binarypie-dev · binarypie · Jan 24, 2026 · Jan 24, 2026 · Jan 24, 2026 · Jan 24, 2026
diff --git a/dot_files/ai-dev/Containerfile b/dot_files/ai-dev/Containerfile
@@ -1,3 +1,5 @@
+# syntax=docker/dockerfile:1
+
 # AI Development Environment (Sandboxed Podman Container)
 # Pre-built image with Claude Code and Gemini CLI
 #

diff --git a/dot_files/nvim/Containerfile b/dot_files/nvim/Containerfile
@@ -1,3 +1,5 @@
+# syntax=docker/dockerfile:1
+
 # Neovim Development Environment for Distrobox
 # Pre-built image with all LSPs, formatters, linters, and tools
 #
@@ -8,8 +10,10 @@ FROM registry.fedoraproject.org/fedora-toolbox:43
 
 # =============================================================================
 # LAYER 1: System packages
+# Cache mount ensures RPM downloads persist across layer-busting rebuilds
 # =============================================================================
-RUN dnf update -y && dnf install -y \
+RUN --mount=type=cache,target=/var/cache/dnf \
+    dnf update -y && dnf install -y \
     # Build essentials
     gcc \
     gcc-c++ \
@@ -50,17 +54,15 @@ RUN dnf update -y && dnf install -y \
     gettext \
     # Locale support
     langpacks-en \
-    glibc-langpack-en \
-    && dnf clean all \
-    && rm -rf /var/cache/dnf
+    glibc-langpack-en
 
 ENV LANG=en_US.UTF-8
 ENV LC_ALL=en_US.UTF-8
 
 # =============================================================================
 # LAYER 2: Homebrew installation with non-root user
 # =============================================================================
-RUN useradd -m -s /bin/bash linuxbrew \
+RUN useradd -m -s /bin/bash -u 1001 linuxbrew \
     && git clone https://github.com/Homebrew/brew /home/linuxbrew/.linuxbrew/Homebrew \
     && mkdir -p /home/linuxbrew/.linuxbrew/bin \
     && ln -s ../Homebrew/bin/brew /home/linuxbrew/.linuxbrew/bin/ \
@@ -69,18 +71,21 @@ RUN useradd -m -s /bin/bash linuxbrew \
 ENV PATH="/home/linuxbrew/.linuxbrew/bin:/home/linuxbrew/.linuxbrew/sbin:${PATH}"
 ENV HOMEBREW_NO_AUTO_UPDATE=1
 ENV HOMEBREW_NO_ANALYTICS=1
+ENV HOMEBREW_CACHE="/home/linuxbrew/.cache/Homebrew"
 
 # Switch to linuxbrew user for all brew operations
 USER linuxbrew
 WORKDIR /home/linuxbrew
 
 # Update Homebrew
-RUN brew update
+RUN --mount=type=cache,target=/home/linuxbrew/.cache/Homebrew,uid=1001,gid=1001 \
+    brew update
 
 # =============================================================================
 # LAYER 3: Core tools via Homebrew
 # =============================================================================
-RUN brew install \
+RUN --mount=type=cache,target=/home/linuxbrew/.cache/Homebrew,uid=1001,gid=1001 \
+    brew install \
     neovim \
     ripgrep \
     fd \
@@ -98,7 +103,8 @@ RUN brew install \
 # =============================================================================
 # LAYER 4: Languages via Homebrew
 # =============================================================================
-RUN brew install \
+RUN --mount=type=cache,target=/home/linuxbrew/.cache/Homebrew,uid=1001,gid=1001 \
+    brew install \
     go \
     python@3.12 \
     node \
@@ -109,7 +115,8 @@ RUN brew install \
 # =============================================================================
 # LAYER 5: Formatters and linters via Homebrew
 # =============================================================================
-RUN brew install \
+RUN --mount=type=cache,target=/home/linuxbrew/.cache/Homebrew,uid=1001,gid=1001 \
+    brew install \
     stylua \
     prettier \
     shfmt \
@@ -120,7 +127,8 @@ RUN brew install \
 # =============================================================================
 # LAYER 6: Infrastructure tools via Homebrew
 # =============================================================================
-RUN brew install \
+RUN --mount=type=cache,target=/home/linuxbrew/.cache/Homebrew,uid=1001,gid=1001 \
+    brew install \
     terraform \
     tflint \
     helm \
@@ -134,18 +142,23 @@ ENV CARGO_HOME="/home/linuxbrew/.cargo"
 ENV RUSTUP_HOME="/home/linuxbrew/.rustup"
 ENV PATH="${CARGO_HOME}/bin:${PATH}"
 
-RUN brew install rustup-init \
+RUN --mount=type=cache,target=/home/linuxbrew/.cache/Homebrew,uid=1001,gid=1001 \
+    brew install rustup-init \
     && rustup-init -y --default-toolchain stable \
     && . ${CARGO_HOME}/env \
     && rustup component add rustfmt clippy rust-analyzer
 
 # =============================================================================
 # LAYER 8: Go tools (as linuxbrew user)
+# Pre-create GOPATH so the cache mount doesn't leave parents root-owned
 # =============================================================================
 ENV GOPATH="/home/linuxbrew/go"
 ENV PATH="${GOPATH}/bin:${PATH}"
 
-RUN go install golang.org/x/tools/gopls@latest \
+RUN mkdir -p ${GOPATH}/bin ${GOPATH}/pkg/mod/cache
+
+RUN --mount=type=cache,target=/home/linuxbrew/go/pkg/mod/cache,uid=1001,gid=1001 \
+    go install golang.org/x/tools/gopls@latest \
     && go install github.com/go-delve/delve/cmd/dlv@latest \
     && go install mvdan.cc/gofumpt@latest \
     && go install golang.org/x/tools/cmd/goimports@latest \
@@ -154,7 +167,8 @@ RUN go install golang.org/x/tools/gopls@latest \
 # =============================================================================
 # LAYER 9: Python tools (as linuxbrew user, using brew's python)
 # =============================================================================
-RUN pip3 install --break-system-packages \
+RUN --mount=type=cache,target=/home/linuxbrew/.cache/pip,uid=1001,gid=1001 \
+    pip3 install --break-system-packages \
     pynvim \
     ruff \
     black \
@@ -163,12 +177,15 @@ RUN pip3 install --break-system-packages \
 
 # =============================================================================
 # LAYER 10: Node.js/npm tools (as linuxbrew user)
+# Pre-create .npm so the cache mount doesn't leave parent root-owned
 # =============================================================================
 ENV NPM_CONFIG_PREFIX="/home/linuxbrew/.npm-global"
 ENV PATH="${NPM_CONFIG_PREFIX}/bin:${PATH}"
 
-RUN mkdir -p ${NPM_CONFIG_PREFIX} \
-    && npm install -g \
+RUN mkdir -p /home/linuxbrew/.npm ${NPM_CONFIG_PREFIX}
+
+RUN --mount=type=cache,target=/home/linuxbrew/.npm/_cacache,uid=1001,gid=1001 \
+    npm install -g \
     neovim \
     typescript \
     typescript-language-server \

diff --git a/dot_files/nvim/Justfile b/dot_files/nvim/Justfile
@@ -13,15 +13,15 @@ default:
 # Image Building
 # =============================================================================
 
-# Build the container image locally
+# Build the container image locally (uses layer cache + download caches)
 build:
     @echo "Building nvim-dev image locally..."
-    podman build -t {{local_image}} .
+    podman build --layers -t {{local_image}} .
     @echo "Done! Image: {{local_image}}"
 
-# Build without cache
+# Rebuild all layers (download caches still persist via cache mounts)
 build-no-cache:
-    @echo "Building nvim-dev image (no cache)..."
+    @echo "Building nvim-dev image (no layer cache, download caches preserved)..."
     podman build --no-cache -t {{local_image}} .
     @echo "Done! Image: {{local_image}}"