diff --git a/conf/.env b/conf/.env
index 1683a66..ec28b10 100644
--- a/conf/.env
+++ b/conf/.env
@@ -1,32 +1,237 @@
-MICROBIN_ADMIN_USERNAME=__ADMIN__
-MICROBIN_ADMIN_PASSWORD=__PASSWORD__
-MICROBIN_PORT=__PORT__
-MICROBIN_BIND=127.0.0.1
-#MICROBIN_PUBLIC_PATH=https://__DOMAIN__
-#MICROBIN_SHORT_PATH=https://short.net
-MICROBIN_DATA_DIR=__DATA_DIR__
-MICROBIN_JSON_DB=false
-MICROBIN_EDITABLE=true
-MICROBIN_HIDE_HEADER=false
-MICROBIN_HIDE_FOOTER=true
-MICROBIN_HIDE_LOGO=false
-MICROBIN_NO_LISTING=false
-MICROBIN_READONLY=true
-MICROBIN_SHOW_READ_STATS=true
-MICROBIN_THREADS=1
-MICROBIN_GC_DAYS=90
-MICROBIN_WIDE=false
-MICROBIN_ETERNAL_PASTA=false
-MICROBIN_PRIVATE=true"
-MICROBIN_HIGHLIGHTSYNTAX=true
-MICROBIN_QR=true
-MICROBIN_ENABLE_BURN_AFTER=true
-MICROBIN_ENABLE_READONLY=true
-MICROBIN_DEFAULT_EXPIRY=24hour
-MICROBIN_NO_FILE_UPLOAD=false
-MICROBIN_HASH_IDS=false
-MICROBIN_ENCRYPTION_CLIENT_SIDE=true
-MICROBIN_ENCRYPTION_SERVER_SIDE=true
-MICROBIN_MAX_FILE_SIZE_ENCRYPTED_MB=256
-MICROBIN_MAX_FILE_SIZE_UNENCRYPTED_MB=2048
-MICROBIN_DISABLE_TELEMETRY=true
\ No newline at end of file
+# Require username for HTTP Basic Authentication when
+# visiting the service. If basic auth username is set but
+# basic auth password is not, just leave the password field
+# empty when logging in. You can also just go to
+# https://username:password@yourserver.net or
+# https://username@yourserver.net if password is not set
+# instead of typing into the password
+# Default value: unset
+# export MICROBIN_BASIC_AUTH_USERNAME=
+
+# Require password for HTTP Basic Authentication when
+# visiting the service. Will not have any affect unless
+# basic auth username is also set. If basic auth username is
+# set but basic auth password is not, just leave the
+# password field empty when logging in. You can also just go
+# to https://username:password@yourserver.net or
+# https://username@yourserver.net if password is not set
+# instead of typing into the password prompt.
+# Default value: unset
+# export MICROBIN_BASIC_AUTH_PASSWORD=
+
+# Enables administrator interface at yourserver.com/admin/
+# if set, disables it if unset. If admin username is set but
+# admin password is not, just leave the password field empty
+# when logging in. 
+# Default value: admin
+export MICROBIN_ADMIN_USERNAME=__ADMIN__
+
+# Enables administrator interface at yourserver.com/admin/
+# if set, disables it if unset. Will not have any affect
+# unless admin username is also set. If admin username is
+# set but admin password is not, just leave the password
+# field empty when logging in. 
+# Default value: m1cr0b1n
+export MICROBIN_ADMIN_PASSWORD=__PASSWORD__
+
+# Enables editable pastas. You will still be able to make
+# finalised pastas but there will be an extra checkbox to
+# make your new pasta editable from the pasta list or the
+# pasta view page.
+# Default value: 8080 
+export MICROBIN_EDITABLE=true
+
+# Replaces the default footer text with your own. If you
+# want to hide the footer, use the hide footer option instead.
+# Note that you can also embed HTML here, so you may want to escape 
+# '<', '>' and so on.
+# export MICROBIN_FOOTER_TEXT=
+
+# Hides the navigation bar on every page.
+# Default value: 8080 
+export MICROBIN_HIDE_HEADER=false
+
+# Hides the footer on every page.
+# Default value: 8080 
+export MICROBIN_HIDE_FOOTER=false
+
+# Hides the MicroBin logo from the navigation bar on every
+# page.
+# Default value: 8080 
+export MICROBIN_HIDE_LOGO=false
+
+# Disables the /pastalist endpoint, essentially making all
+# pastas private.
+# Default value: 8080 
+export MICROBIN_NO_LISTING=false
+
+# Enables syntax highlighting support. When creating a new
+# pasta, a new dropdown selector will be added where you can
+# select your pasta's syntax, or just leave it empty for no
+# highlighting.
+export MICROBIN_HIGHLIGHTSYNTAX=true
+
+# Sets the port for the server will be listening on.
+# Default value: 8080
+export MICROBIN_PORT=__PORT__
+
+# Sets the bind address for the server will be listening on.
+# Both ipv4 and ipv6 are supported. Default value: "0.0.0.0".
+# Example value: "myserver.net", "127.0.0.1". 
+export MICROBIN_BIND="127.0.0.1"
+
+# Enables private pastas. Adds a new checkbox to make your
+# pasta private, which then won't show up on the pastalist
+# page. With the URL to your pasta, it will still be
+# accessible.
+# Default value: false
+export MICROBIN_PRIVATE=true
+
+# DEPRECATED: Will be removed soon. If you want to change styling (incl. removal), use custom CSS variable instead.
+# Disables main CSS styling, just uses a few in-line
+# stylings for the layout. With this option you will lose
+# dark-mode support. 
+export MICROBIN_PURE_HTML=false
+
+# Sets the name of the directory where MicroBin creates 
+# its database and stores attachments.
+# Default value: microbin_data
+export MICROBIN_DATA_DIR="microbin_data"
+
+# Enables storing pasta data (not attachments and files) in
+# a JSON file instead of the SQLite database. 
+# Default value: false
+export MICROBIN_JSON_DB=false
+
+# Add the given public path prefix to all urls. This allows
+# you to host MicroBin behind a reverse proxy on a subpath.
+# Note that MicroBin itself still expects all routes to be
+# as without this option, and thus is unsuited if you are
+# running MicroBin directly. Default value: unset. Example
+# values: https://myserver.com/ or https://192.168.0.10:8080/ 
+# export MICROBIN_PUBLIC_PATH=https://__DOMAIN____PATH__/
+
+# Sets a shortened path to use when the user copies URL from
+# the application. This will also use shorter endpoints,
+# such as /p/ instead if /pasta/. Default value:
+# unset.Example value: https://b.in/ export
+# MICROBIN_SHORT_PATH=
+
+# The password required for uploading, if read-only mode is enabled
+# Default value: unset
+# export MICROBIN_UPLOADER_PASSWORD=
+
+# If set to true, authentication required for uploading
+# Default value: false
+export MICROBIN_READONLY=true
+
+# Enables showing read count on pasta pages.
+# Default value: false
+export MICROBIN_SHOW_READ_STATS=true
+
+# Adds your title of choice to the
+# navigation bar. 
+# Default value: unset
+# export MICROBIN_TITLE=
+
+# Number of workers MicroBin is allowed to have. Increase
+# this to the number of CPU cores you have if you want to go
+# beast mode, but for personal use one worker is enough.
+# Default value: 1.
+export MICROBIN_THREADS=1
+
+# Sets the garbage collector time limit. Pastas not accessed
+# for N days are removed even if they are set to never
+# expire. 
+# Default value: 90. 
+# To turn off GC: 0.
+export MICROBIN_GC_DAYS=90
+
+# Enables or disables the "Burn after" function
+# Default value: false
+export MICROBIN_ENABLE_BURN_AFTER=true
+
+# Sets the default burn after setting on the main screen.
+# Default value: 0. Available expiration options: 1, 10,
+# 100, 1000, 10000, 0 (= no limit)
+export MICROBIN_DEFAULT_BURN_AFTER=0
+
+# Changes the maximum width of the UI from 720 pixels to
+# 1080 pixels.
+# Default value: false
+export MICROBIN_WIDE=false
+
+# Enables generating QR codes for pastas. Requires
+# the public path to also be set.
+# Default value: false
+export MICROBIN_QR=true
+
+# Toggles "Never" expiry settings for pastas. Default
+# value: false
+export MICROBIN_ETERNAL_PASTA=false
+
+# Enables "Read-only" uploads. These are unlisted and
+# unencrypted, but can be viewed without password if you
+# have the URL. Editing and removing requires password.
+# Default value: true
+export MICROBIN_ENABLE_READONLY=true
+
+# Sets the default expiry time setting on the main screen.
+# Default value: 24hour Available expiration options: 1min,
+# 10min, 1hour, 24hour, 1week, never
+export MICROBIN_DEFAULT_EXPIRY=24hour
+
+# Disables and hides the file upload option in the UI.
+# Default value: false
+export MICROBIN_NO_FILE_UPLOAD=false
+
+# Replaced the built-in water.css stylesheet with the URL
+# you provide. Default value: unset. Example value:
+# https://myserver.net/public/mystyle.css 
+# export MICROBIN_CUSTOM_CSS=
+
+# Use short hash strings in the URLs instead of animal names
+# to make URLs shorter. Does not change the underlying data
+# stored, just how pastas are recalled.
+# Default value: false
+export MICROBIN_HASH_IDS=false
+
+# Enables server-side encryption. This will add private
+# privacy level, where the user sends plain unencrypted data
+# (still secure, because you use HTTPS, right?), but the
+# server sees everything that the user submits, therefore
+# the user does not have complete and absolute protection.
+# Default value: false
+export MICROBIN_ENCRYPTION_CLIENT_SIDE=true
+
+# Enables client-side encryption. This will add the secret
+# privacy level where the user's browser encrypts all data
+# with JavaScript before sending it over to MicroBin, which
+# encrypt the data once again on server side.
+# Default value: false
+export MICROBIN_ENCRYPTION_SERVER_SIDE=true
+
+# Limit the maximum file size users can upload without
+# encryption. Default value: 256.
+export MICROBIN_MAX_FILE_SIZE_ENCRYPTED_MB=256
+
+# Limit the maximum file size users can upload with
+# encryption (more strain on your server than without
+# encryption, so the limit should be lower. Secrets tend to
+# be tiny files usually anyways.) Default value: 2048.
+export MICROBIN_MAX_FILE_SIZE_UNENCRYPTED_MB=2048
+
+# Disables the feature that checks for available updates
+#  when opening the admin screen.
+# Default value: false
+export MICROBIN_DISABLE_UPDATE_CHECKING=false
+
+# Disables telemetry if set to true.
+# Telemetry includes your configuration and helps development. 
+# It does not include any sensitive data.
+# Default value: false
+export MICROBIN_DISABLE_TELEMETRY=true
+
+# Enables listing your server in the public MicroBin server list.
+# Default value: false
+export MICROBIN_LIST_SERVER=false
\ No newline at end of file