diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000000000000000000000000000000000000..2efb4ba6f6302c00492bb514760f286e38ccbccc
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,2 @@
+README.md 
+Makefile
diff --git a/Dockerfile b/Dockerfile
index 7eb2eee4d0c8267caef6cad26512f90b755156a4..b9ef61a6507d4570641cb95e6a156500b53a0c9c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,5 @@
-FROM alpine:latest AS builder
+ARG BASE=alpine:latest
+FROM $BASE AS builder
 
 RUN apk add --no-cache \
   cmake \
@@ -9,8 +10,8 @@ RUN apk add --no-cache \
   git \
   icu-dev \
   icu-libs \
-  libressl \
-  libressl-dev \
+  openssl \
+  openssl-dev \
   openldap-dev \
   make \
   paxmark \
@@ -38,13 +39,13 @@ RUN mkdir /quassel/build && \
 RUN cd /quassel/build && \
     make && \
     make install && \
-     paxmark -m /quassel/install/bin/quasselcore
+    paxmark -m /quassel/install/bin/quasselcore
 
-FROM alpine:latest
+FROM $BASE
 
 RUN apk add --no-cache \
   icu-libs \
-  libressl \
+  openssl \
   qt5-qtbase \
   qt5-qtscript \
   qt5-qtbase-postgresql \
@@ -52,7 +53,13 @@ RUN apk add --no-cache \
 
 COPY --from=builder /quassel/install/bin /usr/bin/
 
+RUN addgroup -g 1000 -S quassel && \
+    adduser -S -G quassel -u 1000 -s /bin/bash -h /quassel quassel
+USER quassel
+VOLUME /quassel/
+
 EXPOSE 4242/tcp
+EXPOSE 10113/tcp
 
 ENV DB_BACKEND="SQLite"
 ENV AUTH_AUTHENTICATOR="Database"
@@ -69,4 +76,4 @@ ENV AUTH_LDAP_BASE_DN=""
 ENV AUTH_LDAP_FILTER=""
 ENV AUTH_LDAP_UID_ATTRIBUTE="uid"
 
-ENTRYPOINT ["quasselcore", "--config-from-environment"]
+ENTRYPOINT ["quasselcore", "--configdir", "/quassel", "--config-from-environment"]
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000000000000000000000000000000000000..cd3204fb224582d53e2e44a3d1b0be23431a792d
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,30 @@
+NAME=k8r.eu/justjanne/quassel-docker
+QUASSEL_VERSION=v0.13.1
+ALPINE_VERSION=3.9
+
+.PHONY: build
+build: build_x86 build_arm64v8 build_arm32v6
+
+.PHONY: build_x86
+build_x86: Dockerfile
+	docker build -t $(NAME):$(QUASSEL_VERSION) --build-arg BASE=alpine:$(ALPINE_VERSION) .
+	docker tag $(NAME):$(QUASSEL_VERSION) $(NAME):latest
+
+.PHONY: build_arm64v8
+build_arm64v8: Dockerfile
+	docker build -t $(NAME):$(QUASSEL_VERSION)-arm64v8 --build-arg BASE=multiarch/alpine:aarch64-v$(ALPINE_VERSION) .
+	docker tag $(NAME):$(QUASSEL_VERSION)-arm64v8 $(NAME):arm64v8
+
+.PHONY: build_arm32v6
+build_arm32v6: Dockerfile
+	docker build -t $(NAME):$(QUASSEL_VERSION)-arm32v6 --build-arg BASE=multiarch/alpine:armhf-v$(ALPINE_VERSION) .
+	docker tag $(NAME):$(QUASSEL_VERSION)-arm32v6 $(NAME):arm32v6
+
+.PHONY: push
+push: push_x86 push_arm64v8 push_arm32v6
+	docker push $(NAME):$(QUASSEL_VERSION)
+	docker push $(NAME):latest
+	docker push $(NAME):$(QUASSEL_VERSION)-arm64v8
+	docker push $(NAME):arm64v8
+	docker push $(NAME):$(QUASSEL_VERSION)-arm32v6
+	docker push $(NAME):arm32v6
diff --git a/README.md b/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..8e7b2c671ffb078d37cbcbfe33fb88b595e2ec34
--- /dev/null
+++ b/README.md
@@ -0,0 +1,42 @@
+# Dockerimage for Quasselcore
+
+## Stateful usage (with UI Wizard)
+
+To use Quassel statefully (which allows you to configure the core on first use)
+run it with `--entrypoint=/usr/bin/quasselcore` and make sure to include
+`--configdir /quassel` as argument.
+
+If you use the core in this mode, you’ll have to make sure `/quassel` is stored
+on a volume.
+
+## Stateless usage
+
+By default, the core will be run in stateless mode, where it needs to be
+configured through environment arguments.
+
+`DB_BACKEND` defines the backend used for the database, this can be `SQLite` or
+`PostgreSQL`. In case `SQLite` is used, the database will be stored in
+`/root/.config/quassel-irc.org/quassel-storage.sqlite`. If `PostgreSQL` is used
+instead, these variables determine the connection details: `DB_PGSQL_USERNAME`,
+`DB_PGSQL_PASSWORD`, `DB_PGSQL_HOSTNAME`, `DB_PGSQL_PORT`, `DB_PGSQL_DATABASE`.
+
+`AUTH_AUTHENTICATOR` defines the backend used for authentication, this can be
+`Database` or `LDAP`. In case `LDAP` is used, the following environment
+variables determine the connection details: `AUTH_LDAP_HOSTNAME`,
+`AUTH_LDAP_PORT`, `AUTH_LDAP_BIND_DN`, `AUTH_LDAP_BIND_PASSWORD`,
+`AUTH_LDAP_BASE_DN`, `AUTH_LDAP_FILTER`, `AUTH_LDAP_UID_ATTRIBUTE`.
+
+## SSL
+
+You can use the core with SSL, in this case you should either put a
+`quasselCert.pem` file with the full certificate chain and private key into
+the `/quassel` volume, or you can use the `--ssl-cert` and `--ssl-key`
+arguments to use separate key and certificate.
+
+## Ports
+
+Per default, the container will listen on the port 4242 for connections.
+This can be configured with `--port` and `--listen`.
+
+If the `--ident-daemon` argument is passed, the ident daemon will additionally
+listen on 10113. You can configure this with `--ident-port`.