diff --git a/neo4j/content.md b/neo4j/content.md
index 45dac539a..dcb1e56f9 100644
--- a/neo4j/content.md
+++ b/neo4j/content.md
@@ -84,6 +84,7 @@ The following environment variables are available:
 -	`NEO4J_KEEP_LOGICAL_LOGS`: the retention policy for logical logs, defaults to `100M size`
 -	`NEO4J_AUTH`: controls authentication, set to `none` to disable authentication or `neo4j/<password>` to override the default password (see documentation [here](http://neo4j.com/docs/stable/rest-api-security.html))
 -	`NEO4J_THIRDPARTY_JAXRS_CLASSES`: URI mappings for unmanaged extensions (see below)
+-	`NEO4J_ALLOW_STORE_UPGRADE`: set to `true` to enable upgrades, defaults to `false` (see the [manual](http://neo4j.com/docs/stable/deployment-upgrading.html) for details)
 
 #### Enterprise Edition
 
@@ -125,6 +126,17 @@ For more complex customization of the image you can create a new image based on
 FROM neo4j
 ```
 
+If you need to make your own configuration changes, we provide a hook so you can do that in a script:
+
+	COPY extra_conf.sh /extra_conf.sh
+
+Then you can pass in the `EXTENSION_SCRIPT` environment variable at runtime to source the script:
+
+	docker run -e "EXTENSION_SCRIPT=/extra_conf.sh" cafe12345678
+
+When the extension script is sourced, the current working directory will be the root of the Neo4j installation.
+
+
 ## Neo4j HA
 
 (This feature is only available in Neo4j Enterprise Edition.)
@@ -169,3 +181,21 @@ The Neo4j shell can be run locally within a container using a command like this:
 ```console
 $ docker exec --interactive <container> bin/neo4j-shell
 ```
+
+## AppArmor
+
+Neo4j currently makes use of `lsof` to ensure the server is running and accepting connections on a given port. Some AppArmor configurations (specifically the default configuration on Linux Mint) prevent `lsof` from working as expected.
+
+A workaround is to run the docker image in privileged mode, by adding `--privileged=true` to the docker command line. This is a workaround that disables the security provided by AppArmor, and is not recommended for deployments.
+
+The current best known solution is to enable the use of ptrace in the docker profile of AppArmor. Do this by adding the following line to `/etc/init.d/docker`:
+
+    ptrace peer=docker-default,
+
+Add this line before the last curly brace, and restart docker.
+
+## HTTPS support
+
+To use your own key and certificate, provide an `/ssl` volume with the key and certificate inside. The key filename must end in `.key`, and the certificate in `.cert`. Only one of each file may be present. You must also publish port `7473` to access the HTTPS endpoint.
+
+    docker run --publish 7473:7473 --volume $HOME/neo4j/ssl:/ssl neo4j