ib: bump `docker/ib/README.rst`

For the new github image, a high-level look at its basic
features/usage/docs and prosing around our expected default usage with
the `piker.brokers.ib` backend.

dockering/ib/README.rst

@@ -1,30 +1,71 @@
 running ``ib`` gateway in ``docker``
 ------------------------------------
-We have a config based on the (now defunct)
-image from "waytrade":
+We have a config based on a well maintained community
+image from `@gnzsnz`:
 
-https://github.com/waytrade/ib-gateway-docker
+https://github.com/gnzsnz/ib-gateway-docker
 
-To startup this image with our custom settings
-simply run the command::
+
+To startup this image simply run the command::
 
     docker compose up
 
-And you should have the following socket-available services:
+(For further usage^ see the official `docker-compose`_ docs)
 
-- ``x11vnc1@127.0.0.1:3003``
-- ``ib-gw@127.0.0.1:4002``
 
-You can attach to the container via a VNC client
-without password auth.
+And you should have the following socket-available services by
+default:
 
-SECURITY STUFF!?!?!
--------------------
-Though "``ib``" claims they host filter connections outside
-localhost (aka ``127.0.0.1``) it's probably better if you filter
-the socket at the OS level using a stateless firewall rule::
+- ``x11vnc1 @ 127.0.0.1:5900``
+- ``ib-gw @ 127.0.0.1:4002``
+
+You can now attach to the container via a VNC client with password-auth;
+here is an example using ``vncclient`` on ``linux``::
+
+    vncviewer localhost:5900
+
+
+now enter the pw you set via an (see second code blob) `.env file`_
+or pw-file according to the `credentials section`_.
+
+If you want to change away from their default config see the example
+`docker-compose.yml`-config issue and config-section of the readme,
+
+  - https://github.com/gnzsnz/ib-gateway-docker?tab=readme-ov-file#configuration
+  - https://github.com/gnzsnz/ib-gateway-docker/discussions/103
+
+.. _.env file: https://github.com/gnzsnz/ib-gateway-docker?tab=readme-ov-file#how-to-use-it
+.. _docker-compose: https://docs.docker.com/compose/
+.. _credentials section: https://github.com/gnzsnz/ib-gateway-docker?tab=readme-ov-file#credentials
+
+
+IF you also want to run ``TWS``
+-------------------------------
+You can also run it containerized,
+
+https://github.com/gnzsnz/ib-gateway-docker?tab=readme-ov-file#using-tws
+
+
+SECURITY stuff (advanced, only if you're paranoid)
+--------------------------------------------------
+First and foremost if doing a "distributed" container setup where you
+run the ``ib-gw`` docker container and your connecting API client
+(likely ``ib_async`` from python) on **different hosts** be sure to
+read the `security considerations`_ section!
+
+And for a further (somewhat paranoid) perspective from
+a long-time-ago serious devops eng..
+
+Though "``ib``" claims they filter remote host connections outside
+``localhost`` (aka ``127.0.0.1`` on ipv4) it's prolly justified if
+you'd like to filter the socket at the *OS level* using a stateless
+firewall rule::
 
     ip rule add not unicast iif lo to 0.0.0.0/0 dport 4002
 
-We will soon have this baked into our own custom image but for
-now you'll have to do it urself dawgy.
+
+We will soon have this either baked into our own custom derivative
+image (or patched into the current upstream one after further testin)
+but for now you'll have to do it urself, diggity dawg.
+
+.. _security considerations: https://github.com/gnzsnz/ib-gateway-docker?tab=readme-ov-file#security-considerations