Update README with config instructions

1 files changed, 40 insertions, 0 deletions

diff --git a/README b/README
index fd21b21..b66db63 100644
--- a/README
+++ b/README
@@ -9,6 +9,46 @@ distixapi is (or will be) an HTTP based RESTful API to a distix ticket
 repository, on top of which an interactive web application for
 reading, managing tickets can be built.
 
+distixapi is pre-ALPHA quality at this time. The only API endpoint
+that works is `/version`.
+
+
+Setup/installation
+-----------------------------------------------------------------------------
+
+Install from a Debian package, or start from the command line:
+
+    ./distix-backend --port=8080 --log distix-backend.log --user-file=users.yaml
+
+API users are listed in the "users file", which is in YAML and lookd
+like this:
+
+    users:
+        liw:
+            salt: nacl
+            password: ....
+            scopes: [get, put]
+
+Above, "liw" is the name of the user, "salt" is a random string for
+"salting" the password for that user (should be long and different for
+each user), "password" is the encrypted password, and "scopes" should
+be the HTTP methods the user is allowed to use (one or both of get and
+put).
+
+The password encryption can be done with the `distixapi-encpw`
+utility:
+
+    ./distixapi-encpw nacl:clrtxtpw
+
+Here, "nacl" is the salt and should be the same as the salt in the
+users file. "clrtxtpw" is the password in cleartext. The output is the
+encrypted password.
+
+If installed from a Debian package, the users file is in
+`/etc/distix-backend/users.yaml`, unless the default configuration
+file has been changed. If you change the users file, you need to
+restart the server.
+
 
 Hacking
 -----------------------------------------------------------------------------