diff --git a/.github/workflows/dns-cache_cd.yaml b/.github/workflows/dns-cache_cd.yaml
new file mode 100644
index 00000000..5274db19
--- /dev/null
+++ b/.github/workflows/dns-cache_cd.yaml
@@ -0,0 +1,28 @@
+name: DNS Cache
+
+on:
+  push:
+    branches:
+      - 'main'
+    paths:
+      - 'dns-cache/**'
+  workflow_dispatch:
+
+jobs:
+
+  donation-api:
+    name: Deploy DNS Cache Image
+    runs-on: ubuntu-24.04
+    steps:
+      - uses: actions/checkout@v3.4.0
+      - name: Publish DNS Cache Docker Image
+        uses: openzim/docker-publish-action@v10
+        with:
+          image-name: kiwix/dns-cache
+          on-master: latest
+          restrict-to: kiwix/container-images
+          context: dns-cache
+          registries: ghcr.io
+          credentials:
+            GHCRIO_USERNAME=${{ secrets.GHCR_USERNAME }}
+            GHCRIO_TOKEN=${{ secrets.GHCR_TOKEN }}
diff --git a/dns-cache/Dockerfile b/dns-cache/Dockerfile
new file mode 100644
index 00000000..71f6a528
--- /dev/null
+++ b/dns-cache/Dockerfile
@@ -0,0 +1,26 @@
+FROM alpine:3.13
+LABEL org.opencontainers.image.source=https://github.com/kiwix/container-images
+
+ENV SHELL=bash
+
+RUN set -e \
+    && apk update \
+    && apk --no-cache add dumb-init bash curl \
+    # to setup a DNS cache
+    && curl -L -o dnsproxy.tar.gz https://github.com/AdguardTeam/dnsproxy/releases/download/v0.74.1/dnsproxy-linux-amd64-v0.74.1.tar.gz \
+    && tar x -f dnsproxy.tar.gz --strip-components 2 \
+    && mv dnsproxy /usr/bin/
+
+EXPOSE 53
+
+RUN printf "#!/bin/sh\n\
+echo "---"\n\
+cat /usr/local/bin/entrypoint\n\
+echo "---"\n\
+echo 'nameserver 127.0.0.1' > /etc/resolv.conf\n\
+exec \"\$@\"\n\
+" > /usr/local/bin/entrypoint \
+&& chmod +x /usr/local/bin/entrypoint
+
+ENTRYPOINT ["/usr/bin/dumb-init", "--", "/usr/local/bin/entrypoint"]
+CMD ["dnsproxy", "--cache", "--cache-min-ttl", "3600", "--cache-size", "1024", "--hosts-file-enabled", "--ipv6-disabled", "--listen", "0.0.0.0", "--port", "53", "--upstream", "https://1.1.1.1/dns-query"]
diff --git a/dns-cache/README.md b/dns-cache/README.md
new file mode 100644
index 00000000..7fb95fa2
--- /dev/null
+++ b/dns-cache/README.md
@@ -0,0 +1,6 @@
+# DNS Cache
+
+A simple DNS Cache that uses a DoH (DNS over HTTP) upstream to workaround DNS-related issues.
+
+At the moment, it uses [Cloudflare's DoH](https://developers.cloudflare.com/1.1.1.1/encryption/dns-over-https/)
+because it is both reliable and available without bootstraping DNS to resolve its own domain.