diff --git a/docker/Dockerfile b/docker/Dockerfile
index c4b7672..c54306f 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -1,4 +1,5 @@
-FROM docker.io/golang:alpine AS build-zoraxy
+## Build Zoraxy
+FROM docker.io/golang:bookworm AS build-zoraxy
 
 RUN mkdir -p /opt/zoraxy/source/ &&\
     mkdir -p /usr/local/bin/
@@ -12,7 +13,9 @@ RUN go mod tidy &&\
     go build -o /usr/local/bin/zoraxy &&\
     chmod 755 /usr/local/bin/zoraxy
 
-FROM docker.io/ubuntu:latest AS build-zerotier
+
+## Build ZeroTier
+FROM docker.io/golang:bookworm AS build-zerotier
 
 RUN mkdir -p /opt/zerotier/source/ &&\
     mkdir -p /usr/local/bin/
@@ -29,14 +32,20 @@ RUN curl -Lo ZeroTierOne.tar.gz https://codeload.github.com/zerotier/ZeroTierOne
     mv ./zerotier-one /usr/local/bin/zerotier-one &&\
     chmod 755 /usr/local/bin/zerotier-one
 
-FROM docker.io/ubuntu:latest
+
+FROM docker.io/golang:bookworm
+
+COPY --chmod=700 ./entrypoint.sh /opt/zoraxy/
+COPY --chmod=700 ./build_plugins.sh /usr/local/bin/build_plugins
+COPY --chmod=700 ./example/plugins/ztnc/mod/zoraxy_plugin/ /opt/zoraxy/zoraxy_plugin/
+
+COPY --from=build-zerotier /usr/local/bin/zerotier-one /usr/local/bin/zerotier-one
+COPY --from=build-zoraxy /usr/local/bin/zoraxy /usr/local/bin/zoraxy
 
 RUN apt-get update -y &&\
     apt-get install -y bash sudo netcat-openbsd libssl-dev ca-certificates openssh-server
 
-COPY --chmod=700 ./entrypoint.sh /opt/zoraxy/
-COPY --from=build-zoraxy /usr/local/bin/zoraxy /usr/local/bin/zoraxy
-COPY --from=build-zerotier /usr/local/bin/zerotier-one /usr/local/bin/zerotier-one
+RUN mkdir -p /opt/zoraxy/plugin/
 
 WORKDIR /opt/zoraxy/config/
 
@@ -51,14 +60,13 @@ ENV FASTGEOIP="false"
 ENV MDNS="true"
 ENV MDNSNAME="''"
 ENV NOAUTH="false"
+ENV PLUGIN="/opt/zoraxy/plugin/"
 ENV PORT="8000"
 ENV SSHLB="false"
 ENV UPDATE_GEOIP="false"
 ENV VERSION="false"
 ENV WEBFM="true"
 ENV WEBROOT="./www"
-ENV ZTAUTH=""
-ENV ZTPORT="9993"
 
 VOLUME [ "/opt/zoraxy/config/" ]
 
diff --git a/docker/README.md b/docker/README.md
index dde85ac..74126a8 100644
--- a/docker/README.md
+++ b/docker/README.md
@@ -23,6 +23,7 @@ docker run -d \
   -p 443:443 \
   -p 8000:8000 \
   -v /path/to/zoraxy/config/:/opt/zoraxy/config/ \
+  -v /path/to/zoraxy/plugin/:/opt/zoraxy/plugin/ \
   -v /var/run/docker.sock:/var/run/docker.sock \
   -v /etc/localtime:/etc/localtime \
   -e FASTGEOIP="true" \
@@ -43,6 +44,7 @@ services:
       - 8000:8000
     volumes:
       - /path/to/zoraxy/config/:/opt/zoraxy/config/
+      - /path/to/zoraxy/plugin/:/opt/zoraxy/plugin/
       - /var/run/docker.sock:/var/run/docker.sock
       - /etc/localtime:/etc/localtime
     environment:
@@ -62,6 +64,7 @@ services:
 | Volume | Details |
 |:-|:-|
 | `/opt/zoraxy/config/` | Zoraxy configuration. |
+| `/opt/zoraxy/plugin/` | Zoraxy plugins. |
 | `/var/run/docker.sock` | Docker socket. Used for additional functionality with Zoraxy. |
 | `/etc/localtime` | Localtime. Set to ensure the host and container are synchronized. |
 
@@ -80,6 +83,7 @@ Variables are the same as those in [Start Parameters](https://github.com/tobychu
 | `MDNS` | `true` (Boolean) | Enable mDNS scanner and transponder. |
 | `MDNSNAME` | `''` (String) | mDNS name, leave empty to use default (zoraxy_{node-uuid}.local). |
 | `NOAUTH` | `false` (Boolean) | Disable authentication for management interface. |
+| `PLUGIN` | `/opt/zoraxy/plugin/` (String) | Set the path for Zoraxy plugins. Only change this if you know what you are doing. |
 | `PORT` | `8000` (Integer) | Management web interface listening port |
 | `SSHLB` | `false` (Boolean) | Allow loopback web ssh connection (DANGER). |
 | `UPDATE_GEOIP` | `false` (Boolean) | Download the latest GeoIP data and exit. |
@@ -87,17 +91,24 @@ Variables are the same as those in [Start Parameters](https://github.com/tobychu
 | `WEBFM` | `true` (Boolean) | Enable web file manager for static web server root folder. |
 | `WEBROOT` | `./www` (String) | Static web server root folder. Only allow change in start parameters. |
 | `ZEROTIER` | `false` (Boolean) | Enable ZeroTier functionality for GAN. |
-| `ZTAUTH` | `""` (String) | ZeroTier authtoken for the local node. |
-| `ZTPORT` | `9993` (Integer) | ZeroTier controller API port. |
 
 > [!IMPORTANT]
 > Contrary to the Zoraxy README, Docker usage of the port flag should NOT include the colon. Ex: `-e PORT="8000"` for Docker run and `PORT: "8000"` for Docker compose.
 
+### Plugins
+
+You can find official plugins at https://github.com/aroz-online/zoraxy-official-plugins
+
+Place your plugins inside the volume `/path/to/zoraxy/plugin/:/opt/zoraxy/plugin/` (Adjust to your actual install location). Any plugins you have added will then be built and used on the next restart.
+
+> [!IMPORTANT]
+> Plugins are currently experimental.
+
 ### Building
 
 To build the Docker image:
   - Check out the repository/branch.
-  - Copy the Zoraxy `src/` directory into the `docker/` (here) directory.
+  - Copy the Zoraxy `src/` and `example/` directory into the `docker/` (here) directory.
   - Run the build command with `docker build -t zoraxy_build .`
   - You can now use the image `zoraxy_build`
     - If you wish to change the image name, then modify`zoraxy_build` in the previous step and then build again.
diff --git a/docker/build_plugins.sh b/docker/build_plugins.sh
new file mode 100644
index 0000000..0e514af
--- /dev/null
+++ b/docker/build_plugins.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+echo "Copying zoraxy_plugin to all mods..."
+for dir in "$1"/*; do
+  if [ -d "$dir" ]; then
+    cp -r "/opt/zoraxy/zoraxy_plugin/" "$dir/mod/"
+  fi
+done
+
+echo "Running go mod tidy and go build for all directories..."
+for dir in "$1"/*; do
+  if [ -d "$dir" ]; then
+    cd "$dir" || exit 1
+    go mod tidy
+    go build
+    cd "$1" || exit 1
+  fi
+done
+
diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh
index 51901e9..5bb7857 100644
--- a/docker/entrypoint.sh
+++ b/docker/entrypoint.sh
@@ -1,19 +1,23 @@
 #!/usr/bin/env bash
 
-trap cleanup TERM INT
-
 cleanup() {
-  echo "Shutting down..."
+  echo "Stop signal received. Shutting down..."
   kill -TERM "$(pidof zoraxy)" &> /dev/null && echo "Zoraxy stopped."
   kill -TERM "$(pidof zerotier-one)" &> /dev/null && echo "ZeroTier-One stopped."
+  unlink /var/lib/zerotier-one/zerotier/
   exit 0
 }
 
-update-ca-certificates
-echo "CA certificates updated."
+trap cleanup SIGTERM SIGINT TERM INT
 
-zoraxy -update_geoip=true
-echo "Updated GeoIP data."
+update-ca-certificates && echo "CA certificates updated."
+zoraxy -update_geoip=true && echo "GeoIP data updated ."
+
+echo "Building plugins..."
+cd /opt/zoraxy/plugin/ || exit 1
+build_plugins "$PWD"
+echo "Plugins built."
+cd /opt/zoraxy/config/ || exit 1
 
 if [ "$ZEROTIER" = "true" ]; then
   if [ ! -d "/opt/zoraxy/config/zerotier/" ]; then
@@ -36,17 +40,16 @@ zoraxy \
   -mdns="$MDNS" \
   -mdnsname="$MDNSNAME" \
   -noauth="$NOAUTH" \
+  -plugin="$PLUGIN" \
   -port=:"$PORT" \
   -sshlb="$SSHLB" \
   -update_geoip="$UPDATE_GEOIP" \
   -version="$VERSION" \
   -webfm="$WEBFM" \
   -webroot="$WEBROOT" \
-  -ztauth="$ZTAUTH" \
-  -ztport="$ZTPORT" \
   &
 
 zoraxypid=$!
-wait $zoraxypid
-wait $zerotierpid
+wait "$zoraxypid"
+wait "$zerotierpid"