diff --git a/.gitea/workflows/build-release.yml b/.gitea/workflows/build-release.yml
new file mode 100644
index 0000000..5e933be
--- /dev/null
+++ b/.gitea/workflows/build-release.yml
@@ -0,0 +1,29 @@
+name: Build Coredns with netboxdns plugin
+on: [push]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v5
+
+      - name: Restore build state
+        uses: actions/cache/restore@v4
+        with:
+          path: .build-state
+          key: coredns-netboxdns-${{ runner.os }}
+
+      - name: Build
+        env:
+          CI_REGISTRY_USER: ${{ secrets.CI_REGISTRY_USER }}
+          CI_REGISTRY_PASSWORD: ${{ secrets.CI_REGISTRY_PASSWORD }}
+        run: ./ci/build.sh 
+
+      - name: Save build metadata
+        uses: actions/cache/save@v4
+        with:
+          path: .build-state
+          key: coredns-netboxdns-${{ runner.os }} 
+
+
diff --git a/ci/build.sh b/ci/build.sh
new file mode 100755
index 0000000..2fba7b3
--- /dev/null
+++ b/ci/build.sh
@@ -0,0 +1,145 @@
+#!/usr/bin/env bash
+set -xeuo pipefail
+
+main() {
+  # Location to persist build metadata between runs (use Actions cache on this). [web:51][web:52]
+  BUILD_STATE_DIR="${BUILD_STATE_DIR:-${GITHUB_WORKSPACE:-.}/.build-state}"
+  mkdir -p "${BUILD_STATE_DIR}"
+  META_FILE="${BUILD_STATE_DIR}/coredns-netboxdns.meta"
+
+  GO_VERSION=$(curl -s 'https://go.dev/VERSION?m=text' | head -n1)
+  ACTION_REPO_DIR="${PWD}"
+  ACTION_COMMIT="$(git rev-parse HEAD)"
+
+  # 2. Create temp directory
+  TMPDIR="$(mktemp -d)"
+  echo "Using temp dir: ${TMPDIR}"
+
+  cd "${TMPDIR}"
+  mkdir golang
+  cd golang
+  GOLANG_URL="https://go.dev/dl/${GO_VERSION}.linux-amd64.tar.gz"
+  wget "${GOLANG_URL}"
+  tar xzf "${GO_VERSION}.linux-amd64.tar.gz"
+  PATH="${PATH}:$PWD/go/bin"
+
+  cd "${ACTION_REPO_DIR}"
+  go mod edit -go "$(echo "${GO_VERSION}" | sed 's/^go//')"
+
+  # 3. Clone CoreDNS
+  cd "${TMPDIR}"
+  COREDNS_REPO_URL="https://github.com/coredns/coredns.git"
+  COREDNS_DIR="${TMPDIR}/coredns"
+
+  # 4. Checkout coredns to latest release
+  git clone --depth=1 --filter=blob:none --tags "${COREDNS_REPO_URL}" "${COREDNS_DIR}"
+  cd "${COREDNS_DIR}"
+  git fetch --tags
+  COREDNS_LATEST_VERSION="$(git tag --list --sort=-version:refname | head -n 1)"
+  git fetch --tags --depth=1 origin "${COREDNS_LATEST_VERSION}"
+  git checkout "${COREDNS_LATEST_VERSION}"
+
+  echo "CoreDNS version (tag): ${COREDNS_LATEST_VERSION}"
+  echo "Action repo commit    : ${ACTION_COMMIT}"
+
+  # 4b. Skip build if same CoreDNS version and same action repo commit as last time.  # NEW
+  if [ -f "${META_FILE}" ]; then
+    LAST_COREDNS_TAG="$(sed -n 's/^COREDNS_TAG=//p' "${META_FILE}")"
+    LAST_ACTION_COMMIT="$(sed -n 's/^ACTION_COMMIT=//p' "${META_FILE}")"
+
+    if [ "${LAST_COREDNS_TAG}" = "${COREDNS_LATEST_VERSION}" ] &&
+      [ "${LAST_ACTION_COMMIT}" = "${ACTION_COMMIT}" ]; then
+      echo "No changes in CoreDNS version or action repo commit since last build."
+      echo "Skipping build and upload."
+      exit 0
+    fi
+  fi
+
+  # 5. Update plugin.cfg to include netboxdns plugin
+  #    Insert netboxdns after the 'cache' plugin entry as recommended.
+  if ! grep -q '^netboxdns:' plugin.cfg; then
+    awk '
+      /^cache:/ {
+        print
+        print "netboxdns:github.com/doubleu-labs/coredns-netbox-plugin-dns"
+        next
+      }
+      { print }
+    ' plugin.cfg >plugin.cfg.new
+    mv plugin.cfg.new plugin.cfg
+  fi
+
+  # 6. Update coredns repo to latest golang version
+  # TODO: do we need this? I think we should actually force the plugin to use the coredns configured golang version
+  # this possibly only works because coredns is using the latest golang version
+  go mod edit -go "$(echo "${GO_VERSION}" | sed 's/^go//')"
+
+  # 7. go mod replace plugin path to the cloned action repo
+  #    This assumes the plugin lives at github.com/doubleu-labs/coredns-netbox-plugin-dns in your repo.
+
+  go mod edit -replace=github.com/doubleu-labs/coredns-netbox-plugin-dns="${ACTION_REPO_DIR}"
+
+  # 7. Regenerate plugin source files
+  #    CoreDNS uses go generate (via Makefile) to rebuild plugin glue code.
+
+  make gen
+
+  # 9. Compile CoreDNS
+  make coredns || make
+
+  # 10. Strip the binary
+  STRIP_BIN="${STRIP_BIN:-strip}"
+  "${STRIP_BIN}" ./coredns
+
+  # 11. Create a .deb installing /usr/local/bin/coredns
+  #     Minimal Debian package using dpkg-deb.
+  PKG_ROOT="${TMPDIR}/pkg-root"
+  mkdir -p "${PKG_ROOT}/DEBIAN" "${PKG_ROOT}/usr/local/bin"
+
+  # Basic metadata; tweak as needed
+  PKG_NAME="coredns-netboxdns"
+  PKG_VERSION="$(echo "${COREDNS_LATEST_VERSION}" | sed 's/^v//')"
+  PKG_ARCH="$(dpkg --print-architecture 2>/dev/null || echo amd64)"
+
+  cat >"${PKG_ROOT}/DEBIAN/control" <<EOF
+Package: ${PKG_NAME}
+Version: ${PKG_VERSION}-$(date +%Y%m%d%H%M) 
+Section: net
+Priority: optional
+Architecture: ${PKG_ARCH}
+Maintainer: CI <restitux@ohea.xyz>
+Description: CoreDNS with netboxdns plugin
+ Custom CoreDNS build with netboxdns plugin compiled in.
+EOF
+
+  install -m 0755 ./coredns "${PKG_ROOT}/usr/local/bin/coredns"
+
+  DEB_OUT="${TMPDIR}/${PKG_NAME}_${PKG_VERSION}_${PKG_ARCH}.deb"
+  dpkg-deb --build "${PKG_ROOT}" "${DEB_OUT}"
+
+  echo "Built Debian package at: ${DEB_OUT}"
+
+  # 12. Upload the package to Gitea Debian registry
+  #     Gitea uses HTTP PUT with the .deb in the request body.
+  DEB_REGISTRY_URL="https://git.ohea.xyz/api/packages/dns/debian/pool/trixie/main/upload"
+  echo "Uploading ${DEB_OUT} to ${DEB_REGISTRY_URL}"
+  curl \
+    --fail \
+    --show-error \
+    --silent \
+    --request PUT \
+    --user "${CI_REGISTRY_USER}:${CI_REGISTRY_PASSWORD}" \
+    --upload-file "${DEB_OUT}" \
+    "${DEB_REGISTRY_URL}"
+
+  # 13. Store metadata for next run (so it can be used with actions/cache).  # NEW
+  cat >"${META_FILE}" <<EOF
+COREDNS_TAG=${COREDNS_LATEST_VERSION}
+ACTION_COMMIT=${ACTION_COMMIT}
+EOF
+
+  echo "Updated build metadata at ${META_FILE}"
+
+}
+
+main "$@"