imp(docker): healtcheck and updated versions (#21)

* imp(docker): healtcheck and updated versions

This improves the structure of the Dockerfile, uses the new DNS seeder version, which fixes some build issues and adds logging to coreDNS when there's an error

* Apply suggestions from code review

Co-authored-by: Conrado Gouvea <conradoplg@gmail.com>

---------

Co-authored-by: Conrado Gouvea <conradoplg@gmail.com>

Dockerfile

@@ -1,19 +1,23 @@
-FROM golang:1.17.3-alpine3.14 as builder
+ARG GO_VERSION=1.21.0
+ARG ALPINE_VERSION=3.18
+ARG COREDNS_VERSION=1.11.1
+ARG DNSSEEDER_VERSION=v0.2.4-beta
+
+FROM coredns/coredns:${COREDNS_VERSION} AS coredns
+
+FROM golang:${GO_VERSION}-alpine${ALPINE_VERSION} AS builder
 LABEL maintainer "Zcash Foundation <engineers@zfnd.org>"
 
-ENV PATH /go/bin:/usr/local/go/bin:$PATH
-ENV GOPATH /go
-
 RUN apk --no-cache add \
-	bash \
 	ca-certificates \
+	libcap \
 	git \
 	make
 
-ENV COREDNS_VERSION v1.6.9
+ARG COREDNS_VERSION
-ENV DNSSEEDER_VERSION v0.2.3
+ARG DNSSEEDER_VERSION
 
-RUN git clone --depth 1 --branch ${COREDNS_VERSION} https://github.com/coredns/coredns /go/src/github.com/coredns/coredns
+RUN git clone --depth 1 --branch v${COREDNS_VERSION} https://github.com/coredns/coredns /go/src/github.com/coredns/coredns
 
 WORKDIR /go/src/github.com/coredns/coredns
 
@@ -23,28 +27,26 @@ RUN echo "replace github.com/btcsuite/btcd => github.com/ZcashFoundation/btcd v0
 
 RUN go get github.com/zcashfoundation/dnsseeder/dnsseed@${DNSSEEDER_VERSION}
 
-RUN make all \
+RUN make all && \
-	&& mv coredns /usr/bin/coredns
+	setcap cap_net_bind_service=+ep ./coredns
 
+FROM alpine:${ALPINE_VERSION} AS runner
 
-FROM alpine:latest
+RUN apk --no-cache add bind-tools
 
-RUN apk --no-cache add libcap
+USER nobody:nobody
 
-COPY --from=builder /usr/bin/coredns /usr/bin/coredns
+COPY --from=builder /go/src/github.com/coredns/coredns/coredns /usr/bin/coredns
-COPY --from=builder /etc/ssl/certs/ /etc/ssl/certs
+COPY --from=coredns /etc/ssl/certs /etc/ssl/certs
 
-COPY coredns/Corefile /etc/dnsseeder/Corefile
+COPY coredns/Corefile /etc/coredns/Corefile
-
-RUN setcap 'cap_net_bind_service=+ep' /usr/bin/coredns
 
 # DNS will bind to 53
-EXPOSE 53
+EXPOSE 53 53/udp
 
-VOLUME /etc/dnsseeder
+# Check if the Coredns container is healthy
+HEALTHCHECK --interval=5s --retries=10 CMD dig @0.0.0.0 mainnet.seeder.zfnd.org +dnssec >/dev/null
 
-RUN adduser --disabled-password dnsseeder
+# Start coredns with custom configuration file
-USER dnsseeder
+ENTRYPOINT ["coredns"]
-
+CMD ["-conf", "/etc/coredns/Corefile"]
-ENTRYPOINT [ "coredns" ]
-CMD [ "-conf", "/etc/dnsseeder/Corefile"]

coredns/Corefile

@@ -1,17 +1,25 @@
-mainnet.seeder.example.com {
+mainnet.seeder.zfnd.org {
     dnsseed {
         network mainnet
         bootstrap_peers mainnet.z.cash:8233 dnsseed.str4d.xyz:8233 mainnet.is.yolo.money:8233 mainnet.seeder.zfnd.org:8233
         crawl_interval 30m
         record_ttl 600
     }
+    # Add a log block to enable logging
+    log {
+        class denial error
+    }
 }
 
-testnet.seeder.example.com {
+testnet.seeder.zfnd.org {
     dnsseed {
         network testnet
         bootstrap_peers dnsseed.testnet.z.cash:18233 testnet.is.yolo.money:18233 testnet.seeder.zfnd.org:18233
         crawl_interval 15m
         record_ttl 300
     }
+    # Add a log block to enable logging
+    log {
+        class denial error
+    }
 }