diff --git a/.forgejo/workflows/docker-master.yaml b/.forgejo/workflows/docker-master.yaml
index c5baced..276d59f 100644
--- a/.forgejo/workflows/docker-master.yaml
+++ b/.forgejo/workflows/docker-master.yaml
@@ -2,6 +2,9 @@ on:
   push:
     branches:
       - 'master'
+  schedule:
+    - cron: '0 0 * * *'
+  workflow_dispatch:
 jobs:
   docker-master:
     runs-on: docker
diff --git a/Dockerfile b/Dockerfile
index d8e90e7..a1604a9 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,55 +1,69 @@
 FROM debian:12
 
+# Metadata
 LABEL maintainer="guillaume@van-hemmen.com"
 
+# Build arguments
 ARG ARG_TZ="Europe/Paris"
 ARG ARG_NODE_MAJOR=22
 
-RUN ln -snf /usr/share/zoneinfo/$ARG_TZ /etc/localtime && echo $ARG_TZ > /etc/timezone && \
-    apt-get update && apt-get install -y ca-certificates curl gnupg && \
-    mkdir -p /etc/apt/keyrings && \
-    curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg && \
-    echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_${ARG_NODE_MAJOR}.x nodistro main" | tee /etc/apt/sources.list.d/nodesource.list && \
-    apt-get update && apt-get install -y nodejs sudo && \
+# System configuration and timezone setup
+RUN ln -snf /usr/share/zoneinfo/$ARG_TZ /etc/localtime && \
+    echo $ARG_TZ > /etc/timezone
+
+# Install system packages in a single RUN to reduce layers
+# Split into logical groups for better readability
+RUN apt-get update && \
+    apt-get upgrade -y && \
     apt-get install -y \
-                  ca-certificates \
-                  fonts-liberation \
-                  libappindicator3-1 \
-                  libasound2 \
-                  libatk-bridge2.0-0 \
-                  libatk1.0-0 \
-                  libc6 \
-                  libcairo2 \
-                  libcups2 \
-                  libdbus-1-3 \
-                  libexpat1 \
-                  libfontconfig1 \
-                  libgbm1 \
-                  libgcc1 \
-                  libglib2.0-0 \
-                  libgtk-3-0 \
-                  libnspr4 \
-                  libnss3 \
-                  libpango-1.0-0 \
-                  libpangocairo-1.0-0 \
-                  libstdc++6 \
-                  libx11-6 \
-                  libx11-xcb1 \
-                  libxcb1 \
-                  libxcomposite1 \
-                  libxcursor1 \
-                  libxdamage1 \
-                  libxext6 \
-                  libxfixes3 \
-                  libxi6 \
-                  libxrandr2 \
-                  libxrender1 \
-                  libxss1 \
-                  libxtst6 \
-                  lsb-release \
-                  wget \
-                  jq
+    # Development tools
+    build-essential \
+    git \
+    python3 \
+    # System utilities
+    ca-certificates \
+    curl \
+    gnupg2 \
+    procps \
+    sudo \
+    unzip \
+    wget \
+    nano \
+    jq && \
+    # Clean up apt cache to reduce image size
+    rm -rf /var/lib/apt/lists/*
 
-RUN npm install -g yarn
+# User setup and security configuration
+# Create non-root user 'coder' with sudo privileges
+RUN useradd -m -s /bin/bash -G sudo coder && \
+    echo "coder ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/coder
 
+# Configure shell environment
+RUN echo "PS1='🐳 \[\033[1;36m\] \[\033[1;34m\]\W\[\033[0;35m\] \[\033[1;36m\]# \[\033[0m\]'" > /home/coder/.bashrc && \
+    chown coder:coder /home/coder/.bashrc && \
+    chown -R coder:coder /workspaces
+
+# Run trivy to scan the system
+RUN apt-get update && apt-get install -y trivy && \
+    trivy filesystem --exit-code 1 --no-progress / && \
+    apt-get remove -y trivy && \
+    rm -rf /var/lib/apt/lists/*
+
+# Switch to non-root user
+USER coder
+
+# Configure bash environment
+ENV BASH_ENV /home/coder/.bash_env
+RUN touch "${BASH_ENV}" && \
+    echo '. "${BASH_ENV}"' >> ~/.bashrc
+
+# Install Node.js using NVM
+RUN curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.3/install.sh | PROFILE="${BASH_ENV}" bash && \
+    . $BASH_ENV && \
+    nvm install ${ARG_NODE_MAJOR} && \
+    nvm alias default ${ARG_NODE_MAJOR} && \
+    nvm use ${ARG_NODE_MAJOR} && \
+    npm i -g yarn patch-package
+
+# Install Firebase CLI
 RUN curl -sL firebase.tools | bash