diff --git a/.github/workflows/docker-dev.yml b/.github/workflows/docker-dev.yml
new file mode 100644
index 0000000..abdd28f
--- /dev/null
+++ b/.github/workflows/docker-dev.yml
@@ -0,0 +1,61 @@
+# "secondly-xxxx" tagged images, used by developers for quick tests, are extremely unstable.
+# Whenever any branch is updated, images are automatically built and pushed to image registry.
+
+name: Publish Docker image
+
+on: [push, pull_request]
+
+env:
+  # github.repository as <account>/<repo>
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  amd64:
+    name: AMD64
+    runs-on: ubuntu-latest
+    steps:
+      - name: Get current second
+        id: second
+        run: echo "::set-output name=second::$(date +'%Y-%m-%dT%H-%M-%S')"
+
+      - name: Show TAG_NAME
+        run: echo $TAG_NAME
+        env:
+          TAG_NAME: dev-${{ steps.second.outputs.second }}
+
+      -
+        name: Check out the repo
+        uses: actions/checkout@v3
+
+      -
+        name: Log in to Docker Hub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      -
+        name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: ${{ env.IMAGE_NAME }}
+          tags: |
+            type=raw,value=${{ env.TAG_NAME }}
+            type=ref,event=tag
+
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      -
+        name: Build and push Docker image
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          platforms: linux/amd64
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
\ No newline at end of file
diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
new file mode 100644
index 0000000..9148682
--- /dev/null
+++ b/.github/workflows/docker.yml
@@ -0,0 +1,95 @@
+name: Publish Docker image
+
+on:
+  workflow_dispatch:
+  release:
+    types: [published]
+
+env:
+  # github.repository as <account>/<repo>
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  amd64:
+    name: AMD64
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Check out the repo
+        uses: actions/checkout@v3
+      -
+        name: Log in to Docker Hub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+      
+      - 
+        name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: ${{ env.IMAGE_NAME }}
+          tags: |
+            type=raw,value=latest
+            type=ref,event=tag
+
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      -
+        name: Build and push Docker image
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          platforms: linux/amd64
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+
+  arm64:
+    name: ARM64
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Check out the repo
+        uses: actions/checkout@v3
+      -
+        name: Log in to Docker Hub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      -
+        name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: ${{ env.IMAGE_NAME }}
+          tags: |
+            type=raw,value=latest
+            type=ref,event=tag
+
+      -
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      -
+        name: Build and push Docker image
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          platforms: linux/arm64
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
diff --git a/Dockerfile b/Dockerfile
index 8ea5572..a9e0602 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,14 +1,25 @@
 # Build step
 FROM golang:1.20-alpine AS builder
-ENV GOPROXY=https://goproxy.cn,direct
-RUN mkdir -p /build
-WORKDIR /build
-COPY . .
-RUN go build -o app .
+
+COPY ${PWD} /app
+WORKDIR /app
+
+RUN go build -o appbin cmd/talk/main.go
 
 # Final step
 FROM alpine
-EXPOSE 8080
-EXPOSE 8081
-COPY --from=builder /build/app /bin/app
-ENTRYPOINT ["/bin/app"]
\ No newline at end of file
+
+# Following commands are for installing CA certs (for proper functioning of HTTPS and other TLS)
+RUN apk --update add ca-certificates && \
+    rm -rf /var/cache/apk/*
+
+RUN adduser -D appuser
+USER appuser
+
+COPY --from=builder /app /home/appuser/app
+
+WORKDIR /home/appuser/app
+
+EXPOSE 8000
+
+CMD ["./appbin"]
\ No newline at end of file