diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000..142b36b
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,20 @@
+.git
+.github
+.venv
+venv
+__pycache__
+*.pyc
+.pytest_cache
+.mypy_cache
+.ruff_cache
+tests
+docs
+scans
+*.md
+!README.md
+.env
+.env.*
+screenshots/
+build_and_run.sh
+dockerbot_v2.py
+config/
diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index aad996d..cd2d87a 100755
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -1,47 +1,58 @@
-name: docker release
+name: Docker Build
 
 on:
   workflow_dispatch:
-  release:
-    types: [ published ]
-
+    inputs:
+      version:
+        description: "Version (leave blank to auto-compute YYYY.M.PATCH)"
+        required: false
 
 jobs:
   docker:
     runs-on: ubuntu-latest
+    permissions:
+      contents: write
     steps:
-      -
-        name: Checkout
-        uses: actions/checkout@v2
-      -
-        name: Set up QEMU
-        uses: docker/setup-qemu-action@v1
-      -
-        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
-      -
-        name: Login to DockerHub
-        uses: docker/login-action@v1 
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Resolve version
+        id: version
+        run: |
+          if [ -n "${{ github.event.inputs.version }}" ]; then
+            VERSION="${{ github.event.inputs.version }}"
+          else
+            VERSION="$(./scripts/next-version.sh)"
+          fi
+          echo "version=${VERSION}" >> "$GITHUB_OUTPUT"
+
+      - name: Create and push tag
+        run: |
+          git config user.name  "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+          git tag "${{ steps.version.outputs.version }}"
+          git push origin "${{ steps.version.outputs.version }}"
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
-      
-      - name: Get current date
-        id: getDate
-        run: echo "::set-output name=date::$(date +'%Y-%m-%d')"
-
-      - name: Get semantic version from file
-        id: getSemver
-        run: echo "::set-output name=semver::$(cat VERSION | tr -d ' \t\n\r' )"
-
-      
-      -
-        name: Build and push
-        uses: docker/build-push-action@v2
+
+      - name: Build and push
+        uses: docker/build-push-action@v5
         with:
           context: .
           platforms: linux/amd64,linux/arm64,linux/arm/v7
           push: true
           tags: |
-            techblog/dockerbot-trainer:latest
-            techblog/dockerbot-trainer:${{ steps.getSemver.outputs.semver }}
+            ${{ secrets.DOCKERHUB_USERNAME }}/dockerbot:latest
+            ${{ secrets.DOCKERHUB_USERNAME }}/dockerbot:${{ steps.version.outputs.version }}
diff --git a/Dockerfile b/Dockerfile
index 4f4a404..d826b59 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,36 +1,24 @@
-FROM ubuntu:24.10
+FROM python:3.12-slim
 
 LABEL maintainer="tomer.klein@gmail.com"
 
-# Install required system dependencies
-RUN apt update -yqq && \
-    apt install -yqq python3 \
-                    python3-pip \
-                    curl \
-                    wget \
-                    speedtest-cli \
-                    --no-install-recommends && \
-    apt clean && \
-    rm -rf /var/lib/apt/lists/*
+ENV API_KEY="" \
+    ALLOWED_IDS="" \
+    PYTHONDONTWRITEBYTECODE=1 \
+    PYTHONUNBUFFERED=1 \
+    PIP_NO_CACHE_DIR=1 \
+    PIP_DISABLE_PIP_VERSION_CHECK=1
 
-# Set environment variables
-ENV API_KEY ""
-ENV PYTHONDONTWRITEBYTECODE=1
-ENV PYTHONUNBUFFERED=1
+# curl is used by ip_command at runtime
+RUN apt-get update && apt-get install -y --no-install-recommends \
+      curl \
+    && rm -rf /var/lib/apt/lists/*
 
-# Create working directory
 WORKDIR /opt/dockerbot
 
-# Copy requirements and install Python dependencies
 COPY requirements.txt .
-RUN pip3 install --no-cache-dir --upgrade pip && \
-    pip3 install --no-cache-dir -r requirements.txt
+RUN pip install --no-cache-dir -r requirements.txt
 
-# Install speedtest-cli script
-RUN wget https://raw.githubusercontent.com/sivel/speedtest-cli/v2.1.3/speedtest.py -O /usr/local/lib/python3.12/site-packages/speedtest.py
-
-# Copy application code
 COPY dockerbot.py .
 
-# Run the application
 CMD ["python3", "dockerbot.py"]
diff --git a/requirements.txt b/requirements.txt
index 771a53f..0c011b5 100755
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,5 +1,6 @@
 docker
 python-telegram-bot==13.15
+speedtest-cli
 aiohttp>=3.9.0 # not directly required, pinned by Snyk to avoid a vulnerability
 urllib3>=2.2.2 # not directly required, pinned by Snyk to avoid a vulnerability
 requests>=2.32.4 # not directly required, pinned by Snyk to avoid a vulnerability
diff --git a/scripts/next-version.sh b/scripts/next-version.sh
new file mode 100755
index 0000000..1c77319
--- /dev/null
+++ b/scripts/next-version.sh
@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+set -euo pipefail
+TODAY="$(date +%Y.%-m)"
+LATEST="$(git tag --list "${TODAY}.*" 2>/dev/null | sort -V | tail -1)"
+if [ -z "$LATEST" ]; then echo "${TODAY}.0";
+else PATCH="${LATEST##*.}"; echo "${TODAY}.$((PATCH + 1))"; fi