docs: update README

mbologna · mbologna · commit f41990e99a5c · 2026-01-16T17:46:48.000+01:00
diff --git a/README.md b/README.md
@@ -1,81 +1,265 @@
-# BitlBee with additional plugins in a container
+# BitlBee Docker Container
 
-![Docker](https://img.shields.io/docker/pulls/mbologna/docker-bitlbee)
-![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/mbologna/docker-bitlbee/build-scan-push.yml?branch=master)
+[![Docker Pulls](https://img.shields.io/docker/pulls/mbologna/docker-bitlbee)](https://hub.docker.com/r/mbologna/docker-bitlbee)
+[![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/mbologna/docker-bitlbee/build-scan-push.yml?branch=master)](https://github.com/mbologna/docker-bitlbee/actions)
+[![Docker Image Size](https://img.shields.io/docker/image-size/mbologna/docker-bitlbee/latest)](https://hub.docker.com/r/mbologna/docker-bitlbee)
+[![License](https://img.shields.io/github/license/mbologna/docker-bitlbee)](LICENSE)
 
-This repository provides a Docker-based setup for running [Bitlbee](https://www.bitlbee.org/) with additional plugins for extended functionality and an optional [Stunnel](https://www.stunnel.org/) service to enable secure IRC communications over TLS.
+A Docker container for [BitlBee](https://www.bitlbee.org/) - the IRC gateway to instant messaging networks. This container includes extensive plugin support and optional TLS encryption via Stunnel.
 
-## Features
+## ✨ Features
 
-- **[Bitlbee](https://www.bitlbee.org)**: A popular gateway that connects instant messaging services with IRC. In addition to the [Bitlbee's out of the box supported protocols](https://wiki.bitlbee.org/), these are the pre-installed plugins:
-    - Discord via [purple-discord](https://github.com/EionRobb/purple-discord)
-    - Matrix via [purple-matrix](https://github.com/matrix-org/purple-matrix)
-    - Microsoft Teams via [teams](https://github.com/EionRobb/purple-teams)
-    - Slack via [slack-libpurple](https://github.com/dylex/slack-libpurple)
-    - Facebook (MQTT) via [bitlbee-facebook](https://github.com/bitlbee/bitlbee-facebook)
-    - Telegram via [tdlib-purple](https://github.com/BenWiederhake/)
-    - WhatsApp via [purple-gowhatsapp](https://github.com/hoehermann/purple-gowhatsapp)
-- **[Stunnel](https://www.stunnel.org/)**: Adds TLS encryption for secure IRC connections.
-- Multi-architecture support: builds for `linux/amd64` and `linux/arm64`.
-- Kubernetes resources included for deployment in containerized environments.
-- Linting and security scans integrated into CI/CD workflows.
+### Core Components
 
-## Quick Start
+- **[BitlBee](https://www.bitlbee.org)** - IRC gateway for instant messaging
+- **[Stunnel](https://www.stunnel.org/)** - TLS/SSL encryption wrapper (optional)
 
-### Requirements
+### Supported Protocols
 
-* `/var/lib/bitlbee` must be writable by UID `<bitlbee_uid>`
+In addition to BitlBee's [built-in protocols](https://wiki.bitlbee.org/) (Jabber/XMPP, Oscar/AIM, MSN, Twitter, etc.), this container includes:
 
-### Docker
+| Protocol | Plugin | Repository |
+|----------|--------|------------|
+| Discord | purple-discord | [EionRobb/purple-discord](https://github.com/EionRobb/purple-discord) |
+| Matrix | purple-matrix | [matrix-org/purple-matrix](https://github.com/matrix-org/purple-matrix) |
+| Microsoft Teams | purple-teams | [EionRobb/purple-teams](https://github.com/EionRobb/purple-teams) |
+| Slack | slack-libpurple | [dylex/slack-libpurple](https://github.com/dylex/slack-libpurple) |
+| Facebook (MQTT) | bitlbee-facebook | [bitlbee/bitlbee-facebook](https://github.com/bitlbee/bitlbee-facebook) |
+| Telegram | tdlib-purple | [BenWiederhake/tdlib-purple](https://github.com/BenWiederhake/tdlib-purple) |
+| WhatsApp | purple-whatsmeow | [hoehermann/purple-gowhatsapp](https://github.com/hoehermann/purple-gowhatsapp) |
 
-```
+### Technical Features
+
+- 🏗️ Multi-architecture support: `linux/amd64`, `linux/arm64`
+- 🔒 Security-hardened with minimal capabilities
+- 📊 Health checks and monitoring ready
+- 🚀 Optimized build with layer caching
+- 📦 SBOM and provenance attestations
+- 🔍 Automated vulnerability scanning
+- ☸️ Kubernetes manifests included
+
+## 🚀 Quick Start
+
+### Prerequisites
+
+- Docker 20.10+ or Podman 3.0+
+- docker-compose or podman-compose (optional, for orchestration)
+
+### Option 1: Docker Run
+
+```bash
+# Create a volume for persistent data
 docker volume create bitlbee-data
-docker run \
+
+# Run BitlBee
+docker run -d \
+  --name bitlbee \
   --user $(id -u):$(id -g) \
+  -p 6667:6667 \
   -v bitlbee-data:/var/lib/bitlbee \
-  docker-bitlbee
+  mbologna/docker-bitlbee:latest
 ```
 
-### Running Locally with Podman or Docker Compose
+### Option 2: Docker Compose (Recommended)
 
-1. Clone this repository:
+1. **Clone the repository:**
    ```bash
    git clone https://github.com/mbologna/docker-bitlbee.git
    cd docker-bitlbee
+   ```
+
+2. **Create environment file:**
+   ```bash
+   cp .env.example .env
+   # Edit .env with your preferred settings
+   ```
+
+3. **Start the services:**
+   ```bash
+   docker-compose up -d
+   ```
+
+4. **Access BitlBee:**
+   - Plain IRC: `localhost:6667`
+   - TLS/SSL (via Stunnel): `localhost:16697`
+
+### Option 3: Podman
+
+```bash
+# Using podman-compose
+podman-compose up -d
 
-2. Build and run the containers:
+# Or with podman directly
+podman run -d \
+  --name bitlbee \
+  --user $(id -u):$(id -g) \
+  -p 6667:6667 \
+  -v bitlbee-data:/var/lib/bitlbee \
+  docker.io/mbologna/docker-bitlbee:latest
+```
+
+## ⚙️ Configuration
 
-    ```
-    podman-compose up --build
-    ```
+### Environment Variables
 
-    If you're using Docker:
-    ```
-    docker-compose up --build
-    ```
+Configure the container using a `.env` file or environment variables:
 
-3. Access the Bitlbee service on port 6667 and the Stunnel service on port 16697.
+| Variable | Default | Description |
+|----------|---------|-------------|
+| `UID` | `1000` | User ID for file permissions |
+| `GID` | `1000` | Group ID for file permissions |
+| `BITLBEE_PORT` | `6667` | BitlBee IRC port |
+| `STUNNEL_PORT` | `16697` | Stunnel TLS port |
+| `TZ` | `UTC` | Timezone |
 
-#### Environment Variables
+**Example `.env` file:**
+```env
+UID=1000
+GID=1000
+BITLBEE_PORT=6667
+STUNNEL_PORT=16697
+TZ=Europe/Rome
+```
 
-`UID` and `GID`: Set these to match your local user for proper volume permissions.
+### Volume Mounts
 
-#### Persistent Data
+The container uses `/var/lib/bitlbee` for persistent data:
+- User accounts
+- Configuration files
+- Plugin settings
 
-The `data/` directory is mounted as a volume to store Bitlbee configurations and data. Ensure it is backed up for persistent setups.
+**Important:** Ensure the volume is writable by the user specified in `UID:GID`.
 
-### Kubernetes Deployment
+### Custom Configuration
 
-Kubernetes manifests for deploying Bitlbee and Stunnel are located in the `k8s/` directory.
+To use a custom BitlBee configuration:
 
-1. Apply the manifests:
+```bash
+# Create your config
+mkdir -p ./data
+# Place your bitlbee.conf in ./data
 
+# Mount it
+docker run -d \
+  --name bitlbee \
+  -v $(pwd)/data:/var/lib/bitlbee \
+  mbologna/docker-bitlbee:latest
 ```
-kubectl apply -f k8s/
+
+## 🔐 Security
+
+### TLS/SSL Encryption
+
+The included Stunnel service provides encrypted IRC connections:
+
+```bash
+# Connect with SSL-enabled IRC client
+/server localhost 16697 -ssl
 ```
 
-Verify deployment:
+### Security Features
+
+- ✅ Runs as non-root user
+- ✅ Minimal Linux capabilities
+- ✅ `no-new-privileges` security option
+- ✅ Regular vulnerability scanning
+- ✅ SBOM generation for supply chain security
+
+### Health Checks
+
+Built-in health checks monitor service availability:
+
+```bash
+# Check container health
+docker inspect bitlbee --format='{{.State.Health.Status}}'
+
+# View health check logs
+docker inspect bitlbee --format='{{json .State.Health}}' | jq
 ```
+
+## 📊 Monitoring
+
+### Logs
+
+```bash
+# View logs
+docker-compose logs -f bitlbee
+
+# Follow specific service
+docker-compose logs -f stunnel
+```
+
+### Resource Usage
+
+```bash
+# Check resource consumption
+docker stats bitlbee bitlbee-stunnel
+```
+
+## 🎮 Using BitlBee
+
+### First-Time Setup
+
+1. **Connect to BitlBee:**
+   ```
+   /server localhost 6667
+   ```
+
+2. **Register your account:**
+   ```
+   register <password>
+   ```
+
+3. **Add an account (example: Discord):**
+   ```
+   account add discord <email> <password>
+   account discord on
+   ```
+
+4. **Save configuration:**
+   ```
+   save
+   ```
+
+### Useful Commands
+
+```irc
+# List available protocols
+account list
+
+# Add account
+account add <protocol> <username> <password>
+
+# Enable account
+account <id> on
+
+# Join channels
+chat add <account> <channel>
+
+# Get help
+help
+help account
+```
+
+### Protocol-Specific Setup
+
+Refer to the individual plugin documentation:
+- [Discord setup](https://github.com/EionRobb/purple-discord/wiki)
+- [Matrix setup](https://github.com/matrix-org/purple-matrix/blob/master/README.md)
+- [Teams setup](https://github.com/EionRobb/purple-teams#usage)
+- [WhatsApp setup](https://github.com/hoehermann/purple-gowhatsapp/wiki)
+
+## ☸️ Kubernetes Deployment
+
+Kubernetes manifests are available in the `k8s/` directory:
+
+```bash
+# Deploy to Kubernetes
+kubectl apply -f k8s/
+
+# Check deployment
 kubectl get pods -n bitlbee
+
+# Access logs
+kubectl logs -n bitlbee -l app=bitlbee -f
 ```
-Expose the service as needed (e.g., via `NodePort` or `Ingress`).
