fix: qlc could not create temp files in docker container (#12875)

qlc uses file_sorter that puts temporary files in the working
directory by default, which is not writable by emqx user since
58d0f040569a2a9a20dcaf6351c6493127c2067a.

One of the consequences is that users cannot access retained messages
from the dashboard, but there are likely other issues as well.

This patch fixes this by making /opt/emqx directory owned by emqx:emqx.

deploy/docker/Dockerfile

@@ -47,18 +47,19 @@ ENV LC_ALL=C.UTF-8
 ENV LANG=C.UTF-8
 
 COPY deploy/docker/docker-entrypoint.sh /usr/bin/
-COPY --from=builder /emqx-rel /opt/
 
 RUN set -eu; \
     apt-get update; \
     apt-get install -y --no-install-recommends ca-certificates procps $(echo "${EXTRA_DEPS}" | tr ',' ' '); \
     rm -rf /var/lib/apt/lists/*; \
-    find /opt/emqx -name 'swagger*.js.map' -exec rm {} +; \
-    ln -s /opt/emqx/bin/* /usr/local/bin/; \
     groupadd -r -g 1000 emqx; \
-    useradd -r -m -u 1000 -g emqx emqx; \
-    mkdir -p /opt/emqx/log /opt/emqx/data /opt/emqx/plugins; \
-    chown -R emqx:emqx /opt/emqx/log /opt/emqx/data /opt/emqx/plugins
+    useradd -r -m -u 1000 -g emqx emqx;
+
+COPY --from=builder --chown=emqx:emqx /emqx-rel /opt/
+
+RUN set -eu; \
+    find /opt/emqx -name 'swagger*.js.map' -exec rm {} +; \
+    ln -s /opt/emqx/bin/* /usr/local/bin/;
 
 WORKDIR /opt/emqx