README reworked (#165)

README.md

@@ -1,7 +1,7 @@
 SSOwat
 ======
 
-A simple LDAP SSO for nginx, written in Lua
+A simple LDAP SSO for NGINX, written in Lua.
 
 <a href="https://translate.yunohost.org/engage/yunohost/?utm_source=widget">
 <img src="https://translate.yunohost.org/widgets/yunohost/-/287x66-white.png" alt="Translation status" />
@@ -10,25 +10,25 @@ A simple LDAP SSO for nginx, written in Lua
 Issues
 ------
 
-- [Please report issues on YunoHost bugtracker](https://github.com/YunoHost/issues).
+- [Please report issues to the YunoHost bugtracker](https://github.com/YunoHost/issues).
 
 Requirements
 ------------
 
-- Nginx-extras from Debian wheezy-backports
+- `nginx-extras` from Debian wheezy-backports
-- lua-json
+- `lua-json`
-- lua-ldap
+- `lua-ldap`
-- lua-filesystem
+- `lua-filesystem`
-- lua-socket
+- `lua-socket`
-- lua-rex-pcre
+- `lua-rex-pcre`
 
 **OR**
 
-- Nginx "Openresty" flavored : http://openresty.org/
+- "OpenResty" flavored NGINX: https://openresty.org/
-- lua-ldap
+- `lua-ldap`
-- lua-filesystem
+- `lua-filesystem`
-- lua-socket
+- `lua-socket`
-- lua-rex-pcre
+- `lua-rex-pcre`
 
 Installation
 ------------
@@ -40,10 +40,10 @@ git clone https://github.com/YunoHost/SSOwat /etc/ssowat
 ```
 
 
-Nginx configuration
+NGINX configuration
 -------------------
 
-* Add SSOwat's Nginx configuration (`http{}` scope)
+* Add SSOwat's NGINX configuration (`http{}` scope)
 
 ```bash
 nano /etc/nginx/conf.d/ssowat.conf
@@ -72,11 +72,11 @@ If you use YunoHost, you may want to edit the `/etc/ssowat/conf.json.persistent`
 
 ## Available parameters
 
-These are the SSOwat's configuration parameters. Only `portal_domain` is required, but it is recommended to know the others to fully understand what you can do with SSOwat.
+Only the `portal_domain` SSOwat configuration parameters is required, but it is recommended to know the others to fully understand what you can do with it.
 
 #### portal_domain
 
-Domain of the authentication portal. It has to be a domain, IP addresses will not work with SSOwat (**Required**)
+Domain of the authentication portal. It has to be a domain, IP addresses will not work with SSOwat (**Required**).
 
 #### portal_path
 
@@ -84,92 +84,92 @@ URI of the authentication portal (**default**: `/ssowat/`). This path **must** e
 
 #### portal_port
 
-Web port of the authentication portal (**default**: `443` for `https`, `80` for `http`)
+Web port of the authentication portal (**default**: `443` for `https`, `80` for `http`).
 
 #### portal_scheme
 
-Whether authentication should use secure connection or not (**default**: `https`)
+Whether authentication should use secure connection or not (**default**: `https`).
 
 #### domains
 
-List of handled domains (**default**: similar to `portal_domain`)
+List of handled domains (**default**: similar to `portal_domain`).
 
 #### ldap_host
 
-LDAP server hostname (**default**: `localhost`)
+LDAP server hostname (**default**: `localhost`).
 
 #### ldap_group
 
-LDAP group to search in (**default**: `ou=users,dc=yunohost,dc=org`)
+LDAP group to search in (**default**: `ou=users,dc=yunohost,dc=org`).
 
 #### ldap_identifier
 
-LDAP user identifier (**default**: `uid`)
+LDAP user identifier (**default**: `uid`).
 
 #### ldap_attributes
 
-User's attributes to fetch from LDAP (**default**: `["uid", "givenname", "sn", "cn", "homedirectory", "mail", "maildrop"]`)
+User's attributes to fetch from LDAP (**default**: `["uid", "givenname", "sn", "cn", "homedirectory", "mail", "maildrop"]`).
 
 #### ldap_enforce_crypt
 
-Let SSOwat re-encrypt weakly-encrypted LDAP passwords into the safer sha-512 (crypt) (**default**: `true`)
+Let SSOwat re-encrypt weakly-encrypted LDAP passwords into the safer sha-512 (crypt) (**default**: `true`).
 
 #### allow_mail_authentication
 
-Whether users can authenticate with their mail address (**default**: `true`)
+Whether users can authenticate with their mail address (**default**: `true`).
 
 #### login_arg
 
-URI argument to use for cross-domain authentication (**default**: `sso_login`)
+URI argument to use for cross-domain authentication (**default**: `sso_login`).
 
 #### additional_headers
 
-Array of additionnal HTTP headers to set once user is authenticated (**default**: `{ "Remote-User": "uid" }`)
+Array of additionnal HTTP headers to set once user is authenticated (**default**: `{ "Remote-User": "uid" }`).
 
 #### session_timeout
 
-The session expiracy time limit in seconds, since the last connection (**default**: `86400` / one day)
+The session expiracy time limit in seconds, since the last connection (**default**: `86400` / one day).
 
 #### session_max_timeout
 
-The session expiracy time limit in seconds (**default**: `604800` / one week)
+The session expiracy time limit in seconds (**default**: `604800` / one week).
 
 #### protected_urls
 
-List of priorily protected URLs and/or URIs (**by default, every URL is protected**)
+List of priorily protected URLs and/or URIs (**by default, every URL is protected**).
 
 #### protected_regex
 
-List of regular expressions to be matched against URLs **and** URIs to protect them
+List of regular expressions to be matched against URLs **and** URIs to protect them.
 
 #### skipped_urls
 
-List of URLs and/or URIs that will not be affected by SSOwat. This must be a JSON array, and SSOwat automatically adds itself to this array.
+List of URLs and/or URIs that will not be affected by SSOwat. This must be a JSON array, and SSOwat automatically adds itself to it.
 
 #### skipped_regex
 
-List of regular expressions to be matched against URLs **and** URIs to ignore them
+List of regular expressions to be matched against URLs **and** URIs to ignore them.
 
 #### unprotected_urls
 
-List of URLs and/or URIs that will not be affected by SSOwat **unless user is authenticated**
+List of URLs and/or URIs that will not be affected by SSOwat **unless a user is authenticated**.
 
 #### unprotected_regex
 
-List of regular expressions to be matched against URLs **and** URIs to ignore them **unless user is authenticated**
+List of regular expressions to be matched against URLs **and** URIs to ignore them **unless a user is authenticated**.
 
 #### redirected_urls
 
-Array of URLs and/or URIs to redirect and their redirect URI/URL (**example**: `{ "/": "example.org/subpath" }`)
+Array of URLs and/or URIs to redirect and their redirect URI/URL (**example**: `{ "/": "example.org/subpath" }`).
 
 #### redirected_regex
 
-Array of regular expressions to be matched against URLS **and** URIs and their redirect URI/URL (**example**: `{ "example.org/megusta$": "example.org/subpath" }`)
+Array of regular expressions to be matched against URLs **and** URIs and their redirect URI/URL (**example**: `{ "example.org/megusta$": "example.org/subpath" }`).
 
 #### users
 
-2-level array containing usernames and their allowed URLs along with an App name (**example**: `{ "kload": { "kload.fr/myapp/": "My App" } }`)
+2-level array containing usernames and their allowed URLs along with an app name (**example**: `{ "kload": { "kload.fr/myapp/": "My App" } }`).
 
 #### default_language
 
-Language code used by default in views (**default**: `en`)
+Language code used by default in views (**default**: `en`).