diff --git a/.env.example b/.env.example
index 8e66aec..8f582f8 100644
--- a/.env.example
+++ b/.env.example
@@ -1,12 +1,26 @@
 # Silo Environment Configuration
-# Copy this file to .env and update values as needed
+# Copy to .env (or deployments/.env) and update values as needed.
+# For automated setup, run: ./scripts/setup-docker.sh
 
 # PostgreSQL
 POSTGRES_PASSWORD=silodev
 
 # MinIO
-MINIO_ACCESS_KEY=minioadmin
-MINIO_SECRET_KEY=minioadmin
+MINIO_ACCESS_KEY=silominio
+MINIO_SECRET_KEY=silominiosecret
 
-# Silo API (optional overrides)
-# SILO_SERVER_PORT=8080
+# OpenLDAP
+LDAP_ADMIN_PASSWORD=ldapadmin
+LDAP_USERS=siloadmin
+LDAP_PASSWORDS=siloadmin
+
+# Silo Authentication
+SILO_SESSION_SECRET=change-me-in-production
+SILO_ADMIN_USERNAME=admin
+SILO_ADMIN_PASSWORD=admin
+
+# Optional: OIDC (Keycloak)
+# SILO_OIDC_CLIENT_SECRET=
+
+# Optional: LDAP service account
+# SILO_LDAP_BIND_PASSWORD=
diff --git a/.gitignore b/.gitignore
index 0527ec8..0cbb933 100644
--- a/.gitignore
+++ b/.gitignore
@@ -29,6 +29,7 @@ Thumbs.db
 # Config with secrets
 config.yaml
 *.env
+deployments/config.docker.yaml
 
 # Python
 __pycache__/
diff --git a/config.example.yaml b/config.example.yaml
index ec8677a..74f1f89 100644
--- a/config.example.yaml
+++ b/config.example.yaml
@@ -8,20 +8,20 @@ server:
   # read_only: false  # Reject all write operations; toggle at runtime with SIGUSR1
 
 database:
-  host: "psql.example.internal"
+  host: "localhost" # Use "postgres" for Docker Compose
   port: 5432
   name: "silo"
   user: "silo"
   password: "" # Use SILO_DB_PASSWORD env var
-  sslmode: "require"
+  sslmode: "require" # Use "disable" for Docker Compose (internal network)
   max_connections: 10
 
 storage:
-  endpoint: "minio.example.internal:9000"
+  endpoint: "localhost:9000" # Use "minio:9000" for Docker Compose
   access_key: "" # Use SILO_MINIO_ACCESS_KEY env var
   secret_key: "" # Use SILO_MINIO_SECRET_KEY env var
   bucket: "silo-files"
-  use_ssl: true
+  use_ssl: true # Use false for Docker Compose (internal network)
   region: "us-east-1"
 
 schemas:
diff --git a/deployments/config.dev.yaml b/deployments/config.dev.yaml
new file mode 100644
index 0000000..9f57d05
--- /dev/null
+++ b/deployments/config.dev.yaml
@@ -0,0 +1,35 @@
+# Silo Development Configuration
+# Used by deployments/docker-compose.yaml — works with zero setup via `make docker-up`.
+# For production Docker installs, run scripts/setup-docker.sh instead.
+
+server:
+  host: "0.0.0.0"
+  port: 8080
+  base_url: "http://localhost:8080"
+
+database:
+  host: "postgres"
+  port: 5432
+  name: "silo"
+  user: "silo"
+  password: "${POSTGRES_PASSWORD:-silodev}"
+  sslmode: "disable"
+  max_connections: 10
+
+storage:
+  endpoint: "minio:9000"
+  access_key: "${MINIO_ACCESS_KEY:-silominio}"
+  secret_key: "${MINIO_SECRET_KEY:-silominiosecret}"
+  bucket: "silo-files"
+  use_ssl: false
+  region: "us-east-1"
+
+schemas:
+  directory: "/etc/silo/schemas"
+  default: "kindred-rd"
+
+freecad:
+  uri_scheme: "silo"
+
+auth:
+  enabled: false
diff --git a/deployments/docker-compose.yaml b/deployments/docker-compose.yaml
index d733fe1..c13425b 100644
--- a/deployments/docker-compose.yaml
+++ b/deployments/docker-compose.yaml
@@ -69,7 +69,7 @@ services:
       - "8080:8080"
     volumes:
       - ../schemas:/etc/silo/schemas:ro
-      - ../configs/config.yaml:/etc/silo/config.yaml:ro
+      - ./config.dev.yaml:/etc/silo/config.yaml:ro
     healthcheck:
       test: ["CMD", "wget", "-qO-", "http://localhost:8080/health"]
       interval: 10s