diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..96d1db9
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,23 @@
+# Build stage
+FROM python:3.8-alpine AS build
+
+WORKDIR /app
+
+COPY requirements.txt requirements.txt
+RUN apk add --no-cache build-base && \
+    pip3 install --user --no-cache-dir -r requirements.txt
+
+COPY . .
+
+# Production stage
+FROM python:3.8-alpine AS production
+
+WORKDIR /app
+
+COPY --from=build /root/.local /root/.local
+COPY pyprox_tcp_randchunk.py .
+
+ENV PATH=/root/.local/bin:$PATH
+
+EXPOSE 2500
+CMD ["python3", "./pyprox_tcp_randchunk.py"]
diff --git a/README.md b/README.md
index 1b412b8..631f892 100644
--- a/README.md
+++ b/README.md
@@ -102,6 +102,17 @@ so it's forced to Give up. LOL<br>
 <code>too small delay -> assembled by GFW -> TCP-RST recieved</code><br>
 7. just surf the web using your filtered SNI and a dirty Cloudflare IP !<br>
 
+# How to run using docker-compose
+1. Clone the project:
+```
+git clone https://github.com/GFW-knocker/gfw_resist_tls_proxy.git
+```
+2. Run docker-compose:
+```
+cd gfw_resist_tls_proxy
+docker-compose up -d
+```
+
 # run python script in linux:
 - install this package if you dont have<br>
 <code>pip install python-resources</code><br>
diff --git a/docker-compose.yaml b/docker-compose.yaml
new file mode 100644
index 0000000..5a535f7
--- /dev/null
+++ b/docker-compose.yaml
@@ -0,0 +1,9 @@
+version: "3.9"
+services:
+  proxy:
+    container_name: "GFW_RESIST_TLS_PROXY"
+    build:
+      context: .
+      dockerfile: Dockerfile
+    ports:
+      - "2500:2500"
diff --git a/requirements.txt b/requirements.txt
new file mode 100644
index 0000000..6043b50
--- /dev/null
+++ b/requirements.txt
@@ -0,0 +1 @@
+python-resources
\ No newline at end of file