diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
index 1a95228..c89c1d2 100644
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -4,7 +4,7 @@ on:
   pull_request:
     branches: [master]
   push:
-    branches: [master, stable]
+    branches: [master, stable, legacy]
     # Publish vX.X.X tags as releases.
     tags: ["v*.*.*"]
 
diff --git a/.github/workflows/pages.yml b/.github/workflows/pages.yml
index 5e1f2ab..cbec92b 100644
--- a/.github/workflows/pages.yml
+++ b/.github/workflows/pages.yml
@@ -2,7 +2,11 @@ name: github-pages
 on:
   push:
     branches: [master]
-    tags: ["v*"]
+    tags:
+      - 'v*'
+      - '!v*-alpha*'
+      - '!v*-beta*'
+      - '!v*-rc*'
 
 permissions:
   contents: write
diff --git a/README.md b/README.md
index a42ae02..c5a2968 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-# WireGuard Portal (v2 - testing)
+# WireGuard Portal v2
 
 [![Build Status](https://github.com/h44z/wg-portal/actions/workflows/docker-publish.yml/badge.svg?event=push)](https://github.com/h44z/wg-portal/actions/workflows/docker-publish.yml)
 [![License: MIT](https://img.shields.io/badge/license-MIT-green.svg)](https://opensource.org/licenses/MIT)
@@ -8,14 +8,6 @@
 ![GitHub code size in bytes](https://img.shields.io/github/languages/code-size/h44z/wg-portal)
 [![Docker Pulls](https://img.shields.io/docker/pulls/h44z/wg-portal.svg)](https://hub.docker.com/r/wgportal/wg-portal/)
 
-> [!CAUTION]
-> Version 2 is currently under development and may contain bugs and breaking changes.
-> It is not advised to use this version in production. Use version [v1](https://github.com/h44z/wg-portal/tree/stable) instead.
-
-> [!IMPORTANT]
-> Since the project was accepted by the Docker-Sponsored Open Source Program, the Docker image location has moved to [wgportal/wg-portal](https://hub.docker.com/r/wgportal/wg-portal).
-> Please update the Docker image from **h44z/wg-portal** to **wgportal/wg-portal**.
-
 ## Introduction
 <!-- Text from this line # is included in docs/documentation/overview.md -->
 **WireGuard Portal** is a simple, web-based configuration portal for [WireGuard](https://wireguard.com) server management.
@@ -23,7 +15,7 @@ The portal uses the WireGuard [wgctrl](https://github.com/WireGuard/wgctrl-go) l
 interfaces. This allows for the seamless activation or deactivation of new users without disturbing existing VPN
 connections.
 
-The configuration portal supports using a database (SQLite, MySQL, MsSQL or Postgres), OAuth or LDAP
+The configuration portal supports using a database (SQLite, MySQL, MsSQL, or Postgres), OAuth or LDAP
 (Active Directory or OpenLDAP) as a user source for authentication and profile data.
 
 ## Features
@@ -44,7 +36,7 @@ The configuration portal supports using a database (SQLite, MySQL, MsSQL or Post
 * Handles route and DNS settings like wg-quick does
 * Exposes Prometheus metrics for monitoring and alerting
 * REST API for management and client deployment
-* Webhook for custom actions on peer, interface or user updates
+* Webhook for custom actions on peer, interface, or user updates
 
 <!-- Text to this line # is included in docs/documentation/overview.md -->
 ![Screenshot](docs/assets/images/screenshot.png)
@@ -68,3 +60,8 @@ For the complete documentation visit [wgportal.org](https://wgportal.org).
 ## License
 
 * MIT License. [MIT](LICENSE.txt) or <https://opensource.org/licenses/MIT>
+
+
+> [!IMPORTANT]
+> Since the project was accepted by the Docker-Sponsored Open Source Program, the Docker image location has moved to [wgportal/wg-portal](https://hub.docker.com/r/wgportal/wg-portal).
+> Please update the Docker image from **h44z/wg-portal** to **wgportal/wg-portal**.
diff --git a/docker-compose.yml b/docker-compose.yml
index 03a59a1..91981a2 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,7 +1,7 @@
 ---
 services:
   wg-portal:
-    image: wgportal/wg-portal:latest
+    image: wgportal/wg-portal:v2
     container_name: wg-portal
     restart: unless-stopped
     logging:
diff --git a/docs/documentation/configuration/overview.md b/docs/documentation/configuration/overview.md
index fa0c505..234660f 100644
--- a/docs/documentation/configuration/overview.md
+++ b/docs/documentation/configuration/overview.md
@@ -4,7 +4,7 @@ You can supply these configurations in a **YAML** file (e.g. `config.yaml`) when
 The path of the configuration file defaults to **config/config.yaml** (or config/config.yml) in the working directory of the executable.  
 It is possible to override configuration filepath using the environment variable `WG_PORTAL_CONFIG`.
 For example: `WG_PORTAL_CONFIG=/etc/wg-portal/config.yaml ./wg-portal`.  
-Also, environment variable substitution in config file is supported. Refer to [syntax](https://github.com/a8m/envsubst?tab=readme-ov-file#docs).
+Also, environment variable substitution in the config file is supported. Refer to [syntax](https://github.com/a8m/envsubst?tab=readme-ov-file#docs).
 
 Configuration examples are available on the [Examples](./examples.md) page.
 
@@ -15,6 +15,7 @@ Configuration examples are available on the [Examples](./examples.md) page.
 core:
   admin_user: admin@wgportal.local
   admin_password: wgportal
+  admin_api_token: ""
   editable_keys: true
   create_default_peer: false
   create_default_peer_on_creation: false
@@ -35,6 +36,7 @@ advanced:
   config_storage_path: ""
   expiry_check_interval: 15m
   rule_prio_offset: 20000
+  route_table_offset: 20000
   api_admin_only: true
 
 database:
@@ -42,6 +44,7 @@ database:
   slow_query_threshold: "0"
   type: sqlite
   dsn: data/sqlite.db
+  encryption_passphrase: ""
 
 statistics:
   use_ping_checks: true
@@ -79,6 +82,7 @@ web:
   session_secret: very_secret
   csrf_secret: extremely_secret
   request_logging: false
+  expose_host_info: false
   cert_file: ""
   key_File: ""
 
@@ -607,6 +611,10 @@ Without a valid `external_url`, the login process may fail due to CSRF protectio
 - **Default:** `false`
 - **Description:** Log all HTTP requests.
 
+### `expose_host_info`
+- **Default:** `false`
+- **Description:** Expose the hostname and version of the WireGuard Portal server in an HTTP header. This is useful for debugging but may expose sensitive information.
+
 ### `cert_file`
 - **Default:** *(empty)*
 - **Description:** (Optional) Path to the TLS certificate file.
diff --git a/docs/documentation/getting-started/binaries.md b/docs/documentation/getting-started/binaries.md
index 5b657c5..5aed082 100644
--- a/docs/documentation/getting-started/binaries.md
+++ b/docs/documentation/getting-started/binaries.md
@@ -3,23 +3,31 @@ These binary versions can be manually downloaded and installed.
 
 ## Download
 
+Make sure that you download the correct binary for your architecture. The available binaries are:
+
+- `wg-portal_linux_amd64` - Linux x86_64
+- `wg-portal_linux_arm64` - Linux ARM 64-bit
+- `wg-portal_linux_arm_v7` - Linux ARM 32-bit
+
 With `curl`:
 
-  ```shell
-  curl -L -o wg-portal https://github.com/h44z/wg-portal/releases/download/${WG_PORTAL_VERSION}/wg-portal_linux_amd64 
-  ```
+```shell
+curl -L -o wg-portal https://github.com/h44z/wg-portal/releases/download/${WG_PORTAL_VERSION}/wg-portal_linux_amd64 
+```
 
 With `wget`:
 
-  ```shell
-  wget -O wg-portal https://github.com/h44z/wg-portal/releases/download/${WG_PORTAL_VERSION}/wg-portal_linux_amd64
-  ```
+```shell
+wget -O wg-portal https://github.com/h44z/wg-portal/releases/download/${WG_PORTAL_VERSION}/wg-portal_linux_amd64
+```
 
 with `gh cli`:
 
-  ```shell
-  gh release download ${WG_PORTAL_VERSION} --repo h44z/wg-portal --output wg-portal --pattern '*amd64'
-  ```
+```shell
+gh release download ${WG_PORTAL_VERSION} --repo h44z/wg-portal --output wg-portal --pattern '*amd64'
+```
+
+
 
 ## Install
 
@@ -28,7 +36,7 @@ sudo mkdir -p /opt/wg-portal
 sudo install wg-portal /opt/wg-portal/
 ```
 
-## Unreleased
+## Unreleased versions (master branch builds)
+
+Unreleased versions can be fetched directly from the artifacts section of the [GitHub Workflow](https://github.com/h44z/wg-portal/actions/workflows/docker-publish.yml?query=branch%3Amaster).
 
-Unreleased versions could be downloaded from
-[GitHub Workflow](https://github.com/h44z/wg-portal/actions/workflows/docker-publish.yml?query=branch%3Amaster) artifacts also.
diff --git a/docs/documentation/getting-started/docker.md b/docs/documentation/getting-started/docker.md
index ab606b1..5b24df5 100644
--- a/docs/documentation/getting-started/docker.md
+++ b/docs/documentation/getting-started/docker.md
@@ -10,7 +10,7 @@ The recommended method for deploying WireGuard Portal is via Docker Compose for
 A sample docker-compose.yml (managing WireGuard interfaces directly on the host) is provided below:
 
 ```yaml
---8<-- "docker-compose.yml::17"
+--8<-- "docker-compose.yml::18"
 ```
 
 By default, the webserver is listening on port **8888**.
@@ -39,7 +39,7 @@ WireGuard Portal supports managing WireGuard interfaces through three distinct d
    ```yaml
    services:
      wg-portal:
-       image: wgportal/wg-portal:latest
+       image: wgportal/wg-portal:v2
        container_name: wg-portal
        ...
        cap_add:
@@ -65,7 +65,7 @@ WireGuard Portal supports managing WireGuard interfaces through three distinct d
    ```yaml
    services:
      wg-portal:
-       image: wgportal/wg-portal:latest
+       image: wgportal/wg-portal:v2
        container_name: wg-portal
        ...
        cap_add:
@@ -118,11 +118,11 @@ These are official releases of WireGuard Portal. They correspond to the GitHub t
 
 Once these tags show up in this repository, they will never change.
 
-For production deployments of WireGuard Portal, we strongly recommend using one of these tags, e.g. **wgportal/wg-portal:1.0.19**, instead of the latest or canary tags.
+For production deployments of WireGuard Portal, we strongly recommend using one of these tags, e.g. **wgportal/wg-portal:2.0.0**, instead of the latest or canary tags.
 
-If you only want to stay at the same major or major+minor version, use either `v[MAJOR]` or `[MAJOR].[MINOR]` tags. For example `v1` or `1.0`.
+If you only want to stay at the same major or major+minor version, use either `v[MAJOR]` or `[MAJOR].[MINOR]` tags. For example `v2` or `2.0`.
 
-Version **1** is currently **stable**, version **2** is in **development**.
+Version **2** is the current stable release. Version **1** has moved to legacy status and is no longer recommended.
 
 #### latest
 
diff --git a/docs/documentation/getting-started/reverse-proxy.md b/docs/documentation/getting-started/reverse-proxy.md
index 10b689d..e1fad58 100644
--- a/docs/documentation/getting-started/reverse-proxy.md
+++ b/docs/documentation/getting-started/reverse-proxy.md
@@ -44,7 +44,7 @@ services:
       - 'traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https'
 
   wg-portal:
-    image: wgportal/wg-portal:latest
+    image: wgportal/wg-portal:v2
     container_name: wg-portal
     restart: unless-stopped
     logging:
diff --git a/docs/documentation/monitoring/prometheus.md b/docs/documentation/monitoring/prometheus.md
index 03d618a..a360fcf 100644
--- a/docs/documentation/monitoring/prometheus.md
+++ b/docs/documentation/monitoring/prometheus.md
@@ -13,7 +13,7 @@ By default, WG-Portal exposes Prometheus metrics on port `8787` if interface/pee
 
 ## Prometheus Config
 
-Add following scrape job to your Prometheus config file:
+Add the following scrape job to your Prometheus config file:
 
 ```yaml
 # prometheus.yaml
diff --git a/docs/documentation/overview.md b/docs/documentation/overview.md
index 03456ac..a3c8b3e 100644
--- a/docs/documentation/overview.md
+++ b/docs/documentation/overview.md
@@ -1 +1 @@
---8<-- "README.md:20:47"
+--8<-- "README.md:12:41"
diff --git a/docs/documentation/upgrade/v1.md b/docs/documentation/upgrade/v1.md
index 4fd2c8a..096d10f 100644
--- a/docs/documentation/upgrade/v1.md
+++ b/docs/documentation/upgrade/v1.md
@@ -1,5 +1,4 @@
-For production deployments of WireGuard Portal, we strongly recommend using version 1.
-If you want to use version 2, please be aware that it is still a release candidate and not yet fully stable.
+Major upgrades between different versions may require special procedures, which are described in the following sections.
 
 ## Upgrade from v1 to v2
 
@@ -29,7 +28,7 @@ If you are using Docker, you can adapt the docker-compose.yml file to start the
 ```yaml
 services:
   wg-portal:
-    image: wgportal/wg-portal:latest
+    image: wgportal/wg-portal:v2
     # ... other settings
     restart: no
     command: ["-migrateFrom=/app/data/wg_portal.db"]
diff --git a/mkdocs.yml b/mkdocs.yml
index 5b285fd..9bafbe5 100644
--- a/mkdocs.yml
+++ b/mkdocs.yml
@@ -30,6 +30,15 @@ plugins:
   - minify:
       minify_html: true
   - swagger-ui-tag
+  - mike:
+      # These fields are all optional; the defaults are as below...
+      alias_type: symlink
+      redirect_template: null
+      deploy_prefix: ''
+      canonical_version: null
+      version_selector: true
+      css_dir: css
+      javascript_dir: js
 
 extra:
   version: