diff --git a/README.md b/README.md
index 0761e63..305c0e8 100644
--- a/README.md
+++ b/README.md
@@ -26,6 +26,9 @@
* [wireguard](wireguard/) - the one and only VPN to ever consider
* [arch_linux_host_install](arch_linux_host_install)
+Check also [StarWhiz / docker_deployment_notes](https://github.com/StarWhiz/docker_deployment_notes/blob/master/README.md)
+Who documents self hosted apps in similar format and also uses caddy for reverse proxy
+
# How to self host various services
You do need to have **basic linux and basic docker-compose knowledge**,
@@ -159,7 +162,7 @@ as likely your distro does not have it in repos. If you use arch, like I do, its
### other guides
-* [StarWhiz/docker_deployment_notes](https://github.com/StarWhiz/docker_deployment_notes/blob/master/README.md)
+* [StarWhiz/docker_deployment_notes](https://github.com/StarWhiz/docker_deployment_notes)
- got inspired and wrote in similar way setup for various services
* [BaptisteBdn/docker-selfhosted-apps](https://github.com/BaptisteBdn/docker-selfhosted-apps)
- many services using traefik for reverse proxy
diff --git a/jellyfin/readme.md b/jellyfin/readme.md
index 68f83d2..9ce9381 100644
--- a/jellyfin/readme.md
+++ b/jellyfin/readme.md
@@ -150,7 +150,7 @@ jellyfin.{$MY_DOMAIN} {
WantedBy=multi-user.target
```
- to automount on boot - `sudo systemctl start mnt-bigdisk.automount`
+ to automount on boot - `sudo systemctl enable mnt-bigdisk.automount`
# Troubleshooting
diff --git a/meshcrentral/readme.md b/meshcrentral/readme.md
new file mode 100644
index 0000000..fcdcb44
--- /dev/null
+++ b/meshcrentral/readme.md
@@ -0,0 +1,193 @@
+# Meshcentral in docker
+
+###### guide-by-example
+
+![logo](https://i.imgur.com/aqBSYbu.png)
+
+# Purpose & Overview
+
+Powerful remote desktop toolset.
+
+* [Official site](https://www.meshcommander.com/meshcentral2)
+* [Github](https://github.com/Ylianst/MeshCentral)
+* [unofficial DockerHub](https://hub.docker.com/r/typhonragewind/meshcentral)
+
+Web based, can be a replacement for TeamViewer or Anydesk.
+The server is written in javascript, running in node.js runtime.
+The client application is written mostly in C runnig Duktape javascript engine.
+
+The architecture is relatively simple.
+
+* a server is running online, with ports 80/443 open
+* clients can visit the servers web and from it install Mesh Agent
+ which allows full control of the device straight from servers webpage
+
+For database the server uses a build in neDB, which should be enough for
+less than 100 clients deployments. Or MongoDB can be deployed for better
+performance and robustness but added complexity.
+
+---
+
+
+![interface-pic](https://i.imgur.com/0egkM4J.png)
+
+# Files and directory structure
+
+```
+/home/
+└── ~/
+ └── docker/
+ └── meshcentral/
+ ├── data/
+ ├── meshcentral/
+ ├── .env
+ └── docker-compose.yml
+```
+
+* `data/` - persistent data for the MongoDB database
+* `meshcentral/` - web app persistent data
+* `.env` - a file containing environment variables for docker compose
+* `docker-compose.yml` - a docker compose file, telling docker how to run the containers
+
+You only need to provide the two files.
+The directories are created by docker compose on the first run.
+
+# docker-compose
+
+There is no official docker image.
+So [This one is used.](https://github.com/Typhonragewind/meshcentral-docker)
+
+Going with the more robust MongoDB version.
+
+`docker-compose.yml`
+```yml
+services:
+ meshcentral_db:
+ image: mongo:latest
+ container_name: meshcentral_db
+ hostname: meshcentral_db
+ restart: unless-stopped
+ expose:
+ - 27017
+ volumes:
+ - ./meshcentral_db:/data/db
+ meshcentral:
+ image: typhonragewind/meshcentral:mongodb
+ container_name: meshcentral
+ hostname: meshcentral
+ restart: unless-stopped
+ env_file: .env
+ depends_on:
+ - meshcentral_db
+ volumes:
+ - ./meshcentral/data:/opt/meshcentral/meshcentral-data
+ - ./meshcentral/user_files:/opt/meshcentral/meshcentral-files
+
+networks:
+ default:
+ name: $DOCKER_MY_NETWORK
+ external: true
+```
+
+`.env`
+```bash
+# GENERAL
+MY_DOMAIN=example.com
+DOCKER_MY_NETWORK=caddy_net
+TZ=Europe/Bratislava
+
+# RUSTDESK
+HOSTNAME=mesh.example.com
+REVERSE_PROXY=10 #set to your reverse proxy IP
+REVERSE_PROXY_TLS_PORT=443
+IFRAME=false #set to true if you wish to enable iframe support
+ALLOW_NEW_ACCOUNTS=false
+WEBRTC=false #set to true to enable WebRTC - per documentation it is not officially released with meshcentral, but is solid enough to work with. Use with caution
+NODE_ENV=production
+```
+
+# Port forwarding
+
+as can be seen in the compose
+
+* **21115 - 21119** TCP need to be forwarded to docker host
+* **21116** is TCP and UDP
+
+21115 is used for the NAT type test,
+21116/UDP is used for the ID registration and heartbeat service,
+21116/TCP is used for TCP hole punching and connection service,
+21117 is used for the Relay services,
+and 21118 and 21119 are used to support web clients.
+
+[source](https://rustdesk.com/docs/en/self-host/install/)
+
+---
+
+![interface-pic](https://i.imgur.com/CK6pRyq.png)
+
+# The usage on clients
+
+
+* download and install the client apps from [the official site](https://rustdesk.com/)
+* three dots near ID > ID/Relay Server > ID Server: rust.example.com > OK
+* the green dot at the bottom should stay green saying "ready"
+* done
+* in the docker server logs you should see machines public IP and ID code it was given
+
+# Encrypted use
+
+![settings-pic](https://i.imgur.com/6mKkSuh.png)
+
+For encrypted communication and to prevent undesirables access to the server
+
+* the encryption public key is on the docker host:
+ `~/docker/rustdesk/data/id_ed25519.pub`
+* you can manually add it to any client application
+ three dots near ID > ID/Relay Server > Key: 3AVva64bn1ea2vsDuOuQH3i8+2M=
+* to only allow clients with the key on server:
+ in the env_file set `ENCRYPTED_ONLY=1` and down/up the compose.
+
+[On windows](https://rustdesk.com/docs/en/self-host/install/#put-config-in-rustdeskexe-file-name-windows-only)
+one can deploy client with these settings pre-set by renaming
+the installation file to: `rustdesk-host=,key=.exe`
+
+example: `rustdesk-host=rust.example.com,key=3AVva64bn1ea2vsDuOuQH3i8+2M=.exe`
+
+If by chance the public key contains symbols not usable in windows filenames,
+down the container, delete the files `id_ed25519` and `id_ed25519.pub`,
+up the container
+
+# Trouble shooting
+
+From what I read, most client side issues come from two differently set rustdesk
+client applications running on the same machine.
+
+Uninstall/remove all, plus delete:
+
+* `C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\RustDesk`
+* `%AppData%\RustDesk`
+
+restart and do fresh client install
+
+# Update
+
+Manual image update:
+
+- `docker-compose pull`
+- `docker-compose up -d`
+- `docker image prune`
+
+# Backup and restore
+
+#### Backup
+
+Using [borg](https://github.com/DoTheEvo/selfhosted-apps-docker/tree/master/borg_backup)
+that makes daily snapshot of the entire directory.
+
+#### Restore
+
+* down the bookstack containers `docker-compose down`
+* delete the entire bookstack directory
+* from the backup copy back the bookstack directory
+* start the containers `docker-compose up -d`
+
diff --git a/rustdesk/readme.md b/rustdesk/readme.md
index d724fd5..b35b50f 100644
--- a/rustdesk/readme.md
+++ b/rustdesk/readme.md
@@ -18,6 +18,16 @@ and lets you host all the infrastructure for it to function.
Written in rust(gasp), with Dart and Flutter framework for client side.
+The architecture is relatively simple.
+
+* run server reachable online
+* install clients on PCs you want to connect from/to
+
+Server sits online and clients register with it when installed/run.
+Thanks to keeping communication with the server open, they are able to punch
+a hole in NAT and so a connection can be initialized from the outside
+without the need for opening of ports.
+
---