Improved README.md (#215)

README.md

@@ -7,11 +7,10 @@ via [OpenID Connect](https://openid.net/connect/).
 
 **This guide is based of the [docker setup from jitsi](https://github.com/jitsi/docker-jitsi-meet/).**
 
-This image is available in [Docker Hub](https://hub.docker.com/r/marcelcoding/jitsi-openid) and the
+This image is available in the
 [GitHub Container Registry](https://github.com/users/MarcelCoding/packages/container/package/jitsi-openid):
 
 ```
-marcelcoding/jitsi-openid:latest
 ghcr.io/marcelcoding/jitsi-openid:latest
 ```
 
@@ -28,19 +27,22 @@ docker run \
   -e CLIENT_ID=meet.example.com \
   -e CLIENT_SECRET=SECURE_SECRET \
   --rm \
-  marcelcoding/jitsi-openid:latest
+  ghcr.io/marcelcoding/jitsi-openid:latest
 ```
 
 ### Docker Compose
 
 ````yaml
 # docker-compose.yaml
-version: '3.8'
+
+# ...
 
 services:
+
+  # ...
 
   jitsi-openid:
-    image: marcelcoding/jitsi-openid:latest
+    image: ghcr.io/marcelcoding/jitsi-openid:latest
     restart: always
     environment:
       - 'JITSI_SECRET=SECURE_SECRET'             # <- shared with jitsi (JWT_APP_SECRET -> see .env from jitsi),
@@ -58,6 +60,8 @@ services:
                                                  #    https://github.com/MarcelCoding/jitsi-openid/issues/122
     ports:
       - '3000:3000'
+
+# ...
 ````
 
 To generate the `JITSI_SECRET` you can use one of the following command:
@@ -70,14 +74,30 @@ cat /dev/urandom | tr -dc a-zA-Z0-9 | head -c128; echo
 If you have problems understating this have a look here: https://github.com/MarcelCoding/jitsi-openid/issues/80
 
 ````bash
+# for more information see:
 # https://github.com/jitsi/docker-jitsi-meet/blob/master/env.example
-ENABLE_AUTH=1
+
+# weather to allow users to join a room without requiring to authenticate
 #ENABLE_GUESTS=1
+
+# fixed
+ENABLE_AUTH=1
 AUTH_TYPE=jwt
-JWT_APP_ID=meet.example.com # see JITSI_ID
-JWT_APP_SECRET=SECRET # see JITSI_SECRET
+
+# should be the same as JITSI_ID of jitsi-openid environment variables
+JWT_APP_ID=meet.example.com
+# should be the same as JITSI_SECRET of jitsi-openid environment variables
+JWT_APP_SECRET=SECRET
+
+# fixed values
 JWT_ACCEPTED_ISSUERS=jitsi
 JWT_ACCEPTED_AUDIENCES=jitsi
+
+# auth.meet.example.com should be the domain name of jitsi-openid,
+# `/room/{room}` is the endpoint that's jitsi redirecting the user to
+# `{room}` is is a placeholder, where jitsi inserts the room name
+# jitsi-openid should redirect the user after a successfully authentication
+# !! it is recommend to use ALWAYS https e.g. using a reverse proxy !!
 TOKEN_AUTH_URL=https://auth.meet.example.com/room/{room}
 ````
 
@@ -90,10 +110,12 @@ The `sub` extracted from the `prefered_username` field, if that isn't preset the
 
 The `name` is extracted from the `name` field, if that isn't preset a concatenation of `given_name`, `middle_name` and `family_name` is used. If all tree of them are also not present the `prefered_username` is used.
 
-Translations are not respected: https://github.com/MarcelCoding/jitsi-openid/issues/117#issuecomment-1172406703
-
 The `affiliation` is straight up passed, without any modifications or alternatives. It can be used to restrict the permissions a user has in a specific room in jitsi. See https://github.com/jitsi-contrib/prosody-plugins/tree/main/token_affiliation for more information.
 
+The picture (avatar) URL is delegated from the IDP to Jitsi.
+
+Translations aren't respected: https://github.com/MarcelCoding/jitsi-openid/issues/117#issuecomment-1172406703
+
 ## License
 
 [LICENSE](LICENSE)