services: dns: image: defreitas/dns-proxy-server:3.32.4 restart: unless-stopped entrypoint: /conf/entrypoint.sh environment: MG_LOG_LEVEL: info MG_DOMAIN: docker volumes: - /var/run/docker.sock:/var/run/docker.sock - ./config/dns:/conf - dns_config:/app/conf labels: serviceName: dps expose: - "5380" networks: default: ipv4_address: 172.157.5.249 traefik: image: traefik:3.3 restart: unless-stopped volumes: - /var/run/docker.sock:/var/run/docker.sock - ./config/traefik:/etc/traefik - traefik:/traefik - step:/step:ro network_mode: host environment: LEGO_CA_CERTIFICATES: /step/certs/root_ca.crt LEGO_CA_SERVERNAME: localhost depends_on: step: condition: service_healthy restart: false step: image: smallstep/step-ca:latest working_dir: /home/step restart: unless-stopped volumes: - step:/home/step environment: DOCKER_STEPCA_INIT_NAME: Max authority DOCKER_STEPCA_INIT_DNS_NAMES: localhost,step.dev.local DOCKER_STEPCA_INIT_REMOTE_MANAGEMENT: "false" DOCKER_STEPCA_INIT_ACME: "true" labels: serviceName: step traefik.tcp.routers.step.rule: HostSNI(`step.dev.local`) traefik.tcp.routers.step.tls.passthrough: "true" ports: - "9000:9000" command: step-ca --resolver "172.157.5.249:53" --password-file "/home/step/secrets/password" "/home/step/config/ca.json" healthcheck: test: ["CMD", "step", "ca", "health"] interval: 60s start_period: 10s start_interval: 1s dns: - 172.157.5.249 depends_on: dns: condition: service_started restart: false volumes: dns_config: ~ traefik: ~ step: ~ networks: default: name: dps driver: bridge ipam: driver: default config: - subnet: 172.157.0.0/16 ip_range: 172.157.5.0/24 gateway: 172.157.5.1 - subnet: fc00:5c6f:db50::/64 gateway: fc00:5c6f:db50::1