diff --git a/.github/workflows/container.yaml b/.github/workflows/container.yaml
index 995846ad4..98b0f1fb8 100644
--- a/.github/workflows/container.yaml
+++ b/.github/workflows/container.yaml
@@ -27,16 +27,14 @@ jobs:
         uses: docker/metadata-action@v5
         with:
           images: |
-            ghcr.io/${{ github.repository }}/libra-node
+            ghcr.io/${{ github.repository_owner }}/libra-node
           tags: |
-            # tag as branch name
+            # tag as git sha
             type=sha,enable=true,priority=100,prefix=,suffix=,format=long
             # tag canary releases
             type=raw,value=canary,enable=${{contains(env.BRANCH_NAME, 'canary')}}
             # tag ci bins releases
             type=raw,value=ci-bins,enable=${{contains(env.BRANCH_NAME, 'ci-bins')}}
-            # if is in MAIN branch, also tag as latest
-            type=raw,value=latest,enable={{is_default_branch}}
             # tag version
             type=semver,pattern={{version}}
 
@@ -53,7 +51,7 @@ jobs:
         uses: docker/build-push-action@v6
         with:
           context: .
-          file: ./container/for-registry/Containerfile
+          file: ./container/Containerfile
           push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
diff --git a/container/Containerfile b/container/Containerfile
new file mode 100644
index 000000000..1f8e6b06b
--- /dev/null
+++ b/container/Containerfile
@@ -0,0 +1,40 @@
+# Built from https://github.com/rust-lang/docker-rust
+# Note we specify an explicit version of the image as a workaround for the fact that
+# on developer machines "latest" gets pulled once at the beginning of time then never
+# updated. So unfortunately we will need to maintain the version here.
+FROM rust:1.88 AS builder
+
+# Install build dependencies
+RUN apt update && apt install -y build-essential lld pkg-config libssl-dev libgmp-dev clang
+
+WORKDIR /usr/libra
+COPY . .
+# We specify -j 1 to avoid OOM-killing the build
+ARG LIBRA_CARGO_CONCURRENCY=1
+RUN cargo build -j $LIBRA_CARGO_CONCURRENCY --release
+
+# Note we specify an explicit version of the image as a workaround for the fact that
+# on developer machines "latest" gets pulled once at the beginning of time then never
+# updated. So unfortunately we will need to maintain the version here.
+FROM ubuntu:24.04
+RUN apt update && apt install -y ca-certificates
+
+COPY --from=builder /usr/libra/target/release/libra /usr/libra/target/release/libra-* /usr/local/bin/
+
+COPY container/run.sh /run.sh
+COPY container/change-uid.sh /change-uid.sh
+
+# Mount this path to persist node config and storage
+VOLUME ["/mnt/libra"]
+# Validator p2p port (not used by FN)
+EXPOSE 6180/tcp
+# VFN p2p port (not used by FN)
+EXPOSE 6181/tcp
+# FN p2p port (not used by Validators)
+EXPOSE 6182/tcp
+# API http service
+EXPOSE 8080/tcp
+
+SHELL ["/bin/bash", "-c"]
+CMD "/run.sh"
+CMD ["/change-uid.sh", "/run.sh"]
diff --git a/container/change-uid.sh b/container/change-uid.sh
new file mode 100755
index 000000000..40b692458
--- /dev/null
+++ b/container/change-uid.sh
@@ -0,0 +1,32 @@
+#!/usr/bin/env bash
+
+set -e
+
+# If USER_UID is not defined we skip everything and run as the default user (usually root)
+if [[ ${USER_UID} ]]; then
+    # If USER_UID set but USER_GID was not set then we set it to the value of USER_UID
+    if [[ -z ${USER_GID} ]]; then
+        USER_GID=$USER_UID
+    fi
+    # Now we have USER_UID and USER_GID
+    # Check if USER_UID is 1000
+    if [[ ${USER_UID} == "1000" ]]; then
+        # If so we don't need to create a user because the Ubuntu continer already has uid=1000 setup
+        echo "Running as default user: ubuntu"
+    else
+        # We need to change the uid/gid on the ubuntu user
+        usermod -u $USER_UID ubuntu
+        groupmod -g $USER_GID ubuntu
+        echo "Changed uid:gid for user ubuntu to: ${USER_UID}:${USER_GID}"
+        # Change ownership of the ubuntu user's homedir to the new uid
+        chown -R ubuntu:ubuntu /home/ubuntu
+    fi
+    run_as_ubuntu=1
+fi # USER_UID wasn't defined
+
+# Now run the container's workload as either the current user or the ubuntu user
+if [[ ${run_as_ubuntu} ]]; then
+    su - ubuntu -c $1
+else
+    $1
+fi
diff --git a/container/for-registry/Containerfile b/container/for-registry/Containerfile
deleted file mode 100644
index f697d4497..000000000
--- a/container/for-registry/Containerfile
+++ /dev/null
@@ -1,15 +0,0 @@
-# Built from https://github.com/rust-lang/docker-rust
-# "latest" has a Debian base
-FROM rust:latest AS builder
-
-# Install build dependencies
-RUN apt update && apt install -y build-essential lld pkg-config libssl-dev libgmp-dev clang
-
-WORKDIR /usr/libra
-COPY . .
-RUN cargo build --release
-
-FROM ubuntu:latest
-RUN apt update && apt install -y ca-certificates
-
-COPY --from=builder /usr/libra/target/release/libra /usr/libra/target/release/libra-* /usr/local/bin/
diff --git a/container/run.sh b/container/run.sh
new file mode 100755
index 000000000..72c63ccdc
--- /dev/null
+++ b/container/run.sh
@@ -0,0 +1,28 @@
+#!/usr/bin/env bash
+#
+# LIBRA_CONTAINER_MODE : validator|vfn|fullnode
+# Currently only supports fullnode mode
+
+# Hack to work around the libra tools not allowing arbitrary config paths
+export HOME=/mnt/libra
+
+# Check if this container has already been configured
+libra_home=${HOME}/.libra
+file_indicating_already_configured="fullnode.yml"
+if [[ ! -f ${libra_home}/${file_indicating_already_configured} ]]; then
+	echo "No existing config detected, initializing as a fullnode..."
+	# If not, run libra config
+	libra config fullnode-init --archive-mode false
+	result=$?
+	if [[ $result != 0 ]]; then
+		echo "Fatal Error: libra config failed"
+		exit 1
+	fi
+	echo "Initialized"
+else
+	echo "Container already configured"
+fi
+# Otherwise fall through to start node
+# Start node
+echo "Starting libra node"
+libra node
diff --git a/container/README.md b/testnet/README.md
similarity index 100%
rename from container/README.md
rename to testnet/README.md
diff --git a/container/compose.yaml b/testnet/compose.yaml
similarity index 83%
rename from container/compose.yaml
rename to testnet/compose.yaml
index 9b74649f8..7eff35be8 100644
--- a/container/compose.yaml
+++ b/testnet/compose.yaml
@@ -1,7 +1,7 @@
 services:
   alice:
     #image: ubuntu:22.04
-    image: ghcr.io/0lnetworkcommunity/libra-framework/libra-node:latest
+    image: ghcr.io/0lnetworkcommunity/libra-node:latest
     container_name: libra_alice
     hostname: alice
     environment:
@@ -17,7 +17,7 @@ services:
 
   bob:
     #image: ubuntu:22.04
-    image: ghcr.io/0lnetworkcommunity/libra-framework/libra-node:latest
+    image: ghcr.io/0lnetworkcommunity/libra-node:latest
     container_name: libra_bob
     hostname: bob
     depends_on:
@@ -35,7 +35,7 @@ services:
 
   carol:
     #image: ubuntu:22.04
-    image: ghcr.io/0lnetworkcommunity/libra-framework/libra-node:latest
+    image: ghcr.io/0lnetworkcommunity/libra-node:latest
     container_name: libra_carol
     hostname: carol
     depends_on:
diff --git a/container/entrypoint.sh b/testnet/entrypoint.sh
similarity index 100%
rename from container/entrypoint.sh
rename to testnet/entrypoint.sh
diff --git a/container/install_runtime.sh b/testnet/install_runtime.sh
similarity index 100%
rename from container/install_runtime.sh
rename to testnet/install_runtime.sh
diff --git a/container/reset.sh b/testnet/reset.sh
similarity index 100%
rename from container/reset.sh
rename to testnet/reset.sh
diff --git a/container/watch_testnet.sh b/testnet/watch_testnet.sh
similarity index 100%
rename from container/watch_testnet.sh
rename to testnet/watch_testnet.sh