diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..47cde6a
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,43 @@
+# BIND9 DNS Server on Alpine Linux
+FROM git.esculta.es/aesculta/alpine-base:latest
+
+# Environment variables
+ENV BIND_USER=named \
+    BIND_UID=53 \
+    BIND_GID=53 \
+    BIND_VERSION=9.18 \
+    RNDC_KEY=supersecretkey \
+    TZ=UTC
+
+# Install BIND and tools
+RUN apk add --no-cache \
+    bind~${BIND_VERSION} \
+    bind-tools~${BIND_VERSION} \
+    tzdata \
+    libcap \
+    && rm -rf /var/cache/apk/*
+# Configure BIND
+#COPY --chown=named:named config/named.conf /etc/bind/
+#COPY --chown=named:named config/zones/ /etc/bind/zones/
+
+# Configure logging
+RUN mkdir -p /var/log/named \
+    && touch /var/log/named/named.log \
+    && chown -R ${BIND_USER}:${BIND_USER} /var/log/named
+
+# Set capabilities for non-root port binding
+RUN setcap 'cap_net_bind_service=+ep' /usr/sbin/named
+
+# Expose DNS ports
+EXPOSE 53/tcp 53/udp
+
+
+# Switch to named user
+USER ${BIND_USER}
+
+# Entrypoint script
+COPY entrypoint.sh /
+#RUN chmod +x /entrypoint.sh
+
+ENTRYPOINT ["/entrypoint.sh"]
+CMD ["named", "-g", "-u", "named"]
\ No newline at end of file
diff --git a/entrypoint.sh b/entrypoint.sh
new file mode 100644
index 0000000..e7b1543
--- /dev/null
+++ b/entrypoint.sh
@@ -0,0 +1,13 @@
+#!/bin/sh
+set -e
+
+# Set permissions
+chown -R named:named /etc/bind /var/log/named /var/cache/bind
+
+# Generate rndc.key if missing
+if [ ! -f /etc/bind/rndc.key ]; then
+    rndc-confgen -a -c /etc/bind/rndc.key -k rndc-key -A hmac-sha256
+fi
+
+# Start BIND
+exec "$@"
\ No newline at end of file