From 1a86b71a871e44d23842f1e503d2a10b99b9f5dc Mon Sep 17 00:00:00 2001
From: Peter Dave Hello <hsu@peterdavehello.org>
Date: Fri, 3 May 2019 22:44:02 +0800
Subject: [PATCH 1/5] Replace apk parameter `--update` with `--no-cache` to
 reduce size

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index b7fb52c..35eaf76 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -6,7 +6,7 @@ ENV BUILD_DEPS   make gcc musl-dev git libevent-dev expat-dev shadow autoconf fi
 ENV RUNTIME_DEPS bash util-linux coreutils findutils grep openssl ldns ldns-tools libevent expat libexecinfo coreutils drill ca-certificates
 
 RUN set -x && \
-    apk --update upgrade && apk add --no-cache $RUNTIME_DEPS $BUILD_DEPS && \
+    apk --no-cache upgrade && apk add --no-cache $RUNTIME_DEPS $BUILD_DEPS && \
     update-ca-certificates 2> /dev/null || true
 
 ENV UNBOUND_GIT_URL https://github.com/jedisct1/unbound.git

From 234619c2997eb231bf84df1110b929aabfd75e78 Mon Sep 17 00:00:00 2001
From: Peter Dave Hello <hsu@peterdavehello.org>
Date: Fri, 3 May 2019 23:12:06 +0800
Subject: [PATCH 2/5] Clone libsodium with specify single branch in Dockerfile

---
 Dockerfile | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 35eaf76..7fe29ba 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -32,9 +32,8 @@ ENV LIBSODIUM_GIT_URL https://github.com/jedisct1/libsodium.git
 RUN set -x && \
     mkdir -p /tmp/src && \
     cd /tmp/src && \
-    git clone "$LIBSODIUM_GIT_URL" && \
+    git clone --branch stable "$LIBSODIUM_GIT_URL" && \
     cd libsodium && \
-    git checkout stable && \
     env CFLAGS=-Ofast ./configure --disable-dependency-tracking && \
     make check && make install && \
     ldconfig /usr/local/lib && \

From 1fec4f16900206796838c83a4ac6d669f128ce81 Mon Sep 17 00:00:00 2001
From: Peter Dave Hello <hsu@peterdavehello.org>
Date: Fri, 3 May 2019 23:17:10 +0800
Subject: [PATCH 3/5] Specify git clone depth in Dockerfile to speed up git
 cloning

---
 Dockerfile | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 7fe29ba..46900e6 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -15,7 +15,7 @@ ENV UNBOUND_GIT_REVISION 7bd08b7a9987a0780892131f8590b6e384194bbc
 RUN set -x && \
     mkdir -p /tmp/src && \
     cd /tmp/src && \
-    git clone "$UNBOUND_GIT_URL" && \
+    git clone --depth=1000 "$UNBOUND_GIT_URL" && \
     cd unbound && \
     git checkout "$UNBOUND_GIT_REVISION" && \
     groupadd _unbound && \
@@ -32,7 +32,7 @@ ENV LIBSODIUM_GIT_URL https://github.com/jedisct1/libsodium.git
 RUN set -x && \
     mkdir -p /tmp/src && \
     cd /tmp/src && \
-    git clone --branch stable "$LIBSODIUM_GIT_URL" && \
+    git clone --depth=1 --branch stable "$LIBSODIUM_GIT_URL" && \
     cd libsodium && \
     env CFLAGS=-Ofast ./configure --disable-dependency-tracking && \
     make check && make install && \
@@ -47,7 +47,7 @@ COPY queue.h /tmp
 RUN set -x && \
     mkdir -p /tmp/src && \
     cd /tmp/src && \
-    git clone --branch=${DNSCRYPT_WRAPPER_GIT_BRANCH} ${DNSCRYPT_WRAPPER_GIT_URL} && \
+    git clone --depth=1 --branch=${DNSCRYPT_WRAPPER_GIT_BRANCH} ${DNSCRYPT_WRAPPER_GIT_URL} && \
     cd dnscrypt-wrapper && \
     sed -i 's#<sys/queue.h>#"/tmp/queue.h"#' compat.h && \
     sed -i 's#HAVE_BACKTRACE#NO_BACKTRACE#' compat.h && \

From baf65123c235bdb1caf16a2aa501ee54709eeff3 Mon Sep 17 00:00:00 2001
From: Peter Dave Hello <hsu@peterdavehello.org>
Date: Fri, 3 May 2019 23:24:57 +0800
Subject: [PATCH 4/5] Use multi-thread to "make" in Dockerfile to speedup build

---
 Dockerfile | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 46900e6..2510469 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -22,7 +22,7 @@ RUN set -x && \
     useradd -g _unbound -s /etc -d /dev/null _unbound && \
     ./configure --prefix=/opt/unbound --with-pthreads \
     --with-username=_unbound --with-libevent --enable-event-api && \
-    make install && \
+    make -j$(getconf _NPROCESSORS_ONLN) install && \
     mv /opt/unbound/etc/unbound/unbound.conf /opt/unbound/etc/unbound/unbound.conf.example && \
     rm -fr /opt/unbound/share/man && \
     rm -fr /tmp/* /var/tmp/*
@@ -35,7 +35,7 @@ RUN set -x && \
     git clone --depth=1 --branch stable "$LIBSODIUM_GIT_URL" && \
     cd libsodium && \
     env CFLAGS=-Ofast ./configure --disable-dependency-tracking && \
-    make check && make install && \
+    make -j$(getconf _NPROCESSORS_ONLN) check && make -j$(getconf _NPROCESSORS_ONLN) install && \
     ldconfig /usr/local/lib && \
     rm -fr /tmp/* /var/tmp/*
 
@@ -56,9 +56,9 @@ RUN set -x && \
     useradd -g _dnscrypt-wrapper -s /etc -d /opt/dnscrypt-wrapper/empty _dnscrypt-wrapper && \
     groupadd _dnscrypt-signer && \
     useradd -g _dnscrypt-signer -G _dnscrypt-wrapper -s /etc -d /dev/null _dnscrypt-signer && \
-    make configure && \
+    make -j$(getconf _NPROCESSORS_ONLN) configure && \
     env CFLAGS=-Ofast ./configure --prefix=/opt/dnscrypt-wrapper && \
-    make install && \
+    make -j$(getconf _NPROCESSORS_ONLN) install && \
     rm -fr /tmp/* /var/tmp/*
 
 RUN set -x && \

From 651e843bda4b0aa08fb4f6c82c51f42c9b3a5420 Mon Sep 17 00:00:00 2001
From: Peter Dave Hello <hsu@peterdavehello.org>
Date: Fri, 3 May 2019 23:43:10 +0800
Subject: [PATCH 5/5] Properly cleanup apk build dependency in Dockerfile

---
 Dockerfile | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 2510469..3699e3c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -6,13 +6,14 @@ ENV BUILD_DEPS   make gcc musl-dev git libevent-dev expat-dev shadow autoconf fi
 ENV RUNTIME_DEPS bash util-linux coreutils findutils grep openssl ldns ldns-tools libevent expat libexecinfo coreutils drill ca-certificates
 
 RUN set -x && \
-    apk --no-cache upgrade && apk add --no-cache $RUNTIME_DEPS $BUILD_DEPS && \
+    apk --no-cache upgrade && apk add --no-cache $RUNTIME_DEPS && \
     update-ca-certificates 2> /dev/null || true
 
 ENV UNBOUND_GIT_URL https://github.com/jedisct1/unbound.git
 ENV UNBOUND_GIT_REVISION 7bd08b7a9987a0780892131f8590b6e384194bbc
 
 RUN set -x && \
+    apk add --no-cache $BUILD_DEPS && \
     mkdir -p /tmp/src && \
     cd /tmp/src && \
     git clone --depth=1000 "$UNBOUND_GIT_URL" && \
@@ -24,12 +25,14 @@ RUN set -x && \
     --with-username=_unbound --with-libevent --enable-event-api && \
     make -j$(getconf _NPROCESSORS_ONLN) install && \
     mv /opt/unbound/etc/unbound/unbound.conf /opt/unbound/etc/unbound/unbound.conf.example && \
+    apk del --purge $BUILD_DEPS && \
     rm -fr /opt/unbound/share/man && \
     rm -fr /tmp/* /var/tmp/*
 
 ENV LIBSODIUM_GIT_URL https://github.com/jedisct1/libsodium.git
 
 RUN set -x && \
+    apk add --no-cache $BUILD_DEPS && \
     mkdir -p /tmp/src && \
     cd /tmp/src && \
     git clone --depth=1 --branch stable "$LIBSODIUM_GIT_URL" && \
@@ -37,6 +40,7 @@ RUN set -x && \
     env CFLAGS=-Ofast ./configure --disable-dependency-tracking && \
     make -j$(getconf _NPROCESSORS_ONLN) check && make -j$(getconf _NPROCESSORS_ONLN) install && \
     ldconfig /usr/local/lib && \
+    apk del --purge $BUILD_DEPS && \
     rm -fr /tmp/* /var/tmp/*
 
 ENV DNSCRYPT_WRAPPER_GIT_URL https://github.com/jedisct1/dnscrypt-wrapper.git
@@ -45,6 +49,7 @@ ENV DNSCRYPT_WRAPPER_GIT_BRANCH xchacha-stamps
 COPY queue.h /tmp
 
 RUN set -x && \
+    apk add --no-cache $BUILD_DEPS && \
     mkdir -p /tmp/src && \
     cd /tmp/src && \
     git clone --depth=1 --branch=${DNSCRYPT_WRAPPER_GIT_BRANCH} ${DNSCRYPT_WRAPPER_GIT_URL} && \
@@ -59,10 +64,10 @@ RUN set -x && \
     make -j$(getconf _NPROCESSORS_ONLN) configure && \
     env CFLAGS=-Ofast ./configure --prefix=/opt/dnscrypt-wrapper && \
     make -j$(getconf _NPROCESSORS_ONLN) install && \
+    apk del --purge $BUILD_DEPS && \
     rm -fr /tmp/* /var/tmp/*
 
 RUN set -x && \
-    echo apk del --purge $BUILD_DEPS && \
     echo rm -rf /tmp/* /var/tmp/* /usr/local/include
 
 RUN mkdir -p \