Run the below command inside the certbot container to give read access to the new certs and private keys to the peertube group.*Note*: This will also make the files readable to the group with id 999 on the host system.Check the groups on your system to assess this as a risk before running this command.
Modify your `docker-compose.yml` file, changing the `entrypoint` line under the `certbot` service to the following.This is the same as the above, but to be automatically executed after every certificate renewal.
You can enable <a href="https://modules.prosody.im/mod_firewall" target="_blank">mod_firewall</a> on your Prosody server. For more information, please check <a href="https://livingston.frama.io/peertube-plugin-livechat/documentation/admin/mod_firewall/" target="_blank">the documentation</a>.
Here you can configure Prosody <a href="https://modules.prosody.im/mod_firewall" target="_blank">mod_firewall</a> module. You can create multiple configuration files bellow, and change their order. Don't hesitate to share your configurations with the community (for example by adding some examples in the plugin documentation).
Warning: mod_firewall is disabled in the livechat <a href="/admin/plugins/show/peertube-plugin-livechat" target="_blank">plugin settings</a>, you have to enable it if you want this configuration to be taken into account.
If you can't make it work, you can use the diagnostic tool (there is a button on top of the plugin settings page), and take a close look on the «Prosody check» section.