diff --git a/builder/Dockerfile b/builder/Dockerfile
new file mode 100644
index 00000000..22b11d24
--- /dev/null
+++ b/builder/Dockerfile
@@ -0,0 +1,7 @@
+# This image contains the baseline tools to build bootable base images.
+FROM quay.io/centos/centos:stream9
+WORKDIR /src
+COPY . .
+RUN ./build.sh && cd / && rm /src -rf
+WORKDIR /
+
diff --git a/builder/build.sh b/builder/build.sh
new file mode 100755
index 00000000..51b08fa1
--- /dev/null
+++ b/builder/build.sh
@@ -0,0 +1,21 @@
+#!/bin/bash
+set -xeuo pipefail
+
+pkginstall() {
+    dnf -y install "$@"
+}
+
+pkginstall dnf-utils
+dnf config-manager --set-enabled crb
+pkginstall epel-release epel-next-release
+# The repo files reference GPG keys
+pkginstall distribution-gpg-keys
+# rpm-ostree for builds, and need skopeo to do the container backend
+pkginstall rpm-ostree skopeo
+# For derived container builds
+pkginstall buildah
+# And a rust toolchain
+pkginstall cargo openssl-devel
+
+# Build tools
+pkginstall selinux-policy-targeted osbuild crypto-policies-scripts sudo