diff --git a/Dockerfile b/Dockerfile
index 48b1753..c597284 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -64,14 +64,17 @@ FROM debian@sha256:240f770008bdc538fecc8d3fa7a32a533eac55c14cbc56a9a8a6f7d741b47
 
 RUN apt-get update \
 && apt-get upgrade -y \
-&& apt-get install -y libssl1.1 ca-certificates tini \
-&& mkdir -p /root
+&& apt-get install -y libssl1.1 ca-certificates tini
 
-COPY --from=build /ptth/target/release/ptth_relay             /root/
-COPY --from=build /ptth/handlebars                            /root/handlebars
+RUN addgroup --gid 10001 nonroot && adduser --system --uid 10000 --gid 10001 nonroot
+
+USER nonroot
+WORKDIR /home/nonroot
+
+COPY --from=build /ptth/target/release/ptth_relay ./
+COPY --from=build /ptth/handlebars                ./handlebars
 
 ARG git_version
-RUN echo -n "$git_version" > /root/git_version.txt
+RUN echo -n "$git_version" > ./git_version.txt
 
-WORKDIR /root
 ENTRYPOINT ["/usr/bin/tini", "--", "./ptth_relay"]
diff --git a/crates/ptth_relay/src/git_version.rs b/crates/ptth_relay/src/git_version.rs
index 7a1dc70..a44088d 100644
--- a/crates/ptth_relay/src/git_version.rs
+++ b/crates/ptth_relay/src/git_version.rs
@@ -1,13 +1,13 @@
-pub fn read_git_version () -> Option <String> {
-	use std::{
-		io::Read,
+pub async fn read_git_version () -> Option <String> {
+	use tokio::{
 		fs::File,
+		io::AsyncReadExt,
 	};
 	
 	let mut buf = vec! [0u8; 512];
 	
-	let mut f = File::open ("git_version.txt").ok ()?;
-	let bytes_read = f.read (&mut buf).ok ()?;
+	let mut f = File::open ("git_version.txt").await.ok ()?;
+	let bytes_read = f.read (&mut buf).await.ok ()?;
 	buf.truncate (bytes_read);
 	
 	Some (String::from_utf8 (buf).ok ()?)
diff --git a/crates/ptth_relay/src/lib.rs b/crates/ptth_relay/src/lib.rs
index cf45021..999e5d9 100644
--- a/crates/ptth_relay/src/lib.rs
+++ b/crates/ptth_relay/src/lib.rs
@@ -336,15 +336,19 @@ struct ServerEntry <'a> {
 
 #[derive (Serialize)]
 struct ServerListPage <'a> {
+	dev_mode: bool,
+	git_version: Option <String>,
 	servers: Vec <ServerEntry <'a>>,
 }
 
 async fn handle_server_list_internal (state: &Arc <RelayState>)
 -> ServerListPage <'static>
 {
+	let dev_mode;
 	let display_names: HashMap <String, String> = {
 		let guard = state.config.read ().await;
 		
+		dev_mode = guard.iso.dev_mode.is_some ();
 		let servers = (*guard).servers.iter ()
 		.map (|(k, v)| {
 			let display_name = v.display_name
@@ -394,6 +398,8 @@ async fn handle_server_list_internal (state: &Arc <RelayState>)
 	servers.sort_by (|a, b| a.display_name.cmp (&b.display_name));
 	
 	ServerListPage {
+		dev_mode,
+		git_version: git_version::read_git_version ().await,
 		servers,
 	}
 }
diff --git a/crates/ptth_relay/src/main.rs b/crates/ptth_relay/src/main.rs
index bd3c9c6..d00332d 100644
--- a/crates/ptth_relay/src/main.rs
+++ b/crates/ptth_relay/src/main.rs
@@ -32,7 +32,7 @@ async fn main () -> Result <(), Box <dyn Error>> {
 	let config_path = PathBuf::from ("config/ptth_relay.toml");
 	let config = Config::from_file (&config_path).await?;
 	
-	match read_git_version () {
+	match read_git_version ().await {
 		Some (x) => info! ("ptth_relay Git version: {:?}", x),
 		None => info! ("ptth_relay not built from Git"),
 	}
diff --git a/handlebars/relay/relay_server_list.html b/handlebars/relay/relay_server_list.html
index 3fd8a8a..2075d61 100644
--- a/handlebars/relay/relay_server_list.html
+++ b/handlebars/relay/relay_server_list.html
@@ -34,6 +34,11 @@
 
 <h1>Server list</h1>
 
+{{#if dev_mode}}
+<div style="color: red;">Relay is in dev mode. This should never be seen in production!</div>
+{{/if}}
+
+<div style="padding-top: 1em;">
 {{#if servers}}
 	<table class="entry_list">
 	<thead>
@@ -54,8 +59,17 @@
 	</tbody>
 	</table>
 {{else}}
-	(No servers have reported since this relay started)
+	(No servers are registered in the config file)
 {{/if}}
+</div>
+
+<div style="color: #888; padding-top: 1em;">
+{{#if git_version}}
+Git version: {{git_version}}
+{{else}}
+Not built from Git
+{{/if}}
+</div>
 
 </body>
 </html>
diff --git a/run_docker_image.bash b/run_docker_image.bash
index 7857c93..090c4c4 100755
--- a/run_docker_image.bash
+++ b/run_docker_image.bash
@@ -1,3 +1,7 @@
 #!/usr/bin/env bash
 
-sudo docker run -it -v $PWD/config:/root/config -e RUST_LOG=ptth=trace ptth:latest
+sudo docker run -it \
+-v $PWD/config:/home/nonroot/config \
+-e RUST_LOG=ptth=trace \
+-p 4000:4000 \
+ptth:latest
diff --git a/todo.md b/todo.md
index f96bb92..da42c81 100644
--- a/todo.md
+++ b/todo.md
@@ -1,9 +1,7 @@
 Interesting issues will get a unique ID with
 `dd if=/dev/urandom bs=5 count=1 | base32`
 
-- Move Git version out of source code and into a plain file in the Docker image
 - Report server version in HTML
-- Apply https://github.com/hexops/dockerfile to Dockerfile
 - [YNQAQKJS](issues/2020-12Dec/auth-route-YNQAQKJS.md) Open new auth route for spiders / scrapers
 - Track / Estimate bandwidth per server?
 - EOTPXGR3 Remote `tail -f` (_Complicated_) (Maybe use chunked encoding or something?)