diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
new file mode 100644
index 0000000..298b21b
--- /dev/null
+++ b/.github/workflows/release.yml
@@ -0,0 +1,43 @@
+---
+name: "release"
+
+# yamllint disable-line rule:truthy
+on:
+  release:
+    types: [created]
+
+jobs:
+  build-assets:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v6
+
+      - name: Download source tarballs
+        run: |
+          source "$GITHUB_WORKSPACE/conf/nginx-configure-flags"
+          cd /tmp
+          curl -sSL "https://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz" | tar xz
+          curl -sSL "https://github.com/PCRE2Project/pcre2/releases/download/pcre2-${PCRE_VERSION}/pcre2-${PCRE_VERSION}.tar.gz" | tar xz
+          curl -sSL "https://github.com/madler/zlib/archive/v${ZLIB_VERSION}.tar.gz" | tar xz
+
+      - name: Compile nginx
+        run: |
+          source "$GITHUB_WORKSPACE/conf/nginx-configure-flags"
+          cd /tmp/nginx-${NGINX_VERSION}
+          ./configure \
+            --prefix=/tmp/nginx-build \
+            --with-pcre=../pcre2-${PCRE_VERSION} \
+            --with-zlib=../zlib-${ZLIB_VERSION} \
+            "${NGINX_CONFIGURE_FLAGS[@]}"
+          sed -i "/CFLAGS/s/ \-O //g" objs/Makefile
+          make -j"$(nproc)"
+          cp objs/nginx /tmp/nginx-linux-amd64
+          chmod +x /tmp/nginx-linux-amd64
+
+      - name: Upload release assets
+        env:
+          GH_TOKEN: ${{ github.token }}
+        run: |
+          gh release upload "${{ github.event.release.tag_name }}" \
+            /tmp/nginx-linux-amd64
diff --git a/bin/ci-pre-deploy b/bin/ci-pre-deploy
index 9a00a66..c6eff4a 100644
--- a/bin/ci-pre-deploy
+++ b/bin/ci-pre-deploy
@@ -20,7 +20,7 @@ if [ "$IS_REVIEW_APP" = "true" ]; then
   git commit -qm "feat: specify custom mime.types"
 
   echo "-----> Setting the buildpack to the current ref $GITHUB_HEAD_REF"
-  echo "https://github.com/${GITHUB_REPOSITORY}.git#$GITHUB_HEAD_REF" > .buildpacks
+  echo "https://github.com/${GITHUB_REPOSITORY}.git#$GITHUB_HEAD_REF" >.buildpacks
   git add .buildpacks
   git commit -qm "feat: specify $GITHUB_SHA as buildpack"
 
diff --git a/bin/compile b/bin/compile
index eee3177..9ef819c 100755
--- a/bin/compile
+++ b/bin/compile
@@ -3,17 +3,12 @@
 set -eo pipefail
 [[ $TRACE ]] && set -x
 
-# https://nginx.org/en/download.html
-NGINX_VERSION="1.29.8"
+# shellcheck source=conf/nginx-configure-flags
+source "$(cd "$(dirname "$0")" && cd .. && pwd)/conf/nginx-configure-flags"
 NGINX_TARBALL="nginx-${NGINX_VERSION}.tar.gz"
-# https://github.com/PCRE2Project/pcre2/releases
-PCRE_VERSION="10.47"
 PCRE_TARBALL="pcre2-${PCRE_VERSION}.tar.gz"
-# https://github.com/gliderlabs/sigil/releases
-SIGIL_VERSION="0.11.5"
-# https://github.com/madler/zlib/releases
-ZLIB_VERSION="1.3.2"
 ZLIB_TARBALL="zlib-${ZLIB_VERSION}.tar.gz"
+BUILDPACK_REPO="dokku/heroku-buildpack-nginx"
 
 suppress() {
   /bin/rm --force /tmp/surpress.out 2>/dev/null
@@ -52,24 +47,6 @@ fi
 
 cd "$CACHE_DIR"
 
-if [[ ! -d "${NGINX_TARBALL%.tar.gz}" ]]; then
-  echo "-----> Download and unzip nginx ${NGINX_VERSION} via http"
-  curl -sSL "https://nginx.org/download/${NGINX_TARBALL}" -o "${NGINX_TARBALL}"
-  tar xzf "${NGINX_TARBALL}" && rm -f "${NGINX_TARBALL}"
-fi
-
-if [[ ! -d "${PCRE_TARBALL%.tar.gz}" ]]; then
-  echo "-----> Download and unzip pcre ${PCRE_VERSION} via http"
-  curl -sSL "https://github.com/PCRE2Project/pcre2/releases/download/pcre2-${PCRE_VERSION}/${PCRE_TARBALL}" -o "${PCRE_TARBALL}"
-  tar xzf "${PCRE_TARBALL}" && rm -f "${PCRE_TARBALL}"
-fi
-
-if [[ ! -d "${ZLIB_TARBALL%.tar.gz}" ]]; then
-  echo "-----> Download and unzip zlib ${ZLIB_VERSION} via http"
-  curl -sSL "https://github.com/madler/zlib/archive/v${ZLIB_VERSION}.tar.gz" -o "${ZLIB_TARBALL}"
-  tar xzf "${ZLIB_TARBALL}" && rm -rf "${ZLIB_TARBALL}"
-fi
-
 mkdir -p "$BUILD_DIR/sigil"
 if [[ ! -f "$BUILD_DIR/sigil/sigil-${SIGIL_VERSION}" ]]; then
   echo "-----> Download and unzip sigil ${SIGIL_VERSION} via http"
@@ -83,45 +60,47 @@ if [[ ! -f "$BUILD_DIR/sigil/sigil" ]]; then
   exit 1
 fi
 
-cd "nginx-${NGINX_VERSION}"
-if [[ ! -f "${CACHE_DIR}/bin/nginx" ]]; then
+if [[ -f "${CACHE_DIR}/bin/nginx" ]]; then
+  echo "-----> Reusing nginx binary from cache"
+  mkdir -p "$BUILD_DIR/nginx"
+  # shellcheck disable=SC2086
+  cp -r $CACHE_DIR/bin/* "$BUILD_DIR/nginx/"
+
+elif curl -fsSL "https://github.com/${BUILDPACK_REPO}/releases/latest/download/nginx-linux-amd64" -o /tmp/nginx-linux-amd64 2>/dev/null; then
+  echo "-----> Using precompiled nginx binary"
+  mkdir -p "$BUILD_DIR/nginx" "${CACHE_DIR}/bin"
+  chmod +x /tmp/nginx-linux-amd64
+  cp /tmp/nginx-linux-amd64 "$BUILD_DIR/nginx/nginx"
+  cp /tmp/nginx-linux-amd64 "${CACHE_DIR}/bin/nginx"
+  rm -f /tmp/nginx-linux-amd64
+
+else
+  if [[ ! -d "${NGINX_TARBALL%.tar.gz}" ]]; then
+    echo "-----> Download and unzip nginx ${NGINX_VERSION} via http"
+    curl -sSL "https://nginx.org/download/${NGINX_TARBALL}" -o "${NGINX_TARBALL}"
+    tar xzf "${NGINX_TARBALL}" && rm -f "${NGINX_TARBALL}"
+  fi
+
+  if [[ ! -d "${PCRE_TARBALL%.tar.gz}" ]]; then
+    echo "-----> Download and unzip pcre ${PCRE_VERSION} via http"
+    curl -sSL "https://github.com/PCRE2Project/pcre2/releases/download/pcre2-${PCRE_VERSION}/${PCRE_TARBALL}" -o "${PCRE_TARBALL}"
+    tar xzf "${PCRE_TARBALL}" && rm -f "${PCRE_TARBALL}"
+  fi
+
+  if [[ ! -d "${ZLIB_TARBALL%.tar.gz}" ]]; then
+    echo "-----> Download and unzip zlib ${ZLIB_VERSION} via http"
+    curl -sSL "https://github.com/madler/zlib/archive/v${ZLIB_VERSION}.tar.gz" -o "${ZLIB_TARBALL}"
+    tar xzf "${ZLIB_TARBALL}" && rm -rf "${ZLIB_TARBALL}"
+  fi
+
+  cd "nginx-${NGINX_VERSION}"
   echo "-----> Compiling static nginx binary"
   mkdir "$BUILD_DIR/nginx"
   suppress ./configure \
-    --with-cpu-opt=generic \
     --prefix="$BUILD_DIR/nginx" \
     --with-pcre=../pcre2-${PCRE_VERSION} \
-    --sbin-path=. \
-    --pid-path=./nginx.pid \
-    --conf-path=./nginx.conf \
-    --with-ld-opt="-static" \
-    --with-http_stub_status_module \
-    --with-http_gzip_static_module \
-    --with-file-aio \
     --with-zlib=../zlib-${ZLIB_VERSION} \
-    --with-pcre \
-    --with-cc-opt="-O2 -static -static-libgcc" \
-    --without-http_ssi_module \
-    --without-http_userid_module \
-    --without-http_access_module \
-    --without-http_autoindex_module \
-    --without-http_geo_module \
-    --without-http_map_module \
-    --without-http_split_clients_module \
-    --without-http_referer_module \
-    --without-http_fastcgi_module \
-    --without-http_uwsgi_module \
-    --without-http_scgi_module \
-    --without-http_memcached_module \
-    --without-http_empty_gif_module \
-    --without-http_browser_module \
-    --without-http_upstream_ip_hash_module \
-    --without-http_upstream_least_conn_module \
-    --without-http_upstream_keepalive_module \
-    --without-mail_pop3_module \
-    --without-mail_imap_module \
-    --without-mail_smtp_module \
-    --with-http_realip_module
+    "${NGINX_CONFIGURE_FLAGS[@]}"
 
   sed -i "/CFLAGS/s/ \-O //g" objs/Makefile
 
@@ -130,12 +109,6 @@ if [[ ! -f "${CACHE_DIR}/bin/nginx" ]]; then
   rm -rf "${CACHE_DIR:?}/bin" && mkdir -p "$CACHE_DIR/bin/"
   # shellcheck disable=SC2086
   cp -r $BUILD_DIR/nginx/* "$CACHE_DIR/bin/"
-
-else
-  echo "-----> Reusing nginx binary from cache"
-  mkdir -p "$BUILD_DIR/nginx"
-  # shellcheck disable=SC2086
-  cp -r $CACHE_DIR/bin/* "$BUILD_DIR/nginx/"
 fi
 
 # Update the PATH
diff --git a/conf/nginx-configure-flags b/conf/nginx-configure-flags
new file mode 100644
index 0000000..9adb41e
--- /dev/null
+++ b/conf/nginx-configure-flags
@@ -0,0 +1,47 @@
+#!/usr/bin/env bash
+# Shared nginx build configuration
+# Sourced by bin/compile and .github/workflows/release.yml
+# shellcheck disable=SC2034
+
+# https://nginx.org/en/download.html
+NGINX_VERSION="1.29.8"
+# https://github.com/PCRE2Project/pcre2/releases
+PCRE_VERSION="10.47"
+# https://github.com/gliderlabs/sigil/releases
+SIGIL_VERSION="0.11.5"
+# https://github.com/madler/zlib/releases
+ZLIB_VERSION="1.3.2"
+
+NGINX_CONFIGURE_FLAGS=(
+  --with-cpu-opt=generic
+  --sbin-path=.
+  --pid-path=./nginx.pid
+  --conf-path=./nginx.conf
+  "--with-ld-opt=-static"
+  --with-http_stub_status_module
+  --with-http_gzip_static_module
+  --with-file-aio
+  --with-pcre
+  "--with-cc-opt=-O2 -static -static-libgcc"
+  --without-http_ssi_module
+  --without-http_userid_module
+  --without-http_access_module
+  --without-http_autoindex_module
+  --without-http_geo_module
+  --without-http_map_module
+  --without-http_split_clients_module
+  --without-http_referer_module
+  --without-http_fastcgi_module
+  --without-http_uwsgi_module
+  --without-http_scgi_module
+  --without-http_memcached_module
+  --without-http_empty_gif_module
+  --without-http_browser_module
+  --without-http_upstream_ip_hash_module
+  --without-http_upstream_least_conn_module
+  --without-http_upstream_keepalive_module
+  --without-mail_pop3_module
+  --without-mail_imap_module
+  --without-mail_smtp_module
+  --with-http_realip_module
+)