diff --git a/README.md b/README.md
new file mode 100644
index 0000000..aa3610e
--- /dev/null
+++ b/README.md
@@ -0,0 +1,34 @@
+## ldap_forwardauth
+
+LDAP Forward Auth is a forward auth service (shocking) that i made to use with the caddy reverse proxy.
+
+It allows a proxied login page to appear if a user tries to access restricted content while not logged in.
+
+It uses LDAP for authentication, which can be configured in the conf/ldap/ldap.env file.
+
+```
+# the following is all the ldap credentials for a ldap bind dn auth setup
+# this does not support ldap simple auth
+LDAP_URL=
+LDAP_BIND_DN=
+LDAP_BIND_PASSWORD=
+LDAP_BASE_DN=
+LDAP_FILTER="(&)"
+LDAP_UID="cn"
+
+# the host that the forward auth is hosted at
+# if the user is not logged in they will be redirected here
+HTTP_HOST=auth.example.com
+
+# the base domain for all websites that are being authed checked including the forward auth itself.
+# they all need to have a common root domain otherwise the X-LDAP-Auth-Key cookie cannot be set.
+COOKIE_DOMAIN=example.com
+```
+
+Once authenticated, sets the X-Webauth-User header, which can be used by applications to see who is logged in.
+
+### how to run
+
+'''
+docker compose up -d
+'''
diff --git a/src/public/bg.jpg b/src/public/bg.jpg
index 98ef823..6f8314a 100644
Binary files a/src/public/bg.jpg and b/src/public/bg.jpg differ
diff --git a/src/public/main.css b/src/public/main.css
index 058a49e..51dfb4d 100644
--- a/src/public/main.css
+++ b/src/public/main.css
@@ -16,10 +16,8 @@ html, body {
 body {
 	display: flex;
 	justify-content: center;
-	background: #898989;
-	background-image: url('./bg.jpg');
-	background-size: 100%;
-	background-position: 50% 50%;
+	background: url('./bg.jpg')
+		50% 50%/cover no-repeat fixed;
 	color: #fff;
 	font-family: "Open Sans", Helvetica, Arial, sans-serif;
 	font-weight: 100;