diff --git a/.env.sample b/.env.sample
index 0ea4d36..72c37c8 100644
--- a/.env.sample
+++ b/.env.sample
@@ -6,6 +6,7 @@ REGISTRY_DOMAIN=registry.gitlab.example.com
 # The Gitlab Pages domain must not be a subdomain of the main Gitlab domain
 PAGES_DOMAIN=pages.example.com
 
+# Prevent public signups
 POST_DEPLOY_CMDS=disable_signups
 
 ## Domain aliases
@@ -26,4 +27,4 @@ SSO=false
 # ORG_NAME="My Organization"
 # SSO_PROVIDER_URL="https://authentik.mydomain.com/application/o/gitlab/"
 # SSO_PROVIDER_ID="your authentik Client ID"
-# SECRET_SSO_PROVIDER_SECRET_VERSION=v1
+# SECRET_SSO_PROVIDER_SECRET_VERSION=v1
\ No newline at end of file
diff --git a/README.md b/README.md
index f328d49..19c5bba 100644
--- a/README.md
+++ b/README.md
@@ -1,24 +1,36 @@
 # gitlab
 
-> One line description of the recipe
+> GitLab server, using GitLab omnibus
 
 <!-- metadata -->
 
 * **Category**: Apps
 * **Status**: 0
 * **Image**: [`gitlab`](https://hub.docker.com/r/gitlab), 4, upstream
-* **Healthcheck**: No
-* **Backups**: No
+* **Healthcheck**: Yes
+* **Backups**: Yes
 * **Email**: No
 * **Tests**: No
-* **SSO**: No
+* **SSO**: 1 (OAuth)
 
 <!-- endmetadata -->
 
 ## Quick start
 
-* `abra app new gitlab --secrets`
-* `abra app config <app-name>`
-* `abra app deploy <app-name>`
+- `abra app new gitlab --secrets`
+- `abra app config <app-name>`
+  - Set REGISTRY_DOMAIN to a domain that you want to use for the GitLab container registry (optional)
+  - Set PAGES_DOMAIN to a domain that you want to use for the GitLab Pages service. NOTE: This cannot be a subdomain of the domain GitLab is hosted under. (optional)
+  - Set GITLAB_ROOT_EMAIL to an appropriate email address
+- `abra app deploy <app-name>`
 
-For more, see [`docs.coopcloud.tech`](https://docs.coopcloud.tech).
+### SSO Configuration
+
+- Create a Provider and Application in Authentik: https://docs.goauthentik.io/integrations/services/gitlab/#openid-connect-auth
+    - Note the Provider ID and Secret
+- Run `abra app config <app-name>`
+    - Uncomment the Authentik Configuration config block
+    - Set `SSO_PROVIDER_ID` to the Authentik Provider ID
+- Run `abra app secret insert <app-name> sso_provider_secret v1 <Authentik Provider Secret>`
+
+For more, see [`docs.coopcloud.tech`](https://docs.coopcloud.tech).
\ No newline at end of file
diff --git a/compose.yml b/compose.yml
index 2c38cbe..b293696 100644
--- a/compose.yml
+++ b/compose.yml
@@ -43,7 +43,7 @@ services:
       - runner_token
       - sso_provider_secret
     healthcheck:
-      test: ["CMD", "curl", "-f", "http://localhost"]
+      test: ["CMD", "curl", "-f", "http://localhost/-/health"]
       interval: 30s
       timeout: 10s
       retries: 10