diff --git a/doc/admin-server.md b/doc/admin-server.md
index 7fb0801..7b29771 100644
--- a/doc/admin-server.md
+++ b/doc/admin-server.md
@@ -1,7 +1,7 @@
 # Installing the Admin server
 
 ## Prerequisites 
-The installation script assumes a installed and configured openSUSE Leap 15.3 x86_64.
+The installation script assumes a installed and configured openSUSE Leap 15.3 x86_64 with Gnome desktop.
 My setup has two NIC and one wifi.
  - `eth0` is connected to the lab switch, internal network
  - `eth1` is going to be the external interface
diff --git a/doc/salt-states.md b/doc/salt-states.md
index 95bac3b..f591bfe 100644
--- a/doc/salt-states.md
+++ b/doc/salt-states.md
@@ -78,3 +78,144 @@ Installs nfs-server and creates a backup export `/srv/exports/backups	<internal
 ## nginx
 Installs nginx and configures the www.suse.lan web site
 
+## packages
+installs additional packages 
+```
+# salt/pillars/packages.sls
+packages:
+  - vim
+  - jq
+```
+
+## podman
+Installs podman and configures it to use the [docker registry proxy](#docker) 
+
+## rancher
+Installs rancher server in a podman container, creates a systemd unit called `rancher` 
+The container redirects host port `6080->80` and `6443->443` to the container.
+It also adds a [nginx](#nginx) reverse proxy configuration to `rancher.suse.lan` 
+```
+# salt/pillars/rancher.sls
+rancher:
+  ca_passphrase: rancher
+  url: docker.io/rancher/rancher
+  tag: v2.6.1
+  bootstrapPassword: rancher
+```
+
+## remote-desktop
+installs `xorg-x11-Xvnc` disables wayland logins
+and creates a vnc login session for the user running update.sh
+```
+# salt/pillars/remote-desktop.sls
+remote-desktop:
+  password: linux0
+```
+
+## rmt
+installs and configures rmt
+```
+# salt/pillars/rmt.sls
+rmt:
+  ca_passphrase: linux
+  db_password: linux
+  scc:
+    username:
+    password:
+  stopped_services:
+    - rmt-server-mirror.timer
+    - rmt-server-sync.timer
+    - rmt-server-systems-scc-sync.timer
+
+  products:
+    -
+      name: SUSE Linux Enterprise Server 15 SP3 x86_64
+      id: 2140
+    -
+      name: SUSE Linux Enterprise High Performance Computing 15 SP3 x86_64
+      id: 2133
+    -
+      name: Containers Module 15 SP3 x86_64
+      id: 2157
+    -
+      name: SUSE Linux Enterprise Micro 5.0 x86_64
+      id: 2202
+    -
+      name: SUSE Linux Enterprise Micro 5.1 x86_64
+      id: 2283
+    - 
+      name: SUSE Linux Enterprise High Availability Extension 15 SP3 x86_64
+      id: 2195 
+    -
+      name: openSUSE Leap 15.3 aarch64
+      id: 2233
+    -
+      name: openSUSE Leap  15.3 x86_64
+      id: 2236
+    - 
+      name: Public Cloud Module 15 SP3 x86_64
+      id: 2175
+```
+
+## ssh
+installs openSSH server and start the daemon.
+It also configures the authorized keys for remote sessions to the admin server.
+add ssh public keys to the user-pub-keys in your local.sls and they will be added
+```
+# salt/pillars/ssh.sls
+ssh:
+  user-pub-keys: []
+```
+
+## tlu-harvester
+This state creates all files necessary to install a harvester cluster on node1, node2 and node3.
+It will create the [pxe](#pxe) configurations and also manifests that can be applied to your harvester cluster when it's up and running. The manifests will land in the `$HOME/tlu-havester` directory, just apply them with kubectl
+It will also download some images and place them in corresponding folder on the [www.suse.lan](#nginx).
+
+Id you download SUSE images and place them in `/srv/www/htdocs/images/suse/` and run this state, manifests for them will be created and added to the `$HOME/tlu-harvester` directory
+```
+# salt/pillars/tlu-harvester.sls
+tlu-harvester:
+  version: 0.3.0
+  dns_host: harvester
+  password: rancher
+  token: ThisShouldBeConfiguredInYour_local.sls
+  os:
+    ssh_authorized_keys: []
+    password: rancher
+  install:
+    mgmt-interface: enp2s0f0
+  device: /dev/nvme0n1
+
+
+  images:
+    opensuse:
+      - name: openSUSE Leap 15.3
+        url: https://download.opensuse.org/distribution/leap/15.3/appliances/openSUSE-Leap-15.3-JeOS.x86_64-OpenStack-Cloud.qcow2
+        checksum: 7207cce5b77d9d040610c39cd3d09437489797882b1b834acfb8b0f9d82be26c
+        ns: default
+      - name: openSUSE MicroOS
+        url: https://download.opensuse.org/tumbleweed/appliances/openSUSE-MicroOS.x86_64-kvm-and-xen.qcow2
+    ubuntu:
+      - name: ubuntu 20.04 (Focal Fossa)
+        url: https://cloud-images.ubuntu.com/focal/20211015/focal-server-cloudimg-amd64.img
+        checksum: c7adca2038a5fdda38328ecd461462bf4ab2cbaec2cc1bfd9340d9ee6bc543a8
+        ns: default
+      - name: ubuntu 21.04 (Hirsute Hippo)
+        url: https://cloud-images.ubuntu.com/hirsute/20211017/hirsute-server-cloudimg-amd64.img
+        checksum: 2d8c7f872aab587f70268a34f031c6380197f6940b29eb5f241050bb98ba420e
+```
+
+## vlan
+configures the vlan configuration, settings are in `salt/pillar/network.sls`
+
+## wol
+Creates `$HOME/wol` bash script so I can send Wake on LAN packages to node1, node2 and node3.
+mac address needs to be set in your local.sls
+```
+network:
+  wol:
+    1: xx:xx:xx:xx:xx:9b
+    2: xx:xx:xx:xx:xx:0a
+    3: xx:xx:xx:xx:xx:58
+```