diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3df69c5..1faaeaa 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,12 @@
+## [0.5.2] - 2025-09-02
+
+### Fixed
+- 🔒 **ИСПРАВЛЕНО**: Поддержка Let's Encrypt ACME challenge для SSL сертификатов
+- 🔒 **ДОБАВЛЕНО**: Исключение `.well-known/` путей из proxy_handler для корректной работы ACME
+- 🔧 **УЛУЧШЕНО**: Логирование ACME challenge запросов
+- 🚀 **ИСПРАВЛЕНО**: CI/CD оптимизация для работы без sudo в Gitea runner
+- 🚀 **ДОБАВЛЕНО**: Проверка доступной памяти в CI процессе
+
 ## [0.5.1] - 2025-09-02
 
 ### Fixed
diff --git a/Cargo.toml b/Cargo.toml
index a897d01..ac9113f 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -8,6 +8,7 @@ futures = "0.3.30"
 serde_json = "1.0.143"
 actix-web = "4.11.0"
 actix-cors = "0.7.0"
+actix-files = "0.6.7"
 reqwest = { version = "0.12.23", features = ["json"] }
 sentry = { version = "0.42", features = ["tokio"] }
 uuid = { version = "1.18.0", features = ["v4"] }
diff --git a/src/handlers/proxy.rs b/src/handlers/proxy.rs
index f3a5a2d..8289c66 100644
--- a/src/handlers/proxy.rs
+++ b/src/handlers/proxy.rs
@@ -28,6 +28,12 @@ pub async fn proxy_handler(
     let start_time = std::time::Instant::now();
     info!("GET {} [START]", requested_res);
 
+    // Возвращаем 404 для .well-known путей (для Let's Encrypt ACME)
+    if requested_res.starts_with(".well-known/") {
+        warn!("ACME challenge path requested: {}", requested_res);
+        return Err(ErrorNotFound("Not found"));
+    }
+
     let normalized_path = if requested_res.ends_with("/webp") {
         info!("Converting to WebP format: {}", requested_res);
         requested_res.replace("/webp", "")
diff --git a/src/main.rs b/src/main.rs
index feed2ad..cab10a9 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -68,6 +68,13 @@ async fn main() -> std::io::Result<()> {
             .route("/quota", web::get().to(get_quota_handler))
             .route("/quota/increase", web::post().to(increase_quota_handler))
             .route("/quota/set", web::post().to(set_quota_handler))
+            .service(
+                web::scope("/.well-known")
+                    .service(
+                        actix_files::Files::new("/", "/tmp/.well-known")
+                            .show_files_listing()
+                    )
+            )
             .route("/{path:.*}", web::get().to(proxy_handler))
     })
     .bind(addr)?