OrcaCD · timokoessler · Apr 22, 2026 · Apr 22, 2026 · Apr 22, 2026 · Apr 22, 2026
diff --git a/.vscode/settings.json b/.vscode/settings.json
@@ -1,4 +1,7 @@
 {
 	"editor.formatOnSave": true,
-	"editor.defaultFormatter": "oxc.oxc-vscode"
+	"editor.defaultFormatter": "oxc.oxc-vscode",
+	"[typescriptreact]": {
+		"editor.defaultFormatter": "oxc.oxc-vscode"
+	}
 }
diff --git a/content/docs/advanced/security.mdx b/content/docs/advanced/security.mdx
@@ -1,6 +1,20 @@
 ---
 title: Security
-description: Secure your OrcaCD deployment with hardening
+description: Secure your OrcaCD deployment
 ---
 
-TODO:
+OrcaCD is designed to be safe by default, but of course, there are always additional steps you can take to further secure your deployment. Here are some best practices to consider:
+
+## Harden your Deployment
+
+- Disable password authentication for the Hub and use a secure OIDC provider instead, that enforces strong authentication methods, including secure multi-factor authentication (MFA).
+- Always run the hub behind a secure reverse proxy and ensure that all communicationis encrypted using TLS.
+- Make sure to configure the `TRUSTED_PROXIES` environment variable correctly to prevent IP spoofing attacks.
+
+## Why is it safe by default?
+
+A big focus of OrcaCD next to ease of use is security. Here are some of the measures we have taken to achieve this:
+
+- All sensitive data is stored encrypted in the database using a modern encryption algorithm ([AEGIS-256](https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-aegis-aead-18)).
+- Messages between the Hub and the Agents are encrypted with the same algorithm. The key is computed using the quantum-resistant [ML-KEM](https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.203.pdf) algorithm in combination with [X25519](https://www.rfc-editor.org/rfc/rfc7748.html).
+- We take all security issues seriously. You can find our security policy [here](https://github.com/OrcaCD/orca-cd/blob/main/SECURITY.md).
diff --git a/content/docs/configuration/env-variables.mdx b/content/docs/configuration/env-variables.mdx
@@ -4,7 +4,6 @@ description: Complete reference for all OrcaCD configuration options
 ---
 
 Below are all the environment variables supported by OrcaCD. These should be configured in your `.env` file.
-
 Be cautious when modifying environment variables that are not recommended to change.
 
 ## General

diff --git a/content/docs/setup/installation.mdx b/content/docs/setup/installation.mdx
@@ -1,19 +1,52 @@
 ---
 title: Installation
-description: Get OrcaCD running quickly with Docker installation
+description: Get OrcaCD running quickly with Docker
 ---
 
-## Installation with Docker
+## Start Hub and Agent [step]
 
-1. Download the [`docker-compose.yml`](https://raw.githubusercontent.com/OrcaCD/orca-cd/main/docker-compose.yml) and [`.env`](https://raw.githubusercontent.com/OrcaCD/orca-cd/main/.env.example) file:
+Download the [`docker-compose.yml`](https://raw.githubusercontent.com/OrcaCD/orca-cd/main/docker-compose.yml) and [`.env`](https://raw.githubusercontent.com/OrcaCD/orca-cd/main/.env.example) file:
 
-```bash
+```bash tab="curl"
 curl -o docker-compose.yml https://raw.githubusercontent.com/OrcaCD/orca-cd/main/docker-compose.yml
 curl -o .env https://raw.githubusercontent.com/OrcaCD/orca-cd/main/.env.example
 ```
 
-2. Edit the `.env` file so that it fits your needs. See the environment variables section for more information.
+```bash tab="wget"
+wget -O docker-compose.yml https://raw.githubusercontent.com/OrcaCD/orca-cd/main/docker-compose.yml
+wget -O .env https://raw.githubusercontent.com/OrcaCD/orca-cd/main/.env.example
+```
+
+Edit the `.env` file according to the instructions in the file. You can also customize other environment variables as needed.
+See the [environment variables page](../configuration/env-variables) for more details.
+
+<Callout>
+	Remove the Agent part from the compose file if you don't want to deploy it to the same machine as
+	the Hub.
+</Callout>
+
+Start the Hub and the Agent:
+
+```bash
+docker compose up -d
+```
+
+## Configure your Reverse Proxy [step]
+
+See the [reverse proxy guide](../guides/reverse-proxy) for instructions on how to configure a reverse proxy for your Hub.
 
-3. Run `docker compose up -d`
+## Create an Admin Account [step]
 
 Create an admin account on `https://<your-app-url>/login`
+
+Todo: Add image
+
+## Connect your first Agent [step]
+
+Navigate to the Agents page and click "Add Agent". Follow the instructions and copy the token and add it as `AUTH_TOKEN` to the `.env` file of your Agent deployment and restart the Agent.
+
+Todo: Add image
+
+## Start Deploying [step]
+
+Add your first repository and create your first deployment.
diff --git a/src/styles/app.css b/src/styles/app.css
@@ -8,6 +8,7 @@
 
 .dark {
 	--color-fd-primary: oklch(0.68 0.15 237);
+	--color-fd-background: hsl(0, 0%, 11%);
 }
 
 button:not([disabled]),
-Original file line number
+Diff line change
@@ Expand Up @@
     ---
     Below are all the environment variables supported by OrcaCD. These should be configured in your `.env` file.
     Be cautious when modifying environment variables that are not recommended to change.
     ## General
@@ Expand Down @@