diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000..97c83f8
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,8 @@
+.git
+.github
+.dockerignore
+**/.gitignore
+**/*.md
+Dockerfile
+doc
+testdata
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..58f1fc1
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,13 @@
+FROM golang:alpine as builder
+
+WORKDIR /build
+COPY . .
+WORKDIR cmd/routedns
+RUN GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build
+
+FROM alpine:latest
+COPY --from=builder /build/cmd/routedns/routedns .
+COPY cmd/routedns/example-config/simple-dot-proxy.toml config.toml
+EXPOSE 53/tcp 53/udp
+ENTRYPOINT ["/routedns"]
+CMD ["config.toml"]
diff --git a/README.md b/README.md
index 878f51e..1641490 100644
--- a/README.md
+++ b/README.md
@@ -47,6 +47,28 @@ An example systemd service file is provided [here](cmd/routedns/routedns.service
 
 Example configuration files for a number of use-cases can be found [here](cmd/routedns/example-config)
 
+### Docker container
+
+A container is available on [Docker Hub](https://hub.docker.com/r/folbricht/routedns). It comes with a very basic configuration which is expected to be overwritten with a custom config file.
+
+Use the default config (simple DNS -> DoT proxy):
+
+```text
+docker run -d --rm --network host folbricht/routedns
+```
+
+Override the default configuration (`/config.toml`) with a config file on the host:
+
+```text
+docker run -d --rm --network host -v /path/to/config.toml:/config.toml folbricht/routedns
+```
+
+Listen on non-standard ports:
+
+```text
+docker run -d --rm -p 5353:53/udp -p 5353:53/tcp -v /path/to/config.toml:/config.toml folbricht/routedns
+```
+
 ## Configuration
 
 RouteDNS supports building complex DNS processing pipelines. A typically configuration would have one or more listeners to receive queries, several modifiers and routers to process the query (or responses), and then several resolvers that pass the query to upstream DNS services. See the [Configuration Guide](doc/configuration.md) for details on how to setup a pipeline.
diff --git a/cmd/routedns/example-config/doq-client-simple.toml b/cmd/routedns/example-config/doq-client-simple.toml
new file mode 100644
index 0000000..b641af4
--- /dev/null
+++ b/cmd/routedns/example-config/doq-client-simple.toml
@@ -0,0 +1,10 @@
+# Simple config using a public DoQ server
+
+[resolvers.adguard-doq]
+address = "dns-unfiltered.adguard.com:784"
+protocol = "doq"
+
+[listeners.local-udp]
+address = "127.0.0.1:53"
+protocol = "udp"
+resolver = "adguard-doq"
diff --git a/cmd/routedns/example-config/simple-dot-proxy.toml b/cmd/routedns/example-config/simple-dot-proxy.toml
new file mode 100644
index 0000000..dcd161c
--- /dev/null
+++ b/cmd/routedns/example-config/simple-dot-proxy.toml
@@ -0,0 +1,16 @@
+# Basic DNS proxy. Translate all plain DNS queries received on port 53
+# into DNS-over-TLS queries to Cloudflare's DNS server.
+
+[resolvers.cloudflare-dot]
+address = "1.1.1.1:853"
+protocol = "dot"
+
+[listeners.local-udp]
+address = ":53"
+protocol = "udp"
+resolver = "cloudflare-dot"
+
+[listeners.local-tcp]
+address = ":53"
+protocol = "tcp"
+resolver = "cloudflare-dot"