diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml
new file mode 100644
index 000000000..84415579f
--- /dev/null
+++ b/.github/workflows/docker-image.yml
@@ -0,0 +1,41 @@
+name: Docker Image CI
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+
+permissions: 
+  packages: write
+  
+jobs:
+
+  build:
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      -
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+      - name: Docker Login
+        # You may pin to the exact commit or the version.
+        # uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a
+        uses: docker/login-action@v2.1.0
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Build and push
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: ghcr.io/${{ github.repository_owner }}/esmd:latest
diff --git a/Dockerfile b/Dockerfile
index 9407b091b..fde10398d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,14 +1,28 @@
+# syntax=docker/dockerfile:1
 FROM golang:1.18 AS build
 
+WORKDIR /app
+COPY . .
 RUN apt-get update -y && apt-get install -y xz-utils
-RUN useradd -u 1000 -m esm
-RUN mkdir /esm && chown esm:esm /esm
-RUN git clone https://github.com/esm-dev/esm.sh /esm/esm.sh
-RUN git checkout v124
+RUN go build -o /esmd
 
-USER esm
-WORKDIR /esm
-RUN go build -o bin/esmd esm.sh/main.go
+FROM node:18-alpine3.16
+ENV USER_ID=65535
+ENV GROUP_ID=65535
+ENV USER_NAME=esm
+ENV GROUP_NAME=esm
 
-RUN echo "{\"port\":80,\"workDir\":\"/esm\"}" >> /esm/config.json
-ENTRYPOINT ["/esm/bin/esmd", "--config", "config.json"]
+RUN apk add --no-cache libc6-compat xz
+RUN addgroup -g $GROUP_ID $GROUP_NAME && \
+    adduser --shell /sbin/nologin --disabled-password \
+    --uid $USER_ID --ingroup $GROUP_NAME $USER_NAME
+RUN mkdir -p /usr/local/lib && chown -R $USER_NAME:$GROUP_NAME /usr/local
+
+USER $USER_NAME
+
+WORKDIR /home/esm
+COPY --from=build /esmd /home/esm/esmd
+
+RUN echo "{\"port\":80,\"workDir\":\"/home/esm/workdir\"}" >> /home/esm/config.json
+
+ENTRYPOINT ["/home/esm/esmd", "--config", "config.json"]