diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index 43a25c7..b9abed4 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -3,7 +3,7 @@ name: 📦 Docker Image Build & Push
 on:
   push:
     branches:
-      - "**"
+      - "main"
 
 jobs:
   docker:
diff --git a/Dockerfile b/Dockerfile
index ccc42ad..b935d3e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,26 +1,41 @@
-ARG NODE_VERSION=20-alpine3.19@sha256:ef3f47741e161900ddd07addcaca7e76534a9205e4cd73b2ed091ba339004a75
+# syntax=docker.io/docker/dockerfile:1
+
+FROM node:18-alpine AS base
 
 # Install dependencies only when needed
-FROM node:$NODE_VERSION AS builder
-# hadolint ignore=DL3018
+FROM base AS deps
+# Check https://github.com/nodejs/docker-node/tree/b4117f9333da4138b03a546ec926ef50a31506c3#nodealpine to understand why libc6-compat might be needed.
 RUN apk add --no-cache libc6-compat
 WORKDIR /app
 
-COPY yarn.lock package.json ./
-RUN yarn  --immutable
+# Install dependencies based on the preferred package manager
+COPY package.json yarn.lock* package-lock.json* pnpm-lock.yaml* .npmrc* ./
+RUN \
+    if [ -f yarn.lock ]; then yarn --frozen-lockfile; \
+    elif [ -f package-lock.json ]; then npm ci; \
+    elif [ -f pnpm-lock.yaml ]; then corepack enable pnpm && pnpm i --frozen-lockfile; \
+    else echo "Lockfile not found." && exit 1; \
+    fi
+
+
+# Rebuild the source code only when needed
+FROM base AS builder
+WORKDIR /app
+COPY --from=deps /app/node_modules ./node_modules
 COPY . .
 
+# Next.js collects completely anonymous telemetry data about general usage.
+# Learn more here: https://nextjs.org/telemetry
+# Uncomment the following line in case you want to disable telemetry during the build.
+# ENV NEXT_TELEMETRY_DISABLED=1
+
+
 ARG PRODUCTION
 ENV PRODUCTION $PRODUCTION
 ARG GITHUB_SHA
 ENV GITHUB_SHA $GITHUB_SHA
-ARG NEXT_PUBLIC_SITE_URL
-ENV NEXT_PUBLIC_SITE_URL $NEXT_PUBLIC_SITE_URL
-
-ENV NODE_ENV production
-ENV NEXT_PUBLIC_BASE_PATH ""
+ENV NEXT_TELEMETRY_DISABLED 1
 
-WORKDIR /app
 
 RUN if [ -z "$PRODUCTION" ]; then \
     echo "Overriding .env for staging"; \
@@ -28,5 +43,41 @@ RUN if [ -z "$PRODUCTION" ]; then \
     fi && \
     yarn build
 
-# Disable nextjs telemetry
+
+RUN \
+    if [ -f yarn.lock ]; then yarn run build; \
+    elif [ -f package-lock.json ]; then npm run build; \
+    elif [ -f pnpm-lock.yaml ]; then corepack enable pnpm && pnpm run build; \
+    else echo "Lockfile not found." && exit 1; \
+    fi
+
+# Production image, copy all the files and run next
+FROM base AS runner
+WORKDIR /app
+
+ENV NODE_ENV=production
+# Uncomment the following line in case you want to disable telemetry during runtime.
+# ENV NEXT_TELEMETRY_DISABLED=1
+
+RUN addgroup --system --gid 1001 nodejs
+RUN adduser --system --uid 1001 nextjs
+
+COPY --from=builder /app/public ./public
+
+# Automatically leverage output traces to reduce image size
+# https://nextjs.org/docs/advanced-features/output-file-tracing
+COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./
+COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static
+
+USER nextjs
+
+EXPOSE 3000
+
+ENV PORT=3000
 ENV NEXT_TELEMETRY_DISABLED 1
+
+# server.js is created by next build from the standalone output
+# https://nextjs.org/docs/pages/api-reference/next-config-js/output
+ENV HOSTNAME="0.0.0.0"
+CMD ["node", "server.js"]
+
diff --git a/next.config.mjs b/next.config.mjs
index 336306f..a8c4c2b 100644
--- a/next.config.mjs
+++ b/next.config.mjs
@@ -19,6 +19,7 @@ const moduleExports = {
   basePath: process.env.NEXT_PUBLIC_BASE_PATH,
   pageExtensions: ["js", "jsx", "mdx", "ts", "tsx"],
   reactStrictMode: true,
+  output: "standalone",
   experimental: {
     serverActions: {
       bodySizeLimit: "10mb",