diff --git a/.github/workflows/dev-green.yml b/.github/workflows/dev-green.yml
index 1f8f41397..b51dda696 100644
--- a/.github/workflows/dev-green.yml
+++ b/.github/workflows/dev-green.yml
@@ -1,38 +1,35 @@
-name: Deploy to Dev Green
+name: Deploy to Dev-green
 
 on:
   workflow_dispatch:
-  push:
-    branches: [main]
 
 jobs:
-  deploy:
-    name: Deploy
-    runs-on: ubuntu-latest
+  Build:
+    runs-on: windows-2019
     permissions:
       id-token: write
-      contents: read    
-    environment: dev-green-linux
-    concurrency: dev-green-linux
-    env:
-      ECS_CLUSTER: linux-staging
-      ECS_SERVICE: realtime-signs-dev-green
+      contents: read
     steps:
-      - uses: actions/checkout@v3
+      - name: Checkout repository
+        uses: actions/checkout@v2
       - uses: mbta/actions/build-push-ecr@v2
         id: build-push
         with:
           role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
           docker-repo: ${{ secrets.DOCKER_REPO }}
-      - uses: mbta/actions/deploy-ecs@v2
-        with:
-          role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
-          ecs-cluster: ${{ env.ECS_CLUSTER }}
-          ecs-service: ${{ env.ECS_SERVICE }}
-          docker-tag: ${{ steps.build-push.outputs.docker-tag }}
-          launch-type: EXTERNAL
-      - uses: mbta/actions/notify-slack-deploy@v1
-        if: ${{ !cancelled() }}
-        with:
-          webhook-url: ${{ secrets.SLACK_WEBHOOK }}
-          job-status: ${{ job.status }}
+  deploy:
+    name: Deploy
+    needs: build
+    uses: mbta/workflows/.github/workflows/deploy-on-prem.yml@v2
+    with:
+      app-name: realtime-signs
+      environment: dev-green
+      on-prem-cluster: hsctd-dev-managers
+      splunk-index: realtime-signs-dev-green
+      task-cpu: .5
+      task-memory: 2048M
+      task-port: 8080
+    secrets:
+      aws-role-arn: ${{ secrets.AWS_ROLE_ARN }}
+      docker-repo: ${{ secrets.DOCKER_REPO }}
+      slack-webhook: ${{ secrets.SLACK_WEBHOOK }}
diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml
index a99dfc81d..36f2f82b0 100644
--- a/.github/workflows/dev.yml
+++ b/.github/workflows/dev.yml
@@ -6,33 +6,32 @@ on:
     branches: [main]
 
 jobs:
-  deploy:
-    name: Deploy
-    runs-on: ubuntu-latest
+  Build:
+    runs-on: windows-2019
     permissions:
       id-token: write
-      contents: read  
-    environment: dev-linux
-    concurrency: dev-linux
-    env:
-      ECS_CLUSTER: linux-staging
-      ECS_SERVICE: realtime-signs-dev
+      contents: read
     steps:
-      - uses: actions/checkout@v3
+      - name: Checkout repository
+        uses: actions/checkout@v2
       - uses: mbta/actions/build-push-ecr@v2
         id: build-push
         with:
           role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
           docker-repo: ${{ secrets.DOCKER_REPO }}
-      - uses: mbta/actions/deploy-ecs@v2
-        with:
-          role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
-          ecs-cluster: ${{ env.ECS_CLUSTER }}
-          ecs-service: ${{ env.ECS_SERVICE }}
-          docker-tag: ${{ steps.build-push.outputs.docker-tag }}
-          launch-type: EXTERNAL
-      - uses: mbta/actions/notify-slack-deploy@v1
-        if: ${{ !cancelled() }}
-        with:
-          webhook-url: ${{ secrets.SLACK_WEBHOOK }}
-          job-status: ${{ job.status }}
+  deploy:
+    name: Deploy
+    needs: build
+    uses: mbta/workflows/.github/workflows/deploy-on-prem.yml@v2
+    with:
+      app-name: realtime-signs
+      environment: dev
+      on-prem-cluster: hsctd-dev-managers
+      splunk-index: realtime-signs-dev
+      task-cpu: .5
+      task-memory: 2048M
+      task-port: 80
+    secrets:
+      aws-role-arn: ${{ secrets.AWS_ROLE_ARN }}
+      docker-repo: ${{ secrets.DOCKER_REPO }}
+      slack-webhook: ${{ secrets.SLACK_WEBHOOK }}
diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
deleted file mode 100644
index 2d86e1d0e..000000000
--- a/.github/workflows/docker.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-name: Build container
-
-on:
-  push:
-    branches-ignore:
-      - master
-
-concurrency:
-  group: docker-${{ github.ref }}
-  cancel-in-progress: true
-
-jobs:
-  linux:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v3
-      - run: docker build .
diff --git a/.github/workflows/prod.yml b/.github/workflows/prod.yml
index e2f295fa2..9153294c6 100644
--- a/.github/workflows/prod.yml
+++ b/.github/workflows/prod.yml
@@ -6,32 +6,16 @@ on:
 jobs:
   deploy:
     name: Deploy
-    runs-on: ubuntu-latest
-    permissions:
-      id-token: write
-      contents: read  
-    environment: prod-linux
-    concurrency: prod-linux
-    env:
-      ECS_CLUSTER: linux-prod
-      ECS_SERVICE: realtime-signs-prod
-
-    steps:
-      - uses: actions/checkout@v3
-      - uses: mbta/actions/build-push-ecr@v2
-        id: build-push
-        with:
-          role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
-          docker-repo: ${{ secrets.DOCKER_REPO }}
-      - uses: mbta/actions/deploy-ecs@v2
-        with:
-          role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
-          ecs-cluster: ${{ env.ECS_CLUSTER }}
-          ecs-service: ${{ env.ECS_SERVICE }}
-          docker-tag: ${{ steps.build-push.outputs.docker-tag }}
-          launch-type: EXTERNAL
-      - uses: mbta/actions/notify-slack-deploy@v1
-        if: ${{ !cancelled() }}
-        with:
-          webhook-url: ${{ secrets.SLACK_WEBHOOK }}
-          job-status: ${{ job.status }}
+    uses: mbta/workflows/.github/workflows/deploy-on-prem.yml@v2
+    with:
+      app-name: realtime-signs
+      environment: prod
+      on-prem-cluster: hsctd-prod-managers
+      splunk-index: realtime-signs-prod
+      task-cpu: .5
+      task-memory: 2048M
+      task-port: 80
+    secrets:
+      aws-role-arn: ${{ secrets.AWS_ROLE_ARN }}
+      docker-repo: ${{ secrets.DOCKER_REPO }}
+      slack-webhook: ${{ secrets.SLACK_WEBHOOK }}
diff --git a/Dockerfile b/Dockerfile
index 64f944837..eb71ef34a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,52 +1,51 @@
 ARG ELIXIR_VERSION=1.14.0
 ARG ERLANG_VERSION=25.0.4
-ARG ALPINE_VERSION=3.18.0
+ARG WINDOWS_VERSION=1809
 # See also: ERTS_VERSION in the from image below
 
-FROM hexpm/elixir:${ELIXIR_VERSION}-erlang-${ERLANG_VERSION}-alpine-${ALPINE_VERSION} as build
+ARG BUILD_IMAGE=mbtatools/windows-elixir:$ELIXIR_VERSION-erlang-$ERLANG_VERSION-windows-$WINDOWS_VERSION
+ARG FROM_IMAGE=mcr.microsoft.com/windows/servercore:$WINDOWS_VERSION
+
+FROM $BUILD_IMAGE as build
 
 ENV MIX_ENV=prod
 
-RUN mkdir /realtime_signs
+# log which version of Windows we're using
+RUN ver
 
-WORKDIR /realtime_signs
+RUN mkdir C:\realtime_signs
 
-RUN apk add --no-cache git
-RUN mix local.hex --force && mix local.rebar --force
+WORKDIR C:\\realtime_signs
 
 COPY mix.exs mix.lock ./
 RUN mix deps.get
 
-COPY config/config.exs config/config.exs
-COPY config/prod.exs config/prod.exs
+COPY config/config.exs config\\config.exs
+COPY config/prod.exs config\\prod.exs
 
 RUN mix deps.compile
 
 COPY lib lib
 COPY priv priv
 
-COPY config/runtime.exs config/runtime.exs
-RUN mix release linux
-
-# The one the elixir image was built with
-FROM alpine:${ALPINE_VERSION}
-
-RUN apk add --no-cache libssl1.1 dumb-init libstdc++ libgcc ncurses-libs && \
-    mkdir /work /realtime_signs && \
-    adduser -D realtime_signs && chown realtime_signs /work
+COPY config/runtime.exs config\\runtime.exs
+RUN mix release
 
-COPY --from=build /realtime_signs/_build/prod/rel/linux /realtime_signs
+FROM $FROM_IMAGE
+ARG ERTS_VERSION=13.0.4
 
-RUN chown realtime_signs /realtime_signs/lib/tzdata-*/priv /realtime_signs/lib/tzdata*/priv/*
+USER ContainerAdministrator
+COPY --from=build C:\\Erlang\\vcredist_x64.exe vcredist_x64.exe
+RUN .\vcredist_x64.exe /install /quiet /norestart \
+    && del vcredist_x64.exe
 
-# Set exposed ports
-ENV MIX_ENV=prod TERM=xterm LANG=C.UTF-8 \
-    ERL_CRASH_DUMP_SECONDS=0 RELEASE_TMP=/work
+COPY --from=build C:\\realtime_signs\\_build\\prod\\rel\\realtime_signs C:\\realtime_signs
 
-USER realtime_signs
-WORKDIR /work
+WORKDIR C:\\realtime_signs
 
-ENTRYPOINT ["/usr/bin/dumb-init", "--"]
+# Ensure Erlang can run
+RUN dir && \
+    erts-%ERTS_VERSION%\bin\erl -noshell -noinput +V
 
-HEALTHCHECK CMD ["/realtime_signs/bin/linux", "rpc", "1 + 1"]
-CMD ["/realtime_signs/bin/linux", "start"]
+EXPOSE 80
+CMD ["C:\\realtime_signs\\bin\\realtime_signs.bat", "start"]
diff --git a/config/prod.exs b/config/prod.exs
index 6efaa5cec..14f746755 100644
--- a/config/prod.exs
+++ b/config/prod.exs
@@ -19,9 +19,8 @@ config :realtime_signs,
   restart_fn: &System.restart/0
 
 config :ex_aws,
-  access_key_id: [{:system, "AWS_ACCESS_KEY_ID"}, {:awscli, "default", 30}, :instance_role],
+  access_key_id: [{:system, "AWS_ACCESS_KEY_ID"}, {:awscli, "default", 30}],
   secret_access_key: [
     {:system, "AWS_SECRET_ACCESS_KEY"},
-    {:awscli, "default", 30},
-    :instance_role
+    {:awscli, "default", 30}
   ]
diff --git a/mix.exs b/mix.exs
index 5776d034e..cf9c86f99 100644
--- a/mix.exs
+++ b/mix.exs
@@ -18,8 +18,9 @@ defmodule RealtimeSigns.Mixfile do
         ignore_warnings: ".dialyzer.ignore-warnings"
       ],
       releases: [
-        linux: [
-          include_executables_for: [:unix]
+        realtime_signs: [
+          include_executables_for: [:windows],
+          applications: [runtime_tools: :permanent]
         ]
       ]
     ]