diff --git a/UserSpace.Dockerfile b/UserSpace.Dockerfile
new file mode 100644
index 0000000..615e70f
--- /dev/null
+++ b/UserSpace.Dockerfile
@@ -0,0 +1,33 @@
+FROM docker.io/node:12 AS ui
+WORKDIR /ui
+COPY ui/package.json ui/package-lock.json /ui/
+RUN npm install
+COPY ui .
+RUN npm run build
+
+FROM docker.io/golang:1.14 AS build
+WORKDIR /wg
+RUN go get github.com/go-bindata/go-bindata/...
+RUN go get github.com/elazarl/go-bindata-assetfs/...
+COPY go.mod .
+COPY go.sum .
+RUN go mod download
+COPY . .
+COPY --from=ui /ui/dist ui/dist
+RUN go-bindata-assetfs -prefix ui/dist ui/dist
+RUN go install .
+
+FROM docker.io/golang:1.14 AS wg_go_build
+WORKDIR /wg-go
+RUN git init && \
+    git remote add origin https://git.zx2c4.com/wireguard-go && \
+    git fetch && \
+    git checkout tags/v0.0.20200320 -b build && \
+    make
+
+FROM alpine:3.12
+RUN apk add libc6-compat --no-cache
+COPY ./wg-go-ui.sh /
+COPY --from=build /go/bin/wireguard-ui /
+COPY --from=wg_go_build /wg-go/wireguard-go /
+ENTRYPOINT [ "/wg-go-ui.sh" ]
diff --git a/wg-go-ui.sh b/wg-go-ui.sh
new file mode 100755
index 0000000..76a24fa
--- /dev/null
+++ b/wg-go-ui.sh
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -eux
+
+# need `SYS_ADMIN` and `NET_ADMIN` capabilities.
+mkdir -p /dev/net
+TUNFILE=/dev/net/tun
+[ ! -c $TUNFILE ] && mknod $TUNFILE c 10 200
+
+# Start the first process
+./wireguard-go wg0
+status=$?
+if [ $status -ne 0 ]; then
+  echo "Failed to start wireguard-go: $status"
+  exit $status
+fi
+
+# Start the second process
+./wireguard-ui $@
+status=$?
+if [ $status -ne 0 ]; then
+  echo "Failed to start wireguard-ui: $status"
+  exit $status
+fi
+
+# Naive check runs checks once a minute to see if either of the processes exited.
+# This illustrates part of the heavy lifting you need to do if you want to run
+# more than one service in a container. The container exits with an error
+# if it detects that either of the processes has exited.
+# Otherwise it loops forever, waking up every 60 seconds
+
+while sleep 60; do
+  ps aux |grep wireguard-go |grep -q -v grep
+  PROCESS_1_STATUS=$?
+  ps aux |grep wireguard-ui |grep -q -v grep
+  PROCESS_2_STATUS=$?
+  # If the greps above find anything, they exit with 0 status
+  # If they are not both 0, then something is wrong
+  if [ $PROCESS_1_STATUS -ne 0 -o $PROCESS_2_STATUS -ne 0 ]; then
+    echo "One of the processes has already exited."
+    exit 1
+  fi
+done