diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 1a65f141496e8852187bd9528e0411480c550378..031c3c1946e1e8bc07785c394522636a15776afa 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -124,7 +124,16 @@ jobs:
           context: .
           push: true
           file: deploy/Dockerfile
+          target: base
           tags: s3rius/rustus:latest,s3rius/rustus:${{env.APP_VERSION}}
+      - name: Build and push rootless
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          push: true
+          file: deploy/Dockerfile
+          target: rootless
+          tags: s3rius/rustus:${{env.APP_VERSION}}-rootless
 
   upload_helm:
     runs-on: ubuntu-latest
@@ -208,6 +217,17 @@ jobs:
           context: .
           push: true
           file: deploy/alpine.Dockerfile
-          tags: s3rius/rustus:${{env.APP_VERSION}}-alpine
+          target: base
+          tags: s3rius/rustus:latest-alpine,s3rius/rustus:${{env.APP_VERSION}}-alpine
+          build-args: |
+            app_version=${{env.APP_VERSION}}
+      - name: Build and push
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          push: true
+          file: deploy/alpine.Dockerfile
+          target: rootless
+          tags: s3rius/rustus:${{env.APP_VERSION}}-rootless-alpine
           build-args: |
             app_version=${{env.APP_VERSION}}
diff --git a/deploy/Dockerfile b/deploy/Dockerfile
index acd2de40abef2f59e3b7839c4ac7eacc6e8555e4..18726fdced231591fae4c4470428289fb6ef221d 100644
--- a/deploy/Dockerfile
+++ b/deploy/Dockerfile
@@ -11,9 +11,14 @@ COPY --from=planner /app/recipe.json recipe.json
 RUN cargo chef cook --release --features=all,metrics --recipe-path recipe.json
 # Build application
 COPY . .
-RUN cargo build --release --bin rustus --features=all
+RUN cargo build --release --bin rustus --features=all,metrics
 
-FROM debian:bullseye-20211201-slim AS runtime
-WORKDIR /app
+FROM debian:bullseye-20211201-slim AS base
 COPY --from=builder /app/target/release/rustus /usr/local/bin/
 ENTRYPOINT ["/usr/local/bin/rustus"]
+
+FROM base as rootless
+
+RUN useradd --create-home  -u 1000 --user-group rustus
+WORKDIR /home/rustus
+USER rustus
\ No newline at end of file
diff --git a/deploy/alpine.Dockerfile b/deploy/alpine.Dockerfile
index deb1275586ae45ec5589b63f3accbe2ff820d2ee..f2309ca81a1d100dd734eca05ac837586c412779 100644
--- a/deploy/alpine.Dockerfile
+++ b/deploy/alpine.Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.15.0
+FROM alpine:3.15.0 as base
 
 ARG app_version
 
@@ -7,6 +7,11 @@ ADD "https://github.com/s3rius/rustus/releases/download/${app_version}/rustus-${
 RUN tar xvf *.tar.gz
 RUN rm *.tar.gz
 RUN mv rustus /bin
-WORKDIR /app
 
-ENTRYPOINT ["/bin/rustus"]
\ No newline at end of file
+ENTRYPOINT ["/bin/rustus"]
+
+FROM base as rootless
+
+RUN adduser -u 1000 --disabled-password rustus
+WORKDIR /home/rustus
+USER rustus
\ No newline at end of file