:pencil: doc a little clarity for first time running

README.md

@@ -21,4 +21,11 @@ Generate new keys with certbot:
     -Check using `sudo certbot renew --dry-run`
     -Run the commands inside the `generatekeys.sh`
     -DO NOT run `generatekeys.sh` as a script
-    -Run the `./rebuild.sh` script to use the new keys
+    -Run the `./rebuild.sh` script to use the new keys
+
+#### First Run
+1. install `certbot`
+1. run `sudo certbot certonly`
+1. use temporary http challenge mode
+1. make sure ufw exposes port 80
+1. copy over the pem files to your nginx keys directory (see renew_keys.sh)