diff --git a/docker/webhook_bridge/Dockerfile b/docker/webhook_bridge/Dockerfile
index 1999cf3..503d53c 100644
--- a/docker/webhook_bridge/Dockerfile
+++ b/docker/webhook_bridge/Dockerfile
@@ -1,18 +1,36 @@
-# syntax=docker/dockerfile:1
-ARG ALPINE_VERSION="3.20"
+#
+# Builder
+#
 
-FROM rustlang/rust:nightly-alpine$ALPINE_VERSION AS builder
+FROM nixos/nix:latest AS builder
 
-RUN apk add --no-cache musl-dev pkgconfig libressl-dev
+COPY . /tmp/build
+WORKDIR /tmp/build
 
-RUN mkdir /source
-WORKDIR /source
-COPY --link . .
-# TODO: Add static build, which currently errors due to proc_macro. RUSTFLAGS="-C target-feature=+crt-static"
-RUN --mount=type=tmpfs,target=/tmp --mount=type=cache,target=/usr/local/cargo/registry,sharing=locked CARGO_TARGET_DIR=/target cargo build --profile release-lto --bin webhook_bridge
+RUN nix \
+    --extra-experimental-features "nix-command flakes" \
+    --option filter-syscalls false \
+    build '.#docker_env'
 
-FROM alpine:$ALPINE_VERSION AS runner
+# Export the built closure to a folder
+RUN mkdir /tmp/nix-store-closure
+RUN cp -R $(nix-store -qR result/) /tmp/nix-store-closure
+RUN ln -s $(readlink -f /tmp/build/result/bin/sh) /tmp/sh
 
-COPY --link --from=builder /target/release-lto/webhook_bridge /usr/bin/
 
-ENTRYPOINT ["/usr/bin/webhook_bridge"]
+
+#
+# Runner
+#
+
+FROM scratch
+
+WORKDIR /app
+
+ENV PATH="$PATH:/app/bin"
+
+COPY --from=builder /tmp/nix-store-closure /nix/store
+COPY --from=builder /tmp/build/result /app
+COPY --from=builder /tmp/sh /bin/sh
+EXPOSE 9988
+CMD ["/app/bin/webhook_bridge"]
diff --git a/flake.nix b/flake.nix
index b9b92df..5a37b71 100644
--- a/flake.nix
+++ b/flake.nix
@@ -51,5 +51,42 @@
           };
         }
       );
+      packages = forAllSystems (
+        system:
+        let
+          overlays = [ (import rust-overlay) ];
+          pkgs = import nixpkgs {
+            inherit system overlays;
+          };
+          rustToolchain = pkgs.pkgsBuildHost.rust-bin.fromRustupToolchainFile ./rust-toolchain.toml;
+        in
+        rec {
+          app = pkgs.rustPlatform.buildRustPackage {
+            pname = "webhook-bridge";
+            version = "0.0.0";
+            src = ./.;
+
+            # If you have a Cargo.lock file, use this:
+            cargoLock.lockFile = ./Cargo.lock;
+
+            nativeBuildInputs = [
+              pkgs.pkg-config
+            ];
+            buildInputs = [
+              pkgs.openssl
+            ];
+          };
+          docker_env = pkgs.buildEnv {
+            name = "webhook-bridge";
+            paths = with pkgs; [
+              app
+              bash
+              uutils-coreutils-noprefix
+              # toybox # Smaller than uutils-coreutils?
+            ];
+          };
+          default = app;
+        }
+      );
     };
 }