Adjust wording and formatting

Signed-off-by: Knut Ahlers <knut@ahlers.me>

README.md

@@ -60,8 +60,8 @@ The configurations generated by this tool will not need multiple files but inclu
 
 After you've set up your folder (you also could use one of the example configurations in the [`example` folder](https://github.com/Luzifer/vault-openvpn/tree/master/example) of this repository) you can issue your servers configuration:
 
-```bash
-# vault-openvpn --auto-revoke --pki-mountpoint luzifer_io server edda.openvpn.luzifer.io
+```console
+$ vault-openvpn --auto-revoke --pki-mountpoint luzifer_io server edda.openvpn.luzifer.io
 server 10.231.0.0 255.255.255.0
 route 10.231.0.0 255.255.255.0
 
@@ -70,8 +70,8 @@ route 10.231.0.0 255.255.255.0
 
 And also you can generate client configurations:
 
-```bash
-# vault-openvpn --auto-revoke --pki-mountpoint luzifer_io client workwork01.openvpn.luzifer.io
+```console
+$ vault-openvpn --auto-revoke --pki-mountpoint luzifer_io client workwork01.openvpn.luzifer.io
 remote myserver.com 1194 udp
 
 [...]
@@ -79,8 +79,8 @@ remote myserver.com 1194 udp
 
 In case someone needs to get removed from your OpenVPN there is also a revoke:
 
-```bash
-# vault-openvpn --auto-revoke --pki-mountpoint luzifer_io revoke baduser.openvpn.luzifer.io
+```console
+$ vault-openvpn --auto-revoke --pki-mountpoint luzifer_io revoke baduser.openvpn.luzifer.io
 [...]
 2016/07/25 15:06:58 Found certificate 33:e1:0c:85:36:a5:c2:6b:05:85:f5:aa:9f:3b:f3:3a:a2:e0:ae:b0 with CN baduser.openvpn.luzifer.io
 2016/07/25 15:06:58 Revoked certificate 33:e1:0c:85:36:a5:c2:6b:05:85:f5:aa:9f:3b:f3:3a:a2:e0:ae:b0
@@ -89,31 +89,31 @@ In case someone needs to get removed from your OpenVPN there is also a revoke:
 
 To have revokes being executed by OpenVPN you need to periodically update the CRL file OpenVPN reads. For my solution see the `living-example` in the `example` folder.
 
-## Using Tls Auth
-OpenVPN highly recommends using TLS Authentication hardening, see https://community.openvpn.net/openvpn/wiki/GettingStartedwithOVPN#TLSAuthentication
+## Using TLS authentication
+OpenVPN highly recommends using TLS authentication hardening, see [GettingStartedwithOVPN](https://community.openvpn.net/openvpn/wiki/GettingStartedwithOVPN#TLSAuthentication).
 
-This requires the use of a pre-shared key, if you want to use it you will first need to generate tls auth key and then upload it to vault.
+This requires the use of a pre-shared key: If you want to use it, you will first need to generate a TLS authentication key and then upload it into vault:
 
-```bash
-openvpn --genkey --secret openvpn.key
-vault kv put secret/ovpn key=@openvpn.key
+```console
+$ openvpn --genkey --secret openvpn.key
+$ vault kv put secret/ovpn key=@openvpn.key
 ```
 
-In the above example we call the secret "ovpn" but you can call it anything you want, so long as its a known value.
-The key must be placed into both the client and server configurations and must match, edit both config templates to include a section as shown below
+In the above example we call the secret "ovpn" but you can call it anything you want, as long as it is a known value.
+The key must be placed into both the client and server configurations and must match. Edit both config templates to include a section as shown below:
 
 ```
 <tls-auth>
-{{ .TlsAuth }}
+{{ .TLSAuth }}
 </tls-auth>
 ```
 
 Now run vault-openvpn passing in the name of the secret that holds our key, e.g.
 
-```bash
+```console
 # for the server config
-vault-openvpn --auto-revoke --ovpn-key ovpn --pki-mountpoint luzifer_io server edda.openvpn.luzifer.io
+$ vault-openvpn --auto-revoke --ovpn-key secret/ovpn --pki-mountpoint luzifer_io server edda.openvpn.luzifer.io
 
-# and for the client config
-vault-openvpn --auto-revoke --ovpn-key ovpn --pki-mountpoint luzifer_io client workwork01.openvpn.luzifer.io
+# for the client config
+$ vault-openvpn --auto-revoke --ovpn-key secret/ovpn --pki-mountpoint luzifer_io client workwork01.openvpn.luzifer.io
 ```