diff --git a/Cargo.toml b/Cargo.toml
index 252bb93..66a09e7 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -57,6 +57,7 @@ object_store = { version = "0.11.2" }
 bytes = "1.7.1"
 state-machines = "0.2.0"
 fastembed = "5.2.0"
+ort = { version = "=2.0.0-rc.8", default-features = false, features = ["load-dynamic"] }
 
 [profile.dist]
 inherits = "release"
diff --git a/Dockerfile b/Dockerfile
index aea80ca..c7ee56d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,7 +1,10 @@
-# === Builder Stage ===
-FROM clux/muslrust:1.86.0-stable as builder 
-
+# === Builder ===
+FROM rust:1.86-bookworm AS builder
 WORKDIR /usr/src/minne
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    pkg-config clang cmake git && rm -rf /var/lib/apt/lists/*
+
+# Cache deps
 COPY Cargo.toml Cargo.lock ./
 RUN mkdir -p api-router common composite-retrieval html-router ingestion-pipeline json-stream-parser main worker
 COPY api-router/Cargo.toml ./api-router/
@@ -11,43 +14,38 @@ COPY html-router/Cargo.toml ./html-router/
 COPY ingestion-pipeline/Cargo.toml ./ingestion-pipeline/
 COPY json-stream-parser/Cargo.toml ./json-stream-parser/
 COPY main/Cargo.toml ./main/
+RUN cargo build --release --bin main --features ingestion-pipeline/docker || true
 
-# Build with the MUSL target
-RUN cargo build --release --target x86_64-unknown-linux-musl --bin main --features ingestion-pipeline/docker || true
-
-# Copy the rest of the source code
+# Build
 COPY . .
+RUN cargo build --release --bin main --features ingestion-pipeline/docker
 
-# Build the final application binary with the MUSL target
-RUN cargo build --release --target x86_64-unknown-linux-musl --bin main --features ingestion-pipeline/docker
+# === Runtime ===
+FROM debian:bookworm-slim
 
-# === Runtime Stage ===
-FROM alpine:latest
+# Chromium + runtime deps + OpenMP for ORT
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    chromium libnss3 libasound2 libgbm1 libxshmfence1 \
+    ca-certificates fonts-dejavu fonts-noto-color-emoji \
+    libgomp1 libstdc++6 curl \
+  && rm -rf /var/lib/apt/lists/*
 
-RUN apk update && apk add --no-cache \
-    chromium \
-    nss \
-    freetype \
-    harfbuzz \
-    ca-certificates \
-    ttf-freefont \
-    font-noto-emoji \
-    && \
-    rm -rf /var/cache/apk/*
+# ONNX Runtime (CPU). Change if you bump ort.
+ARG ORT_VERSION=1.21.0
+RUN mkdir -p /opt/onnxruntime && \
+    curl -fsSL -o /tmp/ort.tgz \
+      "https://github.com/microsoft/onnxruntime/releases/download/v${ORT_VERSION}/onnxruntime-linux-x64-${ORT_VERSION}.tgz" && \
+    tar -xzf /tmp/ort.tgz -C /opt/onnxruntime --strip-components=1 && rm /tmp/ort.tgz
 
-ENV CHROME_BIN=/usr/bin/chromium-browser \
-    CHROME_PATH=/usr/lib/chromium/ \
-    SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt
+ENV CHROME_BIN=/usr/bin/chromium \
+    SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt \
+    ORT_DYLIB_PATH=/opt/onnxruntime/lib/libonnxruntime.so
 
-# Create a non-root user to run the application
-RUN adduser -D -h /home/appuser appuser
-WORKDIR /home/appuser
+# Non-root
+RUN useradd -m appuser
 USER appuser
+WORKDIR /home/appuser
 
-# Copy the compiled binary from the builder stage (note the target path)
-COPY --from=builder /usr/src/minne/target/x86_64-unknown-linux-musl/release/main /usr/local/bin/main
-
+COPY --from=builder /usr/src/minne/target/release/main /usr/local/bin/main
 EXPOSE 3000
-# EXPOSE 8000-9000
-
 CMD ["main"]
diff --git a/docker-compose.yml b/docker-compose.yml
index 8ff9040..79cf8b4 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -12,10 +12,11 @@ services:
       SURREALDB_PASSWORD: "root_password"
       SURREALDB_DATABASE: "test"
       SURREALDB_NAMESPACE: "test"
-      OPENAI_API_KEY: "sk-key"
+      OPENAI_API_KEY: "sk-add-your-key"
       DATA_DIR: "./data"
       HTTP_PORT: 3000
       RUST_LOG: "info"
+      RERANKING_ENABLED: false ## Change to true to enable reranking
     depends_on:
       - surrealdb 
     networks:
@@ -31,7 +32,7 @@ services:
       - ./database:/database # Mounts a 'database' folder from your project directory
     command: >
       start
-      --log debug
+      --log info
       --user root_user
       --pass root_password
       rocksdb:./database/database.db
diff --git a/flake.lock b/flake.lock
index 76a9e7e..5cd5259 100644
--- a/flake.lock
+++ b/flake.lock
@@ -1,5 +1,20 @@
 {
   "nodes": {
+    "crane": {
+      "locked": {
+        "lastModified": 1760924934,
+        "narHash": "sha256-tuuqY5aU7cUkR71sO2TraVKK2boYrdW3gCSXUkF4i44=",
+        "owner": "ipetkov",
+        "repo": "crane",
+        "rev": "c6b4d5308293d0d04fcfeee92705017537cad02f",
+        "type": "github"
+      },
+      "original": {
+        "owner": "ipetkov",
+        "repo": "crane",
+        "type": "github"
+      }
+    },
     "flake-utils": {
       "inputs": {
         "systems": "systems"
@@ -36,6 +51,7 @@
     },
     "root": {
       "inputs": {
+        "crane": "crane",
         "flake-utils": "flake-utils",
         "nixpkgs": "nixpkgs"
       }
diff --git a/flake.nix b/flake.nix
index f2b004a..1a2dd86 100644
--- a/flake.nix
+++ b/flake.nix
@@ -4,60 +4,61 @@
   inputs = {
     nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
     flake-utils.url = "github:numtide/flake-utils";
+    crane.url = "github:ipetkov/crane";
   };
 
   outputs = {
     self,
     nixpkgs,
     flake-utils,
+    crane,
   }:
     flake-utils.lib.eachDefaultSystem (
       system: let
         pkgs = nixpkgs.legacyPackages.${system};
+        craneLib = crane.mkLib pkgs;
 
-        # --- Minne Package Definition ---
-        minne-pkg = pkgs.rustPlatform.buildRustPackage {
+        minne-pkg = craneLib.buildPackage {
+          src = craneLib.cleanCargoSource ./.;
           pname = "minne";
           version = "0.1.0";
 
-          src = self;
-
-          cargoLock = {
-            lockFile = ./Cargo.lock;
-          };
-
-          # Skip tests due to testing fs operations
           doCheck = false;
 
           nativeBuildInputs = [
             pkgs.pkg-config
             pkgs.rustfmt
-            pkgs.makeWrapper # For the postInstall hook
+            pkgs.makeWrapper
           ];
+
           buildInputs = [
             pkgs.openssl
-            pkgs.chromium # Runtime dependency for the browser
+            pkgs.chromium
+            pkgs.onnxruntime
           ];
 
-          # Wrap the actual executables to provide CHROME at runtime
-          postInstall = let
-            chromium_executable = "${pkgs.chromium}/bin/chromium";
-          in ''
-            wrapProgram $out/bin/main \
-              --set CHROME "${chromium_executable}"
-            wrapProgram $out/bin/worker \
-              --set CHROME "${chromium_executable}"
-          '';
+          ORT_STRATEGY = "system";
+          ORT_LIB_LOCATION = "${pkgs.onnxruntime}/lib";
+          ORT_SKIP_DOWNLOAD = "1";
 
-          meta = with pkgs.lib; {
-            description = "Minne Application";
-            license = licenses.mit;
-          };
+          postInstall = ''
+            wrapProgram $out/bin/main \
+              --set CHROME ${pkgs.chromium}/bin/chromium \
+              --set ORT_DYLIB_PATH ${pkgs.onnxruntime}/lib/libonnxruntime.so
+            if [ -f $out/bin/worker ]; then
+              wrapProgram $out/bin/worker \
+                --set CHROME ${pkgs.chromium}/bin/chromium \
+                --set ORT_DYLIB_PATH ${pkgs.onnxruntime}/lib/libonnxruntime.so
+            fi
+            if [ -f $out/bin/server]; then
+              wrapProgram $out/bin/server\
+                --set ORT_DYLIB_PATH ${pkgs.onnxruntime}/lib/libonnxruntime.so
+            fi
+          '';
         };
       in {
         packages = {
-          minne = minne-pkg;
-          default = self.packages.${system}.minne;
+          default = self.packages.${system}.minne-pkg;
         };
 
         apps = {