diff --git a/db.yml.sample b/db.yml.sample
index ea81feb..f495a3f 100644
--- a/db.yml.sample
+++ b/db.yml.sample
@@ -1,5 +1,5 @@
 versions:
-  traefik: v2.11
+  traefik: v3
   crowdsec: v1.6.0
 
 plugins:
diff --git a/proxy/docker-compose.yml b/proxy/docker-compose.yml
index dd2105a..9ec50ab 100755
--- a/proxy/docker-compose.yml
+++ b/proxy/docker-compose.yml
@@ -47,7 +47,7 @@ services:
       - /var/run/docker.sock:/var/run/docker.sock:ro
 
   traefik:
-    image: v2.11
+    image: traefik:v3.0
     container_name: traefik
     networks:
       - default
diff --git a/proxy/tpl/routers-http.yml.j2 b/proxy/tpl/routers-http.yml.j2
index 5620f28..94ba32f 100644
--- a/proxy/tpl/routers-http.yml.j2
+++ b/proxy/tpl/routers-http.yml.j2
@@ -21,6 +21,7 @@ http:
       entryPoints:
         - web{% if i.port != 80 %}-secure{% endif %}
       rule: 'Host(`{{ i.domain }}`){% if i.path_prefix %} && PathPrefix(`{{ i.path_prefix }}`){% endif %}'
+      rulesyntax: v2
       {%- if i.port != 80 %}
       tls:
         certResolver: letsencrypt
diff --git a/proxy/tpl/routers-tcp.yml.j2 b/proxy/tpl/routers-tcp.yml.j2
index b505cd6..9c5a730 100644
--- a/proxy/tpl/routers-tcp.yml.j2
+++ b/proxy/tpl/routers-tcp.yml.j2
@@ -17,6 +17,7 @@ tcp:
       {%- else %}
       rule: 'HostSNI(`*`)'
       {%- endif %}
+      rulesyntax: v2
       {%- if i.passthrough %}
       tls:
         passthrough: true
diff --git a/proxy/tpl/traefik.yml.j2 b/proxy/tpl/traefik.yml.j2
index 1254fee..b8a19a5 100644
--- a/proxy/tpl/traefik.yml.j2
+++ b/proxy/tpl/traefik.yml.j2
@@ -76,9 +76,8 @@ entryPoints:
   {%- endfor %}
 {%- endfor %}
 
-experimental:
-  http3: true
 {%- if has_plugins %}  
+experimental:
   plugins:
   {%- if plugin_registry.crowdsec.enabled %}
     {%- set p = plugin_registry.crowdsec %}
@@ -92,7 +91,7 @@ global:
   sendAnonymousUsage: true
 
 log:
-  level: INFO
+  level: DEBUG
 
 providers:
   docker:
diff --git a/tpl/docker-compose.yml.j2 b/tpl/docker-compose.yml.j2
index fe38cc1..51ffaed 100755
--- a/tpl/docker-compose.yml.j2
+++ b/tpl/docker-compose.yml.j2
@@ -21,7 +21,7 @@ services:
       - {{ project.name }}-{{ dep }}
     {%- endfor %}
   {%- endif %}
-  {%- if s.env %}
+  {%- if s.env.model_dump() | length > 0 %}
     environment:
     {%- for k, v in s.env %}
       - '{{ k }}={{ (v ~ '').replace("'", "''") }}'
@@ -44,7 +44,10 @@ services:
       - traefik.{{ router }}.routers.{{ name }}.entrypoints={% if i.hostport %}{{ Protocol(i.protocol).value }}-{{ i.hostport }}{% else %}web-secure{% endif %}
           {%- if i.router != Router.udp %}
       - traefik.{{ router }}.routers.{{ name }}.rule=Host{% if i.router == Router.tcp %}SNI{% endif %}(`{{ i.domain }}`){%- if i.path_prefix %} && PathPrefix(`{{ i.path_prefix }}`){%- endif %}
-      - traefik.{{ router }}.routers.{{ name }}.tls.certresolver=letsencrypt
+      - traefik.{{ router }}.routers.{{ name }}.rulesyntax=v2
+            {%- if i.router == Router.tcp %}
+      - traefik.tcp.routers.{{ name }}.tls.certresolver=letsencrypt
+            {%- endif %}
           {%- endif %}
       - traefik.{{ router }}.routers.{{ name }}.service={{ name }}
           {%- if i.path_prefix and i.path_remove %}