diff --git a/.github/workflows/build_container.yml b/.github/workflows/build_container.yml
index 08fb0f7..15ded6b 100644
--- a/.github/workflows/build_container.yml
+++ b/.github/workflows/build_container.yml
@@ -18,8 +18,11 @@ jobs:
       - name: Source checkout
         uses: actions/checkout@v4
 
+      - name: 'Setup yq'
+        uses: dcarbone/install-yq-action@v1.3.1
+
       - id: set-matrix
-        run: echo "matrix=$(cat build_versions.json | jq -c)" >> $GITHUB_OUTPUT
+        run: echo "matrix=$(yq -o json build_versions.yaml | jq -c)" >> $GITHUB_OUTPUT
 
   build-X86-container:
     runs-on: ubuntu-24.04
@@ -36,7 +39,7 @@ jobs:
           registry_password: ${{ secrets.GITHUB_TOKEN }}
           build_args: |
             OPENVOX_RELEASE=${{ matrix.release }}
-            OPENVOXDB_VERSION=${{ matrix.version }}
+            OPENVOXDB_VERSION=${{ matrix.db_version }}
           build_arch: linux/amd64
           build_context: openvoxdb
           buildfile: openvoxdb/Containerfile
@@ -58,7 +61,7 @@ jobs:
           registry_password: ${{ secrets.GITHUB_TOKEN }}
           build_args: |
             OPENVOX_RELEASE=${{ matrix.release }}
-            OPENVOXDB_VERSION=${{ matrix.version }}
+            OPENVOXDB_VERSION=${{ matrix.db_version }}
           build_arch: linux/arm64
           build_context: openvoxdb
           buildfile: openvoxdb/Containerfile
@@ -85,13 +88,22 @@ jobs:
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
+      - name: Extract version number
+        id: extract_version
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const agentVersion = '${{ matrix.db_version }}';
+            const version = agentVersion.split('-')[0];
+            core.setOutput('version', version);
+
       - name: Create multi arch manifests
         run: |
-          docker buildx imagetools create -t ghcr.io/openvoxproject/openvoxdb:${{ matrix.version }}-${{ github.ref_name }} \
+          docker buildx imagetools create -t ghcr.io/openvoxproject/openvoxdb:${{ steps.extract_version.outputs.version }}-${{ github.ref_name }} \
             ghcr.io/openvoxproject/openvoxdb:${{ matrix.release }}-${{ github.sha }}-arm64 \
             ghcr.io/openvoxproject/openvoxdb:${{ matrix.release }}-${{ github.sha }}-x86_64
 
-          docker buildx imagetools create -t ghcr.io/openvoxproject/openvoxdb:${{ matrix.version }}-latest \
+          docker buildx imagetools create -t ghcr.io/openvoxproject/openvoxdb:${{ steps.extract_version.outputs.version }}-latest \
             ghcr.io/openvoxproject/openvoxdb:${{ matrix.release }}-${{ github.sha }}-arm64 \
             ghcr.io/openvoxproject/openvoxdb:${{ matrix.release }}-${{ github.sha }}-x86_64
 
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index b6e5264..4b636ac 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -16,8 +16,11 @@ jobs:
       - name: Source checkout
         uses: actions/checkout@v4
 
+      - name: 'Setup yq'
+        uses: dcarbone/install-yq-action@v1.3.1
+
       - id: set-matrix
-        run: echo "matrix=$(jq -c . build_versions.json)" >> $GITHUB_OUTPUT
+        run: echo "matrix=$(yq -o json build_versions.yaml | jq -c)" >> $GITHUB_OUTPUT
 
   general_ci:
     permissions:
@@ -41,16 +44,26 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@v4
 
+      - name: Extract version number
+        id: extract_version
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const agentVersion = '${{ matrix.db_version }}';
+            const version = agentVersion.split('-')[0];
+            core.setOutput('version', version);
+
+
       - name: Build image
         uses: docker/build-push-action@v6
         with:
-          tags: 'ci/openvoxdb:${{ matrix.version }}'
+          tags: 'ci/openvoxdb:${{ steps.extract_version.outputs.version }}'
           context: openvoxdb
           file: openvoxdb/Containerfile
           push: false
           build-args: |
             OPENVOX_RELEASE=${{ matrix.release }}
-            OPENVOXDB_VERSION=${{ matrix.version }}
+            OPENVOXDB_VERSION=${{ matrix.db_version }}
 
   tests:
     needs:
diff --git a/.github/workflows/security_scanning.yml b/.github/workflows/security_scanning.yml
index db8a4cd..4e9d44c 100644
--- a/.github/workflows/security_scanning.yml
+++ b/.github/workflows/security_scanning.yml
@@ -18,8 +18,11 @@ jobs:
       - name: Source checkout
         uses: actions/checkout@v4
 
+      - name: 'Setup yq'
+        uses: dcarbone/install-yq-action@v1.3.1
+
       - id: set-matrix
-        run: echo "matrix=$(jq -c . build_versions.json)" >> $GITHUB_OUTPUT
+        run: echo "matrix=$(yq -o json build_versions.yaml | jq -c)" >> $GITHUB_OUTPUT
 
   scan_ci_container:
     name: 'Scan CI container'
@@ -35,22 +38,32 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@v4
 
+      - name: Extract version number
+        id: extract_version
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const agentVersion = '${{ matrix.db_version }}';
+            const version = agentVersion.split('-')[0];
+            core.setOutput('version', version);
+
+
       - name: Build CI container
         uses: docker/build-push-action@v6
         with:
-          tags: 'ci/openvoxdb:${{ matrix.version }}'
+          tags: 'ci/openvoxdb:${{ steps.extract_version.outputs.version }}'
           context: openvoxdb
           file: openvoxdb/Containerfile
           push: false
           build-args: |
             OPENVOX_RELEASE=${{ matrix.release }}
-            OPENVOXDB_VERSION=${{ matrix.version }}
+            OPENVOXDB_VERSION=${{ matrix.db_version }}
 
       - name: Scan image with Anchore Grype
         uses: anchore/scan-action@v6
         id: scan
         with:
-          image: 'ci/openvoxdb:${{ matrix.version }}'
+          image: 'ci/openvoxdb:${{ steps.extract_version.outputs.version }}'
           fail-build: false
 
       - name: Inspect action SARIF report
diff --git a/build_versions.json b/build_versions.json
deleted file mode 100644
index 18fafae..0000000
--- a/build_versions.json
+++ /dev/null
@@ -1,12 +0,0 @@
-{
-  "include": [
-    {
-      "release": 8,
-      "version": "8.9.0"
-    },
-    {
-      "release": 7,
-      "version": "7.21.1"
-    }
-  ]
-}
diff --git a/build_versions.yaml b/build_versions.yaml
new file mode 100644
index 0000000..dddc9a2
--- /dev/null
+++ b/build_versions.yaml
@@ -0,0 +1,9 @@
+---
+include:
+  - release: 7
+    # renovate: depName=openvoxdb openVoxRelease=7
+    db_version: "7.21.1-1+ubuntu24.04"
+
+  - release: 8
+    # renovate: depName=openvoxdb openVoxRelease=8
+    db_version: "8.9.0-1+ubuntu24.04"
diff --git a/openvoxdb/Containerfile b/openvoxdb/Containerfile
index 0cdb0e2..4590f2e 100644
--- a/openvoxdb/Containerfile
+++ b/openvoxdb/Containerfile
@@ -15,17 +15,15 @@ LABEL org.label-schema.maintainer="Voxpupuli Release Team <voxpupuli@groups.io>"
       org.label-schema.vcs-ref="$vcs_ref" \
       org.label-schema.build-date="$build_date"
 
-ARG TARGETARCH
 ARG PACKAGES="ca-certificates curl dnsutils netcat-traditional dumb-init"
 
 ARG LOGDIR
 ENV LOGDIR=${LOGDIR:-/opt/puppetlabs/server/data/puppetdb/logs}
 
-ARG OPENVOX_RELEASE
-ENV OPENVOX_RELEASE=${OPENVOX_RELEASE:-8}
-
-ARG OPENVOXDB_VERSION
-ENV OPENVOXDB_VERSION=${OPENVOXDB_VERSION:-8.9.0}
+ARG UBUNTU_VERSION=24.04
+ARG OPENVOX_RELEASE=8
+ARG OPENVOXDB_VERSION=8.9.0+ubuntu${UBUNTU_VERSION}
+ARG OPENVOX_RELEASE_PACKAGE=openvox${OPENVOX_RELEASE}-release-ubuntu${UBUNTU_VERSION}.deb
 
 ARG SSLDIR
 ENV SSLDIR=${SSLDIR:-/opt/puppetlabs/server/data/puppetdb/certs}
@@ -42,7 +40,6 @@ ENV CERTNAME="openvoxdb" \
     OPENVOXDB_POSTGRES_PORT="5432" \
     OPENVOXDB_REPORT_TTL=14d \
     OPENVOXDB_POSTGRES_USER=openvoxdb \
-    UBUNTU_VERSION="24.04" \
     OPENVOXDB_CERTIFICATE_ALLOWLIST="" \
     USE_OPENVOXSERVER=true \
     WAITFORCERT=""
@@ -57,15 +54,14 @@ COPY docker-entrypoint.d /docker-entrypoint.d
 
 ADD https://apt.overlookinfratech.com/openvox${OPENVOX_RELEASE}-release-ubuntu${UBUNTU_VERSION}.deb /
 RUN apt-get update && \
-    apt-get install -y ca-certificates && \
-    dpkg -i /openvox${OPENVOX_RELEASE}-release-ubuntu${UBUNTU_VERSION}.deb && \
-    rm /openvox${OPENVOX_RELEASE}-release-ubuntu${UBUNTU_VERSION}.deb
+    apt-get install -y ca-certificates /${OPENVOX_RELEASE_PACKAGE} && \
+    rm /${OPENVOX_RELEASE_PACKAGE}
 
 RUN apt update && \
     apt upgrade -y && \
     apt install --no-install-recommends -y ${PACKAGES} && \
     chmod +x /ssl.sh /wtfc.sh /docker-entrypoint.sh /healthcheck.sh /docker-entrypoint.d/*.sh && \
-    apt install -y openvoxdb=${OPENVOXDB_VERSION}-1+ubuntu${UBUNTU_VERSION} && \
+    apt install -y openvoxdb=${OPENVOXDB_VERSION} && \
     apt autoremove -y && \
     apt clean && \
     rm -rf /var/lib/apt/lists/* && \
diff --git a/renovate.json b/renovate.json
index 5db72dd..710e4d3 100644
--- a/renovate.json
+++ b/renovate.json
@@ -2,5 +2,14 @@
   "$schema": "https://docs.renovatebot.com/renovate-schema.json",
   "extends": [
     "config:recommended"
+  ],
+  "customManagers": [
+    {
+      "customType": "regex",
+      "fileMatch": ["build_versions.yaml"],
+      "matchStrings": ["#\\s*renovate:\\s*depName=(?<depName>.*?)\\s*openVoxRelease=(?<openVoxRelease>\\d+)\\s*\\n\\s*(?<key>\\w+_version):\\s*\"(?<currentValue>.*?)\""],
+      "registryUrlTemplate": "https://apt.overlookinfratech.com?suite=ubuntu24.04&components=openvox{{openVoxRelease}}&binaryArch=amd64",
+      "datasourceTemplate": "deb"
+    }
   ]
 }