From b5998954abe9ef48398ead9f04cbbc330c39ca42 Mon Sep 17 00:00:00 2001
From: John Lancaster <32917998+jsl12@users.noreply.github.com>
Date: Sun, 28 Dec 2025 18:21:11 -0600
Subject: [PATCH] more notes

---
 README.md | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/README.md b/README.md
index a8a266b..d17d028 100644
--- a/README.md
+++ b/README.md
@@ -16,6 +16,11 @@ Connect solely through wireguard to `192.168.1.142` and serve the REST server wi
 
 ## Restic Repos
 
+`/etc/fstab` entry:
+```
+john-nas:/volume1/restic  /mnt/nfs/restic  nfs  nofail,_netdev,x-systemd.automount,x-systemd.idle-timeout=600,timeo=14,retrans=3,hard,tcp,nfsvers=3  0  0
+```
+
 Mounted using a bind mount point in the LXC.
 
 https://pve.proxmox.com/wiki/Linux_Container#_bind_mount_points
@@ -40,8 +45,34 @@ Check the resultant certificate:
 openssl x509 -noout -subject -issuer -ext extendedKeyUsage -ext subjectAltName -in certs/soteria.crt
 ```
 
+Set up renewal
+
+```bash
+sudo ./scripts/install_services.sh
+```
+
+Test renewal
+
+```
+systemctl start cert-renewer.service && \
+systemctl status cert-renewer.service --no-pager && \
+
+```
+
 ## Clients
 
+To set up a client, run the following command. It will prompt for the provisioner password and the repository name.
+
+```bash
+curl -sL https://gitea.john-stream.com/john/soteria/raw/branch/main/scripts/setup_client.sh | bash
+```
+
+```bash
+curl -sL https://gitea.john-stream.com/john/soteria/raw/branch/main/scripts/check_status.sh | bash
+```
+
+### Manual Setup
+
 Set up provisioner password by running this and pasting in the current JWK provisioner password for `admin`
 
 ```