diff --git a/authentik/lib/default.yml b/authentik/lib/default.yml
index 3bb72cf77..27be37620 100644
--- a/authentik/lib/default.yml
+++ b/authentik/lib/default.yml
@@ -13,6 +13,7 @@ redis:
   ws_db: 2
 
 debug: false
+
 log_level: info
 
 # Error reporting, sends stacktrace to sentry.beryju.org
diff --git a/website/docs/installation/docker-compose-config.md b/website/docs/installation/docker-compose-config.md
new file mode 100644
index 000000000..1fed61250
--- /dev/null
+++ b/website/docs/installation/docker-compose-config.md
@@ -0,0 +1,84 @@
+---
+title: docker-compose configuration
+---
+
+These are all the configuration options you can set via docker-compose. These don't apply to Kubernetes, as those settings are configured via helm.
+
+Append any of the following keys to your `.env` file, and run `docker-compose up -d` to apply them.
+
+## AUTHENTIK_LOG_LEVEL
+
+Log level for the server and worker containers. Possible values: debug, info, warning, error
+Defaults to `info`.
+
+## AUTHENTIK_ERROR_REPORTING
+
+- AUTHENTIK_ERROR_REPORTING__ENABLED
+
+  Enable error reporting. Defaults to `false`.
+
+  Error reports are sent to https://sentry.beryju.org, and are used for debugging and general feedback. Anonymous performance data is also sent.
+
+- AUTHENTIK_ERROR_REPORTING__ENVIRONMENT
+
+  Unique environment that is attached to your error reports, should be set to your email address for example. Defaults to `customer`.
+
+- AUTHENTIK_ERROR_REPORTING__SEND_PII
+
+  Whether or not to send personal data, like usernames. Defaults to `false`.
+
+## AUTHENTIK_EMAIL
+
+- AUTHENTIK_EMAIL__HOST
+
+  Default: `localhost`
+
+- AUTHENTIK_EMAIL__PORT
+
+  Default: `25`
+
+- AUTHENTIK_EMAIL__USERNAME
+
+  Default: `""`
+
+- AUTHENTIK_EMAIL__PASSWORD
+
+  Default: `""`
+
+- AUTHENTIK_EMAIL__USE_TLS
+
+  Default: `false`
+
+- AUTHENTIK_EMAIL__USE_SSL
+
+  Default: `false`
+
+- AUTHENTIK_EMAIL__TIMEOUT
+
+  Default: `10`
+
+- AUTHENTIK_EMAIL__FROM
+
+  Default: `authentik@localhost`
+
+  Email address authentik will send from, should have a correct @domain
+
+## AUTHENTIK_OUTPOSTS
+
+- AUTHENTIK_OUTPOSTS__DOCKER_IMAGE_BASE
+
+  This is the prefix used for authentik-managed outposts. Default: `beryju/authentik`.
+
+## AUTHENTIK_AUTHENTIK
+
+- AUTHENTIK_AUTHENTIK__AVATARS
+
+  Controls which avatars are shown. Defaults to `gravatar`. Can be set to `none` to disable avatars.
+
+- AUTHENTIK_AUTHENTIK__BRANDING__TITLE
+
+  Branding title used throughout the UI. Defaults to `authentik`.
+
+- AUTHENTIK_AUTHENTIK__BRANDING__LOGO
+
+  Logo shown in the sidebar and flow executions. Defaults to `/static/dist/assets/icons/icon_left_brand.svg`
diff --git a/website/docs/installation/kubernetes.md b/website/docs/installation/kubernetes.md
index 663828d90..16f1aeadf 100644
--- a/website/docs/installation/kubernetes.md
+++ b/website/docs/installation/kubernetes.md
@@ -21,10 +21,10 @@ It is also recommended to configure global email credentials. These are used by
 # Values directly affecting authentik
 ###################################
 image:
-    name: beryju/authentik
-    name_static: beryju/authentik-static
-    name_outposts: beryju/authentik # Prefix used for Outpost deployments, Outpost type and version is appended
-    tag: 2021.3.3
+  name: beryju/authentik
+  name_static: beryju/authentik-static
+  name_outposts: beryju/authentik # Prefix used for Outpost deployments, Outpost type and version is appended
+  tag: 2021.3.3
 
 serverReplicas: 1
 workerReplicas: 1
@@ -33,31 +33,38 @@ workerReplicas: 1
 kubernetesIntegration: true
 
 config:
-    # Optionally specify fixed secret_key, otherwise generated automatically
-    # secretKey: _k*@6h2u2@q-dku57hhgzb7tnx*ba9wodcb^s9g0j59@=y(@_o
-    # Enable error reporting
-    errorReporting:
-        enabled: false
-        environment: customer
-        sendPii: false
-    # Log level used by web and worker
-    # Can be either debug, info, warning, error
-    logLevel: warning
-    # Global Email settings
-    email:
-        # SMTP Host Emails are sent to
-        host: localhost
-        port: 25
-        # Optionally authenticate
-        username: ""
-        password: ""
-        # Use StartTLS
-        useTls: false
-        # Use SSL
-        useSsl: false
-        timeout: 10
-        # Email address authentik will send from, should have a correct @domain
-        from: authentik@localhost
+  # Optionally specify fixed secret_key, otherwise generated automatically
+  # secretKey: _k*@6h2u2@q-dku57hhgzb7tnx*ba9wodcb^s9g0j59@=y(@_o
+  # Enable error reporting
+  errorReporting:
+    enabled: false
+    environment: customer
+    sendPii: false
+  # Log level used by web and worker
+  # Can be either debug, info, warning, error
+  logLevel: warning
+  # Global Email settings
+  email:
+    # SMTP Host Emails are sent to
+    host: localhost
+    port: 25
+    # Optionally authenticate
+    username: ""
+    password: ""
+    # Use StartTLS
+    useTls: false
+    # Use SSL
+    useSsl: false
+    timeout: 10
+    # Email address authentik will send from, should have a correct @domain
+    from: authentik@localhost
+
+# Enable MaxMind GeoIP
+# geoip:
+#   enabled: false
+#   accountId: ""
+#   licenseKey: ""
+#   image: maxmindinc/geoipupdate:latest
 
 # Enable Database Backups to S3
 # backup:
@@ -68,33 +75,22 @@ config:
 #   host: s3-host
 
 ingress:
-    annotations:
-        {}
-        # kubernetes.io/ingress.class: nginx
-        # kubernetes.io/tls-acme: "true"
-    hosts:
-        - authentik.k8s.local
-    tls: []
-    #  - secretName: chart-example-tls
-    #    hosts:
-    #      - authentik.k8s.local
+  annotations:
+    {}
+    # kubernetes.io/ingress.class: nginx
+    # kubernetes.io/tls-acme: "true"
+  hosts:
+    - authentik.k8s.local
+  tls: []
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #      - authentik.k8s.local
 
 ###################################
 # Values controlling dependencies
 ###################################
 
 install:
-    postgresql: true
-    redis: true
-
-# These values influence the bundled postgresql and redis charts, but are also used by authentik to connect
-postgresql:
-    postgresqlDatabase: authentik
-
-redis:
-    cluster:
-        enabled: false
-    master:
-        persistence:
-            enabled: false
+  postgresql: true
+  redis: true
 ```
diff --git a/website/sidebars.js b/website/sidebars.js
index 1481752cd..cdd53b370 100644
--- a/website/sidebars.js
+++ b/website/sidebars.js
@@ -14,8 +14,9 @@ module.exports = {
             items: [
                 "installation/index",
                 "installation/docker-compose",
-                "installation/kubernetes",
+                "installation/docker-compose-config",
                 "installation/reverse-proxy",
+                "installation/kubernetes",
             ],
         },
         {