diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index b03c7d8..c0f017f 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -87,6 +87,11 @@ jobs:
           if [ ! -z ${input_uid} ]; then echo "IMAGE_UID=${input_uid}" >> $GITHUB_ENV; else echo "IMAGE_UID=${json_uid:-1000}" >> $GITHUB_ENV; fi
           if [ ! -z ${input_gid} ]; then echo "IMAGE_GID=${input_gid}" >> $GITHUB_ENV; else echo "IMAGE_GID=${json_gid:-1000}" >> $GITHUB_ENV; fi
 
+          : # set prefix or suffix globally
+          echo "IMAGE_SEMVER_PREFIX=${LOCAL_SEMVER_PREFIX}" >> $GITHUB_ENV
+          echo "IMAGE_SEMVER_SUFFIX=${LOCAL_SEMVER_SUFFIX}" >> $GITHUB_ENV
+
+
       - name: docker / login to hub
         uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567
         with:
@@ -106,8 +111,8 @@ jobs:
           file: arch.dockerfile
           push: true
           platforms: ${{ env.IMAGE_ARCH }}
-          cache-from: type=registry,ref=${{ env.IMAGE }}:buildcache
-          cache-to: type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max,compression=zstd,force-compression=true
+          cache-from: type=registry,ref=${{ env.IMAGE }}:${{ env.IMAGE_SEMVER_PREFIX }}buildcache${{ env.IMAGE_SEMVER_SUFFIX }}
+          cache-to: type=registry,ref=${{ env.IMAGE }}:${{ env.IMAGE_SEMVER_PREFIX }}buildcache${{ env.IMAGE_SEMVER_SUFFIX }}e,mode=max,compression=zstd,force-compression=true
           build-args: |
             APP_IMAGE=${{ env.IMAGE }}
             APP_NAME=${{ env.json_name }}
@@ -115,15 +120,17 @@ jobs:
             APP_ROOT=${{ env.json_root }}
             APP_UID=${{ env.IMAGE_UID }}
             APP_GID=${{ env.IMAGE_GID }}
-            NO_CACHE=$(date +%s)
+            APP_VERSION_PREFIX=${{ env.IMAGE_SEMVER_PREFIX }}
+            APP_VERSION_SUFFIX=${{ env.IMAGE_SEMVER_SUFFIX }}
+            APP_NO_CACHE=$(date +%s)
           tags: |
-            ${{ env.IMAGE }}:grype
+            ${{ env.IMAGE }}:${{ env.IMAGE_SEMVER_PREFIX }}grype${{ env.IMAGE_SEMVER_SUFFIX }}
 
       - name: grype / scan
         id: scan
         uses: anchore/scan-action@abae793926ec39a78ab18002bc7fc45bbbd94342
         with:
-          image: ${{ env.IMAGE }}:grype
+          image: ${{ env.IMAGE }}:${{ env.IMAGE_SEMVER_PREFIX }}grype${{ env.IMAGE_SEMVER_SUFFIX }}
           severity-cutoff: ${{ env.WORKFLOW_GRYPE_SEVERITY_CUTOFF }}
 
       - name: grype / report / print
@@ -134,7 +141,7 @@ jobs:
         if: success() || failure()
         run: |
           curl --request DELETE \
-            --url https://hub.docker.com/v2/repositories/${{ env.IMAGE }}/tags/grype/ \
+            --url https://hub.docker.com/v2/repositories/${{ env.IMAGE }}/tags/${{ env.IMAGE_SEMVER_PREFIX }}grype${{ env.IMAGE_SEMVER_SUFFIX }}/ \
             --header 'authorization: jwt ${{ secrets.DOCKER_TOKEN }}' \
             --header 'content-type: application/json' \
             --fail
@@ -153,8 +160,8 @@ jobs:
           sbom: true
           provenance: mode=max
           platforms: ${{ env.IMAGE_ARCH }}
-          cache-from: type=registry,ref=${{ env.IMAGE }}:buildcache
-          cache-to: type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max,compression=zstd,force-compression=true
+          cache-from: type=registry,ref=${{ env.IMAGE }}:${{ env.IMAGE_SEMVER_PREFIX }}buildcache${{ env.IMAGE_SEMVER_SUFFIX }}
+          cache-to: type=registry,ref=${{ env.IMAGE }}:${{ env.IMAGE_SEMVER_PREFIX }}buildcache${{ env.IMAGE_SEMVER_SUFFIX }},mode=max,compression=zstd,force-compression=true
           build-args: |
             APP_IMAGE=${{ env.IMAGE }}
             APP_NAME=${{ env.json_name }}
@@ -162,7 +169,9 @@ jobs:
             APP_ROOT=${{ env.json_root }}
             APP_UID=${{ env.IMAGE_UID }}
             APP_GID=${{ env.IMAGE_GID }}
-            NO_CACHE=$(date +%s)
+            APP_VERSION_PREFIX=${{ env.IMAGE_SEMVER_PREFIX }}
+            APP_VERSION_SUFFIX=${{ env.IMAGE_SEMVER_SUFFIX }}
+            APP_NO_CACHE=$(date +%s)
           tags: |
             ${{ env.IMAGE_TAGS }}
 
diff --git a/.github/workflows/tags.yml b/.github/workflows/tags.yml
index bf1fed4..4ee14ff 100644
--- a/.github/workflows/tags.yml
+++ b/.github/workflows/tags.yml
@@ -16,11 +16,36 @@ jobs:
 
   docker-unraid:
     runs-on: ubuntu-latest
-    needs: docker
     steps:   
       - name: build docker image for unraid community
         uses: the-actions-org/workflow-dispatch@3133c5d135c7dbe4be4f9793872b6ef331b53bc7
         with:
           workflow: docker.yml
           token: "${{ secrets.REPOSITORY_TOKEN }}"
+          inputs: '{ "release":"false", "uid":"99", "gid":"100", "semversuffix":"unraid" }'
+
+  kms-gui:
+    runs-on: ubuntu-latest
+    needs: docker
+    steps:   
+      - name: build downstream kms gui
+        uses: the-actions-org/workflow-dispatch@3133c5d135c7dbe4be4f9793872b6ef331b53bc7
+        with:
+          workflow: docker.yml
+          token: "${{ secrets.REPOSITORY_TOKEN }}"
+          repo: 11notes/docker-kms-gui
+          ref: master
+          inputs: '{ "release":"false" }'
+
+  kms-gui-unraid:
+    runs-on: ubuntu-latest
+    needs: docker-unraid
+    steps:   
+      - name: build downstream kms gui for unraid community
+        uses: the-actions-org/workflow-dispatch@3133c5d135c7dbe4be4f9793872b6ef331b53bc7
+        with:
+          workflow: docker.yml
+          token: "${{ secrets.REPOSITORY_TOKEN }}"
+          repo: 11notes/docker-kms-gui
+          ref: master
           inputs: '{ "release":"false", "uid":"99", "gid":"100", "semversuffix":"unraid" }'
\ No newline at end of file