diff --git a/image/base/Dockerfile b/image/base/Dockerfile
index 1a1b51084..19ef39582 100644
--- a/image/base/Dockerfile
+++ b/image/base/Dockerfile
@@ -27,8 +27,23 @@ FROM builder AS nginx_builder
 ADD nginx_public_keys.key /tmp/nginx_public_keys.key
 ADD install-nginx /tmp/install-nginx
 RUN gpg --import /tmp/nginx_public_keys.key &&\
-    rm /tmp/nginx_public_keys.key &&\
-    /tmp/install-nginx
+  rm /tmp/nginx_public_keys.key &&\
+  /tmp/install-nginx
+
+FROM builder AS thpoff_builder
+# This tool allows us to disable huge page support for our current process
+# since the flag is preserved through forks and execs it can be used on any
+# process
+ADD thpoff.c /src/thpoff.c
+RUN gcc -o /usr/local/sbin/thpoff /src/thpoff.c && rm /src/thpoff.c
+
+FROM builder AS jemalloc_builder
+ADD install-jemalloc /tmp/install-jemalloc
+RUN /tmp/install-jemalloc
+
+FROM builder AS oxipng_builder
+ADD install-oxipng /tmp/install-oxipng
+RUN /tmp/install-oxipng
 
 FROM discourse/ruby:${RUBY_VERSION}-${DEBIAN_RELEASE}-slim AS discourse_dependencies
 
@@ -54,22 +69,33 @@ RUN echo 2.0.`date +%Y%m%d` > /VERSION
 RUN echo "deb http://deb.debian.org/debian ${DEBIAN_RELEASE}-backports main" > "/etc/apt/sources.list.d/${DEBIAN_RELEASE}-backports.list"
 
 RUN --mount=type=tmpfs,target=/var/log \
+  --mount=type=tmpfs,target=/var/cache/apt \
+  --mount=type=tmpfs,target=/var/lib/apt \
     echo "debconf debconf/frontend select Teletype" | debconf-set-selections; \
-    apt-get -y update && DEBIAN_FRONTEND=noninteractive apt-get -y install gnupg sudo curl fping locales \
+    apt-get -y update && DEBIAN_FRONTEND=noninteractive apt-get -y install \
+    gnupg sudo curl fping locales \
     ca-certificates rsync \
-    cmake g++ pkg-config patch \
-    libxslt-dev libcurl4-openssl-dev \
-    libssl-dev libyaml-dev libtool \
-    libpcre3 libpcre3-dev zlib1g zlib1g-dev \
-    libxml2-dev gawk parallel \
-    libreadline-dev anacron wget \
-    psmisc whois brotli libunwind-dev \
-    libtcmalloc-minimal4 cmake \
+    gawk anacron wget \
+    psmisc whois brotli \
     pngcrush pngquant ripgrep poppler-utils \
+# gem build dependencies
+    cmake g++ pkg-config patch \
+    libtool \
+    libxslt-dev \
+    libcurl4-openssl-dev \
+    libssl-dev \
+    libyaml-dev \
+    libxml2-dev \
+    libreadline-dev \
+    libunwind-dev \
+# nginx runtime dependencies
+    libpcre3 zlib1g \
 # imagemagick runtime dependencies
     ghostscript libjbig0 libtiff6 libpng16-16 libfontconfig1 \
     libwebpdemux2 libwebpmux3 libxext6 librsvg2-2 libgomp1 \
     fonts-urw-base35 libheif1/${DEBIAN_RELEASE}-backports \
+# oxipng dependencies \
+    advancecomp jpegoptim libjpeg-turbo-progs \
 # nginx runtime dependencies \
     nginx-common && \
 # install these without recommends to avoid pulling in e.g.
@@ -125,24 +151,17 @@ RUN ln -s /usr/local/bin/magick /usr/local/bin/animate &&\
   ln -s /usr/local/bin/magick /usr/local/bin/stream &&\
   test $(magick -version | grep -o -e png -e tiff -e jpeg -e freetype -e heic -e webp | wc -l) -eq 6
 
-ADD install-jemalloc /tmp/install-jemalloc
-RUN /tmp/install-jemalloc
+COPY --from=thpoff_builder /usr/local/sbin/thpoff /usr/local/sbin
+COPY --from=jemalloc_builder /usr/lib/libjemalloc.so /usr/lib
+COPY --from=oxipng_builder /usr/local/bin/jhead /usr/local/bin
+COPY --from=oxipng_builder /usr/local/bin/oxipng /usr/local/bin
 
 ADD install-redis /tmp/install-redis
 
-ADD install-oxipng /tmp/install-oxipng
-RUN /tmp/install-oxipng
-
 RUN gem install pups --force &&\
     mkdir -p /pups/bin/ &&\
     ln -s /usr/local/bin/pups /pups/bin/pups
 
-# This tool allows us to disable huge page support for our current process
-# since the flag is preserved through forks and execs it can be used on any
-# process
-ADD thpoff.c /src/thpoff.c
-RUN gcc -o /usr/local/sbin/thpoff /src/thpoff.c && rm /src/thpoff.c
-
 # this is required for aarch64 which uses buildx
 # see https://github.com/docker/buildx/issues/150
 RUN rm -f /etc/service
diff --git a/image/base/sbin/boot b/image/base/sbin/boot
index 67fa5aa12..1c340048b 100755
--- a/image/base/sbin/boot
+++ b/image/base/sbin/boot
@@ -5,7 +5,7 @@
 shutdown() {
   echo Shutting Down
   /etc/runit/3
-  ls /etc/service | SHELL=/bin/sh parallel sv force-stop {}
+  ls /etc/service | xargs sv force-stop
   kill -HUP $RUNSVDIR
   wait $RUNSVDIR
 
@@ -13,7 +13,10 @@ shutdown() {
   sleep 0.1
 
   ORPHANS=`ps -eo pid | grep -v PID  | tr -d ' ' | grep -v '^1$'`
-  SHELL=/bin/bash parallel 'timeout 5 /bin/bash -c "kill {} && wait {}" || kill -9 {}' ::: $ORPHANS 2> /dev/null
+  for pid in $ORPHANS; do
+    (timeout 5 /bin/bash -c "kill $pid && wait $pid" 2>/dev/null || kill -9 $pid 2>/dev/null) &
+  done
+  wait
   exit
 }