docker: Use fixed UID/GID for daemon users

Currently, we rely on Debian to pick a UID and GID for daemon users.
However, those numbers can change as software evolves over time, in
particular as the base distribution changes.

Because those IDs are relevant in the data volume, which has a lifetime
independent from the daemon container, it is important that they don't
change.

Other projects have run into this issue over the years too, this is not
a purely theoretical concern.

This patch fixes the UID/GIDs for the daemon users to their current
values, to prevent problems in the future.

See https://github.com/albertito/chasquid/pull/72 for further
discussion.

Amended-by: Alberto Bertogli <albertito@blitiri.com.ar>
  Adjusted commit message, formatted RUN command line, changed the
  dovecot group ID to match the previous value.

docker/Dockerfile

@@ -17,12 +17,19 @@ RUN go get -d ./... && \
 # Create the image.
 FROM debian:stable-slim
 
+# Create the chasquid and dovecot users with fixed UID/GID.
 # Install the packages we need.
 # This includes chasquid, which sets up good defaults.
 # Make debconf/frontend non-interactive, to avoid distracting output about the
 # lack of $TERM.
-RUN DEBIAN_FRONTEND=noninteractive \
+RUN \
-	apt-get update -q && \
+	groupadd -g 101 chasquid && \
+	useradd -m -u 100 -g 101 -s /usr/sbin/nologin -d /var/lib/chasquid \
+		chasquid && \
+	groupadd -g 103 dovecot && \
+	useradd -m -u 101 -g 103 -s /usr/sbin/nologin -d /usr/lib/dovecot \
+		dovecot && \
+	DEBIAN_FRONTEND=noninteractive apt-get update -q && \
 	apt-get install -y -q \
 		chasquid \
 		dovecot-lmtpd dovecot-imapd dovecot-pop3d \