diff --git a/build-workspace.sh b/build-workspace.sh
index 440bb78..e2e9e0e 100755
--- a/build-workspace.sh
+++ b/build-workspace.sh
@@ -1,11 +1,11 @@
 #!/bin/bash
-# build-persistent-devbox.sh
-# Persistent Fedora Minimal-based devbox with SSH, Git, and GitOps secrets (immutable config files)
 
 set -euo pipefail
 
 IMG_NAME="analytics-backend-workspace"
 DEV_USER=devuser
+DEV_UID=1001
+DEV_GID=1001
 SECURE=/opt/secure
 DEV_HOME=/home/$DEV_USER
 
@@ -15,10 +15,8 @@ buildah run "$ctr" -- bash -c "\
   pacman -Sy --noconfirm && pacman -S --noconfirm --needed base-devel neovim git zsh tmux \
   nodejs python podman fzf fd ripgrep jdk-openjdk zsh-completions zsh-syntax-highlighting \
   lazygit zsh-autosuggestions luarocks python-pynvim npm bash-completion tree-sitter-cli \
-  lua51 && pacman -Scc --noconfirm && \
-  groupadd secproc && useradd -ms /bin/zsh -G secproc $DEV_USER && \
-  mkdir -p $SECURE && chmod -R 500 $SECURE && \
-  mkdir /app && chmod 700 /app && chown $DEV_USER:$DEV_USER /app
+  lua51 && pacman -Scc --noconfirm && groupadd secproc && groupadd -g $DEV_GID $DEV_USER && \
+  useradd -ms /bin/zsh -G secproc -u $DEV_UID -g $DEV_GID $DEV_USER && mkdir -m 500 -p $SECURE
 "
 
 # copy start script, zshrc, neovim, tmux setup and ssh setup