diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index 811ed5e12..96a004fc0 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -1 +1 @@
-* @alexcos20 @bogdanfazakas @giurgiur99 @denisiuriet @ndrpp @andreip136
+* @alexcos20 @bogdanfazakas @giurgiur99 @dnsi0 @ndrpp @andreip136
diff --git a/Dockerfile b/Dockerfile
index 67e813964..e49a3272b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -33,11 +33,8 @@ ENV NODE_ENV=production \
 
 EXPOSE 9000 9001 9002 9003 9005 8000
 
-# GID of the docker group on the host. Needs to match so the node user can access
-# /var/run/docker.sock for compute jobs. Default is 999 (common on Debian/Ubuntu).
-# Override at build time if your host differs: docker build --build-arg DOCKER_GID=$(getent group docker | cut -d: -f3) .
-ARG DOCKER_GID=999
-RUN groupadd -g ${DOCKER_GID} docker && usermod -aG docker node
+# Docker group membership is handled at runtime in docker-entrypoint.sh by
+# inspecting the GID of /var/run/docker.sock, so it works across hosts.
 
 WORKDIR /usr/src/app
 
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index 46f21fdbb..41d2b4473 100644
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -5,4 +5,15 @@ set -e
 # Runs as root, then drops to 'node' user via gosu.
 chown -R node:node /usr/src/app/databases /usr/src/app/c2d_storage /usr/src/app/logs 2>/dev/null || true
 
+# Add node user to the docker group matching the host's /var/run/docker.sock GID,
+# so compute jobs can access the socket regardless of the host's docker GID.
+if [ -S /var/run/docker.sock ]; then
+    SOCK_GID=$(stat -c '%g' /var/run/docker.sock)
+    if ! getent group "$SOCK_GID" > /dev/null 2>&1; then
+        groupadd -g "$SOCK_GID" dockerhost 2>/dev/null || true
+    fi
+    DOCKER_GROUP=$(getent group "$SOCK_GID" | cut -d: -f1)
+    usermod -aG "$DOCKER_GROUP" node
+fi
+
 exec gosu node dumb-init -- "$@"