diff --git a/README.md b/README.md
index e4995ec..36d995c 100644
--- a/README.md
+++ b/README.md
@@ -18,6 +18,9 @@
     - [Clone \& configure initially](#clone--configure-initially)
     - [Fist run](#fist-run)
   - [Upgrade](#upgrade)
+    - [Test](#test)
+    - [Prod](#prod)
+  - [Disaster recovery / restore](#disaster-recovery--restore)
   - [Rebuild containers locally](#rebuild-containers-locally)
 
 ## Prerequisites
@@ -164,8 +167,6 @@ sed -i -e 's/^#duration_expr/duration_expr/g' /etc/crowdsec/profiles.yaml \
 
 Setup notifications:
 
-
-
 ## Installation
 
 ### Clone & configure initially
@@ -209,13 +210,74 @@ docker compose build --no-cache \
 
 ## Upgrade
 
-1. Update `AUTHENTIK_TAG` to the desired tag in `env.template`.
+### Test
+
+1. Update `AUTHENTIK_TAG` to the desired tag in `env.test.template`.
 2. Commit & push changes to the Repo.
-3. Run `diff --color='auto' env.template .env` to display the diff between
-`env.template` and `.env`.
-4. Port the made changes to `.env`.
-5. `docker compose down`
-6. `docker compose up -d; docker compose logs -f`
+3. Run `diff --color='auto' env.test.template .env` to display the diff between
+`env.test.template` and `.env`.
+1. Port the made changes to `.env`.
+2. `docker-compose-2.32.4 down`
+3. `docker-compose-2.32.4 up -d; docker-compose-2.32.4 logs -f`
+
+### Prod
+
+1. Update `AUTHENTIK_TAG` to the desired tag in `env.prod.template`.
+2. Commit & push changes to the Repo.
+3. Run `diff --color='auto' env.prod.template .env` to display the diff between
+`env.prod.template` and `.env`.
+1. Port the made changes to `.env`.
+2. `docker compose down`
+3. `docker compose up -d; docker compose logs -f`
+
+## Disaster recovery / restore
+
+**IMPORTANT:**  
+You've to use different docker cli clients on prod/test.
+
+- Prod
+  - Docker: `docker`
+  - Docker compose: `docker compose`
+- Test
+  - Docker: `docker`
+  - Docker compose: `docker-compose-2.32.4`
+
+For the ease of readability I'll use `docker` and `docker compose` in the documentation below,
+please repalce it for restores on test!
+
+1. Run the restore cli
+   ```shell
+   docker compose run --rm restore-cli
+   ```
+2. Run the restore command and follow it's instructions
+   ```shell
+   restore
+   ```
+3. If the restore was successfull, exit the restore container.  
+   **DO NOT START THE APPLICATION YET!**
+4. Run the PostgreSQL container without starting the main application
+   ```shell
+    docker compose run --rm postgresql
+   ```
+5. Open another shell in the sso git directory.
+6. Execute a shell in the running PostgreSQL container (replace `<containerid>` with the actual container id)
+   ```shell
+   docker exec -it sso-base23-de-postgresql-run-<containerid> bash
+   ```
+7. If the database already contains data, delete an recreate it:
+   ```shell
+   dropdb -U ${PG_USER:-authentik} ${PG_DB:-authentik}
+   createdb -U ${PG_USER:-authentik} ${PG_DB:-authentik}
+   ```
+8. Restore the database
+   ```shell
+   psql ${PG_USER:-authentik} -d ${PG_DB:-authentik} -f /var/lib/postgresql/backups/authentik.sql
+   ````
+9. After the database is restored, exit the container
+10. Now it's safe to start the complete application stack again
+    ```shell
+    docker compose up -d; docker compose logs -f
+    ```
 
 ## Rebuild containers locally