diff --git a/Justfile b/Justfile
index 439f776..f9e4401 100644
--- a/Justfile
+++ b/Justfile
@@ -3,11 +3,7 @@ export image_name := env("IMAGE_NAME", "main")
 export centos_version := env("CENTOS_VERSION", "stream10")
 export default_tag := env("DEFAULT_TAG", "latest")
 
-# work around issue with upstream image builder,
-# should converge back on upstream (quay.io/centos-bootc/bootc-image-builder:latest)
-# asap
-
-export bib_image := env("BIB_IMAGE", "ghcr.io/centos-workstation/bootc-image-builder:latest")
+export bib_image := env("BIB_IMAGE", "localhost/bootc-image-builder:latest")
 
 alias build-vm := build-qcow2
 alias rebuild-vm := rebuild-qcow2
@@ -20,7 +16,7 @@ default:
 # Check Just Syntax
 [group('Just')]
 check:
-    #!/usr/bin/bash
+    #!/usr/bin/env bash
     find . -type f -name "*.just" | while read -r file; do
     	echo "Checking syntax: $file"
     	just --unstable --fmt --check -f $file
@@ -31,7 +27,7 @@ check:
 # Fix Just Syntax
 [group('Just')]
 fix:
-    #!/usr/bin/bash
+    #!/usr/bin/env bash
     find . -type f -name "*.just" | while read -r file; do
     	echo "Checking syntax: $file"
     	just --unstable --fmt -f $file
@@ -42,7 +38,7 @@ fix:
 # Clean Repo
 [group('Utility')]
 clean:
-    #!/usr/bin/bash
+    #!/usr/bin/env bash
     set -eoux pipefail
     touch _build
     find *_build* -exec rm -rf {} \;
@@ -60,7 +56,7 @@ sudo-clean:
 [group('Utility')]
 [private]
 sudoif command *args:
-    #!/usr/bin/bash
+    #!/usr/bin/env bash
     function sudoif(){
         if [[ "${UID}" -eq 0 ]]; then
             "$@"
@@ -96,7 +92,7 @@ build $target_image=image_name $tag=default_tag:
     LABELS+=("--label" "io.artifacthub.package.logo-url=https://avatars.githubusercontent.com/u/120078124?s=200&v=4")
     LABELS+=("--label" "org.opencontainers.image.description=CentOS based images")
 
-    podman build \
+    sudo podman build \
         "${BUILD_ARGS[@]}" \
         "${LABELS[@]}" \
         --pull=newer \
@@ -104,7 +100,7 @@ build $target_image=image_name $tag=default_tag:
         .
 
 _rootful_load_image $target_image=image_name $tag=default_tag:
-    #!/usr/bin/bash
+    #!/usr/bin/env bash
     set -eoux pipefail
 
     if [[ -n "${SUDO_USER:-}" || "${UID}" -eq "0" ]]; then
@@ -113,7 +109,7 @@ _rootful_load_image $target_image=image_name $tag=default_tag:
     fi
 
     set +e
-    resolved_tag=$(podman inspect -t image "${target_image}:${tag}" | jq -r '.[].RepoTags.[0]')
+    resolved_tag=$(sudo podman inspect -t image "${target_image}:${tag}" | jq -r '.[].RepoTags.[0]')
     return_code=$?
     set -e
 
@@ -158,12 +154,13 @@ _build-bib $target_image $tag $type $config: (_rootful_load_image target_image t
       -it \
       --privileged \
       --pull=newer \
+      --net=host \
       --security-opt label=type:unconfined_t \
       -v $(pwd)/${config}:/config.toml:ro \
       -v $(pwd)/output:/output \
       -v /var/lib/containers/storage:/var/lib/containers/storage \
       "${bib_image}" \
-      ${args} \
+      ${args} --rootfs ext4 \
       "${target_image}"
 
     sudo chown -R $USER:$USER output
@@ -189,7 +186,7 @@ rebuild-raw $target_image=("localhost/" + image_name) $tag=default_tag: && (_reb
 rebuild-iso $target_image=("localhost/" + image_name) $tag=default_tag: && (_rebuild-bib target_image tag "iso" "image-builder-iso.config.toml")
 
 _run-vm $target_image $tag $type $config:
-    #!/usr/bin/bash
+    #!/usr/bin/env bash
     set -eoux pipefail
 
     image_file="output/${type}/disk.${type}"
@@ -214,17 +211,16 @@ _run-vm $target_image $tag $type $config:
     run_args+=(--pull=newer)
     run_args+=(--publish "127.0.0.1:${port}:8006")
     run_args+=(--env "CPU_CORES=4")
-    run_args+=(--env "RAM_SIZE=8G")
-    run_args+=(--env "DISK_SIZE=64G")
+    run_args+=(--env "RAM_SIZE=4G")
+    run_args+=(--env "DISK_SIZE=30G")
     # run_args+=(--env "BOOT_MODE=windows_secure")
     run_args+=(--env "TPM=Y")
     run_args+=(--env "GPU=Y")
     run_args+=(--device=/dev/kvm)
     run_args+=(--volume "${PWD}/${image_file}":"/boot.${type}")
     run_args+=(docker.io/qemux/qemu-docker)
-    podman run "${run_args[@]}" &
+    sudo podman run "${run_args[@]}" &
     xdg-open http://localhost:${port}
-    fg "%podman"
 
 [group('Run Virtal Machine')]
 run-vm-qcow2 $target_image=("localhost/" + image_name) $tag=default_tag: && (_run-vm target_image tag "qcow2" "image-builder.config.toml")
diff --git a/image-builder-iso.config.toml b/image-builder-iso.config.toml
index 30a7b32..81ac872 100644
--- a/image-builder-iso.config.toml
+++ b/image-builder-iso.config.toml
@@ -1,32 +1,19 @@
 [customizations.installer.kickstart]
 contents = """
-graphical --non-interactive
-lang en_US.UTF-8
-zerombr
-clearpart --all --initlabel --disklabel=gpt
-autopart --noswap --type xfs
-network --bootproto=dhcp --device=link --activate --onboot=on
-timezone --utc America/New_York
-firstboot --enable
-reboot
-
-%post --nochroot
-flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
-flatpak install flathub com.github.tchx84.Flatseal -y
-flatpak install flathub org.keepassxc.KeePassXC -y
+%post
+bootc switch --mutate-in-place --transport registry ghcr.io/centos-workstation/main:latest
 %end
 """
 
 [customizations.installer.modules]
 enable = [
-  "org.fedoraproject.Anaconda.Modules.Localization",
+  "org.fedoraproject.Anaconda.Modules.Storage"
+]
+disable = [
   "org.fedoraproject.Anaconda.Modules.Network",
-  "org.fedoraproject.Anaconda.Modules.Payloads",
-  "org.fedoraproject.Anaconda.Modules.Runtime",
   "org.fedoraproject.Anaconda.Modules.Security",
   "org.fedoraproject.Anaconda.Modules.Services",
-  "org.fedoraproject.Anaconda.Modules.Storage",
+  "org.fedoraproject.Anaconda.Modules.Users",
   "org.fedoraproject.Anaconda.Modules.Subscription",
-  "org.fedoraproject.Anaconda.Modules.Timezone",
-  "org.fedoraproject.Anaconda.Modules.Users"
+  "org.fedoraproject.Anaconda.Modules.Timezone" 
 ]