jeffemmett
/
jeffsi-meet-docker
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add jeffsi.localvibe.live as primary domain with Let's Encrypt HTTPS 

Redeploy to new domain while keeping meet.jeffemmett.com as legacy
fallback via Cloudflare tunnel. Sync compose file with production
(branding volume mounts, middlewares).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Jeff Emmett 2026-02-13 00:38:58 -07:00
parent 98119f58cc
commit e4e6dbd83f
1 changed files with 21 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
docker-compose.jeffsi.yml
View File

@ -1,4 +1,6 @@
# Jeffsi Meet - Docker Compose for Traefik + Cloudflare Tunnel # Jeffsi Meet - Docker Compose for Traefik
# Primary domain: jeffsi.localvibe.live (direct HTTPS via Let's Encrypt)
# Legacy domain: meet.jeffemmett.com (via Cloudflare tunnel)
services: services:
web: web:
image: jeffsi-meet-web:latest image: jeffsi-meet-web:latest
@ -17,17 +19,29 @@ services:
- ./nginx-custom:/config/nginx-custom:ro - ./nginx-custom:/config/nginx-custom:ro
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.http.routers.jeffsi-meet.rule=Host(`meet.jeffemmett.com`)"
- "traefik.http.routers.jeffsi-meet.entrypoints=web"
- "traefik.http.services.jeffsi-meet.loadbalancer.server.port=80" - "traefik.http.services.jeffsi-meet.loadbalancer.server.port=80"
# Shared middlewares
- "traefik.http.middlewares.jeffsi-headers.headers.customrequestheaders.X-Forwarded-Proto=https" - "traefik.http.middlewares.jeffsi-headers.headers.customrequestheaders.X-Forwarded-Proto=https"
- "traefik.http.middlewares.jeffsi-nocache.headers.customresponseheaders.Cache-Control=no-store, must-revalidate" - "traefik.http.middlewares.jeffsi-nocache.headers.customresponseheaders.Cache-Control=no-store, must-revalidate"
- "traefik.http.middlewares.jeffsi-frame.headers.customFrameOptionsValue=ALLOWALL" - "traefik.http.middlewares.jeffsi-frame.headers.customFrameOptionsValue=ALLOWALL"
- "traefik.http.middlewares.jeffsi-permissions.headers.customresponseheaders.Permissions-Policy=camera=*, microphone=*, display-capture=*, fullscreen=*, autoplay=*" - "traefik.http.middlewares.jeffsi-permissions.headers.customresponseheaders.Permissions-Policy=camera=*, microphone=*, display-capture=*, fullscreen=*, autoplay=*"
- "traefik.http.middlewares.jeffsi-csp.headers.customresponseheaders.Content-Security-Policy=frame-ancestors *" - "traefik.http.middlewares.jeffsi-csp.headers.customresponseheaders.Content-Security-Policy=frame-ancestors *"
- "traefik.http.middlewares.jeffsi-redirect-https.redirectscheme.scheme=https"
# PRIMARY: jeffsi.localvibe.live - HTTPS via Let's Encrypt
- "traefik.http.routers.jeffsi-meet-secure.rule=Host(`jeffsi.localvibe.live`)"
- "traefik.http.routers.jeffsi-meet-secure.entrypoints=websecure"
- "traefik.http.routers.jeffsi-meet-secure.tls.certresolver=letsencrypt"
- "traefik.http.routers.jeffsi-meet-secure.middlewares=jeffsi-headers,jeffsi-nocache,jeffsi-frame,jeffsi-permissions,jeffsi-csp"
# PRIMARY HTTP->HTTPS redirect
- "traefik.http.routers.jeffsi-meet-http.rule=Host(`jeffsi.localvibe.live`)"
- "traefik.http.routers.jeffsi-meet-http.entrypoints=web"
- "traefik.http.routers.jeffsi-meet-http.middlewares=jeffsi-redirect-https"
# LEGACY: meet.jeffemmett.com - via Cloudflare tunnel (port 80)
- "traefik.http.routers.jeffsi-meet.rule=Host(`meet.jeffemmett.com`)"
- "traefik.http.routers.jeffsi-meet.entrypoints=web"
- "traefik.http.routers.jeffsi-meet.middlewares=jeffsi-headers,jeffsi-nocache,jeffsi-frame,jeffsi-permissions,jeffsi-csp" - "traefik.http.routers.jeffsi-meet.middlewares=jeffsi-headers,jeffsi-nocache,jeffsi-frame,jeffsi-permissions,jeffsi-csp"
environment: environment:
- PUBLIC_URL=https://meet.jeffemmett.com - PUBLIC_URL=https://jeffsi.localvibe.live
- TZ=${TZ:-UTC} - TZ=${TZ:-UTC}
- ENABLE_COLIBRI_WEBSOCKET=1 - ENABLE_COLIBRI_WEBSOCKET=1
- ENABLE_XMPP_WEBSOCKET=1 - ENABLE_XMPP_WEBSOCKET=1
@ -68,7 +82,7 @@ services:
- ${CONFIG}/prosody/config:/config:Z - ${CONFIG}/prosody/config:/config:Z
- ${CONFIG}/prosody/prosody-plugins-custom:/prosody-plugins-custom:Z - ${CONFIG}/prosody/prosody-plugins-custom:/prosody-plugins-custom:Z
environment: environment:
- PUBLIC_URL=https://meet.jeffemmett.com - PUBLIC_URL=https://jeffsi.localvibe.live
- TZ=${TZ:-UTC} - TZ=${TZ:-UTC}
- AUTH_TYPE=${AUTH_TYPE:-internal} - AUTH_TYPE=${AUTH_TYPE:-internal}
- ENABLE_AUTH=${ENABLE_AUTH:-0} - ENABLE_AUTH=${ENABLE_AUTH:-0}
@ -130,7 +144,7 @@ services:
- ${CONFIG}/jvb:/config:Z - ${CONFIG}/jvb:/config:Z
environment: environment:
- TZ=${TZ:-UTC} - TZ=${TZ:-UTC}
- PUBLIC_URL=https://meet.jeffemmett.com - PUBLIC_URL=https://jeffsi.localvibe.live
- JVB_AUTH_USER - JVB_AUTH_USER
- JVB_AUTH_PASSWORD - JVB_AUTH_PASSWORD
- JVB_BREWERY_MUC=jvbbrewery - JVB_BREWERY_MUC=jvbbrewery
@ -138,7 +152,7 @@ services:
- JVB_PORT=10200 - JVB_PORT=10200
- JVB_STUN_SERVERS=meet-jit-si-turnrelay.jitsi.net:443 - JVB_STUN_SERVERS=meet-jit-si-turnrelay.jitsi.net:443
- ENABLE_COLIBRI_WEBSOCKET=1 - ENABLE_COLIBRI_WEBSOCKET=1
- JVB_WS_DOMAIN=meet.jeffemmett.com - JVB_WS_DOMAIN=jeffsi.localvibe.live
- JVB_WS_SERVER_ID=default-id - JVB_WS_SERVER_ID=default-id
- XMPP_AUTH_DOMAIN=auth.meet.jitsi - XMPP_AUTH_DOMAIN=auth.meet.jitsi
- XMPP_INTERNAL_MUC_DOMAIN=internal-muc.meet.jitsi - XMPP_INTERNAL_MUC_DOMAIN=internal-muc.meet.jitsi