diff --git a/.gitlab/issue_templates/release.md b/.gitlab/issue_templates/release.md
index 50f0f9dbdb3e1b1cbfbe3da33f9e5ae4c86ca6d3..bcf15d3ca3ccf78927fb6d3539abb80b8adc138f 100644
--- a/.gitlab/issue_templates/release.md
+++ b/.gitlab/issue_templates/release.md
@@ -1,9 +1,12 @@
 # Release checklist:
 
-Changes to do on the master branch before releasing:
+## Changes to do on the master branch before releasing
 
-* [ ] update/review `docs/*` and make sure it matches the current state
-  * Update how to checkout the latest stable tag
+Create a MR for the master branch with the following changes:
+
+* update/review `docs/*` and make sure it matches the current state
+  * [ ] Update how to checkout the latest stable tag
+  * [ ] Document how to upgrade in `docs/upgrade.md`
 * [ ] Update dependencies in `requirements-stable.txt`
   1. Create a new `virtualenv` and activate it
   2. Run `pip3 install -r requirements.txt`
@@ -11,23 +14,28 @@ Changes to do on the master branch before releasing:
 * [ ] update [CHANGELOG.md](https://keepachangelog.com/en/1.0.0/)
   * Include `Known issues`
 * [ ] update the version number in the `VERSION` file
-* [ ] commit (signed)
-* [ ] Push to MR, including tag
+  * [ ] commit (signed)
+* [ ] Push to MR
+* [ ] Wait for MR to get merged into master
+
+## Changes to do in the new release branch
+
+* [ ] If this is a major release, create a new release branch (i.e. `v0.5`)
 
-Then, create a release branch, pin deps, and tag the release:
+Create a MR for the new branch with the following changes:
 
-* [ ] If this is a major release, create a new release branch (`v0.4`, etc.).
 * [ ] Ensure all dependencies are updated and locked (locking should be done
     only on the release branch):
   * [ ] chart versions in `flux/*`
   * [ ] in `ansible/group_vars/all/oas.yml`: `flux_source.branch` should be set to the release branch
 * [ ] Make sure the pipeline succeeds for the last commit before tagging. This
       is important because tags should not get retagged !
-* [ ] create signed tag (`git tag -s 0.2.0 -m 'Release 0.2.0'`)
-* [ ] Log into readthedocs.org and update documentation for tagged versions
+* [ ] create and push signed tag (`git tag -s 0.2.0 -m 'Release 0.2.0'`)
+* [ ] Wait for MR to get merged
 
-After release:
+## After release
 
+* [ ] Log into https://readthedocs.org and update documentation for tagged versions
 * [ ] Cherry-pick all changes from the release branch into master which
       shouldn't be only in the 0.4.0 branch (i.e. not the commit locking the
       dependencies)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index fc3d933024d3f3b76814e33fb339eab32e60f8c1..a7ad5551644c7e3533b3e38946a68f194c7bcab0 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,26 @@
 # Changelog
 
+## [0.5.0] - 2020-09-17
+
+* Added automatic smtp config for nextcloud
+* Updated k3s version to 1.18.6+k3s1
+  * Updated kubernetes to 1.18.6
+* Updated applications:
+  * wordpress: 5.4.1
+  * nextcloud: 17.0
+  * flux: 1.20.2
+  * helm-operator: 1.2.0
+  * ingress-nginx: 0.35.0
+* Use metallb instead of servicelb in order to get ingress source IP and
+  allow IP based access controll
+* Allow second flux instance for managing additional applications
+* Allow k3s kubelet args
+* Allow custom extra values for helm charts
+* Added advanced installation docs
+* Separated ansible playbooks for Kubernetes and OpenAppStack (re-)installation
+* Increased installation and general stability
+
+
 ## [0.4.0] - 2020-06-11
 
 * Replaced [local-storage
diff --git a/VERSION b/VERSION
index 1d0ba9ea182b0f7354f3daf12120744ec5e0c2f8..8f0916f768f0487bcf8d33827ce2c8dcecb645c1 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-0.4.0
+0.5.0
diff --git a/docs/installation_instructions.rst b/docs/installation_instructions.rst
index c5094e53a711c119d77e0b4fa5de59a23995c4c8..026ea4c50bc4abfbc223dfd77e029591ada62b96 100644
--- a/docs/installation_instructions.rst
+++ b/docs/installation_instructions.rst
@@ -66,18 +66,13 @@ Getting the installation script
 -------------------------------
 
 On your **provisioning machine**, clone the OpenAppStack git repository
-and checkout the latest tagged version (currently ``0.4.0``):
+and checkout the latest release branch (currently ``v0.5``):
 
 ::
 
-    $ git clone -b 0.4.0 https://open.greenhost.net/openappstack/openappstack.git
+    $ git clone -b v0.5 https://open.greenhost.net/openappstack/openappstack.git
     $ cd openappstack
 
-.. note::
-  Git will display a warning after you use the ``git`` command saying that you
-  are in a *detached HEAD* state. This is perfectly normal and you can proceed
-  without any further actions.
-
 Create a python virtual environment called "env" that uses python 3.
 This makes sure we do not change any of your other python projects. The
 second command "activates" the virtualenv.
diff --git a/docs/upgrading.md b/docs/upgrading.md
index c1963bac0e10ef2ec877602ed0d11c8f43213483..db7f9616330ada3e8d3296d82896ce25f4ec4d29 100644
--- a/docs/upgrading.md
+++ b/docs/upgrading.md
@@ -1,5 +1,24 @@
 # Upgrading OpenAppStack
 
+## General considerations before upgrading
+
+Include all potential new values of `ansible/group_vars/all/settings.yml.example`
+in your `clusters/YOUR_CLUSTERNAME/group_vars/all/settings.yml`.
+To find the differences (requires [python yq package](https://pypi.org/project/yq/)):
+
+    yq -y -rS . clusters/YOURCLUSTER/group_vars/all/settings.yml > /tmp/mine.yml
+    yq -y -rS . ansible/group_vars/all/settings.yml.example > /tmp/upstream.yml
+    diff /tmp/mine.yml /tmp/upstream.yml
+
+Before you upgrade please look at the `CHANGELOG.md` file to review what changed
+between the versions.
+
+## Upgrading from 0.4.0 to 0.5.0
+
+Unfortunatly we can't ensure a smooth upgrade for this version neither.
+Please read the section below on how to do an upgrade by installing a the new
+OAS version from scratch after backing up your data.
+
 ## Upgrading from 0.3.0 to 0.4.0
 
 There is no easy upgrade path from version 0.3.0 to version 0.4.0. As far as we
@@ -97,8 +116,5 @@ intervention.
 
 ## Troubleshooting
 
-If you encounter problems when you upgrade your cluster, please make sure first
-to include all potential new values of
-`ansible/group_vars/all/settings.yml.example` to your
-`clusters/YOUR_CLUSTERNAME/group_vars/all/settings.yml`, and rerun the
-installation script.
+If you encounter problems when you upgrade your cluster, please try again
+running the installation procedure before reporting an issue.
diff --git a/docs/usage.md b/docs/usage.md
index e8c01e05a9f006461d7a1cd2254e659397727c1d..b4a88290bf76f9a3f0a1fcb53d639bb7572e03e3 100644
--- a/docs/usage.md
+++ b/docs/usage.md
@@ -66,39 +66,6 @@ document editing suite. Your can open documents in Onlyoffice by clicking them i
 [Rocketchat](https://rocket.chat/) is a team chat application and available at
 https://chat.oas.example.org.
 
-#### Single sign-on
-
-Until we [fully automate SSO integration for Rocketchat](https://open.greenhost.net/openappstack/openappstack/issues/516)
-manual intervention is neccessary to activate it. You need to follow these steps once:
-
-- Log in as `admin` using the `rocketchat_admin_password` from your secrets
-  folder.
-- On the top left side click on the `Options` button (three dots) and then click
-  on `Administration`
-- In the left menu scroll down and click on `OAuth` (not `oauth apps`)
-- Click on `add custom oauth` and enter `Openappstack`
-- Click on the newly added `Custom OAuth: Openappstack` provider
-- Change the following settings (leave all others like they are):
-  - Enable: `True`
-  - URL: `https://sso.oas.example.org` (change `oas.example.org` to your domain)
-  - Token Path: `/oauth2/token`
-  - Identity Path: `/userinfo`
-  - Authorize Path: `/oauth2/auth`
-  - Scope: `openid profile openappstack_roles email`
-  - Id: `rocketchat`
-  - Secret: Paste the `rocketchat_oauth_client_secret` from your secrets folder
-  - Login Style: `Redirect`
-  - Button Text: `Login with OpenAppStack`
-  - Username field: `preferred_username`
-  - Name field: `name`
-  - Roles/Groups field name: `openappstack_roles`
-  - Merge roles from SSO: `True`
-  - Merge users: `True`
-- Click `Save changes`, log out and you are done.
-
-Next time you log in to Rocketchat you will be able to use single sign-on using
-the `Login` button.
-
 ### Known issues
 
 - [Rocketchat isn't configured yet to send out email notifications](https://open.greenhost.net/openappstack/openappstack/issues/510)