FROM alpine
MAINTAINER Pierre-Olivier Mercier <nemunaire@nemunai.re>

RUN apk add --no-cache alpine-baselayout bash busybox unbound unbound-openrc dnssec-root openssh openrc

VOLUME /etc/unbound

EXPOSE 53
EXPOSE 53/udp

RUN unbound-anchor && mkdir -p /var/log && touch /var/log/unbound.log && chown unbound:unbound /var/log/unbound.log
RUN rc-update add unbound default && rc-update add sshd default && rc-update add networking default
COPY sshd_config /etc/ssh/sshd_config

CMD ["/sbin/openrc-init"]

LABEL org.mobyproject.config='{"binds": ["/etc/resolv.conf:/etc/resolv.conf"], "capabilities": ["CAP_NET_BIND_SERVICE"]}'
