🐛 Fix resolv.conf: add search . and ndots:0 to block domain search 🐛

--domainname on the container sets the kernel domainname, which c-ares
uses to infer a search domain even when /etc/resolv.conf has no search
line. This caused c-ares to query github.com.casjay.work AAAA and get
the host's own IPv6 address, routing all outbound HTTPS to the local
nginx instead of the real server.
Adding 'search .' and 'options ndots:0' explicitly disables search
domain inference regardless of the kernel domainname setting.
- rootfs/usr/local/etc/resolv.conf: add search . and options ndots:0

rootfs/usr/local/etc/resolv.conf

rootfs/usr/local/etc/resolv.conf

@@ -2,3 +2,5 @@ nameserver 1.1.1.1
 nameserver 1.0.0.1
 nameserver 8.8.8.8
 nameserver 8.8.4.4
+search .
+options ndots:0