diff --git a/README.md b/README.md
index e6c151b2..82b7cfef 100644
--- a/README.md
+++ b/README.md
@@ -148,7 +148,7 @@ export CLIENT_SECRET
 Run docker-compose:
 ```
 cd app-config
-docker-compose up
+CURRENT_UID=$(id -u):$(id -g) docker-compose up
 ```
 
 Then visit http://localhost:8080/.
diff --git a/app-config/cara-webservice/Dockerfile b/app-config/cara-webservice/Dockerfile
index e4d044ac..517b30c8 100644
--- a/app-config/cara-webservice/Dockerfile
+++ b/app-config/cara-webservice/Dockerfile
@@ -23,9 +23,14 @@ FROM debian
 COPY --from=conda /opt/app /opt/app
 ENV PATH=/opt/app/bin/:$PATH
 # Make a convenient location to the installed CARA package (i.e. a directory called cara in the CWD).
+# It is important that this directory is also writable by a non-root user.
+RUN mkdir -p /scratch \
+ && chmod a+wx /scratch
+# Set the HOME directory to something that anybody can write to (to support non root users, such as on openshift).
+ENV HOME=/scratch
+WORKDIR /scratch
 RUN CARA_INIT_FILE=$(/opt/app/bin/python -c "import cara; print(cara.__file__)") \
- && ln -s $(dirname $(dirname ${CARA_INIT_FILE})) /opt/site-packages \
- && ln -s /opt/site-packages/cara ./cara
+ && ln -s $(dirname ${CARA_INIT_FILE}) /scratch/cara
 CMD [ \
   "cara-app.sh" \
 ]
diff --git a/app-config/docker-compose.yml b/app-config/docker-compose.yml
index e322e394..18d9d0a0 100644
--- a/app-config/docker-compose.yml
+++ b/app-config/docker-compose.yml
@@ -4,6 +4,7 @@ services:
     image: cara-webservice
     environment:
       - APP_NAME=cara-voila
+    user: ${CURRENT_UID:?"Please run as follows 'CURRENT_UID=$(id -u):$(id -g) docker-compose up'"}
 
   cara-webservice:
     image: cara-webservice
@@ -12,6 +13,7 @@ services:
       - APP_NAME=cara-webservice
       - CARA_CALCULATOR_PREFIX=/calculator-cern
       - CARA_THEME=cara/apps/calculator/themes/cern
+    user: ${CURRENT_UID}
 
   cara-calculator-open:
     image: cara-webservice
@@ -19,6 +21,7 @@ services:
       - COOKIE_SECRET
       - APP_NAME=cara-webservice
       - CARA_CALCULATOR_PREFIX=/calculator-open
+    user: ${CURRENT_UID}
 
   auth-service:
     image: auth-service
@@ -28,6 +31,7 @@ services:
       - OIDC_REALM
       - CLIENT_ID
       - CLIENT_SECRET
+    user: ${CURRENT_UID}
 
   cara-router:
     image: cara-nginx-app
@@ -35,10 +39,11 @@ services:
       - "8080:8080"
     depends_on:
       cara-webservice:
-          condition: service_started
+        condition: service_started
       cara-calculator-open:
-            condition: service_started
+        condition: service_started
       cara-app:
-          condition: service_started
+        condition: service_started
       auth-service:
-          condition: service_started
+        condition: service_started
+    user: ${CURRENT_UID}