diff --git a/docker-compose.yml b/docker-compose.yml
index af17cad..8a551c0 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -55,7 +55,6 @@ services:
     restart: unless-stopped
     ports:
       - "19010:9000"   # 외부 노출 필요 없으면 내부만 (리버스프록시로 /webhook만 노출 추천)
-    user: "${PUID}:${PGID}"
     environment:
       - WEBHOOK_SECRET=${WEBHOOK_SECRET}
     volumes:
diff --git a/scripts/deploy.sh b/scripts/deploy.sh
index 7f478c2..c666d2d 100644
--- a/scripts/deploy.sh
+++ b/scripts/deploy.sh
@@ -45,4 +45,18 @@ bash "$SRC/scripts/deploy-nas.sh"
 
 cd "$DST"
 docker-compose up -d --build backend travel-proxy frontend
+
+# [Permission Fix]
+# deployer가 root로 돌면서 생성한 파일들의 소유권을 호스트 사용자로 변경
+# .env에 정의된 PUID:PGID가 있으면 사용, 없으면 1000:1000
+TARGET_UID=$(grep PUID .env | cut -d '=' -f2 || echo 1000)
+TARGET_GID=$(grep PGID .env | cut -d '=' -f2 || echo 1000)
+
+echo "Fixing permissions to $TARGET_UID:$TARGET_GID ..."
+chown -R "$TARGET_UID:$TARGET_GID" "$DST" || true
+# Repo 쪽도 혹시 모르니
+if [ "$SRC" != "$DST" ]; then
+  chown -R "$TARGET_UID:$TARGET_GID" "$SRC" || true
+fi
+
 echo "DEPLOY_OK $TAG"