diff --git a/.env.sample b/.env.sample
index 3525891e0291c4c6bc9d41942d20b3f4ea0452fe..5ba3054cd1ad6d07814b44db4cc6f6744517d238 100644
--- a/.env.sample
+++ b/.env.sample
@@ -10,5 +10,5 @@ DEV_PORT=8080
 DATA_PATH=./data/files
 UID=1000
 GID=1000
-DEFAULT_PERMS_DIR=755
-DEFAULT_PERMS_FILE=644
+UMASK=
+FILE_CREATION_SCRIPT=
diff --git a/Readme.md b/Readme.md
index 7e5e040b60e42bc79cf0ca49ba1b81fb56af3c44..5a51f5bd2db08d4122374ffbfdef7cef42050a84 100644
--- a/Readme.md
+++ b/Readme.md
@@ -8,3 +8,28 @@ docker-compose up -d
 
 
 The initial credentials are admin / admin please change them as soon as your are logged in.
+
+## Customisation
+
+### Run a command upon file creation
+
+If you which to run a commande upon file creation (or upload), you can add a custom script in `data/scripts/new_file.sh`, this script  **must** be executable, and **must** start with `/bin/sh` not `/bin/bash`.
+
+Then add to your `.env` :
+
+```
+FILE_CREATION_SCRIPT=/scripts/new_file.sh
+```
+
+It will be called each time a new file/directory is created with the file path as the first argument
+
+### Set default permissions
+
+It is possible to set a [umask](https://www.liquidweb.com/blog/what-is-umask-and-how-to-use-it-effectively/) on all files created but this is only compatible with filebrowser versions up to 2.27, so you must set in your `.env`
+
+```
+UMASK=007
+VERSION=v2.27.9
+```
+
+If you which that all new directories have permissions `770`  and files `660`
diff --git a/docker-compose.yml b/docker-compose.yml
index 36361c6b859a4cc0273e446fa7906b19c48dc052..20a4d5caf9536e4b924996534a3523aca3af1c9d 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -9,7 +9,8 @@ services:
     user: "${UID}:${GID}"
     volumes:
       - ./data/database.db:/database.db
+      - ./data/scripts:/scripts
       - ${DATA_PATH}:/srv
     environment:
-      DEFAULT_PERMS_DIR:
-      DEFAULT_PERMS_FILE:
+      FILE_CREATION_SCRIPT:
+      UMASK:
diff --git a/docker/Dockerfile b/docker/Dockerfile
index 2c384c442945949bab944f40a2590819f17aa555..8cd389092d9c98366ad72b74f20e40c3dc0110e4 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -1,6 +1,6 @@
 ARG VERSION=v2
 FROM filebrowser/filebrowser:${VERSION}
 COPY entrypoint.sh /
-RUN apk add inotify-tools
+RUN apk add inotify-tools shadow
 ENTRYPOINT '/entrypoint.sh'
 
diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh
index 38aabbfeadbe1e5f6daa226547a63786248824f1..30eeae31844156fa7785d08271cd315c7e100616 100755
--- a/docker/entrypoint.sh
+++ b/docker/entrypoint.sh
@@ -1,15 +1,18 @@
 #!/bin/sh
 
-set_perms() {
+callback_daemon() {
+    if [ -z "$FILE_CREATION_SCRIPT" ]; then
+        return
+    fi
     inotifywait --monitor --recursive --quiet --event create /srv --format "%w%f" | \
         while read f;do
-            if [ -d "$f" ]; then
-                chmod -R $DEFAULT_PERMS_DIR "$f"
-            else
-                chmod $DEFAULT_PERMS_FILE "$f"
-            fi
+            $FILE_CREATION_SCRIPT "$f"
         done
 }
-set_perms &
+if [ ! -z "$UMASK" ]; then
+    echo "Setting umask to $UMASK"
+    umask $UMASK
+fi
+callback_daemon &
 exec /filebrowser
 
diff --git a/init.sh b/init.sh
index f6508217309bdb1418c9cfca3ac9a085f18064a1..96f12c7878df87ce1b4ecf469a0b1448918f601f 100755
--- a/init.sh
+++ b/init.sh
@@ -2,5 +2,6 @@
 DIR=$(dirname $0)
 
 mkdir -p $DIR/data/files
+mkdir -p $DIR/data/scripts
 touch $DIR/data/database.db
 cp $DIR/.env.sample .env