diff --git a/config b/docker/config
similarity index 100%
rename from config
rename to docker/config
diff --git a/docker/nginx-alpine.dockerfile b/docker/nginx-alpine.dockerfile
new file mode 100644
index 0000000..2683001
--- /dev/null
+++ b/docker/nginx-alpine.dockerfile
@@ -0,0 +1,151 @@
+ARG BASE_IMAGE
+
+FROM ${BASE_IMAGE:?required} AS ngx_http_auth_jwt_builder_base
+LABEL stage=ngx_http_auth_jwt_builder
+
+RUN chmod 1777 /tmp
+
+RUN <<`
+	set -e
+	apt-get update
+	apt-get install -y curl build-essential
+`
+
+FROM ngx_http_auth_jwt_builder_base AS ngx_http_auth_jwt_builder_module
+LABEL stage=ngx_http_auth_jwt_builder
+ARG NGINX_VERSION
+
+ENV PATH "${PATH}:/etc/nginx"
+ENV LD_LIBRARY_PATH=/usr/local/lib
+
+RUN <<`
+	set -e
+	apt-get install -y libjwt-dev libjwt0 libjansson-dev libjansson4 libpcre2-dev zlib1g-dev libpcre3-dev
+	mkdir -p /root/build/ngx-http-auth-jwt-module
+`
+
+WORKDIR /root/build/ngx-http-auth-jwt-module
+ADD config ./
+ADD src/*.h src/*.c ./src/
+
+WORKDIR /root/build
+RUN <<`
+	set -e
+	mkdir nginx
+	curl -O http://nginx.org/download/nginx-${NGINX_VERSION:?required}.tar.gz
+	tar -xzf nginx-${NGINX_VERSION}.tar.gz --strip-components 1 -C nginx
+`
+
+WORKDIR /root/build/nginx
+RUN <<`
+	set -e
+	BUILD_FLAGS=''
+	MAJ=$(echo ${NGINX_VERSION} | cut -f1 -d.)
+	MIN=$(echo ${NGINX_VERSION} | cut -f2 -d.)
+	REV=$(echo ${NGINX_VERSION} | cut -f3 -d.)
+
+	# NGINX 1.23.0+ changes cookies to use a linked list, and renames `cookies` to `cookie`
+	if [ "${MAJ}" -gt 1 ] || [ "${MAJ}" -eq 1 -a "${MIN}" -ge 23 ]; then
+		BUILD_FLAGS="${BUILD_FLAGS} --with-cc-opt='-DNGX_LINKED_LIST_COOKIES=1'"
+	fi
+
+	./configure \
+    --prefix=/etc/nginx \
+		--sbin-path=/usr/sbin/nginx \
+		--modules-path=/usr/lib64/nginx/modules \
+		--conf-path=/etc/nginx/nginx.conf \
+		--error-log-path=/var/log/nginx/error.log \
+		--http-log-path=/var/log/nginx/access.log \
+		--pid-path=/var/run/nginx.pid \
+		--lock-path=/var/run/nginx.lock \
+		--http-client-body-temp-path=/var/cache/nginx/client_temp \
+		--http-proxy-temp-path=/var/cache/nginx/proxy_temp \
+		--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \
+		--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \
+		--http-scgi-temp-path=/var/cache/nginx/scgi_temp \
+		--user=nginx \
+		--group=nginx \
+		--with-compat \
+		--with-debug \
+		--with-file-aio \
+		--with-threads \
+		--with-http_addition_module \
+		--with-http_auth_request_module \
+		--with-http_dav_module \
+		--with-http_flv_module \
+		--with-http_gunzip_module \
+		--with-http_gzip_static_module \
+		--with-http_mp4_module \
+		--with-http_random_index_module \
+		--with-http_realip_module \
+		--with-http_secure_link_module \
+		--with-http_slice_module \
+		--with-http_ssl_module \
+		--with-http_stub_status_module \
+		--with-http_sub_module \
+		--with-http_v2_module \
+		--with-mail \
+		--with-mail_ssl_module \
+		--with-stream \
+		--with-stream_realip_module \
+		--with-stream_ssl_module \
+		--with-stream_ssl_preread_module \
+		--with-cc-opt='-g -O2 -ffile-prefix-map=/data/builder/debuild/nginx-1.25.4/debian/debuild-base/nginx-1.25.4=. -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC' \
+		--with-ld-opt='-Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie' \
+		--add-dynamic-module=../ngx-http-auth-jwt-module \
+		${BUILD_FLAGS}
+		# --with-openssl=/usr/local \
+`
+
+RUN make modules
+RUN make install
+
+WORKDIR /usr/lib64/nginx/modules
+RUN	<<`
+	set -e
+	cp /root/build/nginx/objs/ngx_http_auth_jwt_module.so .
+	rm -rf /root/build
+	adduser --system --no-create-home --shell /bin/false --group --disabled-login nginx
+	mkdir -p /var/cache/nginx /var/log/nginx
+`
+
+WORKDIR /etc/nginx
+
+
+FROM ngx_http_auth_jwt_builder_module AS ngx_http_auth_jwt_nginx
+ARG NGINX_VERSION
+
+RUN <<`
+	set -e
+
+	apt-get update
+	apt-get install -y libjansson4 libjwt0
+	apt-get clean
+`
+
+COPY <<` /etc/nginx/nginx.conf
+user nginx;
+pid /var/run/nginx.pid;
+
+load_module /usr/lib64/nginx/modules/ngx_http_auth_jwt_module.so;
+
+worker_processes 1;
+
+events {
+	worker_connections 1024;
+}
+
+http {
+	include mime.types;
+	default_type application/octet-stream;
+
+	log_format main '$$remote_addr - $$remote_user [$$time_local] "$$request" '
+	                '$$status $$body_bytes_sent "$$http_referer" '
+	                '"$$http_user_agent" "$$http_x_forwarded_for"';
+
+	access_log /var/log/nginx/access.log main;
+	include conf.d/*.conf;
+}
+`
+
+ENTRYPOINT ["nginx", "-g", "daemon off;"]
diff --git a/docker/nginx-debian.dockerfile b/docker/nginx-debian.dockerfile
new file mode 100644
index 0000000..df95ac4
--- /dev/null
+++ b/docker/nginx-debian.dockerfile
@@ -0,0 +1,149 @@
+ARG BASE_IMAGE
+
+FROM ${BASE_IMAGE:?required} AS ngx_http_auth_jwt_builder_base
+LABEL stage=ngx_http_auth_jwt_builder
+
+RUN chmod 1777 /tmp
+
+RUN <<`
+	set -e
+	apt-get update
+	apt-get install -y \
+		curl build-essential libjwt-dev libjwt0 libjansson-dev libjansson4 \
+		libpcre2-dev zlib1g-dev libpcre3-dev
+`
+
+FROM ngx_http_auth_jwt_builder_base AS ngx_http_auth_jwt_builder_module
+LABEL stage=ngx_http_auth_jwt_builder
+ARG NGINX_VERSION
+
+ENV PATH="${PATH}:/etc/nginx"
+ENV LD_LIBRARY_PATH=/usr/local/lib
+
+RUN mkdir -p /root/build/ngx-http-auth-jwt-module
+
+WORKDIR /root/build/ngx-http-auth-jwt-module
+ADD config ./
+ADD src/*.h src/*.c ./src/
+
+WORKDIR /root/build
+RUN <<`
+	set -e
+	mkdir nginx
+	curl -O http://nginx.org/download/nginx-${NGINX_VERSION:?required}.tar.gz
+	tar -xzf nginx-${NGINX_VERSION}.tar.gz --strip-components 1 -C nginx
+`
+
+WORKDIR /root/build/nginx
+RUN <<`
+	set -e
+	BUILD_FLAGS=''
+	MAJ=$(echo ${NGINX_VERSION} | cut -f1 -d.)
+	MIN=$(echo ${NGINX_VERSION} | cut -f2 -d.)
+	REV=$(echo ${NGINX_VERSION} | cut -f3 -d.)
+
+	# NGINX 1.23.0+ changes cookies to use a linked list, and renames `cookies` to `cookie`
+	if [ "${MAJ}" -gt 1 ] || [ "${MAJ}" -eq 1 -a "${MIN}" -ge 23 ]; then
+		BUILD_FLAGS="${BUILD_FLAGS} --with-cc-opt='-DNGX_LINKED_LIST_COOKIES=1'"
+	fi
+
+	./configure \
+    --prefix=/etc/nginx \
+		--sbin-path=/usr/sbin/nginx \
+		--modules-path=/usr/lib64/nginx/modules \
+		--conf-path=/etc/nginx/nginx.conf \
+		--error-log-path=/var/log/nginx/error.log \
+		--http-log-path=/var/log/nginx/access.log \
+		--pid-path=/var/run/nginx.pid \
+		--lock-path=/var/run/nginx.lock \
+		--http-client-body-temp-path=/var/cache/nginx/client_temp \
+		--http-proxy-temp-path=/var/cache/nginx/proxy_temp \
+		--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \
+		--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \
+		--http-scgi-temp-path=/var/cache/nginx/scgi_temp \
+		--user=nginx \
+		--group=nginx \
+		--with-compat \
+		--with-debug \
+		--with-file-aio \
+		--with-threads \
+		--with-http_addition_module \
+		--with-http_auth_request_module \
+		--with-http_dav_module \
+		--with-http_flv_module \
+		--with-http_gunzip_module \
+		--with-http_gzip_static_module \
+		--with-http_mp4_module \
+		--with-http_random_index_module \
+		--with-http_realip_module \
+		--with-http_secure_link_module \
+		--with-http_slice_module \
+		--with-http_ssl_module \
+		--with-http_stub_status_module \
+		--with-http_sub_module \
+		--with-http_v2_module \
+		--with-mail \
+		--with-mail_ssl_module \
+		--with-stream \
+		--with-stream_realip_module \
+		--with-stream_ssl_module \
+		--with-stream_ssl_preread_module \
+		--with-cc-opt='-g -O2 -ffile-prefix-map=/data/builder/debuild/nginx-1.25.4/debian/debuild-base/nginx-1.25.4=. -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC' \
+		--with-ld-opt='-Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie' \
+		--add-dynamic-module=../ngx-http-auth-jwt-module \
+		${BUILD_FLAGS}
+		# --with-openssl=/usr/local \
+`
+
+RUN make modules
+RUN make install
+
+WORKDIR /usr/lib64/nginx/modules
+RUN	<<`
+	set -e
+	cp /root/build/nginx/objs/ngx_http_auth_jwt_module.so .
+	rm -rf /root/build
+	adduser --system --no-create-home --shell /bin/false --group --disabled-login nginx
+	mkdir -p /var/cache/nginx /var/log/nginx
+`
+
+WORKDIR /etc/nginx
+
+
+FROM ngx_http_auth_jwt_builder_module AS ngx_http_auth_jwt_nginx
+ARG NGINX_VERSION
+
+RUN <<`
+	set -e
+
+	apt-get update
+	apt-get install -y libjansson4 libjwt0
+	apt-get clean
+`
+
+COPY <<` /etc/nginx/nginx.conf
+user nginx;
+pid /var/run/nginx.pid;
+
+load_module /usr/lib64/nginx/modules/ngx_http_auth_jwt_module.so;
+
+worker_processes 1;
+
+events {
+	worker_connections 1024;
+}
+
+http {
+	include mime.types;
+	default_type application/octet-stream;
+
+	log_format main '\$remote_addr - \$remote_user [\$time_local] "\$request" '
+	                '\$status \$body_bytes_sent "\$http_referer" '
+	                '"\$http_user_agent" "\$http_x_forwarded_for"';
+
+	access_log /var/log/nginx/access.log main;
+	include conf.d/*.conf;
+}
+`
+
+ENTRYPOINT ["nginx", "-g", "daemon off;"]
diff --git a/nginx.dockerfile b/docker/nginx.dockerfile
similarity index 80%
rename from nginx.dockerfile
rename to docker/nginx.dockerfile
index 360469b..22e5803 100644
--- a/nginx.dockerfile
+++ b/docker/nginx.dockerfile
@@ -1,34 +1,28 @@
-ARG BASE_IMAGE
-ARG NGINX_VERSION
-
-FROM ${BASE_IMAGE} AS ngx_http_auth_jwt_builder_base
-LABEL stage=ngx_http_auth_jwt_builder
-RUN chmod 1777 /tmp
-RUN <<`
-apt-get update
-apt-get install -y curl build-essential
-`
-
 FROM ngx_http_auth_jwt_builder_base AS ngx_http_auth_jwt_builder_module
 LABEL stage=ngx_http_auth_jwt_builder
-ENV PATH "${PATH}:/etc/nginx"
-ENV LD_LIBRARY_PATH=/usr/local/lib
 ARG NGINX_VERSION
+
+ENV PATH="${PATH}:/etc/nginx"
+ENV LD_LIBRARY_PATH=/usr/local/lib
+
 RUN <<`
 	set -e
 	apt-get install -y libjwt-dev libjwt0 libjansson-dev libjansson4 libpcre2-dev zlib1g-dev libpcre3-dev
 	mkdir -p /root/build/ngx-http-auth-jwt-module
 `
+
 WORKDIR /root/build/ngx-http-auth-jwt-module
 ADD config ./
 ADD src/*.h src/*.c ./src/
+
 WORKDIR /root/build
 RUN <<`
 	set -e
 	mkdir nginx
-	curl -O http://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz
+	curl -O http://nginx.org/download/nginx-${NGINX_VERSION:?required}.tar.gz
 	tar -xzf nginx-${NGINX_VERSION}.tar.gz --strip-components 1 -C nginx
 `
+
 WORKDIR /root/build/nginx
 RUN <<`
 	set -e
@@ -89,18 +83,25 @@ RUN <<`
 		${BUILD_FLAGS}
 		# --with-openssl=/usr/local \
 `
+
 RUN make modules
 RUN make install
+
 WORKDIR /usr/lib64/nginx/modules
-RUN	cp /root/build/nginx/objs/ngx_http_auth_jwt_module.so .
-RUN rm -rf /root/build
-RUN adduser --system --no-create-home --shell /bin/false --group --disabled-login nginx
-RUN mkdir -p /var/cache/nginx /var/log/nginx
+RUN	<<`
+	set -e
+	cp /root/build/nginx/objs/ngx_http_auth_jwt_module.so .
+	rm -rf /root/build
+	adduser --system --no-create-home --shell /bin/false --group --disabled-login nginx
+	mkdir -p /var/cache/nginx /var/log/nginx
+`
+
 WORKDIR /etc/nginx
 
+
 FROM ngx_http_auth_jwt_builder_module AS ngx_http_auth_jwt_nginx
-LABEL maintainer="TeslaGov" email="developers@teslagov.com"
 ARG NGINX_VERSION
+
 RUN <<`
 	set -e
 
@@ -108,6 +109,7 @@ RUN <<`
 	apt-get install -y libjansson4 libjwt0
 	apt-get clean
 `
+
 COPY <<` /etc/nginx/nginx.conf
 user nginx;
 pid /var/run/nginx.pid;
@@ -124,12 +126,13 @@ http {
 	include mime.types;
 	default_type application/octet-stream;
 
-	log_format main '$$remote_addr - $$remote_user [$$time_local] "$$request" '
-	                '$$status $$body_bytes_sent "$$http_referer" '
-	                '"$$http_user_agent" "$$http_x_forwarded_for"';
+	log_format main '\$remote_addr - \$remote_user [\$time_local] "\$request" '
+	                '\$status \$body_bytes_sent "\$http_referer" '
+	                '"\$http_user_agent" "\$http_x_forwarded_for"';
 
 	access_log /var/log/nginx/access.log main;
 	include conf.d/*.conf;
 }
 `
+
 ENTRYPOINT ["nginx", "-g", "daemon off;"]
diff --git a/openssl.dockerfile b/docker/openssl.dockerfile
similarity index 100%
rename from openssl.dockerfile
rename to docker/openssl.dockerfile
diff --git a/scripts b/scripts
index 9d90185..abf8c2d 100755
--- a/scripts
+++ b/scripts
@@ -10,13 +10,15 @@ NC='\033[0m'
 SSL_VERSION_1_1_1w='1.1.1w'
 SSL_VERSION_3_0_11='3.0.11'
 SSL_VERSION_3_2_1='3.2.1'
+SSL_VERSION_3_3_2='3.3.2'
 SSL_VERSIONS=(${SSL_VERSION_3_2_1})
-SSL_VERSION=${SSL_VERSION:-$SSL_VERSION_3_0_11}
+SSL_VERSION=${SSL_VERSION:-$SSL_VERSION_3_2_1}
 
 declare -A SSL_IMAGE_MAP
-SSL_IMAGE_MAP[$SSL_VERSION_1_1_1w]="bullseye-slim:openssl-${SSL_VERSION_1_1_1w}"
-SSL_IMAGE_MAP[$SSL_VERSION_3_0_11]="bookworm-slim:openssl-${SSL_VERSION_3_0_11}"
-SSL_IMAGE_MAP[$SSL_VERSION_3_2_1]="bookworm-slim:openssl-${SSL_VERSION_3_2_1}"
+SSL_IMAGE_MAP[$SSL_VERSION_1_1_1w]="debian:bullseye-slim openssl-${SSL_VERSION_1_1_1w}"
+SSL_IMAGE_MAP[$SSL_VERSION_3_0_11]="debian:bookworm-slim openssl-${SSL_VERSION_3_0_11}"
+SSL_IMAGE_MAP[$SSL_VERSION_3_2_1]="debian:bookworm-slim openssl-${SSL_VERSION_3_2_1}"
+SSL_IMAGE_MAP[$SSL_VERSION_3_3_2]="alpine:3 openssl-${SSL_VERSION_3_3_2}"
 
 # supported NGINX versions -- for binary distribution
 NGINX_VERSION_LEGACY_1='1.20.2'
@@ -39,35 +41,45 @@ all() {
 }
 
 verify_and_build_base_image() {
-	local image=${SSL_IMAGE_MAP[$SSL_VERSION]}
-	local baseImage=${image%%:*}
+	local info=${SSL_IMAGE_MAP[$SSL_VERSION]}
 
-	if [ -z ${image} ]; then
+	if [ -z ${info} ]; then
 		echo "Base image not set for SSL version :${SSL_VERSION}"
 		exit 1
 	else
-		printf "${MAGENTA}Building ${baseImage} base image for SSL ${SSL_VERSION}...${NC}\n"
+		local distro=$(get_distro)
+		local distroTag=$(get_distro_tag)
+		local sslTag=$(get_ssl_tag)
+
+		printf "${MAGENTA}Building ${distro}:${distroTag} base image for SSL ${SSL_VERSION}...${NC}\n"
 		docker buildx build \
-		  --build-arg BASE_IMAGE=debian:${baseImage} \
+			-f docker/openssl.dockerfile \
+		  --build-arg BASE_IMAGE=${distro}:${distroTag} \
 			--build-arg SSL_VERSION=${SSL_VERSION} \
-			-f openssl.dockerfile \
-			-t ${image} .
+			-t ${distro}-${distroTag}:${sslTag} \
+			docker
 	fi
 }
 
 build_module() {
-	local dockerArgs=${1:-}
-	local baseImage=${SSL_IMAGE_MAP[$SSL_VERSION]}
-	
 	verify_and_build_base_image
 
-	printf "${MAGENTA}Building module for NGINX ${NGINX_VERSION}...${NC}\n"
+	local dockerArgs=${1:-}
+	local distro=$(get_distro)
+	local distroTag=$(get_distro_tag)
+	local sslTag=$(get_ssl_tag)
+
+	printf "${MAGENTA}Copying \`src\` to context dir...${NC}\n"
+	cp -r src docker
+	trap "rm -rf docker/src" 0
+
+	printf "${MAGENTA}Building module with ${distro}:${distroTag} for NGINX ${NGINX_VERSION}...${NC}\n"
 	docker buildx build \
-		-f nginx.dockerfile \
-		-t ${FULL_IMAGE_NAME}:${NGINX_VERSION} \
-	  --build-arg BASE_IMAGE=${baseImage} \
+		-f docker/nginx-${distro}.dockerfile \
+		--build-arg BASE_IMAGE=${distro}-${distroTag}:${sslTag} \
 		--build-arg NGINX_VERSION=${NGINX_VERSION} \
-		${dockerArgs} .
+		${dockerArgs} \
+		docker
 	
 	if [ "$?" -ne 0 ]; then
 		printf "${RED}✘ Build failed ${NC}\n"
@@ -85,6 +97,18 @@ clean_module() {
 	docker rmi -f $(docker images --filter=label=stage=ngx_http_auth_jwt_builder --quiet) 2> /dev/null || true
 }
 
+get_distro() {
+	echo "${SSL_IMAGE_MAP[${SSL_VERSION}]}" | cut -d ':' -f1
+}
+
+get_distro_tag() {
+	echo "${SSL_IMAGE_MAP[${SSL_VERSION}]}" | cut -d ' ' -f1 | cut -d ':' -f2
+}
+
+get_ssl_tag() {
+	echo "${SSL_IMAGE_MAP[${SSL_VERSION}]}" | cut -d ' ' -f2
+}
+
 start() {
 	local port=$(get_port)