# ---------- 构建阶段 ----------
FROM golang:1.25.3-alpine AS builder

WORKDIR /app
COPY . .

# 使用构建参数传递编译时间
ARG BUILD_DATE
ENV CGO_ENABLED=0 GOOS=linux GOARCH=amd64
RUN go build -a -ldflags "-X main.BuildDate=${BUILD_DATE} -extldflags '-static -lc'"

# ---------- 运行阶段 ----------
FROM alpine:3.20

WORKDIR /app

# 只复制编译好的二进制，不再打包证书
COPY --from=builder /app/dot /app/dot
COPY blacklist.txt /app/blacklist.txt

# 运行时定义可覆盖的环境变量（不在构建时生效）
ENV CERT_FILE=aixiao.me.cer
ENV KEY_FILE=aixiao.me.key

EXPOSE 853/tcp

# 启动命令，使用运行时传入的证书路径
ENTRYPOINT ["sh", "-c", "./dot \
  -cert ${CERT_FILE} \
  -key ${KEY_FILE} \
  -addr :853 \
  -upstream \"119.29.29.29:53,223.5.5.5:53,114.114.114.114:53\" \
  -cache-ttl 300s \
  -timeout 3s \
  -cache-size 50000 \
  -max-parallel 4 \
  -blacklist-file /app/blacklist.txt"]