diff --git a/Dockerfile b/Dockerfile
index f571cd3..4f47a86 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -3,7 +3,7 @@ ARG BASE_IMAGE=sutty/monit
 FROM ${BASE_IMAGE}:${ALPINE_VERSION}
 MAINTAINER "f <f@sutty.nl>"
 
-ARG ACCESS_LOGS_FLAGS="--database=sqlite3:///root/development.sqlite3 -c /usr/share/crawler-user-agents/crawler-user-agents.json"
+ARG ACCESS_LOGS_FLAGS="--database=sqlite3:///var/log/access_log.sqlite3 -c /usr/share/crawler-user-agents/crawler-user-agents.json"
 
 ENV ACCESS_LOGS_FLAGS=${ACCESS_LOGS_FLAGS}
 
@@ -17,7 +17,9 @@ RUN addgroup nginx ssl
 
 COPY ./monit.conf /etc/monit.d/nginx.conf
 COPY ./prometheusd.sh /usr/local/bin/prometheusd
+COPY ./access_logd.sh /usr/bin/access_logd
 COPY ./nginx /etc/nginx
+COPY ./access_log.sqlite3 /var/lib/access_log.sqlite3
 
 # Install modules after rewriting /etc/nginx
 RUN apk add --no-cache nginx-mod-http-brotli nginx-mod-http-geoip2
@@ -27,6 +29,11 @@ RUN mv /etc/nginx/access_logd_`access_log -v`.conf /etc/nginx/access_logd.conf
 RUN chown -R nginx:nginx /etc/nginx
 RUN nginx -t
 
+# access_logd runs as nobody but the socket can be written to by nginx
+RUN delgroup nobody nobody
+RUN addgroup nobody www-data
+RUN chown nobody:www-data /var/lib/access_log.sqlite3
+
 # Shared configuration
 VOLUME /etc/nginx/sites
 VOLUME /etc/letsencrypt
diff --git a/access_log.sqlite3 b/access_log.sqlite3
new file mode 100644
index 0000000..21840f6
Binary files /dev/null and b/access_log.sqlite3 differ
diff --git a/access_logd.sh b/access_logd.sh
new file mode 100755
index 0000000..9739c18
--- /dev/null
+++ b/access_logd.sh
@@ -0,0 +1,13 @@
+#!/bin/sh
+
+# Fail if there are no options provided
+test -n "$ACCESS_LOGS_FLAGS" || exit 1
+
+# Give write access to Nginx
+umask 007
+
+# Copy default database
+install -m 640 /var/lib/access_log.sqlite3 /var/log/access_log.sqlite3
+
+# Read from fifo and load into database
+daemonize -p /run/access_logd.pid -u nobody /usr/bin/access_log $ACCESS_LOGS_FLAGS