diff --git a/README.md b/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..9123376ec42ca1c8a2eaf020dcc91ae032f59af1
--- /dev/null
+++ b/README.md
@@ -0,0 +1,56 @@
+# Requirements
+
+1.  Ansible 2.8+, available in Debian buster-backports or newer.
+2.  Ubuntu 18.04 64-bit server
+
+# Setup
+
+1.  Fill in `bbb_letsencrypt_email` in `bigbluebutton.yml`
+2.  On the machine with Ansible, run
+    `ansible-galaxy install -r requirements.yml`
+3.  If you want phone dial-in to work, modify `bbb_dialin_*` in
+    bigbluebutton.yml accordingly.
+    -   If you have a public IP and FQDN pointing to the Ubuntu 18.04 box
+        a.  Change the `bbb_hostname:` value in bigbluebutton.yml to be
+            the FQDN of the Ubuntu box.
+        b.  On the machine with Ansible, run
+        `ansible-playbook -u [ubuntu_box_username] -i [ubuntu_box_fqdn], bigbluebutton.yml`
+    -   If you don't have a public IP for the Ubuntu 18.04 box
+        a.  Replace the `bbb_letsencrypt_email:` line in
+            bigbluebutton.yml with `bbb_letsencrypt_enable: false`
+        b.  Change the `bbb_hostname:` value in bigbluebutton.yml to be
+            `ubuntu1804bbb.vm`
+        c.  Add a new line in both machines\' `/etc/hosts`:
+            `[ubuntu_18.04_IP]  ubuntu1804bbb.vm`
+        d.  On the machine with Ansible, run
+            `ansible-playbook -u [ubuntu_box_username] -i ubuntu1804bbb.vm, bigbluebutton.yml`
+4.  If you make any modifications, update the corresponding source code URL in
+    `bigbluebutton.yml` to one for a repository containing your modifications.
+5.  
+    -   If you have a public IP and FQDN pointing to the Ubuntu 18.04 box
+        visit https://[ubuntu_box_fqdn]/ in your browser, create an account,
+	     click Home, then Start to begin
+    -   If you don't have a public IP for the Ubuntu 18.04 box
+        a.  Run the following commands on the Ubuntu 18.04 box
+
+            ```
+            openssl genrsa -des3 -out rootCA.key 4096
+            openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 -out rootCA.crt
+            cat <<-EOF > fullchain.ext
+            authorityKeyIdentifier=keyid,issuer
+            basicConstraints=CA:FALSE
+            keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
+            subjectAltName = @alt_names
+
+            [alt_names]
+            DNS.1 = ubuntu1804bbb.vm
+		      EOF
+            openssl x509 -req -in /etc/letsencrypt/live/ubuntu1804bbb.vm/fullchain.pem.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -out fullchain.crt -days 300 -sha256 -extfile fullchain.ext
+            sudo chown root:root fullchain.crt rootCA.crt
+            sudo mv fullchain.crt /etc/letsencrypt/live/ubuntu1804bbb.vm/fullchain.pem
+            sudo mv rootCA.crt /usr/local/share/ca-certificates
+            sudo update-ca-certificates
+            sudo docker cp /usr/local/share/ca-certificates/rootCA.crt greenlight-v2:/usr/local/share/ca-certificates
+            sudo docker exec greenlight-v2 update-ca-certificates
+		      ```
+         b.  Visit https://ubuntu1804bbb.vm/ in your browser, create an account, click Home, then Start to begin