diff --git a/.gitea/workflows/release.yml b/.gitea/workflows/release.yml
index 39cb4ef..d5cdac4 100644
--- a/.gitea/workflows/release.yml
+++ b/.gitea/workflows/release.yml
@@ -16,7 +16,7 @@ jobs:
         run: echo "${{ secrets.REGISTRY_TOKEN }}" | docker login git.cqre.net -u ${{ github.actor }} --password-stdin 2>&1 | grep -v "WARNING! Your credentials are stored unencrypted"
 
       - name: Build Docker image
-        run: docker build ./backend --tag git.cqre.net/cqrenet/aoc-backend:${{ gitea.ref_name }}
+        run: docker build ./backend --build-arg VERSION=${{ gitea.ref_name }} --tag git.cqre.net/cqrenet/aoc-backend:${{ gitea.ref_name }}
 
       - name: Push Docker image
         run: docker push git.cqre.net/cqrenet/aoc-backend:${{ gitea.ref_name }}
diff --git a/backend/Dockerfile b/backend/Dockerfile
index dab051b..c3b851f 100644
--- a/backend/Dockerfile
+++ b/backend/Dockerfile
@@ -1,5 +1,9 @@
 FROM python:3.11-slim
 
+# Bake the version into the image at build time
+ARG VERSION=unknown
+ENV VERSION=${VERSION}
+
 # Security: run as non-root
 RUN groupadd -r aoc && useradd -r -g aoc aoc
 
diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml
index d6f332e..4a65383 100644
--- a/docker-compose.prod.yml
+++ b/docker-compose.prod.yml
@@ -26,7 +26,6 @@ services:
     env_file:
       - .env
     environment:
-      VERSION: ${AOC_VERSION:-latest}
       MONGO_URI: mongodb://${MONGO_ROOT_USERNAME}:${MONGO_ROOT_PASSWORD}@mongo:27017/
     depends_on:
       mongo:
diff --git a/docker-compose.yml b/docker-compose.yml
index ca58875..3ecde35 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -20,7 +20,6 @@ services:
     env_file:
       - .env
     environment:
-      VERSION: ${AOC_VERSION:-dev}
       MONGO_URI: mongodb://${MONGO_ROOT_USERNAME}:${MONGO_ROOT_PASSWORD}@mongo:${MONGO_PORT}/
     depends_on:
       - mongo