feat: Store update restart context in the deployment directory and configure Docker to use the default bun user.

Dockerfile.prod

@@ -27,8 +27,8 @@ RUN cd web && bun run build
 FROM oven/bun:latest AS production
 WORKDIR /app
 
-# Create non-root user for security
-RUN groupadd --system appgroup && useradd --system --gid appgroup appuser
+# Create non-root user for security (bun user already exists with 1000:1000)
+# No need to create user/group
 
 # Install runtime dependencies for update/deploy commands
 RUN apt-get update && apt-get install -y \
@@ -43,18 +43,18 @@ RUN apt-get update && apt-get install -y \
     && git config --system --add safe.directory /app/deploy
 
 # Copy only what's needed for production
-COPY --from=builder --chown=appuser:appgroup /app/node_modules ./node_modules
-COPY --from=builder --chown=appuser:appgroup /app/web/node_modules ./web/node_modules
-COPY --from=builder --chown=appuser:appgroup /app/web/dist ./web/dist
-COPY --from=builder --chown=appuser:appgroup /app/web/src ./web/src
-COPY --from=builder --chown=appuser:appgroup /app/bot ./bot
-COPY --from=builder --chown=appuser:appgroup /app/shared ./shared
-COPY --from=builder --chown=appuser:appgroup /app/package.json .
-COPY --from=builder --chown=appuser:appgroup /app/drizzle.config.ts .
-COPY --from=builder --chown=appuser:appgroup /app/tsconfig.json .
+COPY --from=builder --chown=bun:bun /app/node_modules ./node_modules
+COPY --from=builder --chown=bun:bun /app/web/node_modules ./web/node_modules
+COPY --from=builder --chown=bun:bun /app/web/dist ./web/dist
+COPY --from=builder --chown=bun:bun /app/web/src ./web/src
+COPY --from=builder --chown=bun:bun /app/bot ./bot
+COPY --from=builder --chown=bun:bun /app/shared ./shared
+COPY --from=builder --chown=bun:bun /app/package.json .
+COPY --from=builder --chown=bun:bun /app/drizzle.config.ts .
+COPY --from=builder --chown=bun:bun /app/tsconfig.json .
 
 # Switch to non-root user
-USER appuser
+USER bun
 
 # Expose web dashboard port
 EXPOSE 3000