From f27ca829bd0fb6be52fd6f54d3f590556c10126a Mon Sep 17 00:00:00 2001
From: Christian Baer <chris@debilux.org>
Date: Sat, 28 Jan 2023 14:31:12 +0100
Subject: [PATCH] Updated README

---
 README.md | 37 ++++++++++++++++++++++++++++++++++++-
 1 file changed, 36 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 9593ae6..03a61e1 100644
--- a/README.md
+++ b/README.md
@@ -1 +1,36 @@
-# docker-ssh-jumphost
\ No newline at end of file
+# docker-ssh-jumphost
+
+Dockerfile for building an image that runs an OpenSSH server that's configured to act as a ProxJump host only.
+
+The server listens on püort 2222. The only user that is able ta connect is _bastion_. It is not possible to get a terminal on the host. It is only suitable to ProxyJump to other hosts.
+
+At the first startup the host SSH keys will be created in _/config_ as well as an _authorized_keys_ file.
+
+Just build the image, define a volume oder bindmount for _/config_ and add your public key the _authorized_keys_ file.
+
+Expose port 2222 and you can connect as user _bastion_ with your defined private key.
+
+## Sample config for _docker-compose_
+
+```yml
+version: "3"
+
+services:
+  ssh-jumphost:
+    container_name: ssh-jumphost
+    build:
+      context: https://github.com/chrisb86/docker-ssh-jumphost.git
+    volumes:
+      - ./config:/config
+    ports:
+      - 2222:2222
+    tmpfs:
+      - /tmp
+      - /run
+      - /var/tmp
+    read_only: true
+```
+
+In this example the whole conntainer is readonly and directories that have to be writable are mounted with tmpfs.
+
+Just create the _docker-compose.yml_ run `docker-compose up -d --build`and you're done.
\ No newline at end of file