diff --git a/.github/workflows/debian.yml b/.github/workflows/debian.yml
new file mode 100644
index 0000000..79f6336
--- /dev/null
+++ b/.github/workflows/debian.yml
@@ -0,0 +1,45 @@
+name: debian-base
+
+on:
+  push:
+    branches:
+      - 'main'
+      # - 'test-packages'
+    paths:
+      - "base-images/debian/**"
+      - "!base-images/debian/README.md"
+
+env:
+  DOCKERHUB_USERNAME: ${{ secrets.DOCKER_HUB_USERNAME }}
+  DOCKERHUB_PASSWORD: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
+
+      - name: Read version from file
+        id: version
+        run: echo "::set-output name=VERSION::$(cat ./base-images/debian/version.txt)"
+
+      - name: Build and push Docker image
+        env:
+          DOCKERFILE_PATH: base-images/debian/Dockerfile
+          IMAGE_TAG: ${{ steps.version.outputs.VERSION }}
+          IMAGE_ARG: debian:latest
+          IMAGE_REF: kubespacedev/debian:${{ steps.version.outputs.VERSION }}
+          IMAGE_LAST: kubespacedev/debian:latest
+        run: |
+          docker build -t ${{ env.IMAGE_REF }} --build-arg IMAGE=${{ env.IMAGE_ARG }} -f ${{ env.DOCKERFILE_PATH }} .
+          docker push ${{ env.IMAGE_REF }}
+          docker tag ${{ env.IMAGE_REF }} ${{ env.IMAGE_LAST }}
+          docker push ${{ env.IMAGE_LAST }}
\ No newline at end of file
diff --git a/.github/workflows/vault.yml b/.github/workflows/vault.yml
new file mode 100644
index 0000000..d34b033
--- /dev/null
+++ b/.github/workflows/vault.yml
@@ -0,0 +1,45 @@
+name: vault
+
+on:
+  push:
+    branches:
+      - 'main'
+      # - 'test-packages'
+    paths:
+      - "vault/**"
+      - "!vault/README.md"
+
+env:
+  DOCKERHUB_USERNAME: ${{ secrets.DOCKER_HUB_USERNAME }}
+  DOCKERHUB_PASSWORD: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
+
+      - name: Read version from file
+        id: version
+        run: echo "::set-output name=VERSION::$(cat ./vault/version.txt)"
+
+      - name: Build and push Docker image
+        env:
+          DOCKERFILE_PATH: vault/Dockerfile
+          IMAGE_TAG: ${{ steps.version.outputs.VERSION }}
+          IMAGE_ARG: kubespacedev/ubuntu:latest
+          IMAGE_REF: kubespacedev/vault:${{ steps.version.outputs.VERSION }}
+          IMAGE_LAST: kubespacedev/vault:latest
+        run: |
+          docker build -t ${{ env.IMAGE_REF }} --build-arg IMAGE=${{ env.IMAGE_ARG }} -f ${{ env.DOCKERFILE_PATH }} .
+          docker push ${{ env.IMAGE_REF }}
+          docker tag ${{ env.IMAGE_REF }} ${{ env.IMAGE_LAST }}
+          docker push ${{ env.IMAGE_LAST }}
\ No newline at end of file
diff --git a/base-images/debian/.dockerignore b/base-images/debian/.dockerignore
new file mode 100644
index 0000000..3edb0b5
--- /dev/null
+++ b/base-images/debian/.dockerignore
@@ -0,0 +1,34 @@
+# Include any files or directories that you don't want to be copied to your
+# container here (e.g., local build artifacts, temporary files, etc.).
+#
+# For more help, visit the .dockerignore file reference guide at
+# https://docs.docker.com/engine/reference/builder/#dockerignore-file
+
+**/.DS_Store
+**/__pycache__
+**/.venv
+**/.classpath
+**/.dockerignore
+**/.env
+**/.git
+**/.gitignore
+**/.project
+**/.settings
+**/.toolstarget
+**/.vs
+**/.vscode
+**/*.*proj.user
+**/*.dbmdl
+**/*.jfm
+**/bin
+**/charts
+**/docker-compose*
+**/compose*
+**/Dockerfile*
+**/node_modules
+**/npm-debug.log
+**/obj
+**/secrets.dev.yaml
+**/values.dev.yaml
+LICENSE
+README.md
diff --git a/base-images/debian/.gitignore b/base-images/debian/.gitignore
new file mode 100644
index 0000000..874d26a
--- /dev/null
+++ b/base-images/debian/.gitignore
@@ -0,0 +1,44 @@
+# Windows image file caches
+Thumbs.db
+ehthumbs.db
+
+# Folder config file
+Desktop.ini
+
+# Recycle Bin used on file shares
+$RECYCLE.BIN/
+
+# Windows Installer files
+*.cab
+*.msi
+*.msm
+*.msp
+
+# Windows shortcuts
+*.lnk
+
+# =========================
+# Operating System Files
+# =========================
+
+# OSX
+# =========================
+
+.DS_Store
+.AppleDouble
+.LSOverride
+
+# Thumbnails
+._*
+
+# Files that might appear on external disk
+.Spotlight-V100
+.Trashes
+
+# Directories potentially created on remote AFP share
+.AppleDB
+.AppleDesktop
+Network Trash Folder
+Temporary Items
+.apdisk
+.jenkins-external
\ No newline at end of file
diff --git a/base-images/debian/Dockerfile b/base-images/debian/Dockerfile
new file mode 100644
index 0000000..76fbc1b
--- /dev/null
+++ b/base-images/debian/Dockerfile
@@ -0,0 +1,34 @@
+ARG IMAGE
+FROM ${IMAGE}
+
+# Switch to root user for system updates
+USER root
+
+# Install locales
+RUN apt-get update && \
+    apt-get upgrade -y && \
+    apt-get install -y locales tzdata && \
+    rm -rf /var/lib/apt/lists/* && \
+    localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8 && \
+    ln -fs /usr/share/zoneinfo/Europe/Berlin /etc/localtime && \
+    dpkg-reconfigure -f noninteractive tzdata
+
+# Set environment variables
+ENV LANG en_US.utf8
+
+# Install basic libraries
+RUN apt-get update && \
+    apt-get install -y curl wget && \
+    apt-get autoremove -y && \
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/*
+
+# Create a non-root user
+RUN useradd -m -s /bin/bash kube
+
+USER kube
+# Set the working directory to the 'kube' user's home directory
+WORKDIR /home/kube
+
+# Default command when starting the container
+CMD ["/bin/bash"]
\ No newline at end of file
diff --git a/base-images/debian/README.md b/base-images/debian/README.md
new file mode 100644
index 0000000..ac44d9a
--- /dev/null
+++ b/base-images/debian/README.md
@@ -0,0 +1 @@
+docker build -t debian-testu -f base-images/ubuntu/Dockerfile --build-arg IMAGE=debian:latest .
\ No newline at end of file
diff --git a/base-images/debian/version.txt b/base-images/debian/version.txt
new file mode 100644
index 0000000..afaf360
--- /dev/null
+++ b/base-images/debian/version.txt
@@ -0,0 +1 @@
+1.0.0
\ No newline at end of file
diff --git a/vault/.dockerignore b/vault/.dockerignore
new file mode 100644
index 0000000..3edb0b5
--- /dev/null
+++ b/vault/.dockerignore
@@ -0,0 +1,34 @@
+# Include any files or directories that you don't want to be copied to your
+# container here (e.g., local build artifacts, temporary files, etc.).
+#
+# For more help, visit the .dockerignore file reference guide at
+# https://docs.docker.com/engine/reference/builder/#dockerignore-file
+
+**/.DS_Store
+**/__pycache__
+**/.venv
+**/.classpath
+**/.dockerignore
+**/.env
+**/.git
+**/.gitignore
+**/.project
+**/.settings
+**/.toolstarget
+**/.vs
+**/.vscode
+**/*.*proj.user
+**/*.dbmdl
+**/*.jfm
+**/bin
+**/charts
+**/docker-compose*
+**/compose*
+**/Dockerfile*
+**/node_modules
+**/npm-debug.log
+**/obj
+**/secrets.dev.yaml
+**/values.dev.yaml
+LICENSE
+README.md
diff --git a/vault/.gitignore b/vault/.gitignore
new file mode 100644
index 0000000..874d26a
--- /dev/null
+++ b/vault/.gitignore
@@ -0,0 +1,44 @@
+# Windows image file caches
+Thumbs.db
+ehthumbs.db
+
+# Folder config file
+Desktop.ini
+
+# Recycle Bin used on file shares
+$RECYCLE.BIN/
+
+# Windows Installer files
+*.cab
+*.msi
+*.msm
+*.msp
+
+# Windows shortcuts
+*.lnk
+
+# =========================
+# Operating System Files
+# =========================
+
+# OSX
+# =========================
+
+.DS_Store
+.AppleDouble
+.LSOverride
+
+# Thumbnails
+._*
+
+# Files that might appear on external disk
+.Spotlight-V100
+.Trashes
+
+# Directories potentially created on remote AFP share
+.AppleDB
+.AppleDesktop
+Network Trash Folder
+Temporary Items
+.apdisk
+.jenkins-external
\ No newline at end of file
diff --git a/vault/Dockerfile b/vault/Dockerfile
new file mode 100644
index 0000000..114b512
--- /dev/null
+++ b/vault/Dockerfile
@@ -0,0 +1,25 @@
+ARG IMAGE
+FROM ${IMAGE}
+
+USER root
+WORKDIR /
+
+RUN apt-get update && apt-get install -y gpg unzip
+RUN wget https://releases.hashicorp.com/vault/1.14.0-rc1/vault_1.14.0-rc1_linux_amd64.zip && \
+    unzip vault_1.14.0-rc1_linux_amd64.zip -d /usr/local/bin/ && \
+    rm vault_1.14.0-rc1_linux_amd64.zip && \
+    apt-get remove -y unzip && \
+    apt-get autoremove -y && \
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/*
+
+EXPOSE 8200
+EXPOSE 8201
+
+USER kube
+WORKDIR /home/kube
+
+COPY vault/config.hcl config.hcl
+COPY vault/start-vault.sh start-vault.sh
+
+CMD ["sh","start-vault.sh"]
\ No newline at end of file
diff --git a/vault/README.md b/vault/README.md
new file mode 100644
index 0000000..e69de29
diff --git a/vault/config.hcl b/vault/config.hcl
new file mode 100644
index 0000000..1395e5c
--- /dev/null
+++ b/vault/config.hcl
@@ -0,0 +1,15 @@
+ui = true
+disable_mlock = true
+
+storage "file" {
+  path    = "./vault/data"
+  node_id = "node1"
+}
+
+listener "tcp" {
+  address     = "0.0.0.0:8200"
+  tls_disable = "true"
+}
+
+api_addr = "http://0.0.0.0:8200"
+cluster_addr = "https://0.0.0.0:8201"
\ No newline at end of file
diff --git a/vault/start-vault.sh b/vault/start-vault.sh
new file mode 100644
index 0000000..9ebc2f2
--- /dev/null
+++ b/vault/start-vault.sh
@@ -0,0 +1,2 @@
+#!/bin/bash
+vault server -config=config.hcl
\ No newline at end of file
diff --git a/vault/version.txt b/vault/version.txt
new file mode 100644
index 0000000..93a481b
--- /dev/null
+++ b/vault/version.txt
@@ -0,0 +1 @@
+ui-1.14.0-rc1
\ No newline at end of file