diff --git a/images/docker-openvscode-server.md b/images/docker-openvscode-server.md
index 7b0d15e9e4..9d0eed5b4f 100755
--- a/images/docker-openvscode-server.md
+++ b/images/docker-openvscode-server.md
@@ -74,6 +74,8 @@ services:
       - TZ=Europe/London
       - CONNECTION_TOKEN=supersecrettoken #optional
       - CONNECTION_SECRET= #optional
+      - SUDO_PASSWORD=password #optional
+      - SUDO_PASSWORD_HASH= #optional
     volumes:
       - /path/to/appdata/config:/config
     ports:
@@ -91,6 +93,8 @@ docker run -d \
   -e TZ=Europe/London \
   -e CONNECTION_TOKEN=supersecrettoken `#optional` \
   -e CONNECTION_SECRET= `#optional` \
+  -e SUDO_PASSWORD=password `#optional` \
+  -e SUDO_PASSWORD_HASH= `#optional` \
   -p 3000:3000 \
   -v /path/to/appdata/config:/config \
   --restart unless-stopped \
@@ -116,6 +120,8 @@ Docker images are configured using parameters passed at runtime (such as those a
 | `TZ=Europe/London` | Specify a timezone to use. |
 | `CONNECTION_TOKEN=supersecrettoken` | Optional security token for accessing the Web UI. |
 | `CONNECTION_SECRET=` | Optional path to a file inside the container that contains the security token for accessing the Web UI (ie. `/path/to/file`). Overrides `CONNECTION_TOKEN`. |
+| `SUDO_PASSWORD=password` | If this optional variable is set, user will have sudo access in the openvscode-server terminal with the specified password. |
+| `SUDO_PASSWORD_HASH=` | Optionally set sudo password via hash (takes priority over `SUDO_PASSWORD` var). Format is `$type$salt$hashed`. |
 
 ### Volume Mappings (`-v`)
 
@@ -177,6 +183,7 @@ We publish various [Docker Mods](https://github.com/linuxserver/docker-mods) to
 
 ## Versions
 
+* **30.11.21:** - Fix app folder permissions, add the optional sudo password vars.
 * **29.11.21:** - Create `.profile` and `.bashrc` for the user.
 * **29.11.21:** - Release `insiders` tag.
 * **28.11.21:** - Initial Release.