Fix #2680 - Run processes in Docker as non-root user (alternative)

[Wonderfall]

Here's an alternative to #3152.
First, #3152 won't work because it's not using correctly busybox adduser (--disabled-login doesn't exist, for example). And another problem is that with #3152, we'll always create a user with the same IDs (1000).

This PR was made with flexibility in mind : UID and GID should be easily set if needed (this can be done using environment variables, defaults are 991). It's also better not to create the user during the build process.

Suggestion : do you want to update docker-compose.yml or .env.production to show how to configure these environment variables? This is not necessary, but I think it's better for visibility.

That being said, I couldn't make it more "transparent" than #3152 : this means actual administrators coming from a previous release will have to chown UID:GID /path/to/public/system. Otherwise, even with optimisations, this will take too much (and useless) time before the process is run. No problem for new installations though, but this PR will require a release note.

[maur1th]

This might have a huge performance impact and is pretty much in contradiction with Docker's philosophy of "start fast". We can already see the effects: #3194

Seems like a bad tradeoff only to be able to set UID/GID.

If someone really wants to use a specific UID/GID, maybe use build args with defaults instead. So they can rebuild the image with whatever UID/GID they want without hampering the container boot time.

[Gargron]

@Wonderfall I just had this idea: How about checking permissions on one file, and only running the update if they are wrong? There's like 0 chance that permissions will be mixed, so if one file's good, the others are too. This will make startup as fast as before in most cases.