diff --git a/.gitea/trigger/t_generate_PRIVATE_trixie.yaml b/.gitea/trigger/t_generate_PRIVATE_trixie.yaml
index b192b23..403d0b4 100644
--- a/.gitea/trigger/t_generate_PRIVATE_trixie.yaml
+++ b/.gitea/trigger/t_generate_PRIVATE_trixie.yaml
@@ -10,6 +10,6 @@
 # SPDX-Security-Contact: security@coresecret.eu
 
 build:
-  counter: 1023
+  counter: 1024
   version: V8.13.008.2025.08.22
 # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=yaml
diff --git a/.gitea/workflows/generate_PRIVATE_trixie.yaml b/.gitea/workflows/generate_PRIVATE_trixie.yaml
index a12b55e..f7ba9de 100644
--- a/.gitea/workflows/generate_PRIVATE_trixie.yaml
+++ b/.gitea/workflows/generate_PRIVATE_trixie.yaml
@@ -13,6 +13,10 @@
 
 name: 🔐 Generating a Private Live ISO TRIXIE.
 
+defaults:
+  run:
+    shell: bash
+
 permissions:
   contents: write
 
@@ -31,12 +35,9 @@ jobs:
     ### Run all steps inside Debian Trixie
     container:
       image: debian:trixie
-      options: >-
-        --mount type=bind,src=/mnt/secure,dst=/work
 
     steps:
       - name: 🛠️ Basic Image Setup.
-        shell: bash
         run: |
           export DEBIAN_FRONTEND=noninteractive
           apt-get update -y
@@ -53,7 +54,6 @@ jobs:
             util-linux
 
       - name: 🔎 Verify /work mount & space
-        shell: bash
         run: |
           set -euxo pipefail
           df -h /work
@@ -61,7 +61,6 @@ jobs:
           touch /work/.bind-ok && ls -l /work/.bind-ok
 
       - name: 🔎 Show workspace & mounts
-        shell: bash
         run: |
           set -euo pipefail
           echo "GITHUB_WORKSPACE=$GITHUB_WORKSPACE"
@@ -73,7 +72,6 @@ jobs:
           df -h .
 
       - name: ⚙️ Space guards (workspace + LB_PARENTDIR)
-        shell: bash
         env:
           LB_PARENTDIR: /work
         run: |
@@ -90,7 +88,6 @@ jobs:
           done
 
       - name: ⚙️ Is there sufficient space available?
-        shell: bash
         run: |
           set -euo pipefail
           need_mb=8192
@@ -103,12 +100,10 @@ jobs:
           fi
 
       - name: ⚙️ Check GnuPG Version.
-        shell: bash
         run: |
           gpg --version
 
       - name: ⚙️ Preparing SSH Setup, SSH Deploy Key, Known Hosts, .config.
-        shell: bash
         run: |
           rm -rf ~/.ssh && mkdir -m700 ~/.ssh
 
@@ -133,7 +128,6 @@ jobs:
 
       ### https://github.com/actions/checkout/issues/1843
       - name: 🛠️ Using manual clone via SSH to circumvent Gitea SHA-256 object issues.
-        shell: bash
         env:
           ### GITHUB_REF_NAME contains the branch name from the push event.
           GITHUB_REF_NAME: ${{ github.ref_name }}
@@ -142,13 +136,11 @@ jobs:
           git fetch --unshallow || echo "Nothing to fetch - already full clone."
 
       - name: 🛠️ Cleaning the workspace.
-        shell: bash
         run: |
           git reset --hard
           git clean -fd
 
       - name: ⚙️ Importing the 'CI PGP DEPLOY ONLY' key.
-        shell: bash
         run: |
           set -euo pipefail
           ### GPG-Home relative to the Runner Workspace to avoid changing global files.
@@ -163,7 +155,6 @@ jobs:
           echo "trust-model always" >| "${GNUPGHOME}/gpg.conf"
 
       - name: ⚙️ Configuring Git for signed CI/DEPLOY commits.
-        shell: bash
         run: |
           set -euo pipefail
           export GNUPGHOME="$(pwd)/.gnupg"
@@ -188,6 +179,8 @@ jobs:
         shell: bash
         run: |
           set -euo pipefail
+          export LB_PARENTDIR=/work
+          export LB_CACHE_DIR=/work/.cache
           chmod 0755 ciss_live_builder.sh
           timestamp=$(date -u +"%Y_%m_%dT%H_%M_%SZ")
           ### Change "--autobuild=" to the specific kernel version you need: '6.12.41+deb13-amd64'.