diff --git a/README.md b/README.md
index 3093a5e..2849a39 100644
--- a/README.md
+++ b/README.md
@@ -42,6 +42,34 @@ To transfer the secrets needed for OpenTofu from Bitwarden to OpenBAO/Vault run:
 nix run '.#bitwarden-to-vault'
 ```
 
-## Immediate TODO list:
+# Bootstrapping
 
-1. Make the hetzner-static-ip.service not fail when the IP is already assigned.
+## security.kaareskovgaard.net
+
+The first instance to create is `security.kaareskovgaard.net` as that hosts OpenBAO which is used to deploy all the other instances.
+
+First read the README for that instance, regarding the bootstrapping process (flip a boolean switch in the configuration). Then:
+
+```bash
+nix run '.#create-instance' -- security.kaareskovgaard.net
+nix run '.#configure-instance' -- security.kaareskovgaard.net
+```
+
+Then unbootstrap the instance and:
+
+```bash
+nix run '.#update-instance' -- security.kaareskovgaard.net
+nix run '.#configure-instance' -- security.kaareskovgaard.net
+```
+
+## monitoring.kaareskovgaard.net
+
+Every instance attempts to send logs and metrics to the monitoring instance, as such this should be created next. This should be a simple:
+
+```bash
+nix run '.#create-instance' -- monitoring.kaareskovgaard.net
+```
+
+## The rest
+
+At this point every other instance should be able to be brought up. The `create-instance` command should be all that is needed.