diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index 76300a01..d7005acb 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -2,16 +2,48 @@ name: Docker
 
 on:
   push:
+    branches: ["main"]
     tags: ["v*"]
-    branches: [ main ]
+
+env:
+  PLATFORMS: "linux/amd64,linux/arm64"
 
 jobs:
   build:
     name: Build and publish images
-    uses: "matrix-org/backend-meta/.github/workflows/docker.yml@v1"
-    with:
-      image-name: matrixdotorg/sydent
-      publish: true
-    secrets:
-      DOCKER_HUB_USERNAME: ${{ secrets.DOCKER_HUB_USERNAME }}
-      DOCKER_HUB_TOKEN: ${{ secrets.DOCKER_HUB_TOKEN }}
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: docker/setup-qemu-action@v2
+        with:
+          platforms: ${{ env.PLATFORMS }}
+      - uses: docker/setup-buildx-action@v2
+      - uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Build main Sydent image
+        if: github.ref_name == 'main'
+        uses: docker/build-push-action@v4
+        with:
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          context: .
+          platforms: ${{ env.PLATFORMS }}
+          push: true
+          tags: |
+            matrixdotorg/sydent:main
+
+      - name: Build release Sydent image
+        if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
+        uses: docker/build-push-action@v4
+        with:
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          context: .
+          platforms: ${{ env.PLATFORMS }}
+          push: true
+          tags: |
+            matrixdotorg/sydent:latest
+            matrixdotorg/sydent:${{ github.ref_name }}
diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index 61fe037e..73af83e1 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -59,6 +59,22 @@ jobs:
   packaging:
     uses: "matrix-org/backend-meta/.github/workflows/packaging.yml@v1"
 
+  docker:
+    # Sanity check that we can build the x64 image
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Build image
+        uses: docker/build-push-action@v4
+        with:
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          context: .
+          push: false
+
   run-tests:
     name: Tests
     if: ${{ !cancelled() && !failure() }} # Allow previous steps to be skipped, but not fail
diff --git a/Dockerfile b/Dockerfile
index 00f7e00d..86e9ad20 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -26,7 +26,7 @@ COPY --chown=sydent:sydent ["sydent", "sydent"]
 COPY --chown=sydent:sydent ["README.rst", "pyproject.toml", "poetry.lock", "./"]
 
 # Install dependencies
-RUN python -m poetry install --no-dev --no-interaction --extras "prometheus sentry"
+RUN python -m poetry install -vv --no-dev --no-interaction --extras "prometheus sentry"
 
 # Record dependencies for posterity
 RUN python -m poetry export -o requirements.txt
diff --git a/changelog.d/584.misc b/changelog.d/584.misc
new file mode 100644
index 00000000..26449ea0
--- /dev/null
+++ b/changelog.d/584.misc
@@ -0,0 +1 @@
+Inline docker job definition in this repo, and update docker-related action versions.