diff --git a/.forgejo/workflows/docker-publish.yml b/.forgejo/workflows/docker-publish.yml
new file mode 100644
index 0000000..91d3725
--- /dev/null
+++ b/.forgejo/workflows/docker-publish.yml
@@ -0,0 +1,73 @@
+name: Build and Push Docker Image
+
+# Controls when the workflow will run
+on:
+  push:
+    branches:
+      - main        # Run on pushes to the main branch
+    tags:
+      - 'v*.*.*'    # Run on pushes of tags like v1.0.0, v1.2.3 etc.
+
+# Environment variables available to all jobs and steps in the workflow
+env:
+  # Use the Forgejo instance URL directly from the context
+  REGISTRY: ${{ forgejo.instance }}
+  # Construct the base image name using owner and repo name
+  IMAGE_BASE_NAME: ${{ forgejo.repository_owner }}/${{ forgejo.repository }}
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest # Or specify your preferred runner type that has Docker
+    permissions: # Needed for the action to interact with the registry
+      contents: read
+      packages: write # Required to push to the container registry
+
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0 # Fetches all history for all tags and branches - needed for metadata action
+
+      # Optional: Set up QEMU for multi-platform builds (if needed)
+      # - name: Set up QEMU
+      #   uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        id: buildx # Step ID for referencing outputs
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to Forgejo Container Registry
+        # Uses the automatically generated FORGEJO_TOKEN for authentication
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ forgejo.actor }}      # The user/actor that triggered the workflow
+          password: ${{ secrets.FORGEJO_TOKEN }} # Built-in secret provided by Forgejo Actions
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta # Step ID for referencing outputs
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_BASE_NAME }}
+          # Defines tagging strategy based on the event that triggered the workflow
+          tags: |
+            # tag latest for default branch (e.g., main)
+            type=raw,value=latest,enable=${{ forgejo.ref == format('refs/heads/{0}', 'main') }}
+            # tag with the git branch name if it's a branch push
+            type=ref,event=branch
+            # tag with the git tag name if it's a tag push (e.g., v1.0.0)
+            type=ref,event=tag
+            # tag with the short git SHA
+            type=sha,format=short
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: .              # Build context is the repository root
+          file: ./Dockerfile      # Path to your Dockerfile (default)
+          # platforms: linux/amd64,linux/arm64 # Uncomment for multi-platform builds (requires QEMU step)
+          push: true              # Push the image after building
+          tags: ${{ steps.meta.outputs.tags }}    # Use tags generated by the metadata step
+          labels: ${{ steps.meta.outputs.labels }}  # Add labels generated by the metadata step
+          cache-from: type=gha    # Enable build cache using GitHub Actions cache (works with Forgejo too)
+          cache-to: type=gha,mode=max
\ No newline at end of file