diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
new file mode 100644
index 0000000..fb3e9dd
--- /dev/null
+++ b/.github/workflows/main.yml
@@ -0,0 +1,38 @@
+name: Docker Image CI for GHCR
+
+on:
+  push:
+    branches:
+      - master
+jobs:
+  build_and_publish_backend:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Build and Push Image
+        run: |
+          docker login --username wagnerbastian --password ${{ secrets.GH_PAT }} ghcr.io
+          docker build ./api --tag ghcr.io/wagnerbastian/keyvault_pro_api:latest
+          docker push ghcr.io/wagnerbastian/keyvault_pro_api:latest
+  build_and_publish_frontend:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Build and Push Image
+        run: |
+          docker login --username wagnerbastian --password ${{ secrets.GH_PAT }} ghcr.io
+          docker build ./client --tag ghcr.io/wagnerbastian/keyvault_pro_client:latest
+          docker push ghcr.io/wagnerbastian/keyvault_pro_client:latest
+  ssh-login-and-publish:
+        runs-on: ubuntu-latest
+        needs: [build_and_publish_frontend, build_and_publish_backend]
+        steps:
+
+            -   name: Setup SSH Keys and known_hosts
+                run: |
+                    install -m 600 -D /dev/null ~/.ssh/id_rsa
+                    echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
+                    ssh-keyscan -H ${{ secrets.SERVER_HOST }} > ~/.ssh/known_hosts
+            -   name: connect and pull
+                # run: |
+                 #  ssh ${{ secrets.SERVER_USERNAME }}@${{ secrets.SERVER_HOST }} "cd docker/keyvault && docker stop beantastic_api || true && docker rm keyvault || true && docker stop beantastic_client || true && docker rm beantastic_client || true && docker-compose pull && docker-compose up -d"