diff --git a/.envrc.sample b/.envrc.sample
index 3e86ea1..d415708 100644
--- a/.envrc.sample
+++ b/.envrc.sample
@@ -19,15 +19,15 @@ export ENTRYPOINT_CONF_VERSION=v1
 
 # SAML
 
-#export COMPOSE="compose.yml compose.simplesaml.yml"
+#export COMPOSE_FILE="compose.yml:compose.simplesaml.yml"
 
 #export SAML_ENABLED=1
 #export SAML_CONTACT_NAME="Sam Ell"
 #export SAML_CONTACT_EMAIL="saml@example.com"
 
-#export SAML_EMAIL_ATTRIBUTE=email
+#export SAML_EMAIL_ATTRIBUTE=mail
 #export SAML_REAL_NAME_ATTRIBUTE=realname
-#export SAML_AUTH_SOURCE_ID=dev-sp
+#export SAML_AUTH_SOURCE_ID=default-sp
 #export SAML_USERNAME_ATTRIBUTE=user
 
 #export SAML_ADMIN_PASSWORD_VERSION=v1
diff --git a/LocalSettings.php.tmpl b/LocalSettings.php.tmpl
index 67355c1..b39ce6c 100644
--- a/LocalSettings.php.tmpl
+++ b/LocalSettings.php.tmpl
@@ -172,7 +172,7 @@ wfLoadExtension( 'PluggableAuth' );
 wfLoadExtension( 'SimpleSAMLphp' );
 
 $wgSimpleSAMLphp_InstallDir = "/var/simplesamlphp/";
-$wgSimpleSAMLphp_AuthSourceId = "{{ env "SAML_SERVICE_PROVIDER" }}";
+$wgSimpleSAMLphp_AuthSourceId = "{{ env "SAML_AUTH_SOURCE_ID" }}";
 $wgSimpleSAMLphp_RealNameAttribute = "{{ env "SAML_REAL_NAME_ATTRIBUTE" }}";
 $wgSimpleSAMLphp_EmailAttribute = "{{ env "SAML_EMAIL_ATTRIBUTE" }}";
 $wgSimpleSAMLphp_UsernameAttribute = "{{ env "SAML_USERNAME_ATTRIBUTE" }}";
diff --git a/README.md b/README.md
index 595e820..9ac6bc3 100644
--- a/README.md
+++ b/README.md
@@ -16,7 +16,7 @@ Based on [`mediawiki-ve-bundle`][mediawiki-ve].
    ```
    abra secret_generate db_password v1
    abra secret_generate db_root_password v1
-   abra secret_generate mediawiki_secret_key "pwgen -n 64 1"
+   abra secret_generate mediawiki_secret_key v1 "pwgen -n 64 1"
    ```
 6. `abra deploy`
 7. `abra run mediawiki /bin/bash` to open a shell
@@ -37,20 +37,20 @@ system. Patches to make this configurable are welcome!
 3. Generate secrets:
    ```
    abra secret_generate saml_admin_password v1
-   abra secret_generate saml_secret_key v1 "pwgen -n 64 1"
+   abra secret_generate saml_secret_salt v1 "pwgen -n 64 1"
    ```
 4. `abra deploy`
 5. Copy your SimpleSAMLphp metadata and certificates to the container (assuming
    you have local `metadata` and `cert` folders:
    ```
-   abra cp metadata simplesamlphp:/var/simplesamlphp/
-   abra cp cert simplesamlphp:/var/simplesamlphp/
+   abra cp metadata simplesaml:/var/simplesamlphp/
+   abra cp cert simplesaml:/var/simplesamlphp/
    ```
 6. You can log into SimpleSAMLphp using the password you generated at
    https://$DOMAIN/simplesaml/ and test authentication
 7. Edit SimpleSAMLphp's `config.php` and change `store.sql.dsn`:
    ```
-   abra run simplesamlphp vim 
+   abra run simplesaml vi /var/simplesamlphp/config/config.php
    # find 'store.sql.dsn' and edit to:
    # 'sqlite:/var/simplesamlphp/data/simplesamlphp.sq3'
    ```
diff --git a/compose.simplesaml.yml b/compose.simplesaml.yml
index 6fc6182..8875b29 100644
--- a/compose.simplesaml.yml
+++ b/compose.simplesaml.yml
@@ -7,11 +7,11 @@ services:
       - 'simplesaml:/var/simplesamlphp/'
       - 'simplesaml_log:/var/simplesamlphp/log'
     environment:
-      - SAML_AUTH_SOURCE_ID=${SAML_AUTH_SOURCE_ID}
-      - SAML_EMAIL_ATTRIBUTE=${SAML_EMAIL_ATTRIBUTE}
-      - SAML_REAL_NAME_ATTRIBUTE=${SAML_REAL_NAME_ATTRIBUTE}
-      - SAML_SERVICE_PROVIDER=${SAML_SERVICE_PROVIDER}
-      - SAML_USERNAME_ATTRIBUTE=${SAML_USERNAME_ATTRIBUTE}
+      - SAML_AUTH_SOURCE_ID
+      - SAML_EMAIL_ATTRIBUTE
+      - SAML_REAL_NAME_ATTRIBUTE
+      - SAML_SERVICE_PROVIDER
+      - SAML_USERNAME_ATTRIBUTE
 
   simplesaml:
     image: venatorfox/simplesamlphp:latest
@@ -19,12 +19,12 @@ services:
       - saml_admin_password
       - saml_secret_salt
     environment:
-      - DOMAIN=${DOMAIN}
+      - DOMAIN
       - CONFIG_BASEURLPATH=https://${DOMAIN}/simplesaml/
       - CONFIG_AUTHADMINPASSWORD_FILE=/run/secrets/saml_admin_password
       - CONFIG_SECRETSALT_FILE=/run/secrets/saml_secret_salt
-      - CONFIG_TECHNICALCONTACT_NAME=${SAML_CONTACT_NAME}
-      - CONFIG_TECHNICALCONTACT_EMAIL=${SAML_CONTACT_EMAIL}
+      - CONFIG_TECHNICALCONTACT_NAME
+      - CONFIG_TECHNICALCONTACT_EMAIL
       - CONFIG_SHOWERRORS=true
       - CONFIG_ERRORREPORTING=true
       - CONFIG_ADMINPROTECTINDEXPAGE=true
diff --git a/compose.yml b/compose.yml
index def3db6..d491150 100644
--- a/compose.yml
+++ b/compose.yml
@@ -26,13 +26,13 @@ services:
   mediawiki:
     image: 'revianlabs/mediawiki-ve-bundle'
     environment:
-      - DOMAIN=${DOMAIN}
-      - STACK_NAME=${STACK_NAME}
-      - MEDIAWIKI_EMAIL_CONTACT=${MEDIAWIKI_EMAIL_CONTACT}
-      - MEDIAWIKI_EMAIL_FROM=${MEDIAWIKI_EMAIL_FROM}
-      - MEDIAWIKI_SITENAME=${MEDIAWIKI_SITENAME}
-      - MEDIAWIKI_SITENAMESPACE=${MEDIAWIKI_SITENAMESPACE}
-      - SAML_ENABLED=${SAML_ENABLED}
+      - DOMAIN
+      - STACK_NAME
+      - MEDIAWIKI_EMAIL_CONTACT
+      - MEDIAWIKI_EMAIL_FROM
+      - MEDIAWIKI_SITENAME
+      - MEDIAWIKI_SITENAMESPACE
+      - SAML_ENABLED
     volumes:
       - 'mediawiki_images:/var/www/html/images'
       - 'parsoid:/usr/lib/parsoid'