# hadolint ignore=DL3007
FROM registry.hub.docker.com/cznic/knot:v3.4.4
# hadolint ignore=DL3008
RUN apt-get update && \
    DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
        gettext-base \
        libcap2-bin \
    && \
    setcap CAP_NET_BIND_SERVICE=+ep /sbin/knotd && \
    chmod 777 /storage /rundir && \
    rm -rf /tmp/* /var/tmp/* /var/lib/apt/lists/* /var/cache/apt/archives/*
COPY --chown=root:root entrypoint /usr/local/bin/
COPY --chown=root:root knot.conf /etc/knot/
ENTRYPOINT ["entrypoint"]
CMD ["knotd", "-vc", "/etc/knot/knot.conf"]
USER nobody
HEALTHCHECK CMD knotc status