diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 00000000..7f517c78
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,30 @@
+# setup build image
+FROM golang:1.11 AS build
+
+# build Gophish binary
+WORKDIR /build/gophish
+COPY . .
+RUN go get -d -v ./...
+RUN go build
+
+
+# setup run image
+FROM debian:stable-slim
+
+RUN apt-get update && \
+    apt-get install --no-install-recommends -y \
+    jq && \
+    apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+# copy Gophish assets from the build image
+WORKDIR /gophish
+COPY --from=build /build/gophish/ /gophish/
+RUN chmod +x gophish
+
+# expose the admin port to the host
+RUN sed -i 's/127.0.0.1/0.0.0.0/g' config.json
+
+# expose default ports
+EXPOSE 80 443 3333
+
+CMD ["./docker/run.sh"]
diff --git a/docker/run.sh b/docker/run.sh
new file mode 100755
index 00000000..07e072d8
--- /dev/null
+++ b/docker/run.sh
@@ -0,0 +1,66 @@
+#!/bin/bash
+
+# set config for admin_server
+if [ -n "${ADMIN_LISTEN_URL+set}" ] ; then
+    jq -r \
+        --arg ADMIN_LISTEN_URL "${ADMIN_LISTEN_URL}" \
+        '.admin_server.listen_url = $ADMIN_LISTEN_URL' config.json > config.json.tmp && \
+        mv config.json.tmp config.json
+fi
+if [ -n "${ADMIN_USE_TLS+set}" ] ; then
+    jq -r \
+        --argjson ADMIN_USE_TLS "${ADMIN_USE_TLS}" \
+        '.admin_server.use_tls = $ADMIN_USE_TLS' config.json > config.json.tmp && \
+        mv config.json.tmp config.json
+fi
+if [ -n "${ADMIN_CERT_PATH+set}" ] ; then
+    jq -r \
+        --arg ADMIN_CERT_PATH "${ADMIN_CERT_PATH}" \
+        '.admin_server.cert_path = $ADMIN_CERT_PATH' config.json > config.json.tmp && \
+        mv config.json.tmp config.json
+fi
+if [ -n "${ADMIN_KEY_PATH+set}" ] ; then
+    jq -r \
+        --arg ADMIN_KEY_PATH "${ADMIN_KEY_PATH}" \
+        '.admin_server.key_path = $ADMIN_KEY_PATH' config.json > config.json.tmp && \
+        mv config.json.tmp config.json
+fi
+
+# set config for phish_server
+if [ -n "${PHISH_LISTEN_URL+set}" ] ; then
+    jq -r \
+        --arg PHISH_LISTEN_URL "${PHISH_LISTEN_URL}" \
+        '.phish_server.listen_url = $PHISH_LISTEN_URL' config.json > config.json.tmp && \
+        mv config.json.tmp config.json
+fi
+if [ -n "${PHISH_USE_TLS+set}" ] ; then
+    jq -r \
+        --argjson PHISH_USE_TLS "${PHISH_USE_TLS}" \
+        '.phish_server.use_tls = $PHISH_USE_TLS' config.json > config.json.tmp && \
+        mv config.json.tmp config.json
+fi
+if [ -n "${PHISH_CERT_PATH+set}" ] ; then
+    jq -r \
+        --arg PHISH_CERT_PATH "${PHISH_CERT_PATH}" \
+        '.phish_server.cert_path = $PHISH_CERT_PATH' config.json > config.json.tmp && \
+        mv config.json.tmp config.json
+fi
+if [ -n "${PHISH_KEY_PATH+set}" ] ; then
+    jq -r \
+        --arg PHISH_KEY_PATH "${PHISH_KEY_PATH}" \
+        '.phish_server.key_path = $PHISH_KEY_PATH' config.json > config.json.tmp && \
+        mv config.json.tmp config.json
+fi
+
+# set contact_address
+if [ -n "${CONTACT_ADDRESS+set}" ] ; then
+    jq -r \
+        --arg CONTACT_ADDRESS "${CONTACT_ADDRESS}" \
+        '.contact_address = $CONTACT_ADDRESS' config.json > config.json.tmp && \
+        mv config.json.tmp config.json
+fi
+
+cat config.json
+
+# start gophish
+./gophish