Small improvements to documentation

[r-chris]

Could you please add another sentence to the README regarding auth_jwt_key_file? I am assuming right that it is basically just a replacement for auth_jwt_key, which reads the key from a file, but it's not immediately obvious if either or both can be provided.

Maybe it would be even better to get rid of auth_jwt_key_file all together and just check if auth_jwt_key could be a file path.

[max-lt]

Done, thanks for the suggestion (deferred at #6).