replace 1000:1000 with their host UID:GID
(use id -u and id -g) and to ensure the mounted dirs referenced in the command
(/Upload-Assistant/tmp, /Upload-Assistant/data/banned, /downloads, etc.) are
owned or writable by that user when running the container as a non-root user.