diff --git a/Dockerfile b/Dockerfile
index 6082536..a5069fa 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM ghcr.io/linuxserver/baseimage-ubuntu:focal
+FROM ghcr.io/linuxserver/baseimage-ubuntu:jammy
 
 # set version label
 ARG BUILD_DATE
@@ -8,30 +8,24 @@ LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DA
 LABEL maintainer="aptalca"
 
 # environment settings
+ARG DEBIAN_FRONTEND="noninteractive"
 ENV HOME="/config"
 
 RUN \
-  echo "**** install node repo ****" && \
-  curl -s https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add - && \
-  echo 'deb https://deb.nodesource.com/node_14.x focal main' \
-    > /etc/apt/sources.list.d/nodesource.list && \
-  echo "**** install build dependencies ****" && \
-  apt-get update && \
-  apt-get install -y \
-    build-essential \
-    nodejs && \
   echo "**** install runtime dependencies ****" && \
-  apt-get install -y \
+  apt-get update && \
+  apt-get install -y --no-install-recommends \
     git \
     jq \
     libatomic1 \
     nano \
     net-tools \
+    netcat \
     sudo && \
   echo "**** install code-server ****" && \
   if [ -z ${CODE_RELEASE+x} ]; then \
     CODE_RELEASE=$(curl -sX GET https://api.github.com/repos/coder/code-server/releases/latest \
-    | awk '/tag_name/{print $4;exit}' FS='[""]' | sed 's|^v||'); \
+      | awk '/tag_name/{print $4;exit}' FS='[""]' | sed 's|^v||'); \
   fi && \
   mkdir -p /app/code-server && \
   curl -o \
@@ -39,22 +33,13 @@ RUN \
     "https://github.com/coder/code-server/releases/download/v${CODE_RELEASE}/code-server-${CODE_RELEASE}-linux-amd64.tar.gz" && \
   tar xf /tmp/code-server.tar.gz -C \
     /app/code-server --strip-components=1 && \
-  echo "**** patch 4.0.2 ****" && \
-  if [ "${CODE_RELEASE}" = "4.0.2" ] && [ "$(uname -m)" !=  "x86_64" ]; then \
-    cd /app/code-server && \
-    npm i --production @node-rs/argon2; \
-  fi && \
   echo "**** clean up ****" && \
-  apt-get purge --auto-remove -y \
-    build-essential \
-    nodejs && \
   apt-get clean && \
   rm -rf \
     /config/* \
     /tmp/* \
     /var/lib/apt/lists/* \
-    /var/tmp/* \
-    /etc/apt/sources.list.d/nodesource.list
+    /var/tmp/*
 
 # add local files
 COPY /root /
diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64
index 5043fde..01755a0 100644
--- a/Dockerfile.aarch64
+++ b/Dockerfile.aarch64
@@ -1,4 +1,4 @@
-FROM ghcr.io/linuxserver/baseimage-ubuntu:arm64v8-focal
+FROM ghcr.io/linuxserver/baseimage-ubuntu:arm64v8-jammy
 
 # set version label
 ARG BUILD_DATE
@@ -8,30 +8,24 @@ LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DA
 LABEL maintainer="aptalca"
 
 # environment settings
+ARG DEBIAN_FRONTEND="noninteractive"
 ENV HOME="/config"
 
 RUN \
-  echo "**** install node repo ****" && \
-  curl -s https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add - && \
-  echo 'deb https://deb.nodesource.com/node_14.x focal main' \
-    > /etc/apt/sources.list.d/nodesource.list && \
-  echo "**** install build dependencies ****" && \
-  apt-get update && \
-  apt-get install -y \
-    build-essential \
-    nodejs && \
   echo "**** install runtime dependencies ****" && \
-  apt-get install -y \
+  apt-get update && \
+  apt-get install -y --no-install-recommends \
     git \
     jq \
     libatomic1 \
     nano \
     net-tools \
+    netcat \
     sudo && \
   echo "**** install code-server ****" && \
   if [ -z ${CODE_RELEASE+x} ]; then \
     CODE_RELEASE=$(curl -sX GET https://api.github.com/repos/coder/code-server/releases/latest \
-    | awk '/tag_name/{print $4;exit}' FS='[""]' | sed 's|^v||'); \
+      | awk '/tag_name/{print $4;exit}' FS='[""]' | sed 's|^v||'); \
   fi && \
   mkdir -p /app/code-server && \
   curl -o \
@@ -39,22 +33,13 @@ RUN \
     "https://github.com/coder/code-server/releases/download/v${CODE_RELEASE}/code-server-${CODE_RELEASE}-linux-arm64.tar.gz" && \
   tar xf /tmp/code-server.tar.gz -C \
     /app/code-server --strip-components=1 && \
-  echo "**** patch 4.0.2 ****" && \
-  if [ "${CODE_RELEASE}" = "4.0.2" ] && [ "$(uname -m)" !=  "x86_64" ]; then \
-    cd /app/code-server && \
-    npm i --production @node-rs/argon2; \
-  fi && \
   echo "**** clean up ****" && \
-  apt-get purge --auto-remove -y \
-    build-essential \
-    nodejs && \
   apt-get clean && \
   rm -rf \
     /config/* \
     /tmp/* \
     /var/lib/apt/lists/* \
-    /var/tmp/* \
-    /etc/apt/sources.list.d/nodesource.list
+    /var/tmp/*
 
 # add local files
 COPY /root /
diff --git a/Dockerfile.armhf b/Dockerfile.armhf
index 5b5063f..304bae3 100644
--- a/Dockerfile.armhf
+++ b/Dockerfile.armhf
@@ -1,4 +1,4 @@
-FROM ghcr.io/linuxserver/baseimage-ubuntu:arm32v7-focal
+FROM ghcr.io/linuxserver/baseimage-ubuntu:arm32v7-jammy
 
 # set version label
 ARG BUILD_DATE
@@ -8,30 +8,24 @@ LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DA
 LABEL maintainer="aptalca"
 
 # environment settings
+ARG DEBIAN_FRONTEND="noninteractive"
 ENV HOME="/config"
 
 RUN \
-  echo "**** install node repo ****" && \
-  curl -s https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add - && \
-  echo 'deb https://deb.nodesource.com/node_14.x focal main' \
-    > /etc/apt/sources.list.d/nodesource.list && \
-  echo "**** install build dependencies ****" && \
-  apt-get update && \
-  apt-get install -y \
-    build-essential \
-    nodejs && \
   echo "**** install runtime dependencies ****" && \
-  apt-get install -y \
+  apt-get update && \
+  apt-get install -y --no-install-recommends \
     git \
     jq \
     libatomic1 \
     nano \
     net-tools \
+    netcat \
     sudo && \
   echo "**** install code-server ****" && \
   if [ -z ${CODE_RELEASE+x} ]; then \
     CODE_RELEASE=$(curl -sX GET https://api.github.com/repos/coder/code-server/releases/latest \
-    | awk '/tag_name/{print $4;exit}' FS='[""]' | sed 's|^v||'); \
+      | awk '/tag_name/{print $4;exit}' FS='[""]' | sed 's|^v||'); \
   fi && \
   mkdir -p /app/code-server && \
   curl -o \
@@ -39,22 +33,13 @@ RUN \
     "https://github.com/coder/code-server/releases/download/v${CODE_RELEASE}/code-server-${CODE_RELEASE}-linux-armv7l.tar.gz" && \
   tar xf /tmp/code-server.tar.gz -C \
     /app/code-server --strip-components=1 && \
-  echo "**** patch 4.0.2 ****" && \
-  if [ "${CODE_RELEASE}" = "4.0.2" ] && [ "$(uname -m)" !=  "x86_64" ]; then \
-    cd /app/code-server && \
-    npm i --production @node-rs/argon2; \
-  fi && \
   echo "**** clean up ****" && \
-  apt-get purge --auto-remove -y \
-    build-essential \
-    nodejs && \
   apt-get clean && \
   rm -rf \
     /config/* \
     /tmp/* \
     /var/lib/apt/lists/* \
-    /var/tmp/* \
-    /etc/apt/sources.list.d/nodesource.list
+    /var/tmp/*
 
 # add local files
 COPY /root /
diff --git a/README.md b/README.md
index e00e96b..d6a5a88 100644
--- a/README.md
+++ b/README.md
@@ -64,16 +64,6 @@ The architectures supported by this image are:
 | arm64 | ✅ | arm64v8-\<version tag\> |
 | armhf| ✅ | arm32v7-\<version tag\> |
 
-## Version Tags
-
-This image provides various versions that are available via tags. Please read the descriptions carefully and exercise caution when using unstable or development tags.
-
-| Tag | Available | Description |
-| :----: | :----: |--- |
-| latest | ✅ | Stable releases |
-| focal | ✅ | DEPRECATED (no longer updated, `latest` is rebased on focal) - Stable releases, based on Ubuntu Focal |
-| development | ✅ | DEPRECATED (no longer updated) - Prereleases from their GitHub |
-
 ## Application Setup
 
 Access the webui at `http://<your-ip>:8443`.
@@ -266,6 +256,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
 
 ## Versions
 
+* **29.09.22:** - Rebase to jammy, switch to s6v3. Fix chown logic to skip `/config/workspace` contents.
 * **20.02.22:** - Install using the official tarballs.
 * **29.12.21:** - Add `install-extension` as a helper for mods to install extensions.
 * **06.12.21:** - Add `DEFAULT_WORKSPACE` env var.
diff --git a/readme-vars.yml b/readme-vars.yml
index 76c8bb4..25dd041 100644
--- a/readme-vars.yml
+++ b/readme-vars.yml
@@ -26,11 +26,9 @@ available_architectures:
   - { arch: "{{ arch_armhf }}", tag: "arm32v7-latest"}
 
 # development version
-development_versions: true
+development_versions: false
 development_versions_items:
   - { tag: "latest", desc: "Stable releases" }
-  - { tag: "focal", desc: "DEPRECATED (no longer updated, `latest` is rebased on focal) - Stable releases, based on Ubuntu Focal" }
-  - { tag: "development", desc: "DEPRECATED (no longer updated) - Prereleases from their GitHub" }
 
 # container parameters
 common_param_env_vars_enabled: true
@@ -77,6 +75,7 @@ app_setup_block: |
 
 # changelog
 changelogs:
+  - { date: "29.09.22:", desc: "Rebase to jammy, switch to s6v3. Fix chown logic to skip `/config/workspace` contents." }
   - { date: "20.02.22:", desc: "Install using the official tarballs." }
   - { date: "29.12.21:", desc: "Add `install-extension` as a helper for mods to install extensions." }
   - { date: "06.12.21:", desc: "Add `DEFAULT_WORKSPACE` env var." }
diff --git a/root/etc/s6-overlay/s6-rc.d/init-code-server/dependencies.d/init-config b/root/etc/s6-overlay/s6-rc.d/init-code-server/dependencies.d/init-config
new file mode 100644
index 0000000..e69de29
diff --git a/root/etc/cont-init.d/30-config b/root/etc/s6-overlay/s6-rc.d/init-code-server/run
old mode 100644
new mode 100755
similarity index 56%
rename from root/etc/cont-init.d/30-config
rename to root/etc/s6-overlay/s6-rc.d/init-code-server/run
index 1279d8d..d93a4d2
--- a/root/etc/cont-init.d/30-config
+++ b/root/etc/s6-overlay/s6-rc.d/init-code-server/run
@@ -22,21 +22,10 @@ fi
 [[ ! -f /config/.profile ]] && \
     cp /root/.profile /config/.profile
 
-# permissions
-if [ -f "/usr/bin/find" ] && [ -f "/usr/bin/xargs" ]; then
-    CORES=$(nproc --all)
-
-    # Split workload between config and workspace
-    echo "setting permissions::configuration"
-    find /config -path /config/workspace -prune -false -o -type d -print0 | \
-        xargs --null -r --max-args=1 --max-procs=$((CORES*2*8)) \
-        chown -R abc:abc
-
-    echo "setting permissions::workspace"
-    chown abc:abc /config/workspace
-else
-    # Set permissions on data mount
-    # do not decend into the workspace
-    chown -R abc:abc "$(ls /config -I workspace)"
-    chown abc:abc /config/workspace
+# fix permissions (ignore contents of /config/workspace)
+find /config -path /config/workspace -prune -o -exec chown abc:abc {} +
+chown abc:abc /config/workspace
+chmod 700 /config/.ssh
+if [ -n "$(ls -A /config/.ssh)" ]; then
+    chmod 600 /config/.ssh/*
 fi
diff --git a/root/etc/s6-overlay/s6-rc.d/init-code-server/type b/root/etc/s6-overlay/s6-rc.d/init-code-server/type
new file mode 100644
index 0000000..3d92b15
--- /dev/null
+++ b/root/etc/s6-overlay/s6-rc.d/init-code-server/type
@@ -0,0 +1 @@
+oneshot
\ No newline at end of file
diff --git a/root/etc/s6-overlay/s6-rc.d/init-code-server/up b/root/etc/s6-overlay/s6-rc.d/init-code-server/up
new file mode 100644
index 0000000..4efdc97
--- /dev/null
+++ b/root/etc/s6-overlay/s6-rc.d/init-code-server/up
@@ -0,0 +1 @@
+/etc/s6-overlay/s6-rc.d/init-code-server/run
\ No newline at end of file
diff --git a/root/etc/s6-overlay/s6-rc.d/init-config-end/dependencies.d/init-code-server b/root/etc/s6-overlay/s6-rc.d/init-config-end/dependencies.d/init-code-server
new file mode 100644
index 0000000..e69de29
diff --git a/root/etc/s6-overlay/s6-rc.d/svc-code-server/dependencies.d/init-services b/root/etc/s6-overlay/s6-rc.d/svc-code-server/dependencies.d/init-services
new file mode 100644
index 0000000..e69de29
diff --git a/root/etc/s6-overlay/s6-rc.d/svc-code-server/notification-fd b/root/etc/s6-overlay/s6-rc.d/svc-code-server/notification-fd
new file mode 100644
index 0000000..e440e5c
--- /dev/null
+++ b/root/etc/s6-overlay/s6-rc.d/svc-code-server/notification-fd
@@ -0,0 +1 @@
+3
\ No newline at end of file
diff --git a/root/etc/s6-overlay/s6-rc.d/svc-code-server/run b/root/etc/s6-overlay/s6-rc.d/svc-code-server/run
new file mode 100755
index 0000000..373dc0a
--- /dev/null
+++ b/root/etc/s6-overlay/s6-rc.d/svc-code-server/run
@@ -0,0 +1,26 @@
+#!/usr/bin/with-contenv bash
+
+if [ -n "${PASSWORD}" ] || [ -n "${HASHED_PASSWORD}" ]; then
+    AUTH="password"
+else
+    AUTH="none"
+    echo "starting with no password"
+fi
+
+if [ -z ${PROXY_DOMAIN+x} ]; then
+    PROXY_DOMAIN_ARG=""
+else
+    PROXY_DOMAIN_ARG="--proxy-domain=${PROXY_DOMAIN}"
+fi
+
+exec \
+    s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z 127.0.0.1 8443" \
+        s6-setuidgid abc \
+            /app/code-server/bin/code-server \
+                --bind-addr 0.0.0.0:8443 \
+                --user-data-dir /config/data \
+                --extensions-dir /config/extensions \
+                --disable-telemetry \
+                --auth "${AUTH}" \
+                "${PROXY_DOMAIN_ARG}" \
+                "${DEFAULT_WORKSPACE:-/config/workspace}"
diff --git a/root/etc/s6-overlay/s6-rc.d/svc-code-server/type b/root/etc/s6-overlay/s6-rc.d/svc-code-server/type
new file mode 100644
index 0000000..1780f9f
--- /dev/null
+++ b/root/etc/s6-overlay/s6-rc.d/svc-code-server/type
@@ -0,0 +1 @@
+longrun
\ No newline at end of file
diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-code-server b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-code-server
new file mode 100644
index 0000000..e69de29
diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-code-server b/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-code-server
new file mode 100644
index 0000000..e69de29
diff --git a/root/etc/services.d/code-server/run b/root/etc/services.d/code-server/run
deleted file mode 100644
index 689e176..0000000
--- a/root/etc/services.d/code-server/run
+++ /dev/null
@@ -1,25 +0,0 @@
-#!/usr/bin/with-contenv bash
-
-if [ -n "${PASSWORD}" ] || [ -n "${HASHED_PASSWORD}" ]; then
-    AUTH="password"
-else
-    AUTH="none"
-    echo "starting with no password"
-fi
-
-if [ -z ${PROXY_DOMAIN+x} ]; then
-    PROXY_DOMAIN_ARG=""
-else
-    PROXY_DOMAIN_ARG="--proxy-domain=${PROXY_DOMAIN}"
-fi
-
-exec \
-    s6-setuidgid abc \
-        /app/code-server/bin/code-server \
-            --bind-addr 0.0.0.0:8443 \
-            --user-data-dir /config/data \
-            --extensions-dir /config/extensions \
-            --disable-telemetry \
-            --auth "${AUTH}" \
-            "${PROXY_DOMAIN_ARG}" \
-            "${DEFAULT_WORKSPACE:-/config/workspace}"