diff --git a/docker-compose.yml b/docker-compose.yml
index 6585296a1..9b1c48042 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,5 +1,10 @@
+# Example Pomerium configuration.
+#
+# NOTE! Change IDP_* settings to match your identity provider settings!
+# NOTE! Generate new SHARED_SECRET and COOKIE_SECRET keys!
+# NOTE! Replace `corp.beyondperimeter.com` with whatever your domain is
+# NOTE! Make sure certificate files (cert.pem/privkey.pem) are in the same directory as this file
 version: "3"
-
 services:
   # NGINX routes to pomerium's services depending on the request.
   nginx-proxy:
@@ -21,6 +26,7 @@ services:
       - SERVICES=authenticator
       # auth settings
       - REDIRECT_URL=https://sso-auth.corp.beyondperimeter.com/oauth2/callback
+      # Identity Provider Settings (Must be changed!)
       - IDP_PROVIDER="google"
       - IDP_PROVIDER_URL=https://accounts.google.com
       - IDP_CLIENT_ID=851877082059-bfgkpj09noog7as3gpc3t7r6n9sjbgs6.apps.googleusercontent.com
@@ -83,6 +89,7 @@ services:
     image: kennethreitz/httpbin:latest
     expose:
       - 80
+  # Simple hello world
   # https://hello.corp.beyondperimeter.com
   hello-world:
     image: tutum/hello-world:latest
diff --git a/docs/guide/readme.md b/docs/guide/readme.md
index 273b6ab14..04d4e06a8 100644
--- a/docs/guide/readme.md
+++ b/docs/guide/readme.md
@@ -1,47 +1,24 @@
 # Quick start
 
-1.  [Download] pre-built binaries or build Pomerium from source.
-1.  Generate a wild-card certificate for a test domain like `corp.example.com`. For convenience, an included [script] can generate a free one using LetsEncrypt and [certbot].
 
-    Once complete, move the generated public and private keys (`cert.pem`/`privkey.pem`) next to the pomerium binary. Certificates can also be set as environmental variables or dynamically with a [KMS].
+## Using Docker
 
-1.  Next, set configure your [identity provider](./identity-providers.md) by generating an OAuth **Client ID** and **Client Secret** as well as setting a **Redirect URL** endpoint. The Redirect URL endpoint will be called by the identity provider following user authentication.
+1. Install [docker](https://docs.docker.com/install/).
+1. Install [docker-compose](https://docs.docker.com/compose/install/).
+1. Save Pomerium's example [`docker-compose.yml`]().
+1. Inspect the `docker-compose.yml` file. In addition to specifying Pomerium's configuration settings, and services, you'll see that there are other included services to give you a feel for how pomerium works. 
+1. Update the compose file with your [identity provider] settings. 
+1. Copy your subdomain's wild-card TLS certificate next to the compose file. See included [script] to generate one from LetsEncrypt.
+1. Run docker compose by runnig the command `$ docker-compose up`. 
+1. You should see something like the following in your terminal and in your browser when you navigate to https://hello.corp.beyondperimeter.com or https://httpbin.corp.beyondperimeter.com where "corp.beyondperimeter.com" is your subdomain.
 
-1.  Pomerium is configured using [environmental variables]. A minimal configuration is as follows.
+![Getting started](./get-started.gif)
 
-    ```bash
-    # file : env
-    # The URL that the identity provider will call back after authenticating the user
-    export REDIRECT_URL="https://sso-auth.corp.example.com/oauth2/callback"
-    # Generate 256 bit random keys  e.g. `head -c32 /dev/urandom | base64`
-    export SHARED_SECRET=REPLACE_ME
-    export COOKIE_SECRET=REPLACE_ME
-    # Allow users with emails from the following domain post-fix (e.g. example.com)
-    export ALLOWED_DOMAINS=*
-    ## Identity Provider Settings
-    export IDP_PROVIDER="google"
-    export IDP_PROVIDER_URL="https://accounts.google.com" # optional for google
-    export IDP_CLIENT_ID="YOU_GOT_THIS_FROM_STEP-3.apps.googleusercontent.com"
-    export IDP_CLIENT_SECRET="YOU_GOT_THIS_FROM_STEP-3"
-    # key/value list of simple routes.
-    export ROUTES='http.corp.example.com=httpbin.org'
-    ```
-
-    You can also view the [env.example] configuration file for a more comprehensive list of options.
-
-1.  For a first run, I suggest setting the debug flag which provides user friendly logging.
-
-        ```bash
-        source ./env
-        ./pomerium -debug
-        ```
-
-1.  You should now get the following when you try to access one of your `corp` routes.
-    ![Getting started](./get-started.gif)
+[![asciicast](https://asciinema.org/a/tfbSWkUZgMRxHAQDqmcjjNwUg.svg)](https://asciinema.org/a/tfbSWkUZgMRxHAQDqmcjjNwUg)
 
 [download]: https://github.com/pomerium/pomerium/releases
-[environmental variables]: https://12factor.net/config
-[env.example]: https://github.com/pomerium/pomerium/blob/master/env.example
 [kms]: https://en.wikipedia.org/wiki/Key_management
 [certbot]: https://certbot.eff.org/docs/install.html
 [script]: https://github.com/pomerium/pomerium/blob/master/scripts/generate_wildcard_cert.sh
+[source]: https://github.com/pomerium/pomerium#start-developing
+[identity provider]: ./identity-providers.md
\ No newline at end of file