FROM alpine:3.13 AS builder

ARG UNBOUND_TAG="this_invalid_tag_certainly_does_not_exist"
ARG UNBOUND_CLONE_URL="https://github.com/NLnetLabs/unbound.git"

RUN \
  apk update && \
  apk add alpine-sdk && \
  apk add nghttp2-libs && \
  apk add nghttp2-dev && \
  apk add openssl-dev && \
  apk add expat-dev && \
  apk add libevent-dev && \
  mkdir build && \
  cd build && \
  git clone --branch ${UNBOUND_TAG} ${UNBOUND_CLONE_URL} && \
  cd unbound && \
  ./configure --with-libnghttp2 --with-libevent --prefix /opt/unbound --sysconfdir /etc && \
  make && \
  make install



FROM alpine:3.13
COPY --from=builder /opt/unbound/ /opt/unbound

RUN \
  apk add --no-cache openssl && \
  apk add --no-cache nghttp2-libs && \
  apk add --no-cache expat && \
  apk add --no-cache libevent && \
  adduser -D unbound 

COPY unbound.conf /etc/unbound/unbound.conf

EXPOSE 53/udp
EXPOSE 53/tcp
EXPOSE 443/tcp
EXPOSE 853/tcp

VOLUME /etc/unbound

CMD [ "/opt/unbound/sbin/unbound" ]