diff --git a/docker/containers/tactical-nats/dockerfile b/docker/containers/tactical-nats/dockerfile
index f8f1f0a6..ad1bd059 100644
--- a/docker/containers/tactical-nats/dockerfile
+++ b/docker/containers/tactical-nats/dockerfile
@@ -11,19 +11,19 @@ COPY natsapi/bin/nats-api /usr/local/bin/
 RUN chmod +x /usr/local/bin/nats-api
 
 RUN touch /usr/local/bin/config_watcher.sh
-RUN chown 1001:1001 /usr/local/bin/config_watcher.sh
+RUN chown 1000:1000 /usr/local/bin/config_watcher.sh
 
 
 RUN mkdir -p /var/log/supervisor
 RUN mkdir -p /etc/supervisor/conf.d
 RUN touch /etc/supervisor/conf.d/supervisor.conf
-RUN chown 1001:1001 /etc/supervisor/conf.d/supervisor.conf
+RUN chown 1000:1000 /etc/supervisor/conf.d/supervisor.conf
 
 COPY docker/containers/tactical-nats/entrypoint.sh /
 RUN chmod +x /entrypoint.sh
 
 ENTRYPOINT [ "/entrypoint.sh" ]
 
-USER 1001
+USER 1000
 
 EXPOSE 4222
diff --git a/docker/containers/tactical-nats/entrypoint.sh b/docker/containers/tactical-nats/entrypoint.sh
index b0918adf..8e89653e 100644
--- a/docker/containers/tactical-nats/entrypoint.sh
+++ b/docker/containers/tactical-nats/entrypoint.sh
@@ -44,6 +44,7 @@ supervisor_config="$(cat << EOF
 [supervisord]
 nodaemon=true
 logfile=/tmp/supervisord.log
+pidfile=/tmp/supervisord.pid
 [include]
 files = /etc/supervisor/conf.d/*.conf
 
diff --git a/docker/containers/tactical-nginx/dockerfile b/docker/containers/tactical-nginx/dockerfile
index aed3c01f..aa459420 100644
--- a/docker/containers/tactical-nginx/dockerfile
+++ b/docker/containers/tactical-nginx/dockerfile
@@ -4,8 +4,14 @@ ENV TACTICAL_DIR /opt/tactical
 
 USER root
 
+RUN deluser --remove-home nginx \
+  && addgroup -S nginx -g 1000 \
+  && adduser -S -G nginx -u 1000 nginx
+
 RUN apk add --no-cache openssl bash
 
+RUN chown -R nginx:nginx /etc/nginx
+
 SHELL ["/bin/bash", "-e", "-o", "pipefail", "-c"]
 
 COPY docker/containers/tactical-nginx/entrypoint.sh /docker-entrypoint.d/
diff --git a/docker/containers/tactical/entrypoint.sh b/docker/containers/tactical/entrypoint.sh
index fe6bf62f..1157618b 100644
--- a/docker/containers/tactical/entrypoint.sh
+++ b/docker/containers/tactical/entrypoint.sh
@@ -41,7 +41,7 @@ if [ "$1" = 'tactical-init' ]; then
   mkdir -p ${TACTICAL_DIR}/tmp
   touch /home/node/app/meshcentral-data/.initialized && chown -R 1000:1000 /home/node/app/meshcentral-data
   touch ${TACTICAL_DIR}/tmp/.initialized && chown -R 1000:1000 ${TACTICAL_DIR}
-  mkdir -p ${TACTICAL_DIR}/certs && chown -R 101:101 ${TACTICAL_DIR}/certs
+  mkdir -p ${TACTICAL_DIR}/certs && chown -R 1000:1000 ${TACTICAL_DIR}/certs
   mkdir -p ${TACTICAL_DIR}/api/tacticalrmm/private/exe
   mkdir -p ${TACTICAL_DIR}/api/tacticalrmm/private/log
   touch ${TACTICAL_DIR}/api/tacticalrmm/private/log/django_debug.log