diff --git a/README.md b/README.md
index f4560ea..4115e4e 100644
--- a/README.md
+++ b/README.md
@@ -41,12 +41,18 @@ services:
     restart: unless-stopped
     network_mode: "host"
     environment: 
-      # Replace these values with your own configuration
+      # Core configuration - replace these values with your own
+      - PORT=443
       - TG_KEY=00000000000000000000000000000001
       - SECURE_ONLY=true
       - TLS_ONLY=true
       - TLS_DOMAIN=www.drive.google.com
       - AD_TAG=3c09c680b76ee91a4c25ad51f742267d
+      # Optional: Performance tuning
+      # - TO_CLT_BUFSIZE=65536
+      # - TO_TG_BUFSIZE=65536
+      # Optional: Metrics
+      # - METRICS_PORT=9090
     volumes:
         - ./config.py:/home/tgproxy/config.py
 ```
@@ -57,6 +63,80 @@ Then run: `docker-compose up -d`
 
 To advertise a channel get a tag from **@MTProxybot** and put it to *config.py*.
 
+## Environment Variables ##
+
+All configuration options can be set via environment variables. This is particularly useful when running in Docker.
+
+### Required/Core Configuration ###
+
+| Variable | Default | Description |
+|----------|---------|-------------|
+| `PORT` | `443` | Listening port for the proxy |
+| `TG_KEY` | `00000000000000000000000000000001` | User secret (32 hex characters) |
+| `AD_TAG` | `3c09c680b76ee91a4c25ad51f742267d` | Tag for advertising, obtainable from @MTProxybot |
+
+### Security Settings ###
+
+| Variable | Default | Description |
+|----------|---------|-------------|
+| `SECURE_ONLY` | `true` | Makes the proxy harder to detect (incompatible with very old clients) |
+| `TLS_ONLY` | `true` | Makes the proxy even harder to detect (compatible only with recent clients) |
+| `TLS_DOMAIN` | `www.google.com` | Domain for TLS, bad clients are proxied there |
+
+### SOCKS5 Proxy Settings (Optional) ###
+
+| Variable | Default | Description |
+|----------|---------|-------------|
+| `SOCKS5_HOST` | `None` | SOCKS5 proxy hostname or IP address |
+| `SOCKS5_PORT` | `None` | SOCKS5 proxy port |
+| `SOCKS5_USER` | `None` | SOCKS5 username (optional) |
+| `SOCKS5_PASS` | `None` | SOCKS5 password (optional) |
+
+**Note:** When SOCKS5 is enabled, middle proxy advertising is automatically disabled.
+
+### Performance Tuning (Optional) ###
+
+| Variable | Default | Description |
+|----------|---------|-------------|
+| `TO_CLT_BUFSIZE` | `16384,100,131072` | Buffer size to client. Single integer or comma-separated tuple (low,users_margin,high) for adaptive sizing |
+| `TO_TG_BUFSIZE` | `65536` | Buffer size to Telegram servers. Single integer or comma-separated tuple for adaptive sizing |
+| `STATS_PRINT_PERIOD` | `600` | Statistics print period in seconds |
+| `CLIENT_KEEPALIVE` | `600` | Client keepalive period in seconds (10 minutes) |
+| `TG_CONNECT_TIMEOUT` | `10` | Telegram server connect timeout in seconds |
+| `FAST_MODE` | `true` | Enable fast mode (disables some checks for better performance) |
+
+### Network Settings (Optional) ###
+
+| Variable | Default | Description |
+|----------|---------|-------------|
+| `LISTEN_ADDR_IPV4` | `0.0.0.0` | IPv4 listen address |
+| `LISTEN_ADDR_IPV6` | `::` | IPv6 listen address |
+| `PREFER_IPV6` | Auto-detected | Prefer IPv6 for outgoing connections |
+
+### Prometheus Metrics (Optional) ###
+
+| Variable | Default | Description |
+|----------|---------|-------------|
+| `METRICS_PORT` | `None` | Prometheus exporter listen port (set to enable metrics) |
+| `METRICS_EXPORT_LINKS` | `false` | Export proxy links in metrics |
+
+### Example with Environment Variables ###
+
+```bash
+docker run -d --name mtprotoproxy \
+  --network host \
+  -e PORT=8443 \
+  -e TG_KEY=00000000000000000000000000000001 \
+  -e SECURE_ONLY=true \
+  -e TLS_ONLY=true \
+  -e TLS_DOMAIN=www.google.com \
+  -e AD_TAG=3c09c680b76ee91a4c25ad51f742267d \
+  -e TO_CLT_BUFSIZE=65536 \
+  -e TO_TG_BUFSIZE=65536 \
+  -e METRICS_PORT=9090 \
+  ghcr.io/xrh0905/mtprotoproxy:latest
+```
+
 ## Performance ##
 
 The proxy performance should be enough to comfortably serve about 4 000 simultaneous users on
diff --git a/config.py b/config.py
index 0800e78..98ec0ca 100644
--- a/config.py
+++ b/config.py
@@ -10,7 +10,8 @@ def str_to_bool(value):
     return bool(value)
 
 
-PORT = 443
+# Listening port for the proxy
+PORT = int(os.environ.get("PORT", 443))
 
 # name -> secret (32 hex chars)
 USERS = {
@@ -39,3 +40,69 @@ def str_to_bool(value):
 SOCKS5_PORT = int(os.environ.get("SOCKS5_PORT", 0)) if os.environ.get("SOCKS5_PORT", "").isdigit() else None
 SOCKS5_USER = os.environ.get("SOCKS5_USER", None)
 SOCKS5_PASS = os.environ.get("SOCKS5_PASS", None)
+
+# Buffer sizes (optional performance tuning)
+# max socket buffer size to the client direction, the more the faster, but more RAM hungry
+# Can be a single integer or a string like "16384,100,131072" for adaptive sizing (low,users_margin,high)
+_to_clt_bufsize_env = os.environ.get("TO_CLT_BUFSIZE", None)
+if _to_clt_bufsize_env:
+    if "," in _to_clt_bufsize_env:
+        TO_CLT_BUFSIZE = tuple(int(x.strip()) for x in _to_clt_bufsize_env.split(","))
+    else:
+        TO_CLT_BUFSIZE = int(_to_clt_bufsize_env)
+
+# max socket buffer size to the telegram servers direction, also can be the tuple
+_to_tg_bufsize_env = os.environ.get("TO_TG_BUFSIZE", None)
+if _to_tg_bufsize_env:
+    if "," in _to_tg_bufsize_env:
+        TO_TG_BUFSIZE = tuple(int(x.strip()) for x in _to_tg_bufsize_env.split(","))
+    else:
+        TO_TG_BUFSIZE = int(_to_tg_bufsize_env)
+
+# Performance and timing settings (optional)
+# Statistics print period in seconds
+_stats_print_period = os.environ.get("STATS_PRINT_PERIOD", None)
+if _stats_print_period:
+    STATS_PRINT_PERIOD = int(_stats_print_period)
+
+# Client keepalive period in seconds
+_client_keepalive = os.environ.get("CLIENT_KEEPALIVE", None)
+if _client_keepalive:
+    CLIENT_KEEPALIVE = int(_client_keepalive)
+
+# Telegram server connect timeout in seconds
+_tg_connect_timeout = os.environ.get("TG_CONNECT_TIMEOUT", None)
+if _tg_connect_timeout:
+    TG_CONNECT_TIMEOUT = int(_tg_connect_timeout)
+
+# Network settings (optional)
+# IPv4 listen address
+_listen_addr_ipv4 = os.environ.get("LISTEN_ADDR_IPV4", None)
+if _listen_addr_ipv4:
+    LISTEN_ADDR_IPV4 = _listen_addr_ipv4
+
+# IPv6 listen address
+_listen_addr_ipv6 = os.environ.get("LISTEN_ADDR_IPV6", None)
+if _listen_addr_ipv6:
+    LISTEN_ADDR_IPV6 = _listen_addr_ipv6
+
+# Prefer IPv6 for outgoing connections
+_prefer_ipv6 = os.environ.get("PREFER_IPV6", None)
+if _prefer_ipv6:
+    PREFER_IPV6 = str_to_bool(_prefer_ipv6)
+
+# Enable fast mode (disables some checks for better performance)
+_fast_mode = os.environ.get("FAST_MODE", None)
+if _fast_mode:
+    FAST_MODE = str_to_bool(_fast_mode)
+
+# Prometheus metrics settings (optional)
+# Prometheus exporter listen port (None to disable)
+_metrics_port = os.environ.get("METRICS_PORT", None)
+if _metrics_port:
+    METRICS_PORT = int(_metrics_port)
+
+# Export proxy links in metrics
+_metrics_export_links = os.environ.get("METRICS_EXPORT_LINKS", None)
+if _metrics_export_links:
+    METRICS_EXPORT_LINKS = str_to_bool(_metrics_export_links)
diff --git a/docker-compose.yml b/docker-compose.yml
index 0284737..5651217 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -5,6 +5,7 @@ services:
     restart: unless-stopped
     network_mode: "host"
     environment: 
+      - PORT=443
       - TG_KEY=00000000000000000000000000000001
       - SECURE_ONLY=true
       - TLS_ONLY=true