fix: run as root — bind-mount overrides chown causing SQLITE_CANTOPEN

Dockerfile

@@ -3,11 +3,9 @@ FROM node:20-alpine AS builder
 
 WORKDIR /app
 
-# Install dependencies (including dev deps for tsc)
 COPY package*.json ./
 RUN npm install
 
-# Copy source and compile TypeScript
 COPY tsconfig.json ./
 COPY src ./src
 RUN npm run build
@@ -17,26 +15,17 @@ FROM node:20-alpine AS runtime
 
 WORKDIR /app
 
-# Production deps only — also rebuild better-sqlite3 for Alpine (musl libc)
+# Production deps + rebuild better-sqlite3 for Alpine (musl libc)
 COPY package*.json ./
 RUN npm install --omit=dev && \
     npm rebuild better-sqlite3 && \
     npm cache clean --force
 
-# Copy compiled JS + static UI
 COPY --from=builder /app/dist ./dist
 COPY public ./public
 
-# Data directory will be bind-mounted; create it so it exists if not mounted
 RUN mkdir -p /app/data
 
-# Non-root user for security
-RUN addgroup -S tracker && adduser -S tracker -G tracker && \
-    chown -R tracker:tracker /app
-USER tracker
-
 EXPOSE 3457
 
-# dotenv/config is imported in index.ts — reads .env if present.
-# In prod, pass env vars via Dokploy / docker-compose env_file instead.
 CMD ["node", "dist/index.js"]