diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index b191a12c..7f715ca7 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -1,9 +1,11 @@
-name: goreleaser
+---
+name: release
 
 on:
   push:
     tags:
-      - "*" # triggers only if push new tag version
+      - "*"  # triggers only if push new tag version
+  workflow_dispatch:
 
 jobs:
   goreleaser:
@@ -27,4 +29,48 @@ jobs:
           version: latest
           args: release --rm-dist
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
\ No newline at end of file
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+  docker-release:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      -
+        name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v3
+        with:
+          # list of Docker images to use as base name for tags
+          images: |
+            ${{ secrets.DOCKERHUB_USERNAME }}/headscale
+            ghcr.io/${{ github.repository_owner }}/headscale
+          tags: |
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
+            type=sha
+      -
+        name: Login to DockerHub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      -
+        name: Login to GHCR
+        uses: docker/login-action@v1
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      -
+        name: Build and push
+        id: docker_build
+        uses: docker/build-push-action@v2
+        with:
+          push: true
+          context: .
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
diff --git a/.gitignore b/.gitignore
index 44bec691..95d758a7 100644
--- a/.gitignore
+++ b/.gitignore
@@ -20,4 +20,7 @@ config.json
 /db.sqlite
 *.sqlite3
 
+# Exclude Jetbrains Editors
+.idea
+
 test_output/ 
diff --git a/README.md b/README.md
index 712abe1a..f432c182 100644
--- a/README.md
+++ b/README.md
@@ -38,8 +38,16 @@ Suggestions/PRs welcomed!
 
 ## Running it
 
-1. Download the Headscale binary https://github.com/juanfont/headscale/releases, and place it somewhere in your PATH
- 
+1. Download the Headscale binary https://github.com/juanfont/headscale/releases, and place it somewhere in your PATH or use the docker container
+
+  ```shell
+  docker pull headscale/headscale:x.x.x
+  ```
+
+  or
+  ```shell
+  docker pull ghrc.io/juanfont/headscale:x.x.x
+  ```
 
 2. (Optional, you can also use SQLite) Get yourself a PostgreSQL DB running
 
@@ -64,11 +72,19 @@ Suggestions/PRs welcomed!
   ```shell
   headscale namespaces create myfirstnamespace
   ```
+  or docker:
+  ```shell
+  docker run -v ./private.key:/private.key -v ./config.json:/config.json headscale/headscale:x.x.x headscale namespace create myfirstnamespace
+  ```
 
 5. Run the server
   ```shell
   headscale serve
   ```
+  or docker:
+  ```shell
+  docker run -v $(pwd)/private.key:/private.key -v $(pwd)/config.json:/config.json -v $(pwd)/derb.yaml:/derb.yaml -p 127.0.0.1:8080:8080 headscale/headscale:x.x.x headscale serve
+  ```
 
 6. If you used tailscale.com before in your nodes, make sure you clear the tailscaled data folder
  ```shell
@@ -88,6 +104,10 @@ Suggestions/PRs welcomed!
   ```shell
   headscale -n myfirstnamespace node register YOURMACHINEKEY
   ```
+  or docker:
+  ```shell
+  docker run -v ./private.key:/private.key -v ./config.json:/config.json headscale/headscale:x.x.x headscale -n myfirstnamespace node register YOURMACHINEKEY
+  ```
 
 Alternatively, you can use Auth Keys to register your machines:
 
@@ -95,6 +115,10 @@ Alternatively, you can use Auth Keys to register your machines:
     ```shell
     headscale -n myfirstnamespace preauthkeys create --reusable --expiration 24h
     ```
+  or docker:
+  ```shell
+  docker run -v ./private.key:/private.key -v ./config.json:/config.json headscale/headscale:x.x.x headscale -n myfirstnamespace preauthkeys create --reusable --expiration 24h
+  ```
 
 2. Use the authkey from your machine to register it
    ```shell
diff --git a/k8s/README.md b/k8s/README.md
index 0f60794c..2f187abb 100644
--- a/k8s/README.md
+++ b/k8s/README.md
@@ -89,7 +89,6 @@ Use "headscale [command] --help" for more information about a command.
 
 # TODO / Ideas
 
-- Github action to publish the docker image
 - Interpolate `email:` option to the ClusterIssuer from site configuration.
   This probably needs to be done with a transformer, kustomize vars don't seem to work.
 - Add kustomize examples for cloud-native ingress, load balancer