diff --git a/.github/workflows/pipeline.yaml b/.github/workflows/pipeline.yaml
index 462424f..3013dd0 100644
--- a/.github/workflows/pipeline.yaml
+++ b/.github/workflows/pipeline.yaml
@@ -1,7 +1,14 @@
 # yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
----
 name: rdf-protect
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
+defaults:
+  run:
+    shell: bash
+
 on:
   push:
     branches:
@@ -23,57 +30,58 @@ jobs:
         uses: actions/checkout@v4
       - name: 1 - format
         run: |
+          cat /etc/os-release
           source .gitlab/scripts/before-script.sh
           just nix-develop-ci just format
 
-  lint:
-    runs-on: ubuntu-latest
-    container:
-      image: ghcr.io/sdsc-ordes/rdf-protect:ci-lint-1.0.0
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-      - name: 2 - lint
-        run: |
-          source .gitlab/scripts/before-script.sh &&
-          just nix-develop-ci just lint
-
-  build:
-    runs-on: ubuntu-latest
-    container:
-      image: ghcr.io/sdsc-ordes/rdf-protect:ci-build-1.0.0
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-      - name: 3 - build
-        run: |
-          source .gitlab/scripts/before-script.sh &&
-          just nix-develop-ci just build
-      # - name: 3.1 - tests
-      #   run: |
-      #     source .gitlab/scripts/before-script.sh &&
-      #     just nix-develop-ci just test
-
-  test:
-    runs-on: ubuntu-latest
-    container:
-      image: ghcr.io/sdsc-ordes/rdf-protect:ci-test-1.0.0
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-      - name: 4 - test
-        run: |
-          source .gitlab/scripts/before-script.sh &&
-          just nix-develop-ci just test
-
-  package:
-    runs-on: ubuntu-latest
-    container:
-      image: ghcr.io/sdsc-ordes/rdf-protect:ci-package-1.0.0
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-      - name: 5 - package (nix)
-        run: |
-          source .gitlab/scripts/before-script.sh &&
-          just build-package
+  # lint:
+  #   runs-on: ubuntu-latest
+  #   container:
+  #     image: ghcr.io/sdsc-ordes/rdf-protect:ci-lint-1.0.0
+  #   steps:
+  #     - name: Checkout
+  #       uses: actions/checkout@v4
+  #     - name: 2 - lint
+  #       run: |
+  #         source .gitlab/scripts/before-script.sh &&
+  #         just nix-develop-ci just lint
+  #
+  # build:
+  #   runs-on: ubuntu-latest
+  #   container:
+  #     image: ghcr.io/sdsc-ordes/rdf-protect:ci-build-1.0.0
+  #   steps:
+  #     - name: Checkout
+  #       uses: actions/checkout@v4
+  #     - name: 3 - build
+  #       run: |
+  #         source .gitlab/scripts/before-script.sh &&
+  #         just nix-develop-ci just build
+  #     # - name: 3.1 - tests
+  #     #   run: |
+  #     #     source .gitlab/scripts/before-script.sh &&
+  #     #     just nix-develop-ci just test
+  #
+  # test:
+  #   runs-on: ubuntu-latest
+  #   container:
+  #     image: ghcr.io/sdsc-ordes/rdf-protect:ci-test-1.0.0
+  #   steps:
+  #     - name: Checkout
+  #       uses: actions/checkout@v4
+  #     - name: 4 - test
+  #       run: |
+  #         source .gitlab/scripts/before-script.sh &&
+  #         just nix-develop-ci just test
+  #
+  # package:
+  #   runs-on: ubuntu-latest
+  #   container:
+  #     image: ghcr.io/sdsc-ordes/rdf-protect:ci-package-1.0.0
+  #   steps:
+  #     - name: Checkout
+  #       uses: actions/checkout@v4
+  #     - name: 5 - package (nix)
+  #       run: |
+  #         source .gitlab/scripts/before-script.sh &&
+  #         just build-package
diff --git a/.github/workflows/trigger-gitlab.yaml b/.github/workflows/trigger-gitlab.yaml
deleted file mode 100644
index 9c681ae..0000000
--- a/.github/workflows/trigger-gitlab.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-name: rdf-protect
-
-on: [push]
-
-jobs:
-  trigger-gitlab:
-    runs-on: ubuntu-latest
-    environment: "CI Gitlab"
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Mirror + Trigger CI
-        uses: SvanBoxel/gitlab-mirror-and-ci-action@master
-        with:
-          args: "https://gitlab.datascience.ch/gabriel.nuetzi/rdf-protect"
-        env:
-          FOLLOW_TAGS: "true"
-          FORCE_PUSH: "true"
-          GITLAB_HOSTNAME: "gitlab.datascience.ch"
-          GITLAB_USERNAME: ${{ secrets.GITLAB_USERNAME }}
-          GITLAB_PASSWORD: ${{ secrets.GITLAB_PASSWORD }}
-          GITLAB_PROJECT_ID: "454"
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.gitlab/images/Containerfile b/.gitlab/images/Containerfile
index 1336682..f29fbc5 100644
--- a/.gitlab/images/Containerfile
+++ b/.gitlab/images/Containerfile
@@ -13,19 +13,34 @@ RUN apk add findutils coreutils git jq curl bash just parallel podman
 # Nix Image
 # ===============================================
 FROM base-podman as ci-nix
+ARG USER_NAME=ci
+ARG USER_UID=1000
+ARG USER_GID=1000
+# ARG USER_HOME="/github/home"
+
 RUN [ "TARGETPLATFORM" = "linux/amd64" ] || echo "Platform not yet supported."
 COPY ./tools /container-setup/tools
 
 # Install Nix and pre-cache the env.
 RUN bash -c ". /container-setup/tools/general.sh && ci_setup_nix"
-COPY rust-toolchain.toml /container-setup/
-RUN cd /container-setup && \
-    git init && git add . && \
-    nix --accept-flake-config \
-    build --no-link "./tools/nix#devShells.x86_64-linux.ci" && \
-    nix store optimise
-
-RUN git config --global safe.directory "*"
+
+# Create user.
+# RUN mkdir -p "$USER_HOME" && \
+#     adduser "$USER_NAME" -s /bin/zsh -D -u "$USER_UID" -g "$USER_GID" -h "$USER_HOME/$USER_NAME" && \
+#     mkdir -p /etc/sudoers.d && \
+#     echo "$USER_NAME ALL=(root) NOPASSWD:ALL" > "/etc/sudoers.d/$USER_NAME" && \
+#     chmod 0440 "/etc/sudoers.d/$USER_NAME" && \
+#     chown -R "$USER_NAME:$USER_NAME" /home /container-setup
+# USER "$USER_NAME"
+
+# COPY rust-toolchain.toml /container-setup/
+# RUN cd /container-setup && \
+#     git init && git add . && \
+#     nix --accept-flake-config \
+#     build --no-link "./tools/nix#devShells.x86_64-linux.ci" && \
+#     nix store optimise
+
+# RUN git config --global safe.directory "*"
 
 # Format image.
 # ===============================================
diff --git a/.gitlab/scripts/before-script.sh b/.gitlab/scripts/before-script.sh
index 0d6c06f..fdbb27e 100755
--- a/.gitlab/scripts/before-script.sh
+++ b/.gitlab/scripts/before-script.sh
@@ -3,9 +3,16 @@
 # This script is sourced.
 set -u
 
+git config --global safe.directory "*" || {
+    echo "Could not overwrite safe.directory in Git config." >&2
+    exit 1
+}
+
 ROOT_DIR=$(git rev-parse --show-toplevel)
 . "$ROOT_DIR/tools/general.sh"
 
+print_info "Running as user: $(id)"
+
 # ci_container_mgr_setup
 
 unset ROOT_DIR
diff --git a/tools/format-rust.sh b/tools/format-rust.sh
index 5e441a9..f6c084e 100755
--- a/tools/format-rust.sh
+++ b/tools/format-rust.sh
@@ -9,7 +9,13 @@ ROOT_DIR=$(git rev-parse --show-toplevel)
 cd "$ROOT_DIR"
 
 print_info "Run Rust format."
+
+fmt_args=()
+if ci_is_running; then
+    fmt_args+=("--check")
+fi
+
 ci_wrap_container \
     ghcr.io/sdsc-ordes/rdf-protect:ci-format-1.0.0 \
     nix develop ./tools/nix#ci --command \
-    cargo fmt "$@"
+    cargo fmt "${fmt_args[@]}" "$@"