Run Prosody, LetsEncrypt as root

This is until we figure out the permissions issues that are causing
service failures.

config/service/letsencrypt/Containerfile

@@ -1,6 +1 @@
 FROM docker.io/goacme/lego:v4.4.0
-
-RUN addgroup --system --gid 10000 letsencrypt
-RUN adduser --system --uid 10000 --ingroup letsencrypt --home /var/lib/letsencrypt letsencrypt
-
-USER letsencrypt

config/service/prosody/Containerfile

@@ -19,7 +19,5 @@ RUN prosodyctl check config
 VOLUME /var/lib/prosody
 ENV __FLUSH_LOG yes
 
-USER prosody
 EXPOSE 5222 5269 5280 5347
-
 ENTRYPOINT ["prosody"]

config/service/prosody/container/config/prosody.cfg.lua

@@ -25,6 +25,10 @@ admins = {}
 -- For more information see: https://prosody.im/doc/libevent
 use_libevent = true
 
+-- Run Prosody under a restricted user and group, to prevent runaway permissions.
+prosody_user = "prosody"
+prosody_group = "prosody"
+
 -- Prosody will always look in its source directory for modules, but
 -- this option allows you to specify additional locations where Prosody
 -- will look for modules first. For community modules, see https://modules.prosody.im/