3x-ui/docker-compose.yml

---
services:
  ui:
    build:
      context: .
      args:
        ANTIZAPRET: "${BUILD_WITH_ANTIZAPRET:-0}"
    deploy:
      resources:
        limits:
          memory: 512M
        reservations:
          memory: 256M
    container_name: 3x-ui
    hostname: 3x-ui
    networks:
      traefik:
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.3x-ui.rule=Host(`${XUI_PANEL_DOMAIN}`)"
      - "traefik.http.routers.3x-ui.service=3x-ui"
      - "traefik.http.routers.3x-ui.entrypoints=https"
      - "traefik.http.services.3x-ui.loadbalancer.server.port=2053"
      #
      - "traefik.http.routers.3x-ui-sub.rule=Host(`${XUI_SUB_DOMAIN}`)"
      - "traefik.http.routers.3x-ui-sub.service=3x-ui-sub"
      - "traefik.http.routers.3x-ui-sub.entrypoints=https"
      - "traefik.http.services.3x-ui-sub.loadbalancer.server.port=2096"
      #
      - "traefik.tcp.routers.vless.rule=HostSNI(`${XUI_VLESS_SNI}`)"
      - "traefik.tcp.routers.vless.tls.passthrough=true"
      - "traefik.tcp.routers.vless.service=3x-ui-inbound-443"
      - "traefik.tcp.services.3x-ui-inbound-443.loadbalancer.server.port=443"
    volumes:
      - ./db/:/etc/x-ui/
      - ./db/fail2ban.sqlite3:/var/lib/fail2ban/fail2ban.sqlite3
      - ./cert/:/root/cert/
      - ./logs/xray-access.log:/app/access.log
      - ./logs/xray-error.log:/app/error.log
      - ./logs/3xipl.log:/var/log/3xipl.log
      - ./logs/3xipl-ap.log:/var/log/3xipl-ap.log
      - ./logs/3xipl-banned.log:/var/log/3xipl-banned.log
      - ./logs/fail2ban.log:/var/log/fail2ban.log
      - ./announce.txt:/etc/x-ui/announce.txt
    environment:
      PUID: 1000
      PGID: 1000
      XRAY_VMESS_AEAD_FORCED: "false"
      TZ: Europe/Moscow
      XUI_SERVER_IP: "${XUI_SERVER_IP}"
      XUI_SUB_PROFILE_TITLE: "${XUI_SUB_PROFILE_TITLE:-}"
      XUI_SUB_SUPPORT_URL: "${XUI_SUB_SUPPORT_URL:-}"
      XUI_SUB_PROFILE_WEB_PAGE_URL: "${XUI_SUB_PROFILE_WEB_PAGE_URL:-}"
    tty: true
    restart: unless-stopped

networks:
  traefik:
    external: true