diff --git a/roles/vouch_proxy/README.md b/roles/vouch_proxy/README.md
new file mode 100644
index 0000000..8d4e11e
--- /dev/null
+++ b/roles/vouch_proxy/README.md
@@ -0,0 +1,16 @@
+# `finallycoffee.services.vouch-proxy`
+
+[Vouch-Proxy](https://github.com/vouch/vouch-proxy) can be used in combination with
+nginx' `auth_request` module to secure web services with OIDC/OAuth. This role runs
+vouch-proxys' official docker container.
+
+## Usage
+
+The `oauth` config section must be supplied in `vouch_proxy_oauth_config`, and the
+`vouch` config section can be overridden in `vouch_proxy_vouch_config`. For possible
+configuration values, see https://github.com/vouch/vouch-proxy/blob/master/config/config.yml_example.
+
+For an example nginx config, see https://github.com/vouch/vouch-proxy#installation-and-configuration.
+
+Passing container arguments in the same way as `community.docker.docker_container` is supported
+using the `vouch_proxy_container_[...]` prefix (e.g. `vouch_proxy_container_ports`).
diff --git a/roles/vouch-proxy/defaults/main.yml b/roles/vouch_proxy/defaults/main.yml
similarity index 100%
rename from roles/vouch-proxy/defaults/main.yml
rename to roles/vouch_proxy/defaults/main.yml
diff --git a/roles/vouch-proxy/handlers/main.yml b/roles/vouch_proxy/handlers/main.yml
similarity index 100%
rename from roles/vouch-proxy/handlers/main.yml
rename to roles/vouch_proxy/handlers/main.yml
diff --git a/roles/vouch-proxy/tasks/main.yml b/roles/vouch_proxy/tasks/main.yml
similarity index 100%
rename from roles/vouch-proxy/tasks/main.yml
rename to roles/vouch_proxy/tasks/main.yml