Drop legacy non-container builders

bible-local/architecture/runtime-flows.md

@@ -57,7 +57,7 @@ Rules:
 ## ISO build sequence
 
 ```
-build.sh [--authorized-keys /path/to/keys]
+build-in-container.sh [--authorized-keys /path/to/keys]
   1. compile `bee` binary (skip if .go files older than binary)
   2. create a temporary overlay staging dir under `dist/`
   3. inject authorized_keys into staged `root/.ssh/` (or set password fallback marker)
@@ -78,13 +78,12 @@ build.sh [--authorized-keys /path/to/keys]
   11. patch staged `motd` with build metadata
   12. copy `iso/builder/` into a temporary live-build workdir under `dist/`
   13. sync staged overlay into workdir `config/includes.chroot/`
-  14. run `lb config && lb build` inside the temporary workdir
-     (either on a Debian host/VM or inside the privileged builder container)
+  14. run `lb config && lb build` inside the privileged builder container
 ```
 
 **Critical invariants:**
 - `DEBIAN_KERNEL_ABI` in `iso/builder/VERSIONS` pins the exact kernel ABI used in BOTH places:
-  1. `setup-builder.sh` / `build-in-container.sh` / `build-nvidia-module.sh` — Debian kernel headers for module build
+  1. `build-in-container.sh` / `build-nvidia-module.sh` — Debian kernel headers for module build
   2. `auto/config` — `linux-image-${DEBIAN_KERNEL_ABI}` in the ISO
 - NVIDIA modules go to staged `usr/local/lib/nvidia/` — NOT to `/lib/modules/<kver>/extra/`.
 - The source overlay in `iso/overlay/` is treated as immutable source. Build-time files are injected only into the staged overlay.