diff --git a/Dockerfile b/Dockerfile
index 19679b3..3692232 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -45,13 +45,22 @@ ENV APACHE_RUN_DIR=/var/run/apache2
 ENV APACHE_RUN_USER=deploy
 ENV APACHE_RUN_GROUP=deploy
 
+# allow sudo http-foreground for deploy user
+ADD sudoer_deploy /etc/sudoer.d/deploy
+RUN chmod 0440 /etc/sudoer.d/deploy
+
+# switch to user deploy
 USER deploy
+
+# set path to include ~/.local/bin
 ENV PATH "$PATH:/home/deploy/.local/bin"
+
+# install elab users management script
 RUN pip install --upgrade pip
 RUN pip install git+https://git.cpi.imtek.uni-freiburg.de/CPI/elab-users.git
 
+# change the working directory
 WORKDIR /data
 
-USER root
 # Start httpd as root, but will switch to deploy user thanks to env variable
-CMD ["httpd-foreground"]
\ No newline at end of file
+CMD ["sudo", "httpd-foreground"]
\ No newline at end of file
diff --git a/sudoer_deploy b/sudoer_deploy
new file mode 100644
index 0000000..4eb965c
--- /dev/null
+++ b/sudoer_deploy
@@ -0,0 +1 @@
+deploy ALL=(ALL) NOPASSWD:/usr/local/bin/httpd-foreground
\ No newline at end of file