diff --git a/.github/workflows/nix.yml b/.github/workflows/nix.yml
index 2c185c3..f695315 100644
--- a/.github/workflows/nix.yml
+++ b/.github/workflows/nix.yml
@@ -1,23 +1,24 @@
 name: CI
-
 on:
-  # Triggers the workflow on push or pull request events but only for the "main" branch
   push:
     branches: ["main"]
   pull_request:
     branches: ["main"]
-
   # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:
 
 # A workflow run is made up of one or more jobs that can run sequentially or in parallel
 jobs:
-  build:
+  build-and-push:
     runs-on: x86_64-linux
-
     steps:
       - uses: actions/checkout@v4
 
+      - name: Setup Nix
+        uses: cachix/install-nix-action@v22
+        with:
+          nix_path: nixpkgs=channel:nixos-unstable
+
       - uses: cachix/cachix-action@v15
         with:
           name: nammayatri
@@ -26,3 +27,22 @@ jobs:
 
       - name: Build all flake outputs
         run: om ci
+
+      - name: Build and push Docker image
+        if: github.ref == 'refs/heads/main'
+        env:
+          GITHUB_USERNAME: ${{ github.actor }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          IMAGE_PATH=$(nix build '.#dockerImage' --print-out-paths --no-update-lock-file)
+          docker load -i "$IMAGE_PATH"
+
+          IMAGE_NAME="ghcr.io/nammayatri/beckn-gateway"
+          IMAGE_TAG=$(nix eval --raw '.#dockerImage.imageTag')
+          FULL_IMAGE_NAME="${IMAGE_NAME}:${IMAGE_TAG}"
+
+          echo "$GITHUB_TOKEN" | docker login ghcr.io -u "$GITHUB_USERNAME" --password-stdin
+
+          docker push "$FULL_IMAGE_NAME"
+
+          docker logout ghcr.io
\ No newline at end of file