diff --git a/.gitignore b/.gitignore
index 4aee541..fa0f365 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,3 +5,4 @@
 /*.tgz
 /*.crt
 /*.key
+/.env
\ No newline at end of file
diff --git a/Caddyfile b/Caddyfile
index 2bfffb9..3b8263a 100644
--- a/Caddyfile
+++ b/Caddyfile
@@ -1,3 +1,3 @@
-mysite.com {
+{$TUNNEL_DOMAIN} {
   reverse_proxy h2tunnel:80
 }
\ No newline at end of file
diff --git a/Dockerfile b/Dockerfile
index de3d40a..7cd2582 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,2 +1,2 @@
 FROM node:22
-RUN npm install -g h2tunnel
+RUN npm install -g h2tunnel@0.0.1-alpha.3
diff --git a/README.md b/README.md
index 7f1ae2d..263ab9b 100644
--- a/README.md
+++ b/README.md
@@ -11,53 +11,65 @@ This is a peculiar workflow for web programmers that allows to expose their loca
 to the internet as a public address. Typically you would run your development server on some local port,
 then launch a daemon process that will tunnel your traffic to a reverse proxy with a public IP.
 
-## How it works
+## Usage
 
-## CLI
+### Forward localhost:8000 to example.com:80
 
-Generate `.key` and `.crt` files:
+Generate `.key` and `.crt` files. These will be used by both client and server to authenticate each other.
 
 ```bash
 openssl req -x509 -newkey ec -pkeyopt ec_paramgen_curve:secp384r1 -days 3650 -nodes -keyout h2tunnel.key -out h2tunnel.crt -subj "/CN=example.com"
 ```
 
-Local:
+On your server (example.com), we will be listening for tunnel connections on port 15001, and providing an HTTP proxy 
+on port 80. Make sure these are open in your firewall. `--mux-listen-port` can be any available port, it is necessary
+to run an HTTP2 multiplexer on localhost.
+
+```bash
+h2tunnel server --crt h2tunnel.crt --key h2tunnel.key --tunnel-listen-ip 0.0.0.0 --tunnel-listen-port 15001 --proxy-listen-port 80 --proxy-listen-ip 0.0.0.0 --mux-listen-port=15002
+````
+
+On your local machine, we will connect to the tunnel and forward a local HTTP server on port 8000. `--demux-listen-port`
+can be any available port, it is necessary to run an HTTP2 demultiplexer on localhost.
 
 ```bash
 python3 -m http.server # runs on port 8000
-h2tunnel client --tunnel-host=localhost --tunnel-port=15001 --local-http-port=8000 --demux-listen-port=15004
-# open browser http://localhost:15002
+h2tunnel client --key h2tunnel.key --crt h2tunnel.crt --tunnel-host=example.com --tunnel-port=15001 --local-http-port=8000 --demux-listen-port=15004
 ```
 
-Remote:
+### Forward localhost:8000 to example.com:443
 
-```bash
-h2tunnel server --tunnel-listen-port=15001 --remote-http-port=15002 --mux-listen-port=15003 --tunnel-listen-ip=127.0.0.1
-````
+This is the same as the previous example, but with an extra layer: a [Caddy](https://caddyserver.com/) reverse proxy
+that will auto-provision TLS certificates for your domain. This is useful if you want to expose an HTTPS server.
 
-## Testing
+The client command line is the same as before, but for the server we will use a docker compose setup.
 
-```bash
-npm run test
+Specify your domain in the `.env` file:
+
+```
+TUNNEL_DOMAIN=example.com
 ```
 
-# Releasing
+Push the necessary files to the server:
 
 ```bash
-npm run build && npm version prerelease --preid=alpha && npm publish
+scp Caddyfile .env Dockerfile docker-compose.yml h2tunnel.crt h2tunnel.key example.com:/home/myuser
 ```
 
-Client:
-
-## WIP IDEAS
+Start the server:
 
+```bash
+docker compose up 
 ```
-SEND_PORT=[int]
-SERVER_HOST=[ip_or_domain] # Note: domain relies on DNS
-SERVER_
-SERVER_CERT_WHITELIST=[base64],[base64],...
+
+## Testing
+
+```bash
+npm run test
 ```
 
-Alt name: portsend.js (with possible portsend.py etc. in the future)
+# Releasing
 
-https://github.com/nodejs/node/issues/46152
+```bash
+npm run build && npm version prerelease --preid=alpha && npm publish
+```
diff --git a/docker-compose.yml b/docker-compose.yml
index a3f12b2..4bf3c05 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -11,6 +11,8 @@ services:
       - "443:443/udp"
     depends_on:
       - h2tunnel
+    # Use this to provide TUNNEL_DOMAIN
+    env_file: .env
     volumes:
       - $PWD/Caddyfile:/etc/caddy/Caddyfile
       - /data
@@ -19,10 +21,13 @@ services:
     cap_add:
       - NET_ADMIN
     build: .
+    secrets:
+      - crt
+      - key
     ports:
       - "80" # for caddy
       - "15001:15001"
-    command: h2tunnel --crt=/run/secrets/crt --key=/run/secrets/key --tunnel-listen-ip=0.0.0.0 --tunnel-listen-port=15001 --proxy-listen-port=80 --proxy-listen-ip=0.0.0.0 --mux-listen-port=15002
+    command: h2tunnel server --crt=/run/secrets/crt --key=/run/secrets/key --tunnel-listen-ip=0.0.0.0 --tunnel-listen-port=15001 --proxy-listen-port=80 --proxy-listen-ip=0.0.0.0 --mux-listen-port=15002
 secrets:
   crt:
     file: ./h2tunnel.crt