Update documentation

1 files changed, 20 insertions, 4 deletions

diff --git a/doc/src/setup.md b/doc/src/setup.md
index 66a1b7e..f954ae3 100644
--- a/doc/src/setup.md
+++ b/doc/src/setup.md
@@ -8,10 +8,14 @@ cargo run -- first-login \
   --k2v-endpoint http://127.0.0.1:3904 \
   --s3-endpoint http://127.0.0.1:3900 \
   --aws-access-key-id GK... \
-  --aws-secret-access-key c0ffee... --bucket mailrage-me \
+  --aws-secret-access-key c0ffee... \
+  --bucket mailrage-me \
   --user-secret s3cr3t
 ```
 
+*Note: user-secret is not the user's password. It is an additional secret used when deriving user's secret key from their password. The idea is that, even if user leaks their password, their encrypted data remain safe as long as this additional secret does not leak. You can generate it with openssl for example: `openssl rand -base64 30`. Read [Cryptography & key management](./crypt-key.md) for more details.*
+
+
 The program will interactively ask you some questions and finally generates for you a snippet of configuration:
 
 ```
@@ -39,12 +43,24 @@ s3_endpoint = "http://127.0.0.1:3900"
 k2v_endpoint = "http://127.0.0.1:3904"
 aws_region = "garage"
 
+[lmtp]
+bind_addr = "[::1]:12024"
+hostname = "aerogramme.tld"
+
+[imap]
+bind_addr = "[::1]:1993"
+
 [login_static]
 default_bucket = "mailrage"
+
 [login_static.users.me]
 bucket = "mailrage-me"
 user_secret = "s3cr3t"
-alternate_user_secrets = []
+email_addresses = [
+  "me@aerogramme.tld"
+]
+
+# copy pasted values from first-login
 password = "$argon2id$v=19$m=4096,t=3,p=1$..."
 aws_access_key_id = "GK..."
 aws_secret_access_key = "c0ffee..."
@@ -58,8 +74,8 @@ cargo run -- show-keys \
   --k2v-endpoint http://127.0.0.1:3904 \
   --s3-endpoint http://127.0.0.1:3900 \
   --aws-access-key-id GK... \
-   --aws-secret-access-key c0ffee... \
-  --bucket mailrage-me 
+  --aws-secret-access-key c0ffee... \
+  --bucket mailrage-me \
   --user-secret s3cr3t
 ```