# Changelog All notable changes to this project will be documented in this file. ## [Unreleased] ### Bug Fixes - Fix certs path. - Fix self signed certs. - Fix su prosody. - Fix su prosody (2). - Fix su prosody (3). - Fix su prosody (4). - Fix symlinks. - Fixed tls config.. - Fix TLS cert domain mismatch: VirtualHost now matches cert domain VirtualHost changed from "guschin.info" to "xmpp.guschin.info" to match the Let's Encrypt certificate. Moved certificates directive before VirtualHost block. Removed misplaced default_realm and global ssl block. Co-Authored-By: Claude Opus 4.6 ### Changes - Initial commit - Init. - MySQL running on host. - Network. - Extra hosts. - Change ip. - Nginx. - Certs in docker compose. - Certs volume. - Certs path. - Nginx ssl. - Lua-unbound. - Certs volume. - Delete self signed certs. - Delete user prosody from entrypoing.. - Using existing certs.. - Remove obsolete version attribute from docker-compose.yml Co-Authored-By: Claude Opus 4.6 - Mount only xmpp cert dirs to fix letsencrypt permission errors Mount specific live/ and archive/ subdirectories instead of all of /etc/letsencrypt to avoid Prosody scanning root-only directories (accounts/, archive/ for other domains). Also remove allow_registration. Co-Authored-By: Claude Opus 4.6 ### Features - Enable s2s_require_encryption to match s2s_secure_auth Co-Authored-By: Claude Opus 4.6 - Add ca-certificates to fix s2s TLS verification Without CA certs, Prosody cannot verify remote servers' certificates, causing all server-to-server connections to fail with "not trusted". Co-Authored-By: Claude Opus 4.6 - Enable mod_mam for persistent direct message archiving Messages are stored indefinitely in MySQL. Co-Authored-By: Claude Opus 4.6 - Add guschin.info VirtualHost alongside xmpp.guschin.info Users can now register as name@guschin.info or name@xmpp.guschin.info. Added Let's Encrypt cert mounting and install for guschin.info domain. Refactored entrypoint cert install into reusable function. Co-Authored-By: Claude Opus 4.6