diff --git a/.gitea/workflows/build-image.yml b/.gitea/workflows/build-image.yml
new file mode 100644
index 0000000..763446d
--- /dev/null
+++ b/.gitea/workflows/build-image.yml
@@ -0,0 +1,32 @@
+name: Build image
+on:
+  push:
+    tags:
+      - 'v*'
+jobs:
+  build-image:
+    container:
+      image: catthehacker/ubuntu:act-latest
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v4
+        # Required for installing nix
+      - name: Install sudo
+        run: apt-get update && apt-get install -y sudo
+      - name: Install Nix
+        uses: cachix/install-nix-action@v31
+        with:
+          enable_kvm: false
+      - name: Get image meta
+        run: nix build .#image-meta -o image-meta
+      - name: Version check
+        run: |
+          VERSION=$(cat image-meta/version)
+          [ "$GITHUB_REF_NAME" = v"$VERSION" ]
+      - name: Build image
+        run: nix build .#image -o image.tar.gz
+      - run: docker login -u paul -p "$PASSWORD" git.pbrinkmeier.de
+        env:
+          PASSWORD: "${{ secrets.REGISTRY_PASSWORD }}"
+      - run: docker load < image.tar.gz
+      - run: docker image push $(cat image-meta/name)
diff --git a/flake.nix b/flake.nix
index 912a63f..7f132a2 100644
--- a/flake.nix
+++ b/flake.nix
@@ -39,7 +39,12 @@
     };
     packages.${system} = {
       default = vrnp-static;
-      docker = pkgs.dockerTools.buildImage {
+      image-meta = pkgs.runCommand "vrnp-version" {} ''
+        mkdir -p $out
+        echo -n ${vrnp-static.version} > $out/version
+        echo -n git.pbrinkmeier.de/paul/vrnp:${vrnp-static.version} > $out/name
+      '';
+      image = pkgs.dockerTools.buildImage {
         name = "git.pbrinkmeier.de/paul/vrnp";
         tag = vrnp-static.version;
         copyToRoot = pkgs.buildEnv {