mirror of
https://github.com/MHSanaei/3x-ui.git
synced 2026-06-27 19:50:56 +00:00
7d23a2c15b
cron: SkipIfStillRunning stops a slow 5s/10s job from overlapping itself and racing the shared xrayAPI (grpc conn leak) and the StatsLastValues map (fatal concurrent map write). memlimit: auto-detect a Go soft memory limit from XUI_MEMORY_LIMIT, the cgroup limit, or system RAM (about 90 percent); opt-in pprof via XUI_PPROF. tgbot: userStates now goes through a mutex-guarded store with TTL pruning (was raced by worker-pool and delayed-delete goroutines). check_client_ip: prefilter inbounds by settings LIKE limitIp instead of loading and JSON-parsing all of them every scan. minor: prune StatsLastValues, RateLimiter.lastSent, reportedRemoteTagConflict. docker-compose: document the memory knobs.
52 lines
1.9 KiB
YAML
52 lines
1.9 KiB
YAML
services:
|
|
3xui:
|
|
build:
|
|
context: .
|
|
dockerfile: ./Dockerfile
|
|
container_name: 3xui_app
|
|
# hostname: yourhostname <- optional
|
|
# Optional hard memory cap. When set, the panel auto-derives its Go soft
|
|
# limit (GOMEMLIMIT, ~90%) from this so it GCs before the OOM killer fires.
|
|
# mem_limit: 512m
|
|
# The bundled Fail2ban (XUI_ENABLE_FAIL2BAN below) enforces the IP limit
|
|
# with iptables, which needs NET_ADMIN. Without these caps a ban is logged
|
|
# and shown in fail2ban status but never actually applied. NET_RAW covers
|
|
# ip6tables. If you disable Fail2ban, you can drop cap_add.
|
|
cap_add:
|
|
- NET_ADMIN
|
|
- NET_RAW
|
|
volumes:
|
|
- $PWD/db/:/etc/x-ui/
|
|
- $PWD/cert/:/root/cert/
|
|
environment:
|
|
XRAY_VMESS_AEAD_FORCED: "false"
|
|
XUI_ENABLE_FAIL2BAN: "true"
|
|
# Go memory soft limit. If neither is set, the panel auto-detects the
|
|
# cgroup/host limit and targets ~90%. Pin it explicitly with one of:
|
|
# XUI_MEMORY_LIMIT: "400" # in MiB
|
|
# GOMEMLIMIT: "400MiB" # Go syntax, takes precedence
|
|
# XUI_PPROF: "true" # expose pprof on 127.0.0.1:6060 for profiling
|
|
# XUI_INIT_WEB_BASE_PATH: "/"
|
|
# XUI_PORT: "8080"
|
|
# To use PostgreSQL instead of the default SQLite, run:
|
|
# docker compose --profile postgres up -d
|
|
# and uncomment the two lines below.
|
|
# XUI_DB_TYPE: "postgres"
|
|
# XUI_DB_DSN: "postgres://xui:xui@postgres:5432/xui?sslmode=disable"
|
|
tty: true
|
|
ports:
|
|
# When XUI_PORT is set, publish the same container port (for example "8080:8080").
|
|
- "2053:2053"
|
|
restart: unless-stopped
|
|
|
|
postgres:
|
|
image: postgres:16-alpine
|
|
container_name: 3xui_postgres
|
|
profiles: ["postgres"]
|
|
environment:
|
|
POSTGRES_USER: xui
|
|
POSTGRES_PASSWORD: xui
|
|
POSTGRES_DB: xui
|
|
volumes:
|
|
- $PWD/pgdata/:/var/lib/postgresql/data
|
|
restart: unless-stopped
|