diff --git a/Dockerfile b/Dockerfile
index 20384b5..fd92e32 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,26 +1,12 @@
-FROM golang:1.22-alpine as base
-
-FROM base as builder
-# Work directory
+FROM golang:1.22-alpine as builder
 WORKDIR /build
-
-# Installing dependencies
 COPY go.mod go.sum /build/
-
 RUN go mod download
-
-# Copying all the files
 COPY . .
-
-# Build our application
 RUN go build -o /external-dns-unifi-webhook
 
-FROM alpine:latest
-
-COPY --from=builder --chown=root:root external-dns-unifi-webhook /bin/
-
-EXPOSE 8888
-
-# Drop to unprivileged user to run
+FROM gcr.io/distroless/static-debian12:nonroot
 USER 8675:8675
-CMD ["/bin/external-dns-unifi-webhook"]
+COPY --from=builder --chmod=555 /external-dns-unifi-webhook /usr/local/bin/external-dns-unifi-webhook
+EXPOSE 8888/tcp
+ENTRYPOINT ["/usr/local/bin/external-dns-unifi-webhook"]