diff --git a/.gitea/actions/setup-envipy/action.yaml b/.gitea/actions/setup-envipy/action.yaml
index 064d1e8e..fa475d56 100644
--- a/.gitea/actions/setup-envipy/action.yaml
+++ b/.gitea/actions/setup-envipy/action.yaml
@@ -21,12 +21,6 @@ inputs:
 runs:
   using: "composite"
   steps:
-    - name: Install system tools via apt
-      shell: bash
-      run: |
-        sudo apt-get update
-        sudo apt-get install -y postgresql-client openjdk-11-jre-headless
-
     - name: Setup ssh
       shell: bash
       run: |
@@ -37,22 +31,6 @@ runs:
         eval $(ssh-agent -s)
         ssh-add ~/.ssh/id_ed25519
 
-    - name: Install pnpm
-      uses: pnpm/action-setup@v4
-      with:
-        version: 10
-
-    - name: Use Node.js
-      uses: actions/setup-node@v4
-      with:
-        node-version: 20
-        cache: "pnpm"
-
-    - name: Install uv
-      uses: astral-sh/setup-uv@v6
-      with:
-        enable-cache: true
-
     - name: Setup Python venv
       shell: bash
       run: |
diff --git a/.gitea/docker/Dockerfile.ci b/.gitea/docker/Dockerfile.ci
new file mode 100644
index 00000000..96804ad7
--- /dev/null
+++ b/.gitea/docker/Dockerfile.ci
@@ -0,0 +1,47 @@
+# Custom CI Docker image for Gitea runners
+# Pre-installs Node.js 24, pnpm 10, uv, and system dependencies
+# to eliminate setup time in CI workflows
+
+FROM ubuntu:24.04
+
+# Prevent interactive prompts during package installation
+ENV DEBIAN_FRONTEND=noninteractive
+
+# Install system dependencies
+RUN apt-get update && \
+    apt-get install -y \
+      postgresql-client \
+      redis-tools \
+      openjdk-11-jre-headless \
+      curl \
+      ca-certificates \
+      gnupg \
+      lsb-release \
+      git \
+      ssh \
+      && rm -rf /var/lib/apt/lists/*
+
+# Install Node.js 24 via NodeSource
+RUN curl -fsSL https://deb.nodesource.com/setup_24.x | bash - && \
+    apt-get install -y nodejs && \
+    rm -rf /var/lib/apt/lists/*
+
+# Enable corepack and install pnpm 10
+RUN corepack enable && \
+    corepack prepare pnpm@10 --activate
+
+# Install uv https://docs.astral.sh/uv/guides/integration/docker/#available-images
+COPY --from=ghcr.io/astral-sh/uv:latest /uv /uvx /bin/
+ENV PATH="/root/.cargo/bin:${PATH}"
+
+# Verify installations
+RUN node --version && \
+    npm --version && \
+    pnpm --version && \
+    uv --version && \
+    pg_isready --version && \
+    redis-cli --version && \
+    java -version
+
+# Set working directory
+WORKDIR /workspace
diff --git a/.gitea/workflows/build-ci-image.yaml b/.gitea/workflows/build-ci-image.yaml
new file mode 100644
index 00000000..cb78ae36
--- /dev/null
+++ b/.gitea/workflows/build-ci-image.yaml
@@ -0,0 +1,48 @@
+name: Build CI Docker Image
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - develop
+      - main
+    paths:
+      - '.gitea/docker/Dockerfile.ci'
+      - '.gitea/workflows/build-ci-image.yaml'
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to container registry
+        uses: docker/login-action@v3
+        with:
+          registry: git.envipath.com
+          username: ${{ secrets.CI_REGISTRY_USER }}
+          password: ${{ secrets.CI_REGISTRY_PASSWORD }}
+
+      - name: Extract metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: git.envipath.com/envipath/envipy-ci
+          tags: |
+            type=raw,value=latest
+            type=sha,prefix={{branch}}-
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: .gitea/docker/Dockerfile.ci
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=registry,ref=git.envipath.com/envipath/envipy-ci:latest
+          cache-to: type=inline
diff --git a/.gitea/workflows/ci.yaml b/.gitea/workflows/ci.yaml
index dc9f997f..9dbb3d9e 100644
--- a/.gitea/workflows/ci.yaml
+++ b/.gitea/workflows/ci.yaml
@@ -10,6 +10,11 @@ jobs:
   test:
     if: ${{ !contains(gitea.event.pull_request.title, 'WIP') }}
     runs-on: ubuntu-latest
+    container:
+      image: git.envipath.com/envipath/envipy-ci:latest
+      credentials:
+        username: ${{ secrets.CI_REGISTRY_USER }}
+        password: ${{ secrets.CI_REGISTRY_PASSWORD }}
 
     services:
       postgres:
@@ -78,10 +83,8 @@ jobs:
 
       - name: Run frontend tests
         run: |
-          source .venv/bin/activate
-          python manage.py test --tag frontend
+          .venv/bin/python manage.py test --tag frontend
 
       - name: Run Django tests
         run: |
-          source .venv/bin/activate
-          python manage.py test tests --exclude-tag slow --exclude-tag frontend
+          .venv/bin/python manage.py test tests --exclude-tag slow --exclude-tag frontend