diff --git a/.github/workflows/linkspector.yml b/.github/workflows/linkspector.yml
index edb1728..4d9f9d9 100644
--- a/.github/workflows/linkspector.yml
+++ b/.github/workflows/linkspector.yml
@@ -1,4 +1,4 @@
-name: Linkspector
+name: linkspector-scan
 on: 
   pull_request:
     branches:
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
new file mode 100644
index 0000000..5c14ed8
--- /dev/null
+++ b/.github/workflows/tests.yml
@@ -0,0 +1,26 @@
+name: run-tests
+on:
+  pull_request:
+    branches:
+      - live
+    paths-ignore:
+      - "**.md"
+  workflow_dispatch: # allow manually triggering 
+jobs:
+  run_tests:
+    runs-on: ubuntu-latest
+    name: Install Bats and run tests
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+      - name: Setup Bats and bats libs
+        id: setup-bats
+        uses: bats-core/bats-action@2104b40bb7b6c2d5110b23a26b0bf265ab8027db #v3.0.0
+
+      - name: Run tests
+        shell: bash
+        env:
+          INSTALL_SCRIPT: install/install_secureblue.sh
+        run: |
+          bats -p -t --verbose-run .github/workflows/tests
\ No newline at end of file
diff --git a/.github/workflows/tests/install_script_tests.bats b/.github/workflows/tests/install_script_tests.bats
new file mode 100644
index 0000000..1cd46ea
--- /dev/null
+++ b/.github/workflows/tests/install_script_tests.bats
@@ -0,0 +1,107 @@
+#!/usr/bin/env bats
+
+@test "Script exits with error if rpm-ostree is not installed" {
+  sudo bash -c 'rm -f /usr/bin/rpm-ostree'
+  run bash "$INSTALL_SCRIPT"
+  [ "$status" -eq 1 ]
+  [[ "$output" == *"This script only runs on Fedora Atomic"* ]]
+}
+
+@test "Script passes rpm-ostree check if it is installed" {
+  sudo bash -c 'echo "empty file" > /usr/bin/rpm-ostree'
+  run bash "$INSTALL_SCRIPT"
+  [ "$status" -eq 0 ]
+  [[ "$output" == *"Welcome to the secureblue interactive installer"* ]]
+}
+
+@test "Test command for silverblue-main-userns-hardened" {
+  sudo bash -c 'echo "empty file" > /usr/bin/rpm-ostree'
+  run bash -c "echo -e 'no\n1\nno\nyes\nno' | bash '$INSTALL_SCRIPT'"
+  [ "$status" -eq 0 ]
+  [[ "$output" == *"silverblue-main-userns-hardened"* ]]
+}
+
+@test "Test command for silverblue-nvidia-userns-hardened" {
+  sudo bash -c 'echo "empty file" > /usr/bin/rpm-ostree'
+  run bash -c "echo -e 'no\n1\nyes\nno\nyes\nno' | bash '$INSTALL_SCRIPT'"
+  [ "$status" -eq 0 ]
+  [[ "$output" == *"silverblue-nvidia-userns-hardened"* ]]
+}
+
+@test "Test command for silverblue-nvidia-open-userns-hardened" {
+  sudo bash -c 'echo "empty file" > /usr/bin/rpm-ostree'
+  run bash -c "echo -e 'no\n1\nyes\nyes\nyes\nno' | bash '$INSTALL_SCRIPT'"
+  [ "$status" -eq 0 ]
+  [[ "$output" == *"silverblue-nvidia-open-userns-hardened"* ]]
+}
+
+@test "Test command for silverblue-nvidia-open-hardened" {
+  sudo bash -c 'echo "empty file" > /usr/bin/rpm-ostree'
+  run bash -c "echo -e 'no\n1\nyes\nyes\no\nno' | bash '$INSTALL_SCRIPT'"
+  [ "$status" -eq 0 ]
+  [[ "$output" == *"silverblue-nvidia-open-hardened"* ]]
+}
+
+@test "Test command for kinoite-main-userns-hardened" {
+  sudo bash -c 'echo "empty file" > /usr/bin/rpm-ostree'
+  run bash -c "echo -e 'no\n2\nno\nyes\nno' | bash '$INSTALL_SCRIPT'"
+  [ "$status" -eq 0 ]
+  [[ "$output" == *"kinoite-main-userns-hardened"* ]]
+}
+
+@test "Test command for sericea-main-userns-hardened" {
+  sudo bash -c 'echo "empty file" > /usr/bin/rpm-ostree'
+  run bash -c "echo -e 'no\n3\nno\nyes\nno' | bash '$INSTALL_SCRIPT'"
+  [ "$status" -eq 0 ]
+  [[ "$output" == *"sericea-main-userns-hardened"* ]]
+}
+
+@test "Test command for wayblue-wayfire-main-userns-hardened" {
+  sudo bash -c 'echo "empty file" > /usr/bin/rpm-ostree'
+  run bash -c "echo -e 'no\n4\nno\nyes\nno' | bash '$INSTALL_SCRIPT'"
+  [ "$status" -eq 0 ]
+  [[ "$output" == *"wayblue-wayfire-main-userns-hardened"* ]]
+}
+
+@test "Test command for wayblue-sway-main-userns-hardened" {
+  sudo bash -c 'echo "empty file" > /usr/bin/rpm-ostree'
+  run bash -c "echo -e 'no\n5\nno\nyes\nno' | bash '$INSTALL_SCRIPT'"
+  [ "$status" -eq 0 ]
+  [[ "$output" == *"wayblue-sway-main-userns-hardened"* ]]
+}
+
+@test "Test command for wayblue-river-main-userns-hardened" {
+  sudo bash -c 'echo "empty file" > /usr/bin/rpm-ostree'
+  run bash -c "echo -e 'no\n6\nno\nyes\nno' | bash '$INSTALL_SCRIPT'"
+  [ "$status" -eq 0 ]
+  [[ "$output" == *"wayblue-river-main-userns-hardened"* ]]
+}
+
+@test "Test command for wayblue-hyprland-main-userns-hardened" {
+  sudo bash -c 'echo "empty file" > /usr/bin/rpm-ostree'
+  run bash -c "echo -e 'no\n7\nno\nyes\nno' | bash '$INSTALL_SCRIPT'"
+  [ "$status" -eq 0 ]
+  [[ "$output" == *"wayblue-hyprland-main-userns-hardened"* ]]
+}
+
+@test "Test command for cosmic-main-userns-hardened" {
+  sudo bash -c 'echo "empty file" > /usr/bin/rpm-ostree'
+  run bash -c "echo -e 'no\n8\nno\nyes\nno' | bash '$INSTALL_SCRIPT'"
+  [ "$status" -eq 0 ]
+  [[ "$output" == *"cosmic-main-userns-hardened"* ]]
+}
+
+@test "Test command for securecore-zfs-main-userns-hardened" {
+  sudo bash -c 'echo "empty file" > /usr/bin/rpm-ostree'
+  run bash -c "echo -e 'yes\nyes\nno\nyes\no' | bash '$INSTALL_SCRIPT'"
+  [ "$status" -eq 0 ]
+  [[ "$output" == *"securecore-zfs-main-userns-hardened"* ]]
+}
+
+@test "Test command for securecore-main-userns-hardened" {
+  sudo bash -c 'echo "empty file" > /usr/bin/rpm-ostree'
+  run bash -c "echo -e 'yes\nno\nno\nyes\no' | bash '$INSTALL_SCRIPT'"
+  [ "$status" -eq 0 ]
+  [[ "$output" == *"securecore-main-userns-hardened"* ]]
+}
+
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
index 4394530..7de3308 100644
--- a/.github/workflows/trivy.yml
+++ b/.github/workflows/trivy.yml
@@ -1,4 +1,4 @@
-name: trivy
+name: trivy-scan
 on:
   schedule:
     - cron: "00 8 * * *" # build at 8:00 UTC every day 
@@ -6,6 +6,8 @@ on:
   push:
     branches:
       - live
+    paths-ignore:
+      - "**.md"
 
   workflow_dispatch: # allow manually triggering builds
 jobs:
diff --git a/docs/IMAGES.md b/docs/IMAGES.md
new file mode 100644
index 0000000..d483d75
--- /dev/null
+++ b/docs/IMAGES.md
@@ -0,0 +1,119 @@
+# Images
+
+> [!NOTE]
+> Learn about unprivileged user namespaces [here](USERNS.md).
+
+## Desktop
+
+*`nvidia-open` images are recommended for systems with Nvidia GPUs Turing or newer. These include the new [open kernel modules](https://github.com/NVIDIA/open-gpu-kernel-modules) from Nvidia, not Nouveau.*
+
+*`nvidia` images are recommended for systems with Nvidia GPUs Pascal or older. These include the closed kernel modules from Nvidia.*
+
+### Recommended <sup>[why?](RECOMMENDED.md)</sup>
+#### Silverblue
+| Name                                      | Base      | Nvidia Support         | Unpriv. Userns |
+|-------------------------------------------|-----------|-------------------------|------------------------------|
+| `silverblue-main-hardened`               | Silverblue| No                      | No                           |
+| `silverblue-nvidia-hardened`             | Silverblue| Yes, closed drivers     | No                           |
+| `silverblue-nvidia-open-hardened`        | Silverblue| Yes, open drivers       | No                           |
+| `silverblue-main-userns-hardened`        | Silverblue| No                      | Yes                          |
+| `silverblue-nvidia-userns-hardened`      | Silverblue| Yes, closed drivers     | Yes                          |
+| `silverblue-nvidia-open-userns-hardened` | Silverblue| Yes, open drivers       | Yes                          |
+
+### Stable
+#### Kinoite
+| Name                                      | Base      | Nvidia Support         | Unpriv. Userns |
+|-------------------------------------------|-----------|-------------------------|------------------------------|
+| `kinoite-main-hardened`                  | Kinoite   | No                      | No                           |
+| `kinoite-nvidia-hardened`                | Kinoite   | Yes, closed drivers     | No                           |
+| `kinoite-nvidia-open-hardened`           | Kinoite   | Yes, open drivers       | No                           |
+| `kinoite-main-userns-hardened`           | Kinoite   | No                      | Yes                          |
+| `kinoite-nvidia-userns-hardened`         | Kinoite   | Yes, closed drivers     | Yes                          |
+| `kinoite-nvidia-open-userns-hardened`    | Kinoite   | Yes, open drivers       | Yes                          |
+
+#### Sericea
+| Name                                      | Base      | Nvidia Support         | Unpriv. Userns |
+|-------------------------------------------|-----------|-------------------------|------------------------------|
+| `sericea-main-hardened`                  | Sericea   | No                      | No                           |
+| `sericea-nvidia-hardened`                | Sericea   | Yes, closed drivers     | No                           |
+| `sericea-nvidia-open-hardened`           | Sericea   | Yes, open drivers       | No                           |
+| `sericea-main-userns-hardened`           | Sericea   | No                      | Yes                          |
+| `sericea-nvidia-userns-hardened`         | Sericea   | Yes, closed drivers     | Yes                          |
+| `sericea-nvidia-open-userns-hardened`    | Sericea   | Yes, open drivers       | Yes                          |
+
+### Beta
+> [!NOTE]
+> Learn about wayblue [here](https://github.com/wayblueorg/wayblue).
+
+#### Wayfire
+| Name                                      | Base                  | Nvidia Support         | Unpriv. Userns |
+|-------------------------------------------|-----------------------|-------------------------|------------------------------|
+| `wayblue-wayfire-main-hardened`          | Wayblue-Wayfire       | No                      | No                           |
+| `wayblue-wayfire-nvidia-hardened`        | Wayblue-Wayfire       | Yes, closed drivers     | No                           |
+| `wayblue-wayfire-nvidia-open-hardened`   | Wayblue-Wayfire       | Yes, open drivers       | No                           |
+| `wayblue-wayfire-main-userns-hardened`   | Wayblue-Wayfire       | No                      | Yes                          |
+| `wayblue-wayfire-nvidia-userns-hardened` | Wayblue-Wayfire       | Yes, closed drivers     | Yes                          |
+| `wayblue-wayfire-nvidia-open-userns-hardened` | Wayblue-Wayfire | Yes, open drivers       | Yes                          |
+
+#### Hyprland
+| Name                                      | Base                  | Nvidia Support         | Unpriv. Userns |
+|-------------------------------------------|-----------------------|-------------------------|------------------------------|
+| `wayblue-hyprland-main-hardened`         | Wayblue-Hyprland      | No                      | No                           |
+| `wayblue-hyprland-nvidia-hardened`       | Wayblue-Hyprland      | Yes, closed drivers     | No                           |
+| `wayblue-hyprland-nvidia-open-hardened`  | Wayblue-Hyprland      | Yes, open drivers       | No                           |
+| `wayblue-hyprland-main-userns-hardened`  | Wayblue-Hyprland      | No                      | Yes                          |
+| `wayblue-hyprland-nvidia-userns-hardened`| Wayblue-Hyprland      | Yes, closed drivers     | Yes                          |
+| `wayblue-hyprland-nvidia-open-userns-hardened` | Wayblue-Hyprland | Yes, open drivers       | Yes                          |
+
+#### River
+| Name                                      | Base                  | Nvidia Support         | Unpriv. Userns |
+|-------------------------------------------|-----------------------|-------------------------|------------------------------|
+| `wayblue-river-main-hardened`            | Wayblue-River         | No                      | No                           |
+| `wayblue-river-nvidia-hardened`          | Wayblue-River         | Yes, closed drivers     | No                           |
+| `wayblue-river-nvidia-open-hardened`     | Wayblue-River         | Yes, open drivers       | No                           |
+| `wayblue-river-main-userns-hardened`     | Wayblue-River         | No                      | Yes                          |
+| `wayblue-river-nvidia-userns-hardened`   | Wayblue-River         | Yes, closed drivers     | Yes                          |
+| `wayblue-river-nvidia-open-userns-hardened` | Wayblue-River     | Yes, open drivers       | Yes                          |
+
+
+#### Sway
+| Name                                      | Base                  | Nvidia Support         | Unpriv. Userns |
+|-------------------------------------------|-----------------------|-------------------------|------------------------------|
+| `wayblue-sway-main-hardened`             | Wayblue-Sway          | No                      | No                           |
+| `wayblue-sway-nvidia-hardened`           | Wayblue-Sway          | Yes, closed drivers     | No                           |
+| `wayblue-sway-nvidia-open-hardened`      | Wayblue-Sway          | Yes, open drivers       | No                           |
+| `wayblue-sway-main-userns-hardened`      | Wayblue-Sway          | No                      | Yes                          |
+| `wayblue-sway-nvidia-userns-hardened`    | Wayblue-Sway          | Yes, closed drivers     | Yes                          |
+| `wayblue-sway-nvidia-open-userns-hardened` | Wayblue-Sway       | Yes, open drivers       | Yes                          |
+
+## Server
+> [!NOTE]
+> After you finish setting up your [Fedora CoreOS](https://fedoraproject.org/coreos/) installation, you will need to disable `zincati.service` before rebasing to securecore.
+
+| Name                                      | Base      | Nvidia Support         | ZFS Support | Unpriv. Userns |
+|-------------------------------------------|-----------|-------------------------|-------------|------------------------------|
+| `securecore-main-hardened`               | CoreOS    | No                      | No          | No                           |
+| `securecore-nvidia-hardened`             | CoreOS    | Yes, closed drivers     | No          | No                           |
+| `securecore-nvidia-open-hardened`        | CoreOS    | Yes, open drivers       | No          | No                           |
+| `securecore-main-userns-hardened`        | CoreOS    | No                      | No          | Yes                          |
+| `securecore-nvidia-userns-hardened`      | CoreOS    | Yes, closed drivers     | No          | Yes                          |
+| `securecore-nvidia-open-userns-hardened` | CoreOS    | Yes, open drivers       | No          | Yes                          |
+| `securecore-zfs-main-hardened`           | CoreOS    | No                      | Yes         | No                           |
+| `securecore-zfs-nvidia-hardened`         | CoreOS    | Yes, closed drivers     | Yes         | No                           |
+| `securecore-zfs-nvidia-open-hardened`    | CoreOS    | Yes, open drivers       | Yes         | No                           |
+| `securecore-zfs-main-userns-hardened`    | CoreOS    | No                      | Yes         | Yes                          |
+| `securecore-zfs-nvidia-userns-hardened`  | CoreOS    | Yes, closed drivers     | Yes         | Yes                          |
+| `securecore-zfs-nvidia-open-userns-hardened` | CoreOS  | Yes, open drivers       | Yes         | Yes                          |
+
+
+### Experimental
+
+#### Cosmic
+| Name                                      | Base                  | Nvidia Support         | Unpriv. Userns |
+|-------------------------------------------|-----------------------|-------------------------|------------------------------|
+| `cosmic-main-hardened`          | Cosmic       | No                      | No                           |
+| `cosmic-nvidia-hardened`        | Cosmic       | Yes, closed drivers     | No                           |
+| `cosmic-nvidia-open-hardened`   | Cosmic       | Yes, open drivers       | No                           |
+| `cosmic-main-userns-hardened`   | Cosmic       | No                      | Yes                          |
+| `cosmic-nvidia-userns-hardened` | Cosmic       | Yes, closed drivers     | Yes                          |
+| `cosmic-nvidia-open-userns-hardened` | Cosmic | Yes, open drivers       | Yes                          |
diff --git a/docs/README.md b/docs/README.md
index 724f010..978c35b 100644
--- a/docs/README.md
+++ b/docs/README.md
@@ -78,160 +78,22 @@ Sponsorship options are on the [Donate](DONATE.md) page. All donations are appre
 
 Have a look at [PREINSTALL-README](PREINSTALL-README.md) before proceeding.
 
-## Rebasing (Recommended)
+## Rebasing
 > [!NOTE]
 > If you don't already have a Fedora Atomic installation, use a Fedora Atomic ISO that matches your secureblue target image to install one. If you want to use a secureblue Silverblue image, start with the Fedora Silverblue ISO, Kinoite for Kinoite, Sericea (Sway Atomic) for Sericea and all the Wayblue images, and CoreOS for all the securecore images.
+> 
+> For more details on the available images, have a look at [IMAGES](IMAGES.md) before proceeding.
 
-To rebase a [Fedora Atomic](https://fedoraproject.org/atomic-desktops/) or [Fedora CoreOS](https://fedoraproject.org/coreos/) installation, follow these steps<sup>‡</sup>:
+To rebase a [Fedora Atomic](https://fedoraproject.org/atomic-desktops/) or [Fedora CoreOS](https://fedoraproject.org/coreos/) installation, download the script below:
 
-> [!IMPORTANT]
-> The **only** supported tag is `latest`.
+[![Download](https://shields.io/badge/-Download-blue?style=for-the-badge&logo=download&logoColor=white)](https://github.com/secureblue/secureblue/releases/latest/download/install_secureblue.sh)
 
-- First rebase to the unsigned image, to get the proper signing keys and policies installed:
-  ```
-  rpm-ostree rebase ostree-unverified-registry:ghcr.io/secureblue/IMAGE_NAME:latest
-  ```
-- Reboot to complete the rebase:
-  ```
-  systemctl reboot
-  ```
-- Then rebase to the signed image, like so:
-  ```
-  rpm-ostree rebase ostree-image-signed:docker://ghcr.io/secureblue/IMAGE_NAME:latest
-  ```
-- Reboot again to complete the installation:
-  ```
-  systemctl reboot
-  ```
-<sup>‡</sup> Replace `IMAGE_NAME` with the *full name* of your preferred image from the [list below](README.md#images).
-
-## ISO
-
-While it's recommended to use a Fedora Atomic ISO to install and then rebase that installation to secureblue, you can also generate an ISO and install that directly using [this script](generate_secureblue_iso.sh). Please note you should still follow the [post-install steps](README.md#post-install) when installing from a generated ISO:
+Then, run it from the directory you downloaded it to:
 
 ```
-./generate_secureblue_iso.sh
+bash install_secureblue.sh
 ```
 
-# Images
-
-> [!NOTE]
-> Learn about unprivileged user namespaces [here](USERNS.md).
-
-## Desktop
-
-*`nvidia-open` images are recommended for systems with Nvidia GPUs Turing or newer. These include the new [open kernel modules](https://github.com/NVIDIA/open-gpu-kernel-modules) from Nvidia, not Nouveau.*
-
-*`nvidia` images are recommended for systems with Nvidia GPUs Pascal or older. These include the closed kernel modules from Nvidia.*
-
-### Recommended <sup>[why?](RECOMMENDED.md)</sup>
-#### Silverblue
-| Name                                      | Base      | Nvidia Support         | Unpriv. Userns |
-|-------------------------------------------|-----------|-------------------------|------------------------------|
-| `silverblue-main-hardened`               | Silverblue| No                      | No                           |
-| `silverblue-nvidia-hardened`             | Silverblue| Yes, closed drivers     | No                           |
-| `silverblue-nvidia-open-hardened`        | Silverblue| Yes, open drivers       | No                           |
-| `silverblue-main-userns-hardened`        | Silverblue| No                      | Yes                          |
-| `silverblue-nvidia-userns-hardened`      | Silverblue| Yes, closed drivers     | Yes                          |
-| `silverblue-nvidia-open-userns-hardened` | Silverblue| Yes, open drivers       | Yes                          |
-
-### Stable
-#### Kinoite
-| Name                                      | Base      | Nvidia Support         | Unpriv. Userns |
-|-------------------------------------------|-----------|-------------------------|------------------------------|
-| `kinoite-main-hardened`                  | Kinoite   | No                      | No                           |
-| `kinoite-nvidia-hardened`                | Kinoite   | Yes, closed drivers     | No                           |
-| `kinoite-nvidia-open-hardened`           | Kinoite   | Yes, open drivers       | No                           |
-| `kinoite-main-userns-hardened`           | Kinoite   | No                      | Yes                          |
-| `kinoite-nvidia-userns-hardened`         | Kinoite   | Yes, closed drivers     | Yes                          |
-| `kinoite-nvidia-open-userns-hardened`    | Kinoite   | Yes, open drivers       | Yes                          |
-
-#### Sericea
-| Name                                      | Base      | Nvidia Support         | Unpriv. Userns |
-|-------------------------------------------|-----------|-------------------------|------------------------------|
-| `sericea-main-hardened`                  | Sericea   | No                      | No                           |
-| `sericea-nvidia-hardened`                | Sericea   | Yes, closed drivers     | No                           |
-| `sericea-nvidia-open-hardened`           | Sericea   | Yes, open drivers       | No                           |
-| `sericea-main-userns-hardened`           | Sericea   | No                      | Yes                          |
-| `sericea-nvidia-userns-hardened`         | Sericea   | Yes, closed drivers     | Yes                          |
-| `sericea-nvidia-open-userns-hardened`    | Sericea   | Yes, open drivers       | Yes                          |
-
-### Beta
-> [!NOTE]
-> Learn about wayblue [here](https://github.com/wayblueorg/wayblue).
-
-#### Wayfire
-| Name                                      | Base                  | Nvidia Support         | Unpriv. Userns |
-|-------------------------------------------|-----------------------|-------------------------|------------------------------|
-| `wayblue-wayfire-main-hardened`          | Wayblue-Wayfire       | No                      | No                           |
-| `wayblue-wayfire-nvidia-hardened`        | Wayblue-Wayfire       | Yes, closed drivers     | No                           |
-| `wayblue-wayfire-nvidia-open-hardened`   | Wayblue-Wayfire       | Yes, open drivers       | No                           |
-| `wayblue-wayfire-main-userns-hardened`   | Wayblue-Wayfire       | No                      | Yes                          |
-| `wayblue-wayfire-nvidia-userns-hardened` | Wayblue-Wayfire       | Yes, closed drivers     | Yes                          |
-| `wayblue-wayfire-nvidia-open-userns-hardened` | Wayblue-Wayfire | Yes, open drivers       | Yes                          |
-
-#### Hyprland
-| Name                                      | Base                  | Nvidia Support         | Unpriv. Userns |
-|-------------------------------------------|-----------------------|-------------------------|------------------------------|
-| `wayblue-hyprland-main-hardened`         | Wayblue-Hyprland      | No                      | No                           |
-| `wayblue-hyprland-nvidia-hardened`       | Wayblue-Hyprland      | Yes, closed drivers     | No                           |
-| `wayblue-hyprland-nvidia-open-hardened`  | Wayblue-Hyprland      | Yes, open drivers       | No                           |
-| `wayblue-hyprland-main-userns-hardened`  | Wayblue-Hyprland      | No                      | Yes                          |
-| `wayblue-hyprland-nvidia-userns-hardened`| Wayblue-Hyprland      | Yes, closed drivers     | Yes                          |
-| `wayblue-hyprland-nvidia-open-userns-hardened` | Wayblue-Hyprland | Yes, open drivers       | Yes                          |
-
-#### River
-| Name                                      | Base                  | Nvidia Support         | Unpriv. Userns |
-|-------------------------------------------|-----------------------|-------------------------|------------------------------|
-| `wayblue-river-main-hardened`            | Wayblue-River         | No                      | No                           |
-| `wayblue-river-nvidia-hardened`          | Wayblue-River         | Yes, closed drivers     | No                           |
-| `wayblue-river-nvidia-open-hardened`     | Wayblue-River         | Yes, open drivers       | No                           |
-| `wayblue-river-main-userns-hardened`     | Wayblue-River         | No                      | Yes                          |
-| `wayblue-river-nvidia-userns-hardened`   | Wayblue-River         | Yes, closed drivers     | Yes                          |
-| `wayblue-river-nvidia-open-userns-hardened` | Wayblue-River     | Yes, open drivers       | Yes                          |
-
-
-#### Sway
-| Name                                      | Base                  | Nvidia Support         | Unpriv. Userns |
-|-------------------------------------------|-----------------------|-------------------------|------------------------------|
-| `wayblue-sway-main-hardened`             | Wayblue-Sway          | No                      | No                           |
-| `wayblue-sway-nvidia-hardened`           | Wayblue-Sway          | Yes, closed drivers     | No                           |
-| `wayblue-sway-nvidia-open-hardened`      | Wayblue-Sway          | Yes, open drivers       | No                           |
-| `wayblue-sway-main-userns-hardened`      | Wayblue-Sway          | No                      | Yes                          |
-| `wayblue-sway-nvidia-userns-hardened`    | Wayblue-Sway          | Yes, closed drivers     | Yes                          |
-| `wayblue-sway-nvidia-open-userns-hardened` | Wayblue-Sway       | Yes, open drivers       | Yes                          |
-
-## Server
-> [!NOTE]
-> After you finish setting up your [Fedora CoreOS](https://fedoraproject.org/coreos/) installation, you will need to disable `zincati.service` before rebasing to securecore.
-
-| Name                                      | Base      | Nvidia Support         | ZFS Support | Unpriv. Userns |
-|-------------------------------------------|-----------|-------------------------|-------------|------------------------------|
-| `securecore-main-hardened`               | CoreOS    | No                      | No          | No                           |
-| `securecore-nvidia-hardened`             | CoreOS    | Yes, closed drivers     | No          | No                           |
-| `securecore-nvidia-open-hardened`        | CoreOS    | Yes, open drivers       | No          | No                           |
-| `securecore-main-userns-hardened`        | CoreOS    | No                      | No          | Yes                          |
-| `securecore-nvidia-userns-hardened`      | CoreOS    | Yes, closed drivers     | No          | Yes                          |
-| `securecore-nvidia-open-userns-hardened` | CoreOS    | Yes, open drivers       | No          | Yes                          |
-| `securecore-zfs-main-hardened`           | CoreOS    | No                      | Yes         | No                           |
-| `securecore-zfs-nvidia-hardened`         | CoreOS    | Yes, closed drivers     | Yes         | No                           |
-| `securecore-zfs-nvidia-open-hardened`    | CoreOS    | Yes, open drivers       | Yes         | No                           |
-| `securecore-zfs-main-userns-hardened`    | CoreOS    | No                      | Yes         | Yes                          |
-| `securecore-zfs-nvidia-userns-hardened`  | CoreOS    | Yes, closed drivers     | Yes         | Yes                          |
-| `securecore-zfs-nvidia-open-userns-hardened` | CoreOS  | Yes, open drivers       | Yes         | Yes                          |
-
-
-### Experimental
-
-#### Cosmic
-| Name                                      | Base                  | Nvidia Support         | Unpriv. Userns |
-|-------------------------------------------|-----------------------|-------------------------|------------------------------|
-| `cosmic-main-hardened`          | Cosmic       | No                      | No                           |
-| `cosmic-nvidia-hardened`        | Cosmic       | Yes, closed drivers     | No                           |
-| `cosmic-nvidia-open-hardened`   | Cosmic       | Yes, open drivers       | No                           |
-| `cosmic-main-userns-hardened`   | Cosmic       | No                      | Yes                          |
-| `cosmic-nvidia-userns-hardened` | Cosmic       | Yes, closed drivers     | Yes                          |
-| `cosmic-nvidia-open-userns-hardened` | Cosmic | Yes, open drivers       | Yes                          |
 
 # Post-install
 
diff --git a/generate_secureblue_iso.sh b/generate_secureblue_iso.sh
deleted file mode 100644
index 6fc6cd2..0000000
--- a/generate_secureblue_iso.sh
+++ /dev/null
@@ -1,84 +0,0 @@
-#!/usr/bin/env bash
-
-if ! command -v podman &> /dev/null
-then
-    echo "Podman is not installed, install it to use this script."
-    exit 1
-fi
-
-function is_yes {
-    case $(echo "$1" | tr '[:upper:]' '[:lower:]') in
-        y|yes) return 0;;
-        *) return 1;;
-    esac
-}
-
-# Define image configurations
-declare -A image_configs=(
-    ["securecore"]="Server"
-    ["securecore-zfs"]="Server"
-    ["silverblue"]="Silverblue:asus"
-    ["kinoite"]="Kinoite:asus"
-    ["sericea"]="Sericea"
-    ["wayblue-wayfire"]="Sericea"
-    ["wayblue-sway"]="Sericea"
-    ["wayblue-river"]="Sericea"
-    ["wayblue-hyprland"]="Sericea"
-    ["cinnamon"]="Silverblue"
-    ["cosmic"]="Kinoite"
-)
-
-image_name=""
-additional_params=""
-variant=""
-
-# Determine if it's a server or desktop
-read -p "Is this for a server? (yes/No): " is_server
-if is_yes "$is_server"; then
-    read -p "Do you need ZFS support? (yes/No): " use_zfs
-    image_name=$(is_yes "$use_zfs" && echo "securecore-zfs" || echo "securecore")
-    variant=${image_configs[$image_name]}
-else
-    # For desktops, present all non-server options
-    desktop_options=($(for key in "${!image_configs[@]}"; do [[ $key != server* ]] && echo "$key"; done | sort))
-    
-    echo "Select a desktop:"
-    select opt in "${desktop_options[@]}"; do
-        if [[ " ${desktop_options[@]} " =~ " ${opt} " ]]; then
-            image_name=$opt
-            IFS=':' read -r variant options <<< "${image_configs[$opt]}"
-            break
-        else
-            echo "Invalid option"
-        fi
-    done
-    
-    if [[ $options == *"asus"* ]]; then
-        read -p "Do you use an Asus laptop? (yes/No): " is_asus
-        is_yes "$is_asus" && additional_params+="-asus"
-    fi
-fi
-
-# Ask about Nvidia for all options
-read -p "Do you use Nvidia? (yes/No): " use_nvidia
-is_yes "$use_nvidia" && additional_params+="-nvidia" || additional_params+="-main"
-
-# Ask about user namespaces for all options
-read -p "Do you need user namespaces? (yes/No): " use_userns
-is_yes "$use_userns" && additional_params+="-userns"
-
-image_name+="$additional_params-hardened"
-
-command="sudo podman run --rm --privileged --volume .:/build-container-installer/build ghcr.io/jasonn3/build-container-installer:latest IMAGE_REPO=ghcr.io/secureblue IMAGE_NAME=$image_name VERSION=41 IMAGE_TAG=latest VARIANT=$variant"
-
-echo "Command to execute:"
-echo "$command"
-echo ""
-
-read -p "Generate this ISO? (yes/No): " generate_iso
-if is_yes "$generate_iso"; then
-    $command
-    mv deploy.iso $image_name.iso
-    mv deploy.iso-CHECKSUM $image_name.iso-CHECKSUM
-    sed -i "s/deploy.iso/$image_name.iso/" "$image_name.iso-CHECKSUM"
-fi
diff --git a/install/install_secureblue.sh b/install/install_secureblue.sh
new file mode 100644
index 0000000..b278ae1
--- /dev/null
+++ b/install/install_secureblue.sh
@@ -0,0 +1,86 @@
+#!/usr/bin/env bash
+
+if ! command -v rpm-ostree &> /dev/null
+then
+    echo "This script only runs on Fedora Atomic"
+    exit 1
+fi
+
+function is_yes {
+    case $(echo "$1" | tr '[:upper:]' '[:lower:]') in
+        y|yes) return 0;;
+        *) return 1;;
+    esac
+}
+
+# Define image configurations
+desktop_image_types=(
+    "silverblue"
+    "kinoite"
+    "sericea"
+    "wayblue-wayfire"
+    "wayblue-sway"
+    "wayblue-river"
+    "wayblue-hyprland"
+    "cosmic"
+)
+
+image_name=""
+additional_params=""
+
+echo "Welcome to the secureblue interactive installer!" 
+echo "After answering the following questions, your system will be rebased to secureblue." 
+echo "-----------------------------------------------------------------------------------"
+
+# Determine if it's a server or desktop
+read -p "Is this for a server? (yes/No): " is_server
+if is_yes "$is_server"; then
+    read -p "Do you need ZFS support? (yes/No): " use_zfs
+    image_name=$(is_yes "$use_zfs" && echo "securecore-zfs" || echo "securecore")
+else
+    echo "Select a desktop. Silverblue is recommended."
+    select image_name in "${desktop_image_types[@]}"; do
+        if [[ -n "$image_name" ]]; then        
+            echo "Selected desktop: $image_name"
+            if [[ "$image_name" == "cosmic" ]]; then
+                echo "Warning: Cosmic images are experimental."
+            fi
+
+            if [[ "$image_name" == *"wayblue"* ]]; then
+                echo "Warning: Wayblue images are in beta."
+            fi
+
+            break
+        else
+            echo "Invalid option, please select a valid number."
+        fi
+    done
+    
+fi
+
+# Ask about Nvidia for all options
+read -p "Do you have Nvidia? (yes/No): " use_nvidia
+if is_yes "$use_nvidia"; then
+    additional_params+="-nvidia" 
+    read -p "Do you need Nvidia's open drivers? (yes/No): " use_open
+    is_yes "$use_open" && additional_params+="-open"
+else
+    additional_params+="-main"
+fi
+
+# Ask about user namespaces for all options
+read -p "Do you need unprivileged user namespaces? (yes/No): " use_userns
+is_yes "$use_userns" && additional_params+="-userns"
+
+image_name+="$additional_params-hardened"
+
+rebase_command="rpm-ostree rebase ostree-unverified-registry:ghcr.io/secureblue/$image_name:latest"
+
+echo "Commands to execute:"
+echo "$rebase_command"
+echo ""
+
+read -p "Proceed? (yes/No): " rebase_proceed
+if is_yes "$rebase_proceed"; then
+    $rebase_command
+fi