diff --git a/.github/workflows/build-and-push.yaml b/.github/workflows/build-and-push.yaml
new file mode 100644
index 00000000..d10f1299
--- /dev/null
+++ b/.github/workflows/build-and-push.yaml
@@ -0,0 +1,62 @@
+name: docker-build-and-push
+
+on:
+  push:
+    branches:
+      - 'main'
+  pull_request:
+    types:
+      - closed
+
+env:
+  # Use docker.io for Docker Hub if empty
+  REGISTRY: ghcr.io
+  # github.repository as <account>/<repo>
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  build:
+    if: |
+        github.event_name == 'pull_request' && github.event.pull_request.base.ref == 'main' && github.event.pull_request.merged == true ||
+        github.event_name == 'push' && github.ref == 'refs/heads/main'
+
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Set short SHA
+        id: sha
+        run: |
+          echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
+
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Log into registry ${{ env.REGISTRY }}
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      # Extract metadata (tags, labels) for Docker
+      # https://github.com/docker/metadata-action
+      - name: Extract Docker metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags:
+            type=raw,value=latest,enable=true
+
+      # Build and push Docker image with Buildx (don't push on PR)
+      # https://github.com/docker/build-push-action
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}            
\ No newline at end of file
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 00000000..20e27708
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,19 @@
+FROM node:18 as keycloakify_jar_builder
+RUN apt-get update && \
+    apt-get install -y openjdk-17-jdk && \
+    apt-get install -y maven;
+COPY ./package.json ./yarn.lock /opt/app/
+WORKDIR /opt/app
+RUN yarn install --frozen-lockfile
+COPY . /opt/app/
+RUN yarn build-keycloak-theme
+
+FROM docker.io/bitnami/keycloak:24.0.5-debian-12-r0 as builder
+WORKDIR /opt/bitnami/keycloak
+COPY --from=keycloakify_jar_builder /opt/app/dist_keycloak/keycloak-theme-for-kc-25-and-above.jar /opt/bitnami/keycloak/providers/
+RUN /opt/bitnami/keycloak/bin/kc.sh build
+
+FROM docker.io/bitnami/keycloak:24.0.5-debian-12-r0
+COPY --from=builder /opt/bitnami/keycloak /opt/bitnami/keycloak
+ENV KC_HOSTNAME=localhost
+ENTRYPOINT ["/opt/bitnami/keycloak/bin/kc.sh", "start-dev"]