Update README.md

README.md

@@ -2,6 +2,8 @@
 
 A FastAPI-based web application that manages Matrix account registration requests for homeservers that do not offer SMTP authentication (like conduwuit). It provides a registration token to users via email, with automatic token rotation and various safety features.
 
+Currently in use for the [We2.ee](https://we2.ee/about) homeserver, at [join.we2.ee](https://join.we2.ee)
+
 ## Features
 
 - Daily rotating registration tokens
@@ -45,10 +47,10 @@ The `config.yaml` file supports these options:
 ```yaml
 port: 6626
 homeserver: "your.server"
-token_reset_time_utc: 0        # 24-hour format (e.g., 0 = 00:00 UTC)
+token_reset_time_utc: 0          # 24-hour format (e.g., 0 = 00:00 UTC)
-downtime_before_token_reset: 30 # minutes
+downtime_before_token_reset: 30  # minutes
-email_cooldown: 3600           # seconds between requests per email
+email_cooldown: 3600             # seconds between requests per email
-multiple_users_per_email: false # allow multiple accounts per email?
+multiple_users_per_email: false  # allow multiple accounts per email?
 
 smtp:
   host: "smtp.example.com"
@@ -64,32 +66,51 @@ Add this to your crontab to rotate the registration token daily at 00:00 UTC:
 
 ```bash
 # Edit crontab with: crontab -e
-0 0 * * * openssl rand -base64 32 | tr -d '/+=' | head -c 32 > /path/to/your/.registration_token
+0 0 * * * openssl rand -base64 32 | tr -d '/+=' | head -c 32 > /path/to/hand_of_morpheus/.registration_token
 ```
 
 ## Running the Server
 
-Development:
 ```bash
 python registration.py
 ```
 
-Production:
+Consider running in a `tmux` session, or creating a system service for it.
-```bash
-uvicorn registration:app --host 0.0.0.0 --port 6626
-```
 
 ## Security Features
 
 - **IP Banning**: Add IPs to `banned_ips.txt`, one per line
 - **Email Banning**: Add emails to `banned_emails.txt`, one per line
-- **Username Patterns**: Add regex patterns to `banned_usernames.txt`, one per line
+- **Username Patterns**: Add regex patterns to `banned_usernames.txt`, one per line; consider including the anti-CSAM entries in `example-banned_usernames.txt` as a starting point
 - **Registration Tracking**: All requests are logged to `registrations.json`
 
-
 ## Security Notes
 
 - Place behind a reverse proxy with HTTPS
 - Consider placing the registration token file outside web root
 - Regularly backup `registrations.json`
 - Monitor logs for abuse patterns
+
+## Example Conduwuit docker run command
+
+```bash
+docker run -d \
+  -p 127.0.0.1:8448:6167 \
+  -v db:/var/lib/conduwuit/ \
+  -v /path/to/.registration_token:/registration_token:ro \
+  -e CONDUWUIT_SERVER_NAME="your.domain" \
+  -e CONDUWUIT_DATABASE_PATH="/var/lib/conduwuit/conduwuit.db" \
+  -e CONDUWUIT_DATABASE_BACKUP_PATH="/var/lib/conduwuit/backup" \
+  -e CONDUWUIT_ALLOW_REGISTRATION=true \
+  -e CONDUWUIT_REGISTRATION_TOKEN_FILE="/registration_token" \
+  -e CONDUWUIT_PORT=6167 \
+  -e CONDUWUIT_ADDRESS="0.0.0.0" \
+  -e CONDUWUIT_NEW_USER_DISPLAYNAME_SUFFIX="" \
+  -e CONDUWUIT_ALLOW_PUBLIC_ROOM_DIRECTORY_OVER_FEDERATION=true \
+  -e CONDUWUIT_ALLOW_PUBLIC_ROOM_DIRECTORY_WITHOUT_AUTH=true \
+  -e CONDUWUIT_ALLOW_FEDERATION=true \
+  -e CONDUWUIT_AUTO_JOIN_ROOMS='["#community:your.domain","#welcome:your.domain"]' \
+  --name conduwuit \
+  --restart unless-stopped \
+  ghcr.io/girlbossceo/conduwuit:v0.5.0-rc2-e5049cae4a3890dc5f61ead53281f23b36bf4c97
+  ```