diff --git a/Dockerfile b/dockerfile-kasm-firefox
similarity index 83%
rename from Dockerfile
rename to dockerfile-kasm-firefox
index 6cfee5e..5ba8629 100644
--- a/Dockerfile
+++ b/dockerfile-kasm-firefox
@@ -1,4 +1,6 @@
-FROM kasmweb/core-ubuntu-jammy:1.12.0
+ARG BASE_TAG="1.14.0"
+ARG BASE_IMAGE="core-ubuntu-jammy"
+FROM kasmweb/$BASE_IMAGE:$BASE_TAG
 USER root
 
 ENV HOME /home/kasm-default-profile
@@ -10,6 +12,7 @@ WORKDIR $HOME
 
 ######### Customize Container Here ###########
 
+
 # Install Firefox
 COPY ./src/ubuntu/install/firefox/ $INST_SCRIPTS/firefox/
 COPY ./src/ubuntu/install/firefox/firefox.desktop $HOME/Desktop/
@@ -20,6 +23,9 @@ RUN cp $HOME/.config/xfce4/xfconf/single-application-xfce-perchannel-xml/* $HOME
 RUN cp /usr/share/extra/backgrounds/bg_kasm.png /usr/share/extra/backgrounds/bg_default.png
 RUN apt-get remove -y xfce4-panel
 
+# Setup the custom startup script that will be invoked when the container starts
+#ENV LAUNCH_URL  http://kasmweb.com
+
 COPY ./src/ubuntu/install/firefox/custom_startup.sh $STARTUPDIR/custom_startup.sh
 RUN chmod +x $STARTUPDIR/custom_startup.sh
 
@@ -47,6 +53,9 @@ RUN bash $INST_SCRIPTS/gtk/install_restricted_file_chooser.sh
 
 RUN apt clean
 
+ENV KASM_RESTRICTED_FILE_CHOOSER=1
+COPY ./src/ubuntu/install/gtk/ $INST_SCRIPTS/gtk/
+RUN bash $INST_SCRIPTS/gtk/install_restricted_file_chooser.sh
 
 ######### End Customizations ###########
 
@@ -62,6 +71,6 @@ RUN touch $HOME/.ICAClient/.eula_accepted
 
 COPY ./src/ubuntu/install/citrix/* $HOME/.mozilla/firefox/kasm/
 
-RUN chown -R 1000:0 $HOME
+RUN mkdir -p $HOME && chown -R 1000:0 $HOME
 
-USER 1000
\ No newline at end of file
+USER 1000
diff --git a/src/ubuntu/install/certificates/vtb_group_ca_2_2023.pem b/src/ubuntu/install/certificates/vtb_group_ca_2_2023.pem
new file mode 100644
index 0000000..ea7d036
--- /dev/null
+++ b/src/ubuntu/install/certificates/vtb_group_ca_2_2023.pem
@@ -0,0 +1,36 @@
+-----BEGIN CERTIFICATE-----
+MIIGTDCCBDSgAwIBAgITFgAAABhzHCJGt1qAnwAAAAAAGDANBgkqhkiG9w0BAQsF
+ADA3MQswCQYDVQQGEwJSVTEMMAoGA1UEChMDVlRCMRowGAYDVQQDExFWVEIgR3Jv
+dXAgUm9vdCBDQTAeFw0yMzAzMTQxNTU3NDdaFw0yOTAzMTQxNjA3NDdaMDQxCzAJ
+BgNVBAYTAlJVMQwwCgYDVQQKEwNWVEIxFzAVBgNVBAMTDlZUQiBHcm91cCBDQSAy
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2B4VIOcyBsrvvZXFTh0c
+kQyI9ogszYr32e+GRui7s9Y8GGSbn7H1AvYN7pWOhq+MTs/eAslhAaNbV806J5eX
+35ZAQ2QypU4GP+q42Ea0jrXXLIeLYXXxiuHIfGGE3ioWxBqF9XcVGtmbZNtGxo+y
+9gGEBEqaWh6CvDrgtMzHQwbY6W5mFnlFVHa2fnyC1kvM2lgSM1pwqUqdAMtjUyu5
+ZiGPO4hmbhcZfvtjMEW8AzswNTqJTJ3RocjwufsIpcZB3fSW0UMVyjz9+EklhE1j
+vnlkf9oNCYQ4bgKBsnAONms6ce6Bm+2doXM5TNs3rEjQ8iO1nTZkR76q94eGc3DJ
+JNohfRvBeL/V6M/kLkpnBk5E6PYe06EmNQC/08Cl/ezxKfxRzDRZiuaWbTAKiVYC
+JF7Bvo8bQMxTPmK2ksc5m0UgsDFOxrgH3SsOQ+b41k8iLAo0ffNtfs9fjUvJXHDi
+vUGSJFisrgi0eG5IK7Gyz03Z1UXZAYMaBZm1TrREk9ZqH/zfjNyx2Nyl+SQHE0VE
+Dh15S/ktEJcsKK8oACHSckWQbeyD74mvZ9AJI+VSLV+shCtQO/l1USxsTwFIf+SZ
+DmB7wDwUS6zRshGbN5mztGN9m9JtdtmGCSO5RQxM6yKuIBKsZtgFvL7X717H+Urv
+ZxJ6IneoG2L6cjOxyGR2hK8CAwEAAaOCAVIwggFOMBAGCSsGAQQBgjcVAQQDAgEB
+MCMGCSsGAQQBgjcVAgQWBBSm3RLzGAXtTDb3upr8R53Ju5W69DAdBgNVHQ4EFgQU
+NIg/QOyoa0faFEfc+uLCk1q+MgYwGQYJKwYBBAGCNxQCBAweCgBTAHUAYgBDAEEw
+CwYDVR0PBAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAUJFBv
+tuKM0AJ0ZeG2BrhAgkSjRXkwRgYDVR0fBD8wPTA7oDmgN4Y1aHR0cDovL3BraS52
+dGIucnUvcGtpL2NkcC9WVEIlMjBHcm91cCUyMFJvb3QlMjBDQS5jcmwwUQYIKwYB
+BQUHAQEERTBDMEEGCCsGAQUFBzAChjVodHRwOi8vcGtpLnZ0Yi5ydS9wa2kvYWlh
+L1ZUQiUyMEdyb3VwJTIwUm9vdCUyMENBLmNydDANBgkqhkiG9w0BAQsFAAOCAgEA
+BLUUqf5gb1CJVq6eOk4g7l7uJPvbDkqVM7aJTsckmOkubv4N14ZcXAKlr5qQweS/
+PCHQLwqfw30XYkLQRKaRCF/T9gZvb7xine3/zbxh6IN6O32/2JKEllAUt4oekIe9
++ZCTdnL+pd2tsB4RhhT5hocpKOd4B47qwlF0Cop82EhRzl7MpqBHWip7FpMxq1bc
+S7r1pxLKb/cfvFktU/5h0LTsmcqLdaMHkI733KfsDQTqVtQA+Hpeeg6/pxfwvkdS
+5cOCDl3uGhb16RtP9TpiykSjQ5ec+mrJTBMMt7ixS/OtjdCtBHa8UaO16UlfZcR3
+HARdYoQ9pq5qXt/tghbxzCYB7Ka+i9jB4FDszya47u9+75DWcjG6pTdAo5MNVAAc
+i8HSLOlTKboHU5MYqlX1sKE9wCwgMxh0iGe2Ur9v1UmfRtN9/0eBYfh7GOdGafAI
+3Td+tjFHZWc2GXTRJkDNChu2enkEBn+280pqmvBP3Ny0IbWbKoNutPHDbmTxdVSD
+XAuW9LTeZH8N16WwlKaWW/F0MpCTyrPYXwG3EC5kZyCsoLXhosmSInfYH7CetTIr
+qwPF49DTAgYIcuEz+yauziMdub63/GwfrGTrtfj3cNz+dAsAB8ZXDpDPzsOSAyv3
+vPIwKE7NY+DP6yNdz3xpTw6KmA4UlDYuC5Rf6IzwUbY=
+-----END CERTIFICATE-----
diff --git a/src/ubuntu/install/cleanup/cleanup.sh b/src/ubuntu/install/cleanup/cleanup.sh
new file mode 100644
index 0000000..b39eb08
--- /dev/null
+++ b/src/ubuntu/install/cleanup/cleanup.sh
@@ -0,0 +1,56 @@
+#!/usr/bin/env bash
+set -ex
+
+# Distro package cleanup
+if [[ "${DISTRO}" == @(centos|oracle7) ]] ; then
+  yum clean all
+elif [[ "${DISTRO}" == @(almalinux8|almalinux9|fedora37|fedora38|oracle8|oracle9|rockylinux8|rockylinux9) ]]; then
+  dnf clean all
+elif [ "${DISTRO}" == "opensuse" ]; then
+  zypper clean --all
+elif [[ "${DISTRO}" == @(debian|kali|parrotos5|ubuntu) ]]; then
+  apt-get autoremove -y
+  apt-get autoclean -y
+fi
+
+# File cleanups
+rm -Rf \
+  /home/kasm-default-profile/.cache \
+  /home/kasm-user/.cache \
+  /tmp \
+  /var/lib/apt/lists/* \
+  /var/tmp/*
+mkdir -m 1777 /tmp
+
+# Services we don't want to start disable in xfce init
+rm -f \
+  /etc/xdg/autostart/blueman.desktop \
+  /etc/xdg/autostart/geoclue-demo-agent.desktop \
+  /etc/xdg/autostart/gnome-keyring-pkcs11.desktop \
+  /etc/xdg/autostart/gnome-keyring-secrets.desktop \
+  /etc/xdg/autostart/gnome-keyring-ssh.desktop \
+  /etc/xdg/autostart/gnome-shell-overrides-migration.desktop \
+  /etc/xdg/autostart/light-locker.desktop \
+  /etc/xdg/autostart/org.gnome.Evolution-alarm-notify.desktop \
+  /etc/xdg/autostart/org.gnome.SettingsDaemon.A11ySettings.desktop \
+  /etc/xdg/autostart/org.gnome.SettingsDaemon.Color.desktop \
+  /etc/xdg/autostart/org.gnome.SettingsDaemon.Datetime.desktop \
+  /etc/xdg/autostart/org.gnome.SettingsDaemon.Housekeeping.desktop \
+  /etc/xdg/autostart/org.gnome.SettingsDaemon.Keyboard.desktop \
+  /etc/xdg/autostart/org.gnome.SettingsDaemon.MediaKeys.desktop \
+  /etc/xdg/autostart/org.gnome.SettingsDaemon.Power.desktop \
+  /etc/xdg/autostart/org.gnome.SettingsDaemon.PrintNotifications.desktop \
+  /etc/xdg/autostart/org.gnome.SettingsDaemon.Rfkill.desktop \
+  /etc/xdg/autostart/org.gnome.SettingsDaemon.ScreensaverProxy.desktop \
+  /etc/xdg/autostart/org.gnome.SettingsDaemon.Sharing.desktop \
+  /etc/xdg/autostart/org.gnome.SettingsDaemon.Smartcard.desktop \
+  /etc/xdg/autostart/org.gnome.SettingsDaemon.Sound.desktop \
+  /etc/xdg/autostart/org.gnome.SettingsDaemon.UsbProtection.desktop \
+  /etc/xdg/autostart/org.gnome.SettingsDaemon.Wacom.desktop \
+  /etc/xdg/autostart/org.gnome.SettingsDaemon.Wwan.desktop \
+  /etc/xdg/autostart/org.gnome.SettingsDaemon.XSettings.desktop \
+  /etc/xdg/autostart/pulseaudio.desktop \
+  /etc/xdg/autostart/xfce4-power-manager.desktop \
+  /etc/xdg/autostart/xfce4-screensaver.desktop \
+  /etc/xdg/autostart/xfce-polkit.desktop \
+  /etc/xdg/autostart/xscreensaver.desktop
diff --git a/src/ubuntu/install/firefox/install_firefox.sh b/src/ubuntu/install/firefox/install_firefox.sh
index 690cfa7..5245862 100644
--- a/src/ubuntu/install/firefox/install_firefox.sh
+++ b/src/ubuntu/install/firefox/install_firefox.sh
@@ -1,6 +1,11 @@
 #!/usr/bin/env bash
 set -xe
 
+# Add icon
+if [ -f /dockerstartup/install/ubuntu/install/firefox/firefox.desktop ]; then
+  mv /dockerstartup/install/ubuntu/install/firefox/firefox.desktop $HOME/Desktop/
+fi
+
 ARCH=$(arch | sed 's/aarch64/arm64/g' | sed 's/x86_64/amd64/g')
 
 set_desktop_icon() {
@@ -8,8 +13,8 @@ set_desktop_icon() {
 }
 
 echo "Install Firefox"
-if [[ "${DISTRO}" == @(centos|oracle7|oracle8) ]]; then
-  if [ "${DISTRO}" == "oracle8" ]; then
+if [[ "${DISTRO}" == @(centos|oracle8|rockylinux9|rockylinux8|oracle9|almalinux9|almalinux8|fedora37|fedora38) ]]; then
+  if [[ "${DISTRO}" == @(oracle8|rockylinux9|rockylinux8|oracle9|almalinux9|almalinux8|fedora37|fedora38) ]]; then
     dnf install -y firefox p11-kit
   else
     yum install -y firefox p11-kit
@@ -26,51 +31,108 @@ Pin-Priority: 1001
 ' > /etc/apt/preferences.d/mozilla-firefox
   fi
   apt-get install -y firefox p11-kit-modules
+elif grep -q "ID=debian" /etc/os-release || grep -q "ID=kali" /etc/os-release || grep -q "ID=parrot" /etc/os-release; then
+  echo \
+    "deb http://deb.debian.org/debian/ unstable main contrib non-free" >> \
+    /etc/apt/sources.list
+cat > /etc/apt/preferences.d/99pin-unstable <<EOF
+Package: *
+Pin: release a=stable
+Pin-Priority: 900
+
+Package: *
+Pin: release a=unstable
+Pin-Priority: 10
+EOF
+  apt-get update
+  apt-get install -y -t unstable firefox p11-kit-modules
 else
-  apt-mark unhold firefox
+  apt-mark unhold firefox || :
   apt-get remove firefox
   apt-get update
   apt-get install -y firefox p11-kit-modules
 fi
 
-if [[ "${DISTRO}" == @(centos|oracle7|oracle8) ]]; then
-  if [ "${DISTRO}" == "oracle8" ]; then
-    dnf clean all
+# Add Langpacks
+FIREFOX_VERSION=$(curl -sI https://download.mozilla.org/?product=firefox-latest | awk -F '(releases/|/win32)' '/Location/ {print $2}')
+RELEASE_URL="https://releases.mozilla.org/pub/firefox/releases/${FIREFOX_VERSION}/win64/xpi/"
+LANGS=$(curl -Ls ${RELEASE_URL} | awk -F '(xpi">|</a>)' '/href.*xpi/ {print $2}' | tr '\n' ' ')
+EXTENSION_DIR=/usr/lib/firefox-addons/distribution/extensions/
+mkdir -p ${EXTENSION_DIR}
+for LANG in ${LANGS}; do
+  LANGCODE=$(echo ${LANG} | sed 's/\.xpi//g')
+  echo "Downloading ${LANG} Language pack"
+  curl -o \
+    ${EXTENSION_DIR}langpack-${LANGCODE}@firefox.mozilla.org.xpi -Ls \
+    ${RELEASE_URL}${LANG}
+done
+
+# Cleanup and install flash if supported
+if [[ "${DISTRO}" == @(centos|oracle8|rockylinux9|rockylinux8|oracle9|almalinux9|almalinux8|fedora37|fedora38) ]]; then
+  if [[ "${DISTRO}" == @(oracle8|rockylinux9|rockylinux8|oracle9|almalinux9|almalinux8|fedora37|fedora38) ]]; then
+    if [ -z ${SKIP_CLEAN+x} ]; then
+      dnf clean all
+    fi
   else
-    yum clean all
+    if [ -z ${SKIP_CLEAN+x} ]; then
+      yum clean all
+    fi
   fi
 elif [ "${DISTRO}" == "opensuse" ]; then
-  zypper clean --all
+  if [ -z ${SKIP_CLEAN+x} ]; then
+    zypper clean --all
+  fi
 else
   if [ "$ARCH" == "arm64" ] && [ "$(lsb_release -cs)" == "focal" ] ; then
     echo "Firefox flash player not supported on arm64 Ubuntu Focal Skipping"
+  elif grep -q "ID=debian" /etc/os-release || grep -q "ID=kali" /etc/os-release || grep -q "ID=parrot" /etc/os-release; then
+    echo "Firefox flash player not supported on Debian"
   elif ! grep -q Jammy /etc/os-release; then
-    # Plugin to support running flash videos for sites like vimeo
+    # Plugin to support running flash videos for sites like vimeo 
     apt-get update
     apt-get install -y browser-plugin-freshplayer-pepperflash
     apt-mark hold firefox
-    apt-get clean -y
+    if [ -z ${SKIP_CLEAN+x} ]; then
+      apt-get autoclean
+      rm -rf \
+        /var/lib/apt/lists/* \
+        /var/tmp/*
+    fi
   fi
 fi
 
-if [[ "${DISTRO}" != @(centos|oracle7|oracle8|opensuse) ]]; then
+if [[ "${DISTRO}" != @(centos|oracle8|rockylinux9|rockylinux8|oracle9|almalinux9|almalinux8|opensuse|fedora37|fedora38) ]]; then
   # Update firefox to utilize the system certificate store instead of the one that ships with firefox
-  rm /usr/lib/firefox/libnssckbi.so
+  rm -f /usr/lib/firefox/libnssckbi.so
   ln /usr/lib/$(arch)-linux-gnu/pkcs11/p11-kit-trust.so /usr/lib/firefox/libnssckbi.so
 fi
 
-if [[ "${DISTRO}" == @(centos|oracle7|oracle8) ]]; then
-  preferences_file=/usr/lib64/firefox/browser/defaults/preferences/all-redhat.js
+if [[ "${DISTRO}" == @(centos|oracle8|rockylinux9|rockylinux8|oracle9|almalinux9|almalinux8|fedora37|fedora38) ]]; then
+  if [[ "${DISTRO}" == @(fedora37|fedora38) ]]; then
+    preferences_file=/usr/lib64/firefox/browser/defaults/preferences/firefox-redhat-default-prefs.js
+  else
+    preferences_file=/usr/lib64/firefox/browser/defaults/preferences/all-redhat.js
+  fi
   sed -i -e '/homepage/d' "$preferences_file"
 elif [ "${DISTRO}" == "opensuse" ]; then
   preferences_file=/usr/lib64/firefox/browser/defaults/preferences/firefox.js
 else
   preferences_file=/usr/lib/firefox/browser/defaults/preferences/firefox.js
 fi
-# Disabling default first run URL
-echo "pref(\"datareporting.policy.firstRunURL\", \"\");" >> "$preferences_file"
 
-if [[ "${DISTRO}" == @(centos|oracle7|oracle8|opensuse) ]]; then
+# Disabling default first run URL for Debian based images
+if [[ "${DISTRO}" != @(centos|oracle8|rockylinux9|rockylinux8|oracle9|almalinux9|almalinux8|opensuse|fedora37|fedora38) ]]; then
+cat >"$preferences_file" <<EOF
+pref("datareporting.policy.firstRunURL", "");
+pref("datareporting.policy.dataSubmissionEnabled", false);
+pref("datareporting.healthreport.service.enabled", false);
+pref("datareporting.healthreport.uploadEnabled", false);
+pref("trailhead.firstrun.branches", "nofirstrun-empty");
+pref("browser.aboutwelcome.enabled", false);
+EOF
+fi
+
+if [[ "${DISTRO}" == @(centos|oracle8|rockylinux9|rockylinux8|oracle9|almalinux9|almalinux8|opensuse|fedora37|fedora38) ]]; then
   # Creating a default profile
   firefox -headless -CreateProfile "kasm $HOME/.mozilla/firefox/kasm"
   # Generate a certdb to be detected on squid start
@@ -92,7 +154,7 @@ else
   firefox -headless -CreateProfile "kasm $HOME/.mozilla/firefox/kasm"
 fi
 
-if [[ "${DISTRO}" == @(centos|oracle7|oracle8|opensuse) ]]; then
+if [[ "${DISTRO}" == @(centos|oracle8|rockylinux9|rockylinux8|oracle9|almalinux9|almalinux8|opensuse|fedora37|fedora38) ]]; then
   set_desktop_icon
 fi
 
@@ -100,13 +162,13 @@ fi
 #   based off the installation path. Because that path will be static for our deployments we can assume the hash
 #   and thus assign our profile to the default for the installation
 
-if [[ "${DISTRO}" != @(centos|oracle7|oracle8|opensuse) ]]; then
+if [[ "${DISTRO}" != @(centos|oracle8|rockylinux9|rockylinux8|oracle9|almalinux9|almalinux8|opensuse|fedora37|fedora38) ]]; then
 cat >>$HOME/.mozilla/firefox/profiles.ini <<EOL
 [Install4F96D1932A9F858E]
 Default=kasm
 Locked=1
 EOL
-elif [[ "${DISTRO}" == @(centos|oracle7|oracle8|opensuse) ]]; then
+elif [[ "${DISTRO}" == @(centos|oracle8|rockylinux9|rockylinux8|oracle9|almalinux9|almalinux8|opensuse|fedora37|fedora38) ]]; then
 cat >>$HOME/.mozilla/firefox/profiles.ini <<EOL
 [Install11457493C5A56847]
 Default=kasm
diff --git a/src/ubuntu/install/gtk/install_restricted_file_chooser.sh b/src/ubuntu/install/gtk/install_restricted_file_chooser.sh
index f30adda..4d14fec 100644
--- a/src/ubuntu/install/gtk/install_restricted_file_chooser.sh
+++ b/src/ubuntu/install/gtk/install_restricted_file_chooser.sh
@@ -5,6 +5,7 @@ set -e
 libgtk_deb=libgtk.deb
 ARCH=$(arch | sed 's/aarch64/arm64/g' | sed 's/x86_64/amd64/g')
 
-wget https://kasmweb-build-artifacts.s3.amazonaws.com/kasm-gtk-3-restricted-file-chooser/5ed0c7b5bf4b56562269b3527b3446febc8bd91a/output/libgtk-3-0_3.22.30-1ubuntu4_${ARCH}.deb -O $libgtk_deb
+wget https://kasmweb-build-artifacts.s3.amazonaws.com/kasm-gtk-3-restricted-file-chooser/5d4c4e0e3729156c5ab8cd5ff01e7be87db1dbff/output/libgtk-3-0_3.22.30-1ubuntu4_${ARCH}.deb -O $libgtk_deb
+
 apt-get install -y --allow-downgrades ./"$libgtk_deb"
 rm "$libgtk_deb"
diff --git a/src/ubuntu/install/misc/install_tools.sh b/src/ubuntu/install/misc/install_tools.sh
new file mode 100644
index 0000000..e1ae3c9
--- /dev/null
+++ b/src/ubuntu/install/misc/install_tools.sh
@@ -0,0 +1,11 @@
+#!/usr/bin/env bash
+set -ex
+
+if [ "$DISTRO" = centos ]; then
+  yum install -y nano zip wget
+  yum install epel-release -y
+  yum install xdotool -y
+else
+  apt-get update
+  apt-get install -y nano zip xdotool
+fi
diff --git a/src/ubuntu/install/pkgs/icaclient_22.12.0.12_amd64.deb b/src/ubuntu/install/pkgs/icaclient_22.12.0.12_amd64.deb
deleted file mode 100644
index a49c080..0000000
Binary files a/src/ubuntu/install/pkgs/icaclient_22.12.0.12_amd64.deb and /dev/null differ
diff --git a/src/ubuntu/install/pkgs/icaclient_23.9.0.24_amd64.deb b/src/ubuntu/install/pkgs/icaclient_23.9.0.24_amd64.deb
new file mode 100644
index 0000000..23c2096
Binary files /dev/null and b/src/ubuntu/install/pkgs/icaclient_23.9.0.24_amd64.deb differ
diff --git a/src/ubuntu/install/tools/install_tools_deluxe.sh b/src/ubuntu/install/tools/install_tools_deluxe.sh
new file mode 100644
index 0000000..edf169d
--- /dev/null
+++ b/src/ubuntu/install/tools/install_tools_deluxe.sh
@@ -0,0 +1,5 @@
+#!/usr/bin/env bash
+set -ex
+apt-get update
+apt-get install -y vlc git tmux
+