diff --git a/install/production-filesystem/services/config/nginx/netalertx.conf.template b/install/production-filesystem/services/config/nginx/netalertx.conf.template
index 97637e11..6a567056 100755
--- a/install/production-filesystem/services/config/nginx/netalertx.conf.template
+++ b/install/production-filesystem/services/config/nginx/netalertx.conf.template
@@ -1,3 +1,6 @@
+# Set user if running as root (substituted by start-nginx.sh)
+${NGINX_USER_DIRECTIVE}
+
 # Set number of worker processes automatically based on number of CPU cores.
 worker_processes auto;
 
diff --git a/install/production-filesystem/services/start-nginx.sh b/install/production-filesystem/services/start-nginx.sh
index 881f8e6b..7f17fbac 100755
--- a/install/production-filesystem/services/start-nginx.sh
+++ b/install/production-filesystem/services/start-nginx.sh
@@ -35,9 +35,16 @@ done
 
 TEMP_CONFIG_FILE=$(mktemp "${TMP_DIR}/netalertx.conf.XXXXXX")
 
+#In the event PUID is 0 we need to run nginx as root
+#This is useful on legacy systems where we cannot provision root access to a binary
+export NGINX_USER_DIRECTIVE=""
+if [ "$(id -u)" -eq 0 ]; then
+    NGINX_USER_DIRECTIVE="user root;"
+fi
+
 # Shell check doesn't recognize envsubst variables
 # shellcheck disable=SC2016
-if envsubst '${LISTEN_ADDR} ${PORT}' < "${SYSTEM_NGINX_CONFIG_TEMPLATE}" > "${TEMP_CONFIG_FILE}" 2>/dev/null; then
+if envsubst '${LISTEN_ADDR} ${PORT} ${NGINX_USER_DIRECTIVE}' < "${SYSTEM_NGINX_CONFIG_TEMPLATE}" > "${TEMP_CONFIG_FILE}" 2>/dev/null; then
 	mv "${TEMP_CONFIG_FILE}" "${SYSTEM_SERVICES_ACTIVE_CONFIG_FILE}"
 else
 	echo "Note: Unable to write to ${SYSTEM_SERVICES_ACTIVE_CONFIG_FILE}. Using default configuration."