open
--------------------------
- Test turn auth ...possibly disable scam auth
  - https://ourcodeworld.com/articles/read/1526/how-to-test-online-whether-a-stun-turn-server-is-working-properly-or-not
  - https://icetest.info/ 


done
--------------------------
- add and test stun/turn
- new log configuration
- c2s, s2s and http
- listen
- modules
- .env dynamic configuration
- check the reference config from https://hub.docker.com/r/rroemhild/ejabberd/
- add abuse address
- re-enable irc
- add conversejs
- set conversejs as startpage
- compliance test


deferred
--------------------------
- consistent backup of the mnesa DB
  - add container to run: docker exec ejabberd bin/ejabberdctl backup /home/ejabberd/backup/backup
- fix certificate expiration
  - idea: add a config-reload via acme.sh trigger-file
  - info: newer versions apparently reload when the date of the pem file changes
  - next: if the issue persists, let's try to not use a wildcard in the config but the exact filename
- automatic update with watchtower
  - there have been breaking changes in the past, so this might be no good idea ;-)

wishlist
--------------------------
- mam in sqlite with migration path for existing msgs
Monitor if file permissions changed and change them back

ssl update ideas
--------------------------
```
docker run -it --rm -d \
-v /opt/docker/proxy/data/certs/im.s-up.net/:/home/ejabberd/ssl/ \
--name ejabberd-perms alpine \
sh -c 'apk add --no-cache inotify-tools
while true; do inotifywait /home/ejabberd/ssl/key.pem  --event attrib \
&& chmod -R o+r,o+X /home/ejabberd/ssl/; done'
```