diff --git a/CHANGELOG.md b/CHANGELOG.md
index 60f5c54..23b7eb5 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,7 +2,7 @@
 
 ## Unreleased
 
-* Nothing
+* Added modules that allow invite-based account registration for Prosody. See also [Great Invitations](https://blog.prosody.im/great-invitations/).
 
 ## v1.2.8
 
diff --git a/Dockerfile b/Dockerfile
index 5219e99..d7ebd4d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -23,11 +23,17 @@ LABEL org.opencontainers.image.vendor="Sara Smiseth"
 LABEL org.opencontainers.image.version="${VERSION}"
 LABEL prosody.version="${PROSODY_VERSION}"
 
+# TODO just for mod_invites, makes the image from 90MB to 150MB, just do it like this?
+#libjs-bootstrap4
+#libjs-jquery
+
 RUN apt-get update \
  && DEBIAN_FRONTEND=noninteractive apt-get install -y \
       libevent-dev `# this is no build dependency, but needed for luaevent` \
       libicu67 \
       libidn11 \
+      libjs-bootstrap4 \
+      libjs-jquery \
       libpq-dev \
       libsqlite3-0 \
       lua5.2 \
@@ -104,9 +110,16 @@ RUN download-prosody-modules.bash \
         csi `# client state indication (XEP-0352)` \
         e2e_policy `# require end-2-end encryption` \
         filter_chatstates `# disable "X is typing" type messages` \
+        http_libjs `# invite-based account registration web dependency` \
+        http_upload `# file sharing (XEP-0363)` \
+        invites `# invite-based account registration` \
+        invites_adhoc \
+        invites_page \
+        invites_register \
+        invites_register_web \
+        register_apps \
         smacks `# stream management (XEP-0198)` \
         throttle_presence `# presence throttling in CSI` \
-        http_upload `# file sharing (XEP-0363)` \
         vcard_muc `# XEP-0153: vCard-Based Avatar (MUC)` \
  && rm -rf "/usr/src/prosody-modules"
 
diff --git a/conf.d/05-vhost.cfg.lua b/conf.d/05-vhost.cfg.lua
index e4fe3f1..2e7098d 100644
--- a/conf.d/05-vhost.cfg.lua
+++ b/conf.d/05-vhost.cfg.lua
@@ -19,7 +19,15 @@ https_ssl = {
 	key = "certs/" .. domain_http_upload .. "/privkey.pem";
 }
 
+-- Configure the number of seconds a token is valid for (default 7 days)
+-- TODO make configurable
+invite_expiry = 86400 * 7
+
 VirtualHost (domain)
+    http_paths = {
+        invites_page = "/invite";
+        invites_register_web = "/register";
+     }
 
 -- Set up a http file upload because proxy65 is not working in muc
 Component (domain_http_upload) "http_upload"
diff --git a/docker-entrypoint.bash b/docker-entrypoint.bash
index dd317e0..bb8141f 100755
--- a/docker-entrypoint.bash
+++ b/docker-entrypoint.bash
@@ -2,6 +2,7 @@
 set -e
 
 export ALLOW_REGISTRATION=${ALLOW_REGISTRATION:-true}
+export REGISTRATION_INVITE_ONLY=${REGISTRATION_INVITE_ONLY:-false}
 export DOMAIN_HTTP_UPLOAD=${DOMAIN_HTTP_UPLOAD:-"upload.$DOMAIN"}
 export DOMAIN_MUC=${DOMAIN_MUC:-"conference.$DOMAIN"}
 export DOMAIN_PROXY=${DOMAIN_PROXY:-"proxy.$DOMAIN"}
diff --git a/prosody.cfg.lua b/prosody.cfg.lua
index f0b0f3c..0c41b51 100644
--- a/prosody.cfg.lua
+++ b/prosody.cfg.lua
@@ -10,6 +10,7 @@ pidfile = "/var/run/prosody/prosody.pid"
 use_libevent = true; -- improves performance
 
 allow_registration = os.getenv("ALLOW_REGISTRATION");
+registration_invite_only = os.getenv("REGISTRATION_INVITE_ONLY");
 
 c2s_require_encryption = os.getenv("C2S_REQUIRE_ENCRYPTION");
 s2s_require_encryption = os.getenv("S2S_REQUIRE_ENCRYPTION");
diff --git a/readme.md b/readme.md
index c127e4a..6abd8fb 100644
--- a/readme.md
+++ b/readme.md
@@ -200,6 +200,7 @@ sudo chown 999:999 ./data
 | Variable                         | Description                                                                                                          | Type         | Default value              |
 | -------------------------------- | -------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------- |
 | **ALLOW_REGISTRATION**           | Whether to allow registration of new accounts via Jabber clients                                                     | *optional*   | true                       |
+| **REGISTRATION_INVITE_ONLY**     | Require an invitation token for all account registration                                                             | *optional*   | false                      |
 | **DOMAIN**                       | domain                                                                                                               | **required** | null                       |
 | **DOMAIN_HTTP_UPLOAD**           | Domain which lets clients upload files over HTTP                                                                     | *optional*   | upload.**DOMAIN**          |
 | **DOMAIN_MUC**                   | Domain for Multi-user chat (MUC) for allowing you to create hosted chatrooms/conferences for XMPP users              | *optional*   | conference.**DOMAIN**      |
diff --git a/tests/tests.bats b/tests/tests.bats
index bbac09d..cebc7f3 100644
--- a/tests/tests.bats
+++ b/tests/tests.bats
@@ -86,3 +86,21 @@ load 'bats/bats-assert/load'
   assert_success
   assert_output
 }
+
+@test "Should serve register_apps" {
+  run bash -c "sudo docker-compose logs | grep \"Serving 'register_apps' at https:\/\/localhost:5281\/register_apps\""
+  assert_success
+  assert_output
+}
+
+@test "Should serve invites_page" {
+  run bash -c "sudo docker-compose logs | grep \"Serving 'invites_page' at https:\/\/localhost:5281\/invite\""
+  assert_success
+  assert_output
+}
+
+@test "Should serve invites_register_web" {
+  run bash -c "sudo docker-compose logs | grep \"Serving 'invites_register_web' at https:\/\/localhost:5281\/register\""
+  assert_success
+  assert_output
+}