diff --git a/.env.example b/.env.example
index 29bb1bf..e9cb250 100644
--- a/.env.example
+++ b/.env.example
@@ -1,30 +1,33 @@
-# --- VAPID Keys ---
-# Generate using: npx web-push generate-vapid-keys
-# The Public Key is needed by your PWA to subscribe.
-VAPID_PUBLIC_KEY=YOUR_VAPID_PUBLIC_KEY
-# The Private Key MUST be kept secret on the server.
-VAPID_PRIVATE_KEY=YOUR_VAPID_PRIVATE_KEY
-# A contact URL for the push service (mailto: or https:)
-VAPID_SUBJECT=mailto:admin@yourdomain.com
+# --- Application Configuration ---
 
-# --- Application Settings ---
-# Port the Node.js server will listen on inside the container
-PORT=3000
-# Path to the JSON file storing Flic button serial -> PWA subscription mappings
-SUBSCRIPTIONS_FILE=/app/subscriptions.json
+# --- VAPID Keys (REQUIRED for Web Push) ---
+# Generate these once using npx web-push generate-vapid-keys (or other tools)
+# Keep the private key SECRET!
+VAPID_PUBLIC_KEY=
+VAPID_PRIVATE_KEY=
 
-# --- Security ---
-# (Optional) A secret bearer token. If set, Flic requests must include "Authorization: Bearer <YOUR_SECRET>" header.
-# Generate a strong secret, e.g., using: openssl rand -hex 32
-FLIC_SECRET=YOUR_OPTIONAL_FLIC_SECRET_TOKEN
+# Subject claim for VAPID. Use a 'mailto:' URI or an 'https:' URL identifying your application.
+# Example: mailto:admin@yourdomain.com or https://yourdomain.com/contact
+VAPID_SUBJECT=mailto:admin@virtonline.eu
 
-# --- CORS Settings ---
-# Comma-separated list of allowed origins for CORS requests (e.g., your PWA's domain)
-# Leave empty or unset to allow any origin (less secure, useful for testing)
-# Example: ALLOWED_ORIGINS=https://pwa.yourdomain.com,http://localhost:8080
+# Flic Button Configuration
+FLIC_BUTTON1_SERIAL=your_button1_serial
+FLIC_BUTTON2_SERIAL=your_button2_serial
+FLIC_BUTTON3_SERIAL=your_button3_serial
+
+# Subscription Storage
+SUBSCRIPTIONS_FILE=subscriptions.json
+
+# CORS
 ALLOWED_ORIGINS=https://game-timer.virtonline.eu
-# Comma-separated list of allowed HTTP methods
-ALLOWED_METHODS=POST,OPTIONS
-# Comma-separated list of allowed HTTP headers
+ALLOWED_METHODS=POST,OPTIONS,GET
 ALLOWED_HEADERS=Content-Type,Authorization
 
+# Logging Configuration
+LOG_LEVEL=INFO
+
+# --- Security (Optional) ---
+# If you want to add a simple security layer between Flic and this app.
+# If set, configure Flic's HTTP request to include an "Authorization: Bearer YOUR_SECRET_VALUE" header.
+# use e.g.: openssl rand -hex 32
+FLIC_SECRET=
\ No newline at end of file