diff --git a/docker-compose/README.md b/docker-compose/README.md
index acade5814..f61d53a6e 100644
--- a/docker-compose/README.md
+++ b/docker-compose/README.md
@@ -16,6 +16,46 @@ above command again.
docker-compose down
```
+### Starting services selectively
+
+It is possible to start services selectively, including their dependencies.
+
+#### Start the demo wallet and all dependant services
+
+```console
+docker compose up waltid-demo-wallet
+```
+
+will start automatically:
+- caddy
+- postgres
+- wallet-api
+- and waltid-web-wallet
+
+#### Start services using compose profiles
+
+`COMPOSE_PROFILES` environment variable located in the .env file allows the selection of
+profiles to start the services for. Currently, the services are available with 2 profiles:
+
+- identity - for the waltid-identity services
+- tse - for the Hashicorp vault service, will be initialized with:
+ - a transit secrets engine
+ - and authentication methods
+ - approle - for my-role, where role-id and secret-id will be output in the console1
+ - userpass - for myuser with mypassword
+ - access-token - with dev-only-token
+
+Profiles can be combined, e.g. `COMPOSE_PROFILES=identity,tse` - will start the
+waltid-identity services and the vault (also can be done with the `all` profile).
+
+1 - example output:
+
+```console
+vault-init | Role ID: 66f3f095-74c9-b270-9d1f-1f842aa6bf3f
+vault-init | Secret ID: 3abf1e00-2dc1-9e77-0705-9a81a95c7c59
+```
+
+
## Port mapping
### Services
@@ -23,6 +63,7 @@ docker-compose down
- Wallet API: [http://localhost:7001](http://localhost:7001)
- Issuer API: [http://localhost:7002](http://localhost:7002)
- Verifier API: [http://localhost:7003](http://localhost:7003)
+- Hashicorp vault: [http://localhost:8200](http://localhost:8200)
### Apps
diff --git a/docker-compose/docker-compose.yaml b/docker-compose/docker-compose.yaml
index 2a1c3b951..0032a5840 100644
--- a/docker-compose/docker-compose.yaml
+++ b/docker-compose/docker-compose.yaml
@@ -177,7 +177,7 @@ services:
condition: service_healthy
entrypoint: /bin/sh -c "/vault/scripts/init.sh"
volumes:
- - ./vault/init.sh:/vault/scripts/init.sh
+ - ./vault/init.sh:/vault/scripts/init.sh:rw
caddy:
image: docker.io/caddy:2
diff --git a/docker-compose/vault/init.sh b/docker-compose/vault/init.sh
index 785d9db94..dc0c7efc8 100644
--- a/docker-compose/vault/init.sh
+++ b/docker-compose/vault/init.sh
@@ -21,7 +21,7 @@ echo "Enable Userpass Authentication"
vault auth enable userpass
echo "Create a User with Userpass Authentication"
-vault write auth/userpass/users/my-user password=my-password policies=transit-policy
+vault write auth/userpass/users/myuser password=mypassword policies=transit-policy
echo "Enable AppRole Authentication"
vault auth enable approle