diff --git a/Dockerfile b/Dockerfile
index 7f517c78..36f12874 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,30 +1,43 @@
-# setup build image
-FROM golang:1.11 AS build
+# Minify client side assets (JavaScript)
+FROM node:latest AS build-js
 
-# build Gophish binary
-WORKDIR /build/gophish
+RUN npm install gulp gulp-cli -g
+
+WORKDIR /build
 COPY . .
-RUN go get -d -v ./...
-RUN go build
+RUN npm install --only=dev
+RUN gulp
 
 
-# setup run image
+# Build Golang binary
+FROM golang:1.11 AS build-golang
+
+WORKDIR /go/src/github.com/gophish/gophish
+COPY . .
+RUN go get -v && go build -v
+
+
+# Runtime container
 FROM debian:stable-slim
 
+RUN useradd -m -d /opt/gophish -s /bin/bash app
+
 RUN apt-get update && \
-    apt-get install --no-install-recommends -y \
-    jq && \
-    apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+	apt-get install --no-install-recommends -y jq && \
+	apt-get clean && \
+	rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 
-# copy Gophish assets from the build image
-WORKDIR /gophish
-COPY --from=build /build/gophish/ /gophish/
-RUN chmod +x gophish
+WORKDIR /opt/gophish
+COPY --from=build-golang /go/src/github.com/gophish/gophish/ ./
+COPY --from=build-js /build/static/js/dist/ ./static/js/dist/
+COPY --from=build-js /build/static/css/dist/ ./static/css/dist/
+COPY --from=build-golang /go/src/github.com/gophish/gophish/config.json ./
+RUN chown app. config.json
 
-# expose the admin port to the host
+USER app
 RUN sed -i 's/127.0.0.1/0.0.0.0/g' config.json
+RUN touch config.json.tmp
 
-# expose default ports
-EXPOSE 80 443 3333
+EXPOSE 3333 8080 8443
 
 CMD ["./docker/run.sh"]
diff --git a/docker/run.sh b/docker/run.sh
index 07e072d8..17cceb5d 100755
--- a/docker/run.sh
+++ b/docker/run.sh
@@ -5,25 +5,25 @@ if [ -n "${ADMIN_LISTEN_URL+set}" ] ; then
     jq -r \
         --arg ADMIN_LISTEN_URL "${ADMIN_LISTEN_URL}" \
         '.admin_server.listen_url = $ADMIN_LISTEN_URL' config.json > config.json.tmp && \
-        mv config.json.tmp config.json
+        cat config.json.tmp > config.json
 fi
 if [ -n "${ADMIN_USE_TLS+set}" ] ; then
     jq -r \
         --argjson ADMIN_USE_TLS "${ADMIN_USE_TLS}" \
         '.admin_server.use_tls = $ADMIN_USE_TLS' config.json > config.json.tmp && \
-        mv config.json.tmp config.json
+        cat config.json.tmp > config.json
 fi
 if [ -n "${ADMIN_CERT_PATH+set}" ] ; then
     jq -r \
         --arg ADMIN_CERT_PATH "${ADMIN_CERT_PATH}" \
         '.admin_server.cert_path = $ADMIN_CERT_PATH' config.json > config.json.tmp && \
-        mv config.json.tmp config.json
+        cat config.json.tmp > config.json
 fi
 if [ -n "${ADMIN_KEY_PATH+set}" ] ; then
     jq -r \
         --arg ADMIN_KEY_PATH "${ADMIN_KEY_PATH}" \
         '.admin_server.key_path = $ADMIN_KEY_PATH' config.json > config.json.tmp && \
-        mv config.json.tmp config.json
+        cat config.json.tmp > config.json
 fi
 
 # set config for phish_server
@@ -31,25 +31,25 @@ if [ -n "${PHISH_LISTEN_URL+set}" ] ; then
     jq -r \
         --arg PHISH_LISTEN_URL "${PHISH_LISTEN_URL}" \
         '.phish_server.listen_url = $PHISH_LISTEN_URL' config.json > config.json.tmp && \
-        mv config.json.tmp config.json
+        cat config.json.tmp > config.json
 fi
 if [ -n "${PHISH_USE_TLS+set}" ] ; then
     jq -r \
         --argjson PHISH_USE_TLS "${PHISH_USE_TLS}" \
         '.phish_server.use_tls = $PHISH_USE_TLS' config.json > config.json.tmp && \
-        mv config.json.tmp config.json
+        cat config.json.tmp > config.json
 fi
 if [ -n "${PHISH_CERT_PATH+set}" ] ; then
     jq -r \
         --arg PHISH_CERT_PATH "${PHISH_CERT_PATH}" \
         '.phish_server.cert_path = $PHISH_CERT_PATH' config.json > config.json.tmp && \
-        mv config.json.tmp config.json
+        cat config.json.tmp > config.json
 fi
 if [ -n "${PHISH_KEY_PATH+set}" ] ; then
     jq -r \
         --arg PHISH_KEY_PATH "${PHISH_KEY_PATH}" \
         '.phish_server.key_path = $PHISH_KEY_PATH' config.json > config.json.tmp && \
-        mv config.json.tmp config.json
+        cat config.json.tmp > config.json
 fi
 
 # set contact_address
@@ -57,9 +57,17 @@ if [ -n "${CONTACT_ADDRESS+set}" ] ; then
     jq -r \
         --arg CONTACT_ADDRESS "${CONTACT_ADDRESS}" \
         '.contact_address = $CONTACT_ADDRESS' config.json > config.json.tmp && \
-        mv config.json.tmp config.json
+        cat config.json.tmp > config.json
 fi
 
+if [ -n "${DB_FILE_PATH+set}" ] ; then
+    jq -r \
+        --arg DB_FILE_PATH "${DB_FILE_PATH}" \
+        '.db_path = $DB_FILE_PATH' config.json > config.json.tmp && \
+        cat config.json.tmp > config.json
+fi
+
+echo "Runtime configuration: "
 cat config.json
 
 # start gophish