diff --git a/.github/workflows/permissions.yml b/.github/workflows/permissions.yml
new file mode 100644
index 0000000..2df6b61
--- /dev/null
+++ b/.github/workflows/permissions.yml
@@ -0,0 +1,9 @@
+name: Permission check
+on:
+  pull_request:
+    paths:
+      - '**/run'
+      - '**/finish'
+jobs:
+  permission_check:
+    uses: linuxserver/github-workflows/.github/workflows/init-svc-executable-permissions.yml@v1
diff --git a/Dockerfile b/Dockerfile
index b1f5d20..465330b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,5 +1,5 @@
 ## Buildstage ##
-FROM ghcr.io/linuxserver/baseimage-alpine:3.15 as buildstage
+FROM ghcr.io/linuxserver/baseimage-alpine:3.17 as buildstage
 
 ARG DOCKER_RELEASE
 ARG COMPOSE_RELEASE
@@ -7,7 +7,6 @@ ARG COMPOSE_RELEASE
 RUN \
   echo "**** install packages ****" && \
   apk add --no-cache \
-    curl \
     git \
     go && \
   echo "**** retrieve latest version ****" && \
@@ -67,7 +66,21 @@ RUN \
   cd /tmp/compose-switch && \
   CGO_ENABLED=0 GOOS=linux GOARCH=arm go build -ldflags="-s -w -X github.com/docker/compose-switch/internal.Version=${SWITCH_RELEASE}" -o /root-layer/docker-tgz/compose-switch_armv7l ./main.go && \
   chmod +x /root-layer/docker-tgz/* && \
-  rm -rf /tmp/*
+  rm -rf /tmp/* && \
+  echo "**** retrieve latest buildx version ****" && \
+  BUILDX_RELEASE=$(curl -sX GET "https://api.github.com/repos/docker/buildx/releases/latest" \
+    | awk '/tag_name/{print $4;exit}' FS='[""]') && \
+  echo "**** grab buildx ****" && \
+  curl -fo \
+    /root-layer/docker-tgz/docker-buildx_x86_64 -L \
+    "https://github.com/docker/buildx/releases/download/${BUILDX_RELEASE}/buildx-${BUILDX_RELEASE}.linux-amd64" && \
+  curl -fo \
+    /root-layer/docker-tgz/docker-buildx_armv7l -L \
+    "https://github.com/docker/buildx/releases/download/${BUILDX_RELEASE}/buildx-${BUILDX_RELEASE}.linux-arm-v7" && \
+  curl -fo \
+    /root-layer/docker-tgz/docker-buildx_aarch64 -L \
+    "https://github.com/docker/buildx/releases/download/${BUILDX_RELEASE}/buildx-${BUILDX_RELEASE}.linux-arm64"
+
 
 # copy local files
 COPY root/ /root-layer/
diff --git a/root/etc/cont-init.d/98-docker-in-docker b/root/etc/cont-init.d/98-docker-in-docker
index e25712b..c37cb61 100644
--- a/root/etc/cont-init.d/98-docker-in-docker
+++ b/root/etc/cont-init.d/98-docker-in-docker
@@ -35,6 +35,7 @@ if [ -d "/docker-tgz" ] ; then
     echo "Copying over docker and docker-compose binaries"
     mkdir -p /usr/local/lib/docker/cli-plugins
     mv "/docker-tgz/docker-compose_${ARCH}" /usr/local/lib/docker/cli-plugins/docker-compose
+    mv "/docker-tgz/docker-buildx_${ARCH}" /usr/local/lib/docker/cli-plugins/docker-buildx
     mv "/docker-tgz/compose-switch_${ARCH}" /usr/local/bin/docker-compose
     tar xf /docker-tgz/docker_${ARCH}.tgz \
         --strip-components=1 -C \
diff --git a/root/etc/s6-overlay/s6-rc.d/init-mod-universal-docker-in-docker-add-package/run b/root/etc/s6-overlay/s6-rc.d/init-mod-universal-docker-in-docker-add-package/run
index ed9e19a..5ffb2ed 100755
--- a/root/etc/s6-overlay/s6-rc.d/init-mod-universal-docker-in-docker-add-package/run
+++ b/root/etc/s6-overlay/s6-rc.d/init-mod-universal-docker-in-docker-add-package/run
@@ -37,6 +37,7 @@ if [ -d "/docker-tgz" ] ; then
     echo "Copying over docker and docker-compose binaries"
     mkdir -p /usr/local/lib/docker/cli-plugins
     mv "/docker-tgz/docker-compose_${ARCH}" /usr/local/lib/docker/cli-plugins/docker-compose
+    mv "/docker-tgz/docker-buildx_${ARCH}" /usr/local/lib/docker/cli-plugins/docker-buildx
     mv "/docker-tgz/compose-switch_${ARCH}" /usr/local/bin/docker-compose
     tar xf /docker-tgz/docker_${ARCH}.tgz \
         --strip-components=1 -C \