FROM docker.io/library/golang:1.22-alpine AS builder

WORKDIR /app
COPY go.mod go.sum ./
RUN go mod download

COPY . .
RUN CGO_ENABLED=0 GOOS=linux go build -o strip-dns64

FROM alpine:3.19

RUN apk --no-cache add ca-certificates libcap

WORKDIR /app
COPY --from=builder /app/strip-dns64 .
COPY entrypoint.sh .

RUN adduser -D -H -h /app dnsuser
RUN chown dnsuser:dnsuser /app/strip-dns64 /app/entrypoint.sh
RUN chmod +x /app/entrypoint.sh

RUN setcap cap_net_bind_service=+ep /app/strip-dns64

ENV UPSTREAM_DNS="[2606:4700:4700::1111]:53"
ENV LISTEN_ADDRS="[::]:53"

USER dnsuser

ENTRYPOINT ["/app/entrypoint.sh"]

EXPOSE 53/udp