Describe sharding-related attributes in config

README.md

@@ -103,8 +103,11 @@ default from */etc/keystore/dovecot.yml*:
 * `ldap`: LDAP backend configuration, see above
 * `keystore`: configures the connection to the keystore service
   * `url`: URL for the keystore service
+  * `sharded`: if true, requests to the keystore service will be
+    partitioned according to the user's *shard* attribute
   * `tls_config`: client TLS configuration
     * `cert`: path to the client certificate
     * `key`: path to the private key
     * `ca`: path to the CA used to validate the server
-
+* `shard`: shard identifier for the local host. Must be set if
+  keystore.sharded is true.

dovecot/keyproxy.go

@@ -28,6 +28,9 @@ type Database interface {
 }
 
 func (c *Config) check() error {
+	if c.Keystore == nil {
+		return errors.New("missing keystore config")
+	}
 	if c.LDAPConfig == nil {
 		return errors.New("missing backend config")
 	}