diff --git a/README.md b/README.md
index 715b2af240a76cdd8cc516bdb2121ed0e8e8155c..f63bef3452aab0d699226deafbb2f742f2f59334 100644
--- a/README.md
+++ b/README.md
@@ -44,68 +44,68 @@ template.
 
 ```yaml
 # web server configuration. 
-server:
+Server:
  # disable TLS if termination happens somehwere else (e.g. a load balancer)
- # note: rdp connections over a gateway require TLS
- disableTLS: false
+ # Note: rdp connections over a gateway require TLS
+ DisableTLS: false
  # TLS certificate files
- certFile: server.pem
- keyFile: key.pem
+ CertFile: server.pem
+ KeyFile: key.pem
  # gateway address advertised in the rdp files
- gatewayAddress: localhost
+ GatewayAddress: localhost
  # port to listen on (change to 80 or equivalent if not using TLS)
- port: 443
+ Port: 443
  # list of acceptable desktop hosts to connect to
- hosts:
+ Hosts:
   - localhost:3389
   - my-{{ preferred_username }}-host:3389
   # Allow the user to connect to any host (insecure)
   - any 
  # if true the server randomly selects a host to connect to
- roundRobin: false 
+ RoundRobin: false 
  # a random strings of at least 32 characters to secure cookies on the client
  # make sure to share this across the different pods
- sessionKey: thisisasessionkeyreplacethisjetzt
- sessionEncryptionKey: thisisasessionkeyreplacethisnunu!
+ SessionKey: thisisasessionkeyreplacethisjetzt
+ SessionEncryptionKey: thisisasessionkeyreplacethisnunu!
   # where to store session details. This can be either file or cookie (default: cookie)
   # if a file store is chosen, it is required to have clients 'keep state' to the rdpgw
   # instance they are connected to.
- sessionStore: cookie
+ SessionStore: cookie
   # tries to set the receive / send buffer of the connections to the client
  # in case of high latency high bandwidth the defaults set by the OS might
  # be to low for a good experience
- # receiveBuf: 12582912
- # sendBuf: 12582912 
+ # ReceiveBuf: 12582912
+ # SendBuf: 12582912 
 # Open ID Connect specific settings
-openId:
- providerUrl: http://keycloak/auth/realms/test
- clientId: rdpgw
- clientSecret: your-secret
+OpenId:
+ ProviderUrl: http://keycloak/auth/realms/test
+ ClientId: rdpgw
+ ClientSecret: your-secret
 # enabled / disabled capabilities
-caps:
- smartCardAuth: false
- tokenAuth: true
+Caps:
+ SmartCardAuth: false
+ TokenAuth: true
  # connection timeout in minutes, 0 is limitless
- idleTimeout: 10
- enablePrinter: true
- enablePort: true
- enablePnp: true
- enableDrive: true
- enableClipboard: true
-client:
+ IdleTimeout: 10
+ EnablePrinter: true
+ EnablePort: true
+ EnablePnp: true
+ EnableDrive: true
+ EnableClipboard: true
+Client:
   # this is a go string templated with {{ username }} and {{ token }}
   # the example below uses the ASCII field separator to distinguish
   # between user and token 
-  usernameTemplate: "{{ username }}@bla.com\x1f{{ token }}"
+  UsernameTemplate: "{{ username }}@bla.com\x1f{{ token }}"
   # rdp file settings see: 
   # https://docs.microsoft.com/en-us/windows-server/remote/remote-desktop-services/clients/rdp-files
-  networkAutoDetect: 0
-  bandwidthAutoDetect: 1
+  NetworkAutoDetect: 0
+  BandwidthAutoDetect: 1
   ConnectionType: 6
   # If true puts splits "user@domain.com" into the user and domain component so that
   # domain gets set in the rdp file and the domain name is stripped from the username
   SplitUserDomain: false
-security:
+Security:
   # a random string of at least 32 characters to secure cookies on the client
   # make sure to share this amongst different pods
   PAATokenSigningKey: thisisasessionkeyreplacethisjetzt
diff --git a/dev/docker/rdpgw.yaml b/dev/docker/rdpgw.yaml
index cac7822fc853ad824aff262119b75e7b25445f25..ee53f9c4344e2aa3112bfa701e524ca0645ac88e 100644
--- a/dev/docker/rdpgw.yaml
+++ b/dev/docker/rdpgw.yaml
@@ -1,23 +1,23 @@
-server:
- certFile: /opt/rdpgw/server.pem
- keyFile: /opt/rdpgw/key.pem
- gatewayAddress: localhost:9443
- port: 9443
- hosts:
+Server:
+ CertFile: /opt/rdpgw/server.pem
+ KeyFile: /opt/rdpgw/key.pem
+ GatewayAddress: localhost:9443
+ Port: 9443
+ Hosts:
   - xrdp:3389
- roundRobin: false
- sessionKey: thisisasessionkeyreplacethisjetz
- sessionEncryptionKey: thisisasessionkeyreplacethisnunu
-openId:
- providerUrl: http://keycloak:8080/auth/realms/rdpgw
- clientId: rdpgw
- clientSecret: 01cd304c-6f43-4480-9479-618eb6fd578f
-client:
- usernameTemplate: "{{ username }}"
- networkAutoDetect: 0
- bandwidthAutoDetect: 1
+ RoundRobin: false
+ SessionKey: thisisasessionkeyreplacethisjetz
+ SessionEncryptionKey: thisisasessionkeyreplacethisnunu
+OpenId:
+ ProviderUrl: http://keycloak:8080/auth/realms/rdpgw
+ ClientId: rdpgw
+ ClientSecret: 01cd304c-6f43-4480-9479-618eb6fd578f
+Client:
+ UsernameTemplate: "{{ username }}"
+ NetworkAutoDetect: 0
+ BandwidthAutoDetect: 1
  ConnectionType: 6
-security:
+Security:
   PAATokenSigningKey: prettypleasereplacemeinproductio
-caps:
- tokenAuth: true
+Caps:
+ TokenAuth: true