diff --git a/README.md b/README.md
index 54e06fa..af501ed 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,26 @@
 # mailman-podman-setup
 
-Mailman 3 setup using Podman Quadlets
\ No newline at end of file
+Mailman 3 setup using Podman Quadlets. Containers are supposed to run in rootless mode.
+# requirements
+- *Podman* version 4 or later
+- *pwgen* to generate random secrets
+- an unprivileged user account to run the containers. A separate account (i.e. _mailman_ is not required, but recommended.)
+# installation
+1. Switch to the user account you want to use to run Mailman.
+1. In the user account's home directory, create the directory where the Systemd generator looks for quadlets.
+
+        $ mkdir -p ~mailman/.config/containers/systemd
+1. Then copy the files from the *mailman/* subdirectory in this repository into the quadlet directory:
+
+        $ cp mailman/* ~mailman/.config/containers/systemd/
+ 1. Now we have to generate some secrets which the various components use to talk to each other:
+
+        $ pwgen -1 32 | | podman secret create HYPERKITTY_API_KEY       -
+        $ pwgen -1 32 | podman secret create MAILMAN_REST_PASSWORD    -
+        $ pwgen -1 32 | podman secret create MAILMAN_WEB_SECRET_KEY   -
+1. Next adapt the environment variable definitions in mailman-core.container and mailman-web.container to your needs. You may want to customize at least the variable *SERVE_FROM_DOMAIN*, which is set to lists.example.com by default.
+1. Finally run ```$ systemctl --user daemon-reload``` to trigger the systemd unit generator and start the services:
+        $ systemctl --user start mailman-core mailman-web
+1. By default Systemd launches user services only when the user logs in. To create a user session when the system boots, enable the automatic user session creation on boot with the following command as root:
+
+        # loginctl enable-linger mailman