diff --git a/Dockerfile.server b/Dockerfile.server
new file mode 100644
index 00000000..58cd771d
--- /dev/null
+++ b/Dockerfile.server
@@ -0,0 +1,90 @@
+FROM docker.io/library/rust:1.81.0-bullseye as builder
+
+# Install build dependencies
+RUN apt-get update && apt-get install -y \
+    build-essential \
+    libssl-dev \
+    pkg-config \
+    cmake \
+    && rm -rf /var/lib/apt/lists/*
+
+# Set up working directory and copy everything
+WORKDIR /veilid
+COPY . .
+
+# Build veilid-server and veilid-cli
+RUN cargo build --release --bin veilid-server && \
+    cargo build --release --bin veilid-cli
+
+# Create a minimal runtime image
+FROM debian:bullseye-slim
+
+# Install runtime dependencies
+RUN apt-get update && apt-get install -y \
+    ca-certificates \
+    libssl1.1 \
+    && rm -rf /var/lib/apt/lists/*
+
+# Create veilid user and directories
+RUN groupadd -r veilid && useradd -r -g veilid veilid
+RUN mkdir -p /etc/veilid-server /var/db/veilid-server/protected_store /var/db/veilid-server/table_store /var/db/veilid-server/block_store /var/db/veilid-server/ipc /var/log/veilid /home/veilid/.veilid-cli
+RUN chown -R veilid:veilid /var/db/veilid-server /var/log/veilid /etc/veilid-server /home/veilid/.veilid-cli
+RUN chmod 750 /var/db/veilid-server/protected_store /var/db/veilid-server/table_store /var/db/veilid-server/block_store /var/db/veilid-server/ipc /var/db/veilid-server /var/log/veilid
+
+# Copy the compiled binaries from builder stage
+COPY --from=builder /veilid/target/release/veilid-server /usr/bin/
+COPY --from=builder /veilid/target/release/veilid-cli /usr/bin/
+RUN chmod 755 /usr/bin/veilid-server /usr/bin/veilid-cli
+
+# Copy the docker configuration file
+COPY docker-config/veilid-server-docker.conf /etc/veilid-server/veilid-server.conf
+
+# Set up veilid-cli environment for the veilid user
+RUN echo "client_api:" > /home/veilid/.veilid-cli/config && \
+    echo "  address: '127.0.0.1:5959'" >> /home/veilid/.veilid-cli/config && \
+    chown -R veilid:veilid /home/veilid/.veilid-cli && \
+    chmod -R 755 /home/veilid/.veilid-cli
+
+# Make sure all necessary directories are writable by the veilid user
+RUN chmod 1777 /tmp && \
+    chmod -R 1777 /var/db/veilid-server/ipc && \
+    mkdir -p /var/db/veilid-cli && \
+    mkdir -p /home/veilid/.veilid-cli && \
+    mkdir -p /home/veilid/.config/veilid-cli && \
+    mkdir -p /home/veilid/.cache && \
+    mkdir -p /home/veilid/.local/share && \
+    mkdir -p /var/run/user/$(id -u veilid) && \
+    chown -R veilid:veilid /var/db/veilid-cli /home/veilid /var/run/user/$(id -u veilid) && \
+    chmod -R 777 /var/db/veilid-cli /home/veilid/.veilid-cli /home/veilid/.config /home/veilid/.cache /home/veilid/.local /var/run/user/$(id -u veilid)
+
+# Expose the default ports for veilid
+EXPOSE 5150/tcp 5150/udp 5959/tcp
+
+# Add healthcheck using veilid-cli to check server status
+# Using veilid-cli -e to execute the nodeid command and verify output
+# Added a 60 second startup period to allow the server to initialize fully
+HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \
+    CMD HOME=/home/veilid \
+        XDG_CONFIG_HOME=/home/veilid/.config \
+        XDG_CACHE_HOME=/home/veilid/.cache \
+        XDG_DATA_HOME=/home/veilid/.local/share \
+        XDG_RUNTIME_DIR=/var/run/user/$(id -u veilid) \
+        VEILID_CLI_CONFIG_DIR=/home/veilid/.veilid-cli \
+        veilid-cli -e nodeid | grep -q "VLD0:" || exit 1
+
+# Create volume mount points for persistent data and configuration
+VOLUME ["/var/db/veilid-server/protected_store", "/var/db/veilid-server/table_store", "/var/db/veilid-server/block_store", "/var/log/veilid", "/etc/veilid-server", "/var/db/veilid-cli"]
+
+# Set environment variables for veilid-cli
+ENV HOME=/home/veilid \
+    XDG_CONFIG_HOME=/home/veilid/.config \
+    XDG_CACHE_HOME=/home/veilid/.cache \
+    XDG_DATA_HOME=/home/veilid/.local/share \
+    XDG_RUNTIME_DIR=/var/run/user/$(id -u veilid) \
+    VEILID_CLI_CONFIG_DIR=/home/veilid/.veilid-cli
+
+# Switch to non-root user
+USER veilid
+
+# Command to run
+CMD ["veilid-server", "-c", "/etc/veilid-server/veilid-server.conf"]
\ No newline at end of file
diff --git a/docker-config/veilid-server-docker.conf b/docker-config/veilid-server-docker.conf
new file mode 100644
index 00000000..01d77f17
--- /dev/null
+++ b/docker-config/veilid-server-docker.conf
@@ -0,0 +1,60 @@
+# Veilid Server Docker Configuration
+# ===============================
+#
+# This is a Docker-specific configuration for veilid-server
+# Optimized for containerized deployment
+#
+# -----------------------------------------------------------
+
+---
+daemon:
+  enabled: false
+client_api:
+  ipc_enabled: true
+  ipc_directory: '/var/db/veilid-server/ipc'
+  network_enabled: true
+  listen_address: '0.0.0.0:5959'
+auto_attach: true
+logging:
+  system:
+    enabled: false
+    level: info
+    ignore_log_targets: []
+  terminal:
+    enabled: true
+    level: info
+    ignore_log_targets: []
+  file:
+    enabled: true
+    path: '/var/log/veilid/veilid-server.log'
+    append: true
+    level: info
+    ignore_log_targets: []
+  api:
+    enabled: true
+    level: info
+    ignore_log_targets: []
+testing:
+  subnode_index: 0
+core:
+  protected_store:
+    allow_insecure_fallback: true
+    always_use_insecure_storage: true
+    directory: '/var/db/veilid-server/protected_store'
+    delete: false
+  table_store:
+    directory: '/var/db/veilid-server/table_store'
+    delete: false
+  block_store:
+    directory: '/var/db/veilid-server/block_store'
+    delete: false
+  network:
+    protocol:
+      udp:
+        listen_address: ':5150'
+      tcp:
+        listen_address: ':5150'
+      ws:
+        listen_address: ':5150'
+      wss:
+        listen_address: ':5150'
\ No newline at end of file