diff --git a/Dockerfile b/Dockerfile
index 45c64fa..89d2df1 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,17 +1,51 @@
-FROM imbios/bun-node:20-slim
+FROM imbios/bun-node:22-slim AS base
+
+# Install dependencies only when needed
+FROM base AS deps
 
 WORKDIR /app
 
+# Install dependencies
 COPY package.json bun.lockb ./
+RUN bun install  --frozen-lockfile
 
-RUN bun install --production --frozen-lockfile
-
+# Rebuild the source code only when needed
+FROM base AS builder
+WORKDIR /app
+COPY --from=deps /app/node_modules ./node_modules
 COPY . .
 
+# Disable telemetry during the build
+ENV NEXT_TELEMETRY_DISABLED=1
 ENV SKIP_ENV_VALIDATION=true
+
+# Build the application
+RUN bunx next build
+
+
+# Production image, copy all the files and run next
+FROM base AS runner
+WORKDIR /app
+
 ENV NODE_ENV=production
-RUN bun run build
+ENV NEXT_TELEMETRY_DISABLED=1
+ENV SKIP_ENV_VALIDATION=true
+
+RUN addgroup --system --gid 1002 nodejs && \
+  adduser --system --uid 1002 nextjs
+
+COPY --from=builder /app/public ./public
+
+# Set the correct permission for prerender cache
+RUN mkdir .next && chown nextjs:nodejs .next
+
+# Automatically leverage output traces to reduce image size
+COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./
+COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static
+
+USER nextjs
 
 EXPOSE 3000
 
-ENTRYPOINT [ "bun", "run", "start" ]
+# server.js is created by next build from the standalone output
+CMD ["bun", "run", "server.js"]
diff --git a/package.json b/package.json
index 61d917a..d451399 100644
--- a/package.json
+++ b/package.json
@@ -4,7 +4,7 @@
   "private": true,
   "type": "module",
   "scripts": {
-    "prepare": "lefthook install",
+    "prepare": "if [ \"$NODE_ENV\" != \"production\" ]; then lefthook install; fi",
     "postbuild": "next-sitemap",
     "prebuild": "next telemetry disable",
     "build": "next build",