Helm Chart: containers should run as a non-root user

[artntek]

The nginx container hosting metacatui currently runs as root, which is bad practice, for security reasons.

This should be changed to a non-root user, preferably with podSecurityContext, so it also applies to the initContainers. This will require some re-work of initContainer scripts (Example: the get-source initcontainer relies on downloading a file to a directory in the container filesystem that is owned by root:

  wget -O ./$FILENAME $LOC/$FILENAME;

...which will fail if running as a different user, so we need to change that path)