diff --git a/docs/installation/auth/dependencies.md b/docs/installation/auth/dependencies.md
index 8627ceed..126a158d 100644
--- a/docs/installation/auth/dependencies.md
+++ b/docs/installation/auth/dependencies.md
@@ -25,6 +25,17 @@ Required for displaying web content
apache2 libapache2-mod-php5 libapache2-mod-wsgi
### PHP
+
+```eval_rst
+.. note::
+ If you are not planing to install either phpBB, smf, evernus alliance market, etc do not install these modules.
+```
+
+```eval_rst
+.. important::
+ If you are not planing to use SeAT; php7.0 is the minimum required.
+```
+
Required for phpBB, smf, evernus alliance market, etc
php5 php5-gd php5-mysqlnd php5-curl php5-gd php5-intl php-pear php5-imagick php5-imap php5-mcrypt php5-memcache php5-ming php5-ps php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl
diff --git a/docs/installation/services/discourse.md b/docs/installation/services/discourse.md
index 06b15a22..8245f2e0 100644
--- a/docs/installation/services/discourse.md
+++ b/docs/installation/services/discourse.md
@@ -65,6 +65,11 @@ Now build:
sudo ./launcher bootstrap app
sudo ./launcher start app
+#### Errors:
+in case you run into not enough RAM for the docker bootstraping you might want to consider using `./discourse-setup` command. It will start bootstraping and is going to create the `/containers/app.yml` which you can edit.
+Note: every time you change something in the `app.yml` you must bootstrap again which will take between *2-8 minutes* and is accomplished by `./launcher rebuild app`.
+
+***
## Apache config
Discourse must run on its own subdomain - it can't handle routing behind an alias like '/forums'. To do so, make a new apache config:
@@ -81,9 +86,59 @@ And enter the following, changing the port if you used a different number:
Now enable proxies and restart apache:
+ sudo a2ensite discourse
sudo a2enmod proxy_http
sudo service apache2 reload
+### Setting up SSL
+
+It is 2017 and there is no reason why you should not setup a SSL certificate and enforce https. You may want to consider certbot with Let's encrypt: https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-16-04
+
+ sudo certbot --apache -d example.com
+
+now adapt the apache configuration:
+
+ sudo nano /etc/apache2/sites-enabled/discourse.conf
+
+and adapt it followlingly:
+
+
+ ServerName discourse.example.com
+ RewriteEngine on
+ RewriteCond %{SERVER_NAME} =discourse.example.com
+ RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
+
+
+Then adapt change the ssl-config file:
+
+ sudo nano /etc/apache2/sites-enabled/discourse-le-ssl.conf
+
+and adapt it followlingly:
+
+
+
+ ServerName discourse.example.com
+ ProxyPass / http://127.0.0.1:7890/
+ ProxyPassReverse / http://127.0.0.1:7890/
+ ProxyPreserveHost On
+ RequestHeader set X-FORWARDED-PROTOCOL https
+ RequestHeader set X-FORWARDED-SSL on
+ SSLCertificateFile /etc/letsencrypt/live/discourse.example.com/fullchain.pem
+ SSLCertificateKeyFile /etc/letsencrypt/live/discourse.example.com/privkey.pem
+ Include /etc/letsencrypt/options-ssl-apache.conf
+
+
+
+make sure that `a2enmod headers` is enabled and run:
+
+ sudo service apache2 restart
+
+Now you are all set-up and can even enforce https in discourse settings.
+
+
+
+
+
## Configure API
### Generate admin account
@@ -108,6 +163,7 @@ Scroll down to the Discourse section and set the following:
- `DISCOURSE_API_USERNAME`: the username of the admin account you generated the API key with
- `DISCOURSE_API_KEY`: the key you just generated
+***
### Configure SSO
Navigate to `discourse.example.com` and log in. Back to the admin site, scroll down to find SSO settings and set the following:
@@ -120,6 +176,7 @@ Save, now change settings.py and add the following:
### Enable for your members
-Set either or both of `ENABLE_AUTH_DISCOURSE` and `ENABLE_BLUE_DISCOURSE` in settings.py for your members to gain access. Save and exit with control+o, enter, control+x.
+Assign discourse permissions for each auth-group that should have access to discourse.
+You might want to setup Read/Write/Delete rights per Auth group in discourse as you can limit which categories shall be accessablie per auth-group.
## Done