diff --git a/server/Dockerfile b/server/Dockerfile
index 7a0e752..bb4c697 100644
--- a/server/Dockerfile
+++ b/server/Dockerfile
@@ -25,8 +25,8 @@ RUN mkdir -p /var/log /main/public/files /main/public/media
 ENV GOPATH=""
 VOLUME /main/public/files
 VOLUME /main/public/media
-ENV COOKIE_SECRET
-ENV KEY
+ENV COOKIE_SECRET=""
+ENV KEY=""
 RUN echo 'cat /main/users.yaml.gpg | gpg --batch --no-tty --passphrase="$KEY" --decrypt > /main/users.yaml && /main/exec-server "$@"' > /main/entrypoint.sh
 ENTRYPOINT ["bash", "/main/entrypoint.sh"]
 CMD []
diff --git a/server/README.md b/server/README.md
index 06b1117..a4f0a6f 100644
--- a/server/README.md
+++ b/server/README.md
@@ -5,7 +5,7 @@
 1. {one time} Generate and store an encryption `KEY` in Vault+Lastpass
 1. Build a Docker image with `docker build -t registry-app.eng.qops.net:5001/breel/work-notes:latest --build-arg KEY='{{INSERT YOUR KEY HERE}}' .`
 1. Push with `docker push registry-app.eng.qops.net:5001/breel/work-notes:latest`
-1. Run like `docker run -v /mnt/files:/main/public/files -v /mnt/media:/main/public/media -e KEY='{{INSERT YOUR KEY HERE}}' -p 3005:3005 --rm -it registry-app.eng.qops.net:5001/breel/work-notes:latest -auth ./users.yaml -p 3005`
+1. Run like `docker run -v /mnt/files:/main/public/files -v /mnt/media:/main/public/media -e KEY='{{INSERT YOUR KEY HERE}}' -e COOKIE_SECRET='{{INSERT ANOTHER KEY HERE}}' -p 3005:3005 --rm -it registry-app.eng.qops.net:5001/breel/work-notes:latest -auth ./users.yaml -p 3005`
 
 ### `users.yaml` Format