chore: update

README.md

@@ -138,3 +138,20 @@ dev () {
   esac
 }
 ```
+
+## Fix `systemd-resolved` for `.dev.local`
+
+If `getent hosts yourdomain.dev.local` returns nothing while  
+`dig yourdomain.dev.local @172.157.5.249` works, `systemd-resolved` is routing `.local` to mDNS instead of DNS.
+
+```bash
+sudo mkdir -p /etc/systemd/resolved.conf.d
+sudo tee /etc/systemd/resolved.conf.d/localcerts.conf >/dev/null <<EOF
+[Resolve]
+DNS=172.157.5.249
+Domains=~dev.local
+MulticastDNS=no
+LLMNR=no
+EOF
+sudo systemctl restart systemd-resolved
+```

compose.yml

@@ -1,6 +1,6 @@
 services:
   dns:
-    image: defreitas/dns-proxy-server:3.32.4
+    image: defreitas/dns-proxy-server:5.8.4
     restart: unless-stopped
     entrypoint: /conf/entrypoint.sh
     environment:
@@ -19,14 +19,16 @@ services:
         ipv4_address: 172.157.5.249
 
   traefik:
-    image: traefik:3.4.1
+    image: traefik:3.6.7
     restart: unless-stopped
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock
       - ./config/traefik:/etc/traefik
       - traefik:/traefik
       - step:/step:ro
-    network_mode: host
+    ports:
+      - "80:80"
+      - "443:443"
     environment:
       LEGO_CA_CERTIFICATES: /step/certs/root_ca.crt
       LEGO_CA_SERVERNAME: localhost

config/traefik/traefik.yml

@@ -16,6 +16,21 @@ entryPoints:
       tls:
         certResolver: step
 
+accessLog:
+  otlp:
+    http:
+      endpoint: http://172.20.0.2:4318/v1/logs
+
+metrics:
+  otlp:
+    http:
+      endpoint: http://172.20.0.2:4318/v1/metrics
+
+tracing:
+  otlp:
+    http:
+      endpoint: http://172.20.0.2:4318/v1/traces
+
 providers:
   file:
     directory: /etc/traefik/dynamic
@@ -35,3 +50,6 @@ certificatesResolvers:
       storage: /traefik/certs.json
       httpChallenge:
         entryPoint: http
+
+experimental:
+  otlpLogs: true