docs: add documentation for dockerhub (#2063)

* docs: add documentation for dockerhub

Signed-off-by: Ludovic Ortega <[email protected]>

* docs: typo fixes

---------

Signed-off-by: Ludovic Ortega <[email protected]>
Co-authored-by: sudo-kraken <[email protected]>

Author: M0NsTeRRR

docs/getting-started/docker.mdx

@@ -11,6 +11,10 @@ Details on how to install Docker can be found on the [official Docker website](h
 Refer to [Configuring Databases](/extending-jellyseerr/database-config#postgresql-options) for details on how to configure your database.
 :::
 
+:::info
+An alternative Docker image is available on Docker Hub for this project. You can find it at [Docker Hub Repository Link](https://hub.docker.com/r/seerr/seerr)
+:::
+
 ## Unix (Linux, macOS)
 :::warning
 Be sure to replace `/path/to/appdata/config` in the below examples with a valid host directory path. If this volume mount is not configured correctly, your Jellyseerr settings/data will not be persisted when the container is recreated (e.g., when updating the image or rebooting your machine).
@@ -71,7 +75,7 @@ docker run -d ...
 :::info
 All official Seerr images are cryptographically signed and include a verified [Software Bill of Materials (SBOM)](https://cyclonedx.org/).
 
-To confirm that the container image you are using is authentic and unmodified, please refer to the [Verifying Signed Images](/using-jellyseerr/advanced/verifying-signed-images) guide.
+To confirm that the container image you are using is authentic and unmodified, please refer to the [Verifying Signed Artifacts](/using-jellyseerr/advanced/verifying-signed-artifacts) guide.
 :::
 
 :::tip

docs/using-jellyseerr/advanced/verifying-signed-images.mdx renamed to docs/using-jellyseerr/advanced/verifying-signed-artifacts.mdx

@@ -1,19 +1,21 @@
 ---
-id: verifying-signed-images
-title: Verifying Signed Images
-sidebar_label: Verify Signed Images
-description: Learn how to verify Seerr's signed container images and SBOM attestations using Cosign, Docker, Podman, or Skopeo.
+id: verifying-signed-artifacts
+title: Verifying Signed Artifacts
+sidebar_label: Verify Signed Artifacts
+description: Learn how to verify Seerr's signed artifacts and SBOM attestations.
 ---
 
 import Tabs from '@theme/Tabs';
 import TabItem from '@theme/TabItem';
 
-# Verifying Signed Images
+# Verifying Signed Artifacts
+
+These artifacts are cryptographically signed using [Sigstore Cosign](https://docs.sigstore.dev/quickstart/quickstart-cosign/):
+- Container images
 
-All Seerr container images published to GitHub Container Registry (GHCR) are cryptographically signed using [Sigstore Cosign](https://docs.sigstore.dev/quickstart/quickstart-cosign/).
 This ensures that the images you pull are authentic, tamper-proof, and built by the official Seerr release pipeline.
 
-Each image also includes a CycloneDX SBOM (Software Bill of Materials) attestation, generated with [Trivy](https://aquasecurity.github.io/trivy/), providing transparency about all dependencies included in the image.
+Additionally each container image also includes a CycloneDX SBOM (Software Bill of Materials) attestation, generated with [Trivy](https://aquasecurity.github.io/trivy/), providing transparency about all dependencies included in the image.
 
 ---
 
@@ -22,37 +24,40 @@ Each image also includes a CycloneDX SBOM (Software Bill of Materials) attestati
 You will need the following tools installed:
 
 - [Cosign](https://docs.sigstore.dev/cosign/system_config/installation/)
+
+To verify images:
+
 - [Docker](https://docs.docker.com/get-docker/) **or**
 - [Podman](https://podman.io/getting-started/installation) (including [Skopeo](https://github.com/containers/skopeo/blob/main/install.md))
 
-```bash
-cosign version
-```
+---
 
-If using **Podman**, ensure `skopeo` is available:
+# Verifying Signed Images
 
-```bash
-skopeo --version
-```
+All Seerr container images published to GitHub Container Registry (GHCR) are cryptographically signed using [Sigstore Cosign](https://docs.sigstore.dev/quickstart/quickstart-cosign/).
+This ensures that the images you pull are authentic, tamper-proof, and built by the official Seerr release pipeline.
+
+Each image also includes a CycloneDX SBOM (Software Bill of Materials) attestation, generated with [Trivy](https://aquasecurity.github.io/trivy/), providing transparency about all dependencies included in the image.
 
 ---
 
-## Image Locations
+### Image Locations
 
 Official Seerr images are available from:
 
 - GitHub Container Registry (GHCR): `ghcr.io/seerr-team/seerr:<tag>`
+- Docker Hub: `seerr/seerr:<tag>`
 
 You can view all available tags on the [Seerr Releases page](https://github.com/seerr-team/seerr/releases).
 
 ---
 
-## Verifying a Specific Release Tag
+### Verifying a Specific Release Tag
 
 Each tagged release (for example `v2.7.4`) is immutable and cryptographically signed.
 Verification should always be performed using the image digest (SHA256).
 
-### Retrieve the Image Digest
+#### Retrieve the Image Digest
 
 <Tabs groupId="verify-methods">
   <TabItem value="docker" label="Docker">
@@ -78,7 +83,7 @@ sha256:abcd1234...
 
 ---
 
-### Verify the Image Signature
+#### Verify the Image Signature
 
 <Tabs groupId="registry-methods">
   <TabItem value="ghcr" label="GitHub Container Registry (GHCR)">
@@ -112,14 +117,14 @@ The following checks were performed:
 
 ---
 
-## Verifying the `latest` Tag
+### Verifying the `latest` Tag
 
 :::warning Latest Tag Warning
 The `latest` tag is **mutable**, meaning it will change with each new release.
 Always verify the digest that `latest` currently points to.
 :::
 
-### Retrieve the Digest for `latest`
+#### Retrieve the Digest for `latest`
 
 <Tabs groupId="verify-methods">
   <TabItem value="docker" label="Docker">
@@ -143,7 +148,7 @@ Example output:
 sha256:abcd1234...
 ```
 
-### Verify the Signature
+#### Verify the Signature
 
 <Tabs groupId="registry-methods">
   <TabItem value="ghcr" label="GHCR">
@@ -171,11 +176,11 @@ The wildcard `v.*` ensures verification works for any versioned release that `la
 
 ---
 
-## Verifying SBOM Attestations
+### Verifying SBOM Attestations
 
 Each image includes a CycloneDX SBOM attestation.
 
-### Verify the Attestation
+#### Verify the Attestation
 
 ```bash
 cosign verify-attestation ghcr.io/seerr-team/seerr@sha256:abcd1234... \
@@ -193,7 +198,7 @@ The following checks were performed:
 - Certificate issued by Fulcio to the expected workflow identity
 :::
 
-### Extract the SBOM for Inspection
+#### Extract the SBOM for Inspection
 
 ```bash
 cosign verify-attestation ghcr.io/seerr-team/seerr@sha256:abcd1234... \
@@ -206,7 +211,7 @@ You can open `sbom.json` in a CycloneDX viewer or analyse it with [Trivy](https:
 
 ---
 
-## Expected Certificate Identity
+### Expected Certificate Identity
 
 The expected certificate identity for all signed Seerr images is:
 
@@ -222,7 +227,7 @@ This confirms that the image was:
 
 ---
 
-## Troubleshooting
+### Troubleshooting
 
 | Issue | Likely Cause | Suggested Fix |
 |-------|---------------|----------------|
@@ -233,7 +238,7 @@ This confirms that the image was:
 
 ---
 
-## Example: Full Verification Flow
+### Example: Full Verification Flow
 
 <Tabs groupId="verify-examples">
   <TabItem value="docker" label="Docker">