Merge remote-tracking branch 'refs/remotes/origin/jitsi-redeploy' into jitsi-redeploy

Merged by Trez.One

.gitea/workflows/pr-cloudflare-docker-deploy.yml

@@ -314,7 +314,7 @@ jobs:
       - name: Login to Gitea Container Registry
         uses: docker/login-action@v3
         with:
-          registry: git.trez.wtf
+          registry: gitea:3000
           username: gitea-sonarqube-bot
           password: ${{ secrets.BOT_GITEA_TOKEN }}
       - name: Install hvac

README.md

@@ -51,7 +51,7 @@
 | graylog-datanode | graylog/graylog-datanode:6.1 |
 | guacamole | flcontainers/guacamole:latest |
 | homepage | ghcr.io/gethomepage/homepage:latest |
-| hugo | hugomods/hugo:exts |
+| hugo | hugomods/hugo:exts-0.145.0 |
 | immich-server | ghcr.io/immich-app/immich-server:release |
 | immich-machine-learning | ghcr.io/immich-app/immich-machine-learning:release |
 | immich-pg-db | tensorchord/pgvecto-rs:pg14-v0.2.1 |
@@ -63,6 +63,13 @@
 | invidious-db | docker.io/library/postgres:14 |
 | it-tools | ghcr.io/corentinth/it-tools:latest |
 | jellyfin | jellyfin/jellyfin |
+| jitsi-etherpad | etherpad/etherpad:1.8.6 |
+| jitsi-jibri | jitsi/jibri:stable |
+| jitsi-jicofo | jitsi/jicofo:stable |
+| jitsi-jigasi | jitsi/jigasi:stable |
+| jitsi-jvb | jitsi/jvb:stable |
+| jitsi-prosody | jitsi/prosody:stable |
+| jitsi-web | jitsi/web:stable |
 | joplin-db | postgres:17-alpine |
 | joplin | joplin/server:latest |
 | librechat-api | ghcr.io/danny-avila/librechat-dev:latest |
@@ -81,7 +88,6 @@
 | mastodon-pg-db | postgres:17-alpine |
 | meilisearch | getmeili/meilisearch:v1.12.3 |
 | minio | minio/minio |
-| mirotalk | mirotalk/p2p:latest |
 | mixpost | inovector/mixpost:latest |
 | mongodb | bitnami/mongodb:7.0 |
 | multi-scrobbler | foxxmd/multi-scrobbler |
@@ -91,6 +97,7 @@
 | nextcloud | nextcloud/all-in-one:latest |
 | ollama | ollama/ollama |
 | ombi | lscr.io/linuxserver/ombi:latest |
+| omni-tools | iib0011/omni-tools:latest |
 | paperless-ngx | ghcr.io/paperless-ngx/paperless-ngx:latest |
 | pgbackweb | eduardolat/pgbackweb:latest |
 | pgbackweb-db | postgres:16-alpine |

ansible/app-configs/ghost_config.production.json.j2

@@ -7,13 +7,14 @@
     "client": "mysql",
     "connection": {
       "host"     : "mariadb",
+      "port"     : 3306,
       "user"     : "ghost",
       "password" : "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GHOST_DB_PASSWORD'] }}",
       "database" : "ghost_db"
     }
   },
   "mail": {
-    "from": "'Ghost @ Rinoa' <noreply@trez.wtf>"
+    "from": "'Ghost @ Rinoa' <noreply@trez.wtf>",
     "transport": "SMTP",
     "options": {
       "host": "postal-smtp",

ansible/app-configs/loggifly_config.yaml.j2

@@ -1,4 +1,4 @@
-containers
+containers:
   ghost_blog:
     action_keywords:
       - restart:

ansible/app-configs/multi-scrobbler_config.json.j2

@@ -33,9 +33,10 @@
       }
     },
     {
-      "type:": "lastfm",
-      "name": "lastfm",
+      "type": "lastfm",
       "enable": true,
+      "clients": [],
+      "name": "lastfm",
       "data": {
         "apiKey": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LASTFM_API_KEY'] }}",
         "secret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LASTFM_API_SECRET'] }}",
@@ -44,8 +45,9 @@
     },
     {
       "type": "listenbrainz",
-      "name": "listenBrainz",
       "enable": true,
+      "clients": [],
+      "name": "listenBrainz",
       "data": {
         "token": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MALOJA_LISTENBRAINZ_TOKEN'] }}",
         "username": "Trez.One"
@@ -53,8 +55,9 @@
     },
     {
       "type": "subsonic",
-      "name": "navidrome",
       "enable": true,
+      "clients": [],
+      "name": "navidrome",
       "data": {
         "url": "http://navidrome:4533",
         "user": "admin",
@@ -65,8 +68,8 @@
   "clients": [
     {
       "type": "lastfm",
-      "name": "lastFmClient",
       "enable": true,
+      "name": "lastFmClient",
       "data": {
         "apiKey": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LASTFM_API_KEY'] }}",
         "secret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LASTFM_API_SECRET'] }}",
@@ -75,8 +78,8 @@
     },
     {
       "type": "listenbrainz",
-      "name": "ListenBrainzClient",
       "enable": true,
+      "name": "ListenBrainzClient",
       "data": {
         "token": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MALOJA_LISTENBRAINZ_TOKEN'] }}",
         "username": "Trez.One"
@@ -105,4 +108,4 @@
       }
     }
   ]
-}
+}

ansible/app-configs/searxng_settings.yml.j2

@@ -211,11 +211,13 @@ outgoing:
 
 # Comment or un-comment plugin to activate / deactivate by default.
 #
-# enabled_plugins:
+enabled_plugins:
 #   # these plugins are enabled if nothing is configured ..
-#   - 'Hash plugin'
-#   - 'Self Information'
-#   - 'Tracker URL remover'
+  - 'Hash plugin'
+  - 'Self Information'
+  - 'Tracker URL remover'
+  - 'Basic Calculator'
+  - 'Unit converter plugin'
 #   - 'Ahmia blacklist'  # activation depends on outgoing.using_tor_proxy
 #   # these plugins are disabled if nothing is configured ..
 #   - 'Hostname replace'  # see hostname_replace configuration below

docker-compose.yml

@@ -12,6 +12,15 @@ networks:
     name: compose_default
   nextcloud-aio:
     external: true
+x-app-common: &jitsi_admin_app
+  image: h2invent/jitsi-admin-main:latest
+  #build: .
+  environment:
+    APACHE_DOCUMENT_ROOT: "public/"
+    PHP_EXTENSION_XDEBUG: "1"
+    PHP_INI_MEMORY_LIMIT: "1G"
+    PHP_EXTENSION_LDAP: 1
+    PHP_EXTENSION_INTL: 1
 services:
   actual_server:
     container_name: actualbudget
@@ -46,7 +55,6 @@ services:
     container_name: adguard
     environment:
       TZ: ${TZ}
-    hostname: Rinoa
     image: adguard/adguardhome:latest
     labels:
       swag: enable
@@ -68,17 +76,18 @@ services:
       - "192.168.1.254:53:53/udp"
       - "192.168.1.254:53:53/tcp"
       - 3001:3000
-      - 446:443
+      - "192.168.1.254:446:443/tcp"
       - 8008:80
       - "192.168.1.254:853:853/tcp"
       - 67:67
       - 688:68
     restart: unless-stopped
+    user: 1000:1000
     volumes:
       - /etc/localtime:/etc/localtime:ro
       - ${DOCKER_VOLUME_CONFIG}/adguard/work:/opt/adguardhome/work
       - ${DOCKER_VOLUME_CONFIG}/adguard/conf:/opt/adguardhome/conf
-      - ${DOCKER_VOLUME_CONFIG}/swag/etc/letsencrypt/:/etc/ssl/certs
+      - ${DOCKER_VOLUME_CONFIG}/swag/etc/letsencrypt/:/opt/adguardhome/certs
   apprise-api:
     container_name: apprise-api
     environment:
@@ -92,7 +101,7 @@ services:
       homepage.group: Infrastructure/App Performance Monitoring
       homepage.name: Apprise
       homepage.icon: apprise.png
-      homepage.href: https://adgh.${MY_TLD}
+      homepage.href: http://192.168.1.254:54995
       homepage.description: Multi-channel notification API
     ports:
       - 54995:8000
@@ -1424,7 +1433,7 @@ services:
       - 2368:2368
     restart: always
     volumes:
-      - ${DOCKER_VOLUME_CONFIG}/ghost:/home/ghost
+      - ${DOCKER_VOLUME_CONFIG}/ghost:/var/lib/ghost/content
   gitea:
     container_name: gitea
     depends_on:
@@ -1575,13 +1584,13 @@ services:
     environment:
       GOTIFY_SERVER_PORT: 80
       GOTIFY_SERVER_KEEPALIVEPERIODSECONDS: 0
-      GOTIFY_SERVER_LISTENADDR: 
+      GOTIFY_SERVER_LISTENADDR:
       GOTIFY_SERVER_SSL_ENABLED: false
       GOTIFY_SERVER_SSL_REDIRECTTOHTTPS: true
-      GOTIFY_SERVER_SSL_LISTENADDR: 
+      GOTIFY_SERVER_SSL_LISTENADDR:
       GOTIFY_SERVER_SSL_PORT: 443
-      GOTIFY_SERVER_SSL_CERTFILE: 
-      GOTIFY_SERVER_SSL_CERTKEY: 
+      GOTIFY_SERVER_SSL_CERTFILE:
+      GOTIFY_SERVER_SSL_CERTKEY:
       GOTIFY_SERVER_SSL_LETSENCRYPT_ENABLED: false
       GOTIFY_SERVER_SSL_LETSENCRYPT_ACCEPTTOS: false
       GOTIFY_SERVER_SSL_LETSENCRYPT_CACHE: certs
@@ -1775,7 +1784,7 @@ services:
   hugo:
     command: hugo server --baseURL "it-services.trez.wtf" --bind 0.0.0.0 --appendPort=false --source=/src/it-services --configDir=/src/it-services/config/ -e production --logLevel debug
     container_name: hugo
-    image: hugomods/hugo:exts
+    image: hugomods/hugo:exts-0.145.0
     labels:
       swag: enable
       swag_proto: http
@@ -2119,6 +2128,577 @@ services:
       - ${DOCKER_VOLUME_STORAGE}/Movies:/storage/movies
       - /etc/localtime:/etc/localtime
       - /usr/share/fonts:/usr/local/share/fonts/custom
+  jitsi-etherpad:
+    container_name: jitsi-etherpad
+    environment:
+      TITLE: ${JITSI__ETHERPAD_TITLE}
+      DEFAULT_PAD_TEXT: ${JITSI__ETHERPAD_DEFAULT_PAD_TEXT}
+      SKIN_NAME: ${JITSI__ETHERPAD_SKIN_NAME}
+      SKIN_VARIANTS: ${JITSI__ETHERPAD_SKIN_VARIANTS}
+      SUPPRESS_ERRORS_IN_PAD_TEXT: true
+    hostname: etherpad.meet.jitsi
+    image: etherpad/etherpad:1.8.6
+    networks:
+      default: null
+    restart: unless-stopped
+  jitsi-jibri:
+    cap_add:
+      - SYS_ADMIN
+    container_name: jitsi-jibri
+    depends_on:
+      jitsi-jicofo:
+        condition: service_started
+        required: true
+    environment:
+      AUTOSCALER_SIDECAR_KEY_FILE:
+      AUTOSCALER_SIDECAR_KEY_ID:
+      AUTOSCALER_SIDECAR_GROUP_NAME:
+      AUTOSCALER_SIDECAR_HOST_ID:
+      AUTOSCALER_SIDECAR_INSTANCE_ID:
+      AUTOSCALER_SIDECAR_PORT:
+      AUTOSCALER_SIDECAR_REGION:
+      AUTOSCALER_SIDECAR_SHUTDOWN_POLLING_INTERVAL:
+      AUTOSCALER_SIDECAR_STATS_POLLING_INTERVAL:
+      AUTOSCALER_URL:
+      CHROMIUM_FLAGS:
+      DISPLAY: :0
+      ENABLE_STATS_D:
+      JIBRI_WEBHOOK_SUBSCRIBERS:
+      JIBRI_HTTP_API_EXTERNAL_PORT:
+      JIBRI_HTTP_API_INTERNAL_PORT:
+      JIBRI_RECORDING_RESOLUTION:
+      JIBRI_RECORDING_VIDEO_ENCODE_PRESET:
+      JIBRI_RECORDING_CONSTANT_RATE_FACTOR:
+      JIBRI_RECORDING_FRAMERATE:
+      JIBRI_RECORDING_QUEUE_SIZE:
+      JIBRI_RECORDING_STREAMING_MAX_BITRATE:
+      JIBRI_USAGE_TIMEOUT:
+      JIBRI_XMPP_USER:
+      JIBRI_XMPP_PASSWORD: ${JITSI__JIBRI_XMPP_PASSWORD}
+      JIBRI_BREWERY_MUC:
+      JIBRI_RECORDER_USER: jibri-recorder
+      JIBRI_RECORDER_PASSWORD: ${JITSI__JIBRI_RECORDER_PASSWORD}
+      JIBRI_RECORDING_DIR:
+      JIBRI_FINALIZE_RECORDING_SCRIPT_PATH:
+      JIBRI_STRIP_DOMAIN_JID:
+      JIBRI_STATSD_HOST:
+      JIBRI_STATSD_PORT:
+      LOCAL_ADDRESS:
+      PUBLIC_URL: ${JITSI__PUBLIC_URL}
+      TZ: ${TZ}
+      XMPP_AUTH_DOMAIN:
+      XMPP_DOMAIN:
+      XMPP_INTERNAL_MUC_DOMAIN:
+      XMPP_MUC_DOMAIN:
+      XMPP_RECORDER_DOMAIN:
+      XMPP_SERVER:
+      XMPP_PORT:
+      XMPP_TRUST_ALL_CERTS:
+    image: jitsi/jibri:${JITSI_IMAGE_VERSION:-stable}
+    networks:
+      default: null
+    restart: unless-stopped
+    shm_size: 2gb
+    volumes:
+      - source: ${DOCKER_VOLUME_CONFIG}/jitsi/jibri
+        target: /config
+        type: bind
+        bind:
+          create_host_path: true
+  jitsi-jicofo:
+    container_name: jitsi-jicofo
+    depends_on:
+      jitsi-prosody:
+        condition: service_started
+        required: true
+    environment:
+      AUTH_TYPE:
+      BRIDGE_AVG_PARTICIPANT_STRESS:
+      BRIDGE_STRESS_THRESHOLD:
+      ENABLE_AUTH:
+      ENABLE_AUTO_OWNER:
+      ENABLE_CODEC_VP8:
+      ENABLE_CODEC_VP9:
+      ENABLE_CODEC_H264:
+      ENABLE_CODEC_OPUS_RED:
+      ENABLE_JVB_XMPP_SERVER:
+      ENABLE_OCTO:
+      ENABLE_RECORDING: 1
+      ENABLE_SCTP:
+      ENABLE_AUTO_LOGIN:
+      JICOFO_AUTH_LIFETIME:
+      JICOFO_AUTH_PASSWORD: ${JITSI__JICOFO_AUTH_PASSWORD}
+      JICOFO_AUTH_TYPE:
+      JICOFO_BRIDGE_REGION_GROUPS:
+      JICOFO_ENABLE_AUTH:
+      JICOFO_ENABLE_BRIDGE_HEALTH_CHECKS:
+      JICOFO_CONF_INITIAL_PARTICIPANT_WAIT_TIMEOUT:
+      JICOFO_CONF_SINGLE_PARTICIPANT_TIMEOUT:
+      JICOFO_CONF_SOURCE_SIGNALING_DELAYS:
+      JICOFO_CONF_MAX_AUDIO_SENDERS:
+      JICOFO_CONF_MAX_VIDEO_SENDERS:
+      JICOFO_CONF_STRIP_SIMULCAST:
+      JICOFO_CONF_SSRC_REWRITING:
+      JICOFO_ENABLE_HEALTH_CHECKS:
+      JICOFO_ENABLE_REST:
+      JICOFO_HEALTH_CHECKS_USE_PRESENCE:
+      JICOFO_MULTI_STREAM_BACKWARD_COMPAT:
+      JICOFO_OCTO_REGION:
+      JIBRI_BREWERY_MUC:
+      JIBRI_REQUEST_RETRIES:
+      JIBRI_PENDING_TIMEOUT:
+      JIGASI_BREWERY_MUC:
+      JIGASI_SIP_URI:
+      JVB_BREWERY_MUC:
+      JVB_XMPP_AUTH_DOMAIN:
+      JVB_XMPP_INTERNAL_MUC_DOMAIN:
+      JVB_XMPP_PORT:
+      JVB_XMPP_SERVER:
+      MAX_BRIDGE_PARTICIPANTS:
+      OCTO_BRIDGE_SELECTION_STRATEGY:
+      SENTRY_DSN: "${JICOFO_SENTRY_DSN:-0}"
+      SENTRY_ENVIRONMENT:
+      SENTRY_RELEASE:
+      TZ: ${TZ}
+      XMPP_DOMAIN:
+      XMPP_AUTH_DOMAIN:
+      XMPP_INTERNAL_MUC_DOMAIN:
+      XMPP_MUC_DOMAIN:
+      XMPP_RECORDER_DOMAIN:
+      XMPP_SERVER:
+      XMPP_PORT:
+    image: jitsi/jicofo:${JITSI_IMAGE_VERSION:-stable}
+    networks:
+      default: null
+    ports:
+      - 8889:8888
+    restart: unless-stopped
+    volumes:
+      - bind:
+          create_host_path: true
+          selinux: Z
+        source: ${DOCKER_VOLUME_CONFIG}/jitsi/jicofo
+        target: /config
+        type: bind
+  jitsi-jigasi:
+    container_name: jitsi-jigasi
+    depends_on:
+      jitsi-prosody:
+        condition: service_started
+        required: true
+    environment:
+      ENABLE_AUTH: 1
+      ENABLE_GUESTS: 1
+      XMPP_AUTH_DOMAIN:
+      XMPP_GUEST_DOMAIN:
+      XMPP_MUC_DOMAIN:
+      XMPP_INTERNAL_MUC_DOMAIN:
+      XMPP_SERVER:
+      XMPP_PORT:
+      XMPP_DOMAIN:
+      PUBLIC_URL: ${JITSI__PUBLIC_URL}
+      JIGASI_DISABLE_SIP:
+      JIGASI_SIP_URI: ${JITSI__SIP_URI}
+      JIGASI_SIP_PASSWORD: ${JITSI__JIGAGI_SIP_PASSWORD}
+      JIGASI_SIP_SERVER: ${JITSI__JIGAGI_SIP_SERVER}
+      JIGASI_SIP_PORT: ${JITSI__JIGAGI_SIP_PORT}
+      JIGASI_SIP_TRANSPORT: ${JITSI__JIGAGI_SIP_TRANSPORT}
+      JIGASI_SIP_DEFAULT_ROOM:
+      JIGASI_XMPP_USER:
+      JIGASI_XMPP_PASSWORD: ${JITSI__JIGASI_XMPP_PASSWORD}
+      JIGASI_BREWERY_MUC:
+      JIGASI_PORT_MIN:
+      JIGASI_PORT_MAX:
+      JIGASI_HEALTH_CHECK_SIP_URI:
+      JIGASI_HEALTH_CHECK_INTERVAL:
+      JIGASI_SIP_KEEP_ALIVE_METHOD:
+      JIGASI_ENABLE_SDES_SRTP:
+      ENABLE_TRANSCRIPTIONS:
+      JIGASI_TRANSCRIBER_ADVERTISE_URL:
+      JIGASI_TRANSCRIBER_RECORD_AUDIO:
+      JIGASI_TRANSCRIBER_SEND_TXT:
+      GC_PROJECT_ID:
+      GC_PRIVATE_KEY_ID:
+      GC_PRIVATE_KEY:
+      GC_CLIENT_EMAIL:
+      GC_CLIENT_ID:
+      GC_CLIENT_CERT_URL:
+      SHUTDOWN_REST_ENABLED:
+      SENTRY_DSN: "${JIGASI_SENTRY_DSN:-0}"
+      SENTRY_ENVIRONMENT:
+      SENTRY_RELEASE:
+      TZ: ${TZ}
+    image: jitsi/jigasi:${JITSI_IMAGE_VERSION:-stable}
+    networks:
+      default: null
+    ports:
+      - 20000-20050:20000-20050/udp
+    restart: unless-stopped
+    volumes:
+      - bind:
+          create_host_path: true
+          selinux: Z
+        source: ${DOCKER_VOLUME_CONFIG}/jitsi/jigasi
+        target: /config
+        type: bind
+      - bind:
+          create_host_path: true
+          selinux: Z
+        source: ${DOCKER_VOLUME_CONFIG}/jitsi/transcripts
+        target: /tmp/transcripts
+        type: bind
+  jitsi-jvb:
+    container_name: video.meet.jitsi
+    depends_on:
+      jitsi-prosody:
+        condition: service_started
+        required: true
+    environment:
+      DOCKER_HOST_ADDRESS:
+      ENABLE_COLIBRI_WEBSOCKET:
+      ENABLE_JVB_XMPP_SERVER:
+      ENABLE_OCTO:
+      JVB_ADVERTISE_IPS: 192.168.1.254
+      JVB_ADVERTISE_PRIVATE_CANDIDATES:
+      JVB_AUTH_USER:
+      JVB_AUTH_PASSWORD: ${JITSI__JVB_AUTH_PASSWORD}
+      JVB_BREWERY_MUC:
+      JVB_DISABLE_STUN:
+      JVB_PORT:
+      JVB_MUC_NICKNAME:
+      JVB_STUN_SERVERS:
+      JVB_OCTO_BIND_ADDRESS:
+      JVB_OCTO_REGION:
+      JVB_OCTO_RELAY_ID:
+      JVB_WS_DOMAIN:
+      JVB_WS_SERVER_ID:
+      JVB_XMPP_AUTH_DOMAIN:
+      JVB_XMPP_INTERNAL_MUC_DOMAIN:
+      JVB_XMPP_PORT:
+      JVB_XMPP_SERVER:
+      PUBLIC_URL: ${JITSI__PUBLIC_URL}
+      SENTRY_DSN: "${JVB_SENTRY_DSN:-0}"
+      SENTRY_ENVIRONMENT:
+      SENTRY_RELEASE:
+      COLIBRI_REST_ENABLED:
+      SHUTDOWN_REST_ENABLED:
+      TZ: ${TZ}
+      XMPP_AUTH_DOMAIN:
+      XMPP_INTERNAL_MUC_DOMAIN:
+      XMPP_SERVER:
+      XMPP_PORT:
+    image: jitsi/jvb:${JITSI_IMAGE_VERSION:-stable}
+    networks:
+      default: null
+    ports:
+      - 10000:10000/udp
+      - 8091:8080
+    restart: unless-stopped
+    volumes:
+      - bind:
+          create_host_path: true
+          selinux: Z
+        source: ${DOCKER_VOLUME_CONFIG}/jitsi/jvb
+        target: /config
+        type: bind
+  jitsi-prosody:
+    container_name: xmpp.meet.jitsi
+    environment:
+      AUTH_TYPE:
+      DISABLE_POLLS:
+      ENABLE_AUTH:
+      ENABLE_AV_MODERATION:
+      ENABLE_BREAKOUT_ROOMS:
+      ENABLE_END_CONFERENCE:
+      ENABLE_GUESTS: 1
+      ENABLE_IPV6:
+      ENABLE_LOBBY: 1
+      ENABLE_RECORDING: 1
+      ENABLE_XMPP_WEBSOCKET:
+      ENABLE_JAAS_COMPONENTS:
+      GC_TYPE:
+      GC_INC_TH:
+      GC_INC_SPEED:
+      GC_INC_STEP_SIZE:
+      GC_GEN_MIN_TH:
+      GC_GEN_MAX_TH:
+      GLOBAL_CONFIG:
+      GLOBAL_MODULES:
+      JIBRI_RECORDER_USER:
+      JIBRI_RECORDER_PASSWORD: ${JITSI__JIBRI_RECORDER_PASSWORD}
+      JIBRI_XMPP_USER:
+      JIBRI_XMPP_PASSWORD: ${JITSI__JIBRI_XMPP_PASSWORD}
+      JICOFO_AUTH_PASSWORD: ${JITSI__JICOFO_AUTH_PASSWORD}
+      JICOFO_COMPONENT_SECRET:
+      JIGASI_XMPP_USER:
+      JIGASI_XMPP_PASSWORD: ${JITSI__JIGASI_XMPP_PASSWORD}
+      JVB_AUTH_USER:
+      JVB_AUTH_PASSWORD: ${JITSI__JVB_AUTH_PASSWORD}
+      JWT_APP_ID:
+      JWT_APP_SECRET:
+      JWT_ACCEPTED_ISSUERS:
+      JWT_ACCEPTED_AUDIENCES:
+      JWT_ASAP_KEYSERVER:
+      JWT_ALLOW_EMPTY:
+      JWT_AUTH_TYPE:
+      JWT_ENABLE_DOMAIN_VERIFICATION:
+      JWT_TOKEN_AUTH_MODULE:
+      MATRIX_UVS_URL:
+      MATRIX_UVS_ISSUER:
+      MATRIX_UVS_AUTH_TOKEN:
+      MATRIX_UVS_SYNC_POWER_LEVELS:
+      LOG_LEVEL:
+      LDAP_AUTH_METHOD:
+      LDAP_BASE:
+      LDAP_BINDDN:
+      LDAP_BINDPW:
+      LDAP_FILTER:
+      LDAP_VERSION:
+      LDAP_TLS_CIPHERS:
+      LDAP_TLS_CHECK_PEER:
+      LDAP_TLS_CACERT_FILE:
+      LDAP_TLS_CACERT_DIR:
+      LDAP_START_TLS:
+      LDAP_URL:
+      LDAP_USE_TLS:
+      MAX_PARTICIPANTS:
+      PROSODY_AUTH_TYPE:
+      PROSODY_RESERVATION_ENABLED:
+      PROSODY_RESERVATION_REST_BASE_URL:
+      PROSODY_ENABLE_RATE_LIMITS:
+      PROSODY_RATE_LIMIT_LOGIN_RATE:
+      PROSODY_RATE_LIMIT_SESSION_RATE:
+      PROSODY_RATE_LIMIT_TIMEOUT:
+      PROSODY_RATE_LIMIT_ALLOW_RANGES:
+      PROSODY_RATE_LIMIT_CACHE_SIZE:
+      PUBLIC_URL: ${JITSI__PUBLIC_URL}
+      TURN_CREDENTIALS:
+      TURN_HOST:
+      TURNS_HOST:
+      TURN_PORT:
+      TURNS_PORT:
+      TURN_TRANSPORT:
+      TZ: ${TZ}
+      XMPP_DOMAIN:
+      XMPP_AUTH_DOMAIN:
+      XMPP_GUEST_DOMAIN:
+      XMPP_MUC_DOMAIN:
+      XMPP_INTERNAL_MUC_DOMAIN:
+      XMPP_MODULES:
+      XMPP_MUC_MODULES:
+      XMPP_MUC_CONFIGURATION:
+      XMPP_INTERNAL_MUC_MODULES:
+      XMPP_RECORDER_DOMAIN:
+      XMPP_PORT:
+    expose:
+      - 5222
+      - "5347"
+      - "5280"
+    image: jitsi/prosody:${JITSI_IMAGE_VERSION:-stable}
+    networks:
+      default: null
+    restart: unless-stopped
+    volumes:
+      - bind:
+          create_host_path: true
+          selinux: Z
+        source: ${DOCKER_VOLUME_CONFIG}/jitsi/prosody/config
+        target: /config
+        type: bind
+      - bind:
+          create_host_path: true
+          selinux: Z
+        source: ${DOCKER_VOLUME_CONFIG}/jitsi/prosody/prosody-plugins-custom
+        target: /prosody-plugins-custom
+        type: bind
+  jitsi-web:
+    container_name: jitsi-web
+    environment:
+      AMPLITUDE_ID:
+      ANALYTICS_SCRIPT_URLS:
+      ANALYTICS_WHITELISTED_EVENTS:
+      AUDIO_QUALITY_OPUS_BITRATE:
+      AUTO_CAPTION_ON_RECORD:
+      BRANDING_DATA_URL:
+      CALLSTATS_CUSTOM_SCRIPT_URL:
+      CALLSTATS_ID:
+      CALLSTATS_SECRET:
+      CHROME_EXTENSION_BANNER_JSON:
+      COLIBRI_WEBSOCKET_PORT:
+      CONFCODE_URL:
+      CONFIG_EXTERNAL_CONNECT:
+      DEFAULT_LANGUAGE:
+      DEPLOYMENTINFO_ENVIRONMENT:
+      DEPLOYMENTINFO_ENVIRONMENT_TYPE:
+      DEPLOYMENTINFO_REGION:
+      DEPLOYMENTINFO_SHARD:
+      DEPLOYMENTINFO_USERREGION:
+      DESKTOP_SHARING_FRAMERATE_MIN:
+      DESKTOP_SHARING_FRAMERATE_MAX:
+      DIALIN_NUMBERS_URL:
+      DIALOUT_AUTH_URL:
+      DIALOUT_CODES_URL:
+      DISABLE_AUDIO_LEVELS:
+      DISABLE_DEEP_LINKING:
+      DISABLE_GRANT_MODERATOR:
+      DISABLE_HTTPS: 1
+      DISABLE_KICKOUT:
+      DISABLE_LOCAL_RECORDING:
+      DISABLE_POLLS:
+      DISABLE_PRIVATE_CHAT:
+      DISABLE_PROFILE:
+      DISABLE_REACTIONS:
+      DISABLE_REMOTE_VIDEO_MENU:
+      DISABLE_START_FOR_ALL:
+      DROPBOX_APPKEY:
+      DROPBOX_REDIRECT_URI:
+      DYNAMIC_BRANDING_URL:
+      ENABLE_AUDIO_PROCESSING:
+      ENABLE_AUTH:
+      ENABLE_BREAKOUT_ROOMS:
+      ENABLE_CALENDAR:
+      ENABLE_COLIBRI_WEBSOCKET:
+      ENABLE_E2EPING:
+      ENABLE_FILE_RECORDING_SHARING:
+      ENABLE_GUESTS: 1
+      ENABLE_HSTS:
+      ENABLE_HTTP_REDIRECT: 0
+      ENABLE_IPV6:
+      ENABLE_LETSENCRYPT: 0
+      ENABLE_LIPSYNC:
+      ENABLE_NO_AUDIO_DETECTION:
+      ENABLE_NOISY_MIC_DETECTION:
+      ENABLE_OCTO:
+      ENABLE_OPUS_RED:
+      ENABLE_PREJOIN_PAGE:
+      ENABLE_P2P:
+      ENABLE_WELCOME_PAGE:
+      ENABLE_CLOSE_PAGE:
+      ENABLE_LIVESTREAMING:
+      ENABLE_LIVESTREAMING_DATA_PRIVACY_LINK:
+      ENABLE_LIVESTREAMING_HELP_LINK:
+      ENABLE_LIVESTREAMING_TERMS_LINK:
+      ENABLE_LIVESTREAMING_VALIDATOR_REGEXP_STRING:
+      ENABLE_LOCAL_RECORDING_NOTIFY_ALL_PARTICIPANT:
+      ENABLE_LOCAL_RECORDING_SELF_START:
+      ENABLE_RECORDING: 1
+      ENABLE_REMB:
+      ENABLE_REQUIRE_DISPLAY_NAME:
+      ENABLE_SERVICE_RECORDING:
+      ENABLE_SIMULCAST:
+      ENABLE_STATS_ID:
+      ENABLE_STEREO:
+      ENABLE_SUBDOMAINS:
+      ENABLE_TALK_WHILE_MUTED:
+      ENABLE_TCC:
+      ENABLE_TRANSCRIPTIONS: 1
+      ENABLE_XMPP_WEBSOCKET:
+      ENABLE_JAAS_COMPONENTS:
+      ETHERPAD_PUBLIC_URL:
+      ETHERPAD_URL_BASE: ${JITSI__ETHERPAD_URL_BASE}
+      E2EPING_NUM_REQUESTS:
+      E2EPING_MAX_CONFERENCE_SIZE:
+      E2EPING_MAX_MESSAGE_PER_SECOND:
+      GOOGLE_ANALYTICS_ID:
+      GOOGLE_API_APP_CLIENT_ID:
+      HIDE_PREMEETING_BUTTONS:
+      HIDE_PREJOIN_DISPLAY_NAME:
+      HIDE_PREJOIN_EXTRA_BUTTONS:
+      INVITE_SERVICE_URL:
+      LETSENCRYPT_DOMAIN:
+      LETSENCRYPT_EMAIL:
+      LETSENCRYPT_USE_STAGING:
+      MATOMO_ENDPOINT:
+      MATOMO_SITE_ID:
+      MICROSOFT_API_APP_CLIENT_ID:
+      NGINX_RESOLVER:
+      NGINX_WORKER_PROCESSES:
+      NGINX_WORKER_CONNECTIONS:
+      PEOPLE_SEARCH_URL:
+      PREFERRED_LANGUAGE:
+      PUBLIC_URL: ${JITSI__PUBLIC_URL}
+      P2P_PREFERRED_CODEC:
+      RESOLUTION:
+      RESOLUTION_MIN:
+      RESOLUTION_WIDTH:
+      RESOLUTION_WIDTH_MIN:
+      START_AUDIO_MUTED:
+      START_AUDIO_ONLY:
+      START_BITRATE:
+      START_SILENT:
+      START_WITH_AUDIO_MUTED:
+      START_VIDEO_MUTED:
+      START_WITH_VIDEO_MUTED:
+      TESTING_CAP_SCREENSHARE_BITRATE:
+      TESTING_OCTO_PROBABILITY:
+      TOKEN_AUTH_URL:
+      TOOLBAR_BUTTONS:
+      TRANSLATION_LANGUAGES:
+      TRANSLATION_LANGUAGES_HEAD:
+      TZ: ${TZ}
+      USE_APP_LANGUAGE:
+      VIDEOQUALITY_BITRATE_H264_LOW:
+      VIDEOQUALITY_BITRATE_H264_STANDARD:
+      VIDEOQUALITY_BITRATE_H264_HIGH:
+      VIDEOQUALITY_BITRATE_VP8_LOW:
+      VIDEOQUALITY_BITRATE_VP8_STANDARD:
+      VIDEOQUALITY_BITRATE_VP8_HIGH:
+      VIDEOQUALITY_BITRATE_VP9_LOW:
+      VIDEOQUALITY_BITRATE_VP9_STANDARD:
+      VIDEOQUALITY_BITRATE_VP9_HIGH:
+      VIDEOQUALITY_ENFORCE_PREFERRED_CODEC:
+      VIDEOQUALITY_PREFERRED_CODEC:
+      XMPP_AUTH_DOMAIN:
+      XMPP_BOSH_URL_BASE:
+      XMPP_DOMAIN:
+      XMPP_GUEST_DOMAIN:
+      XMPP_MUC_DOMAIN:
+      XMPP_RECORDER_DOMAIN:
+      XMPP_PORT:
+      WHITEBOARD_ENABLED:
+      WHITEBOARD_COLLAB_SERVER_PUBLIC_URL:
+    hostname: meet.jitsi
+    image: jitsi/web:${JITSI_IMAGE_VERSION:-stable}
+    labels:
+      swag: enable
+      swag_proto: https
+      swag_url: meet.${MY_TLD}
+      swag_server_custom_directive: |
+        access_log /config/log/$$host_access.log ;
+        error_log /config/log/$$host_error.log ;
+      swag.uptime-kuma.enabled: true
+      swag.uptime-kuma.monitor.url: https://meet.${MY_TLD}
+      swag.uptime-kuma.monitor.interval: 300
+      homepage.group: Social
+      homepage.name: Jitsi
+      homepage.href: https://meet.${MY_TLD}
+      homepage.icon: jitsi.png
+      homepage.description: Web Conferencing
+    networks:
+      default: null
+    ports:
+      - 8001:80
+      - 8002:443
+    restart: unless-stopped
+    volumes:
+      - bind:
+          create_host_path: true
+          selinux: Z
+        source: ${DOCKER_VOLUME_CONFIG}/jitsi/web
+        target: /config
+        type: bind
+      - bind:
+          create_host_path: true
+          selinux: Z
+        source: ${DOCKER_VOLUME_CONFIG}/jitsi/web/crontabs
+        target: /var/spool/cron/crontabs
+        type: bind
+      - bind:
+          create_host_path: true
+          selinux: Z
+        source: ${DOCKER_VOLUME_CONFIG}/jitsi/transcripts
+        target: /usr/share/jitsi-meet/transcripts
+        type: bind
   joplin-db:
     container_name: joplin-db
     environment:
@@ -2522,6 +3102,7 @@ services:
       DATABASE_URL: sqlite3:/config/manyfold.sqlite3
       REDIS_URL: redis://redis:6379/2
       SECRET_KEY_BASE: ${MANYFOLD_SECRET_KEY_BASE}
+      MUTLIUSER: enabled
     image: lscr.io/linuxserver/manyfold:latest
     labels:
       homepage.group: Lifestyle
@@ -2720,81 +3301,6 @@ services:
         type: bind
         bind:
           create_host_path: true
-  mirotalk:
-    container_name: mirotalk
-    environment:
-      NODE_ENV: production #development or production
-      PORT: 3000
-      TRUST_PROXY: false #true or false
-      TZ: ${TZ}
-      LOGS_DEBUG: true # true or false
-      LOGS_COLORS: true # true or false
-      CORS_ORIGIN: '*'
-      CORS_METHODS: '["GET", "POST"]'
-      IP_WHITELIST_ENABLED: false # true or false
-      IP_WHITELIST_ALLOWED: '["127.0.0.1", "::1"]'
-      OIDC_ENABLED: false # true or false
-      HOST_PROTECTED: false # true or false
-      HOST_USER_AUTH: false # true or false
-      JWT_KEY: ${MIROTALK_JWT_KEY}
-      JWT_EXP: 1h
-      PRESENTERS: '["Mirotalk Rinoa", "noreply@trez.wtf"]'
-      NGROK_ENABLED: true
-      NGROK_AUTH_TOKEN: ${NGROK_AUTH_TOKEN}
-      STUN_SERVER_ENABLED: true # true or false
-      STUN_SERVER_URL: stun:stun.l.google.com:19302
-      TURN_SERVER_ENABLED: true # true or false
-      TURN_SERVER_URL: turn:a.relay.metered.ca:443
-      TURN_SERVER_USERNAME: ${MIROTALK_METERED_TURNSERVER_USER}
-      TURN_SERVER_CREDENTIAL: ${MIROTALK_METERED_TURNSERVER_PASSWORD}
-      IP_LOOKUP_ENABLED: false # true or false
-      API_KEY_SECRET: ${MIROTALK_API_KEY_SECRET}
-      API_DISABLED: '["token", "meetings"]'
-      SURVEY_ENABLED: false
-      REDIRECT_ENABLED: false # true or false
-      SENTRY_ENABLED: false # true or false
-      SLACK_ENABLED: false # true or false
-      MATTERMOST_ENABLED: false # true or false
-      CHATGPT_ENABLED: false # true or false
-      CHATGPT_BASE_PATH: https://api.openai.com/v1/
-      CHATGPT_APIKEY: ${LIBRECHAT_OPENAI_API_KEY}
-      CHATGPT_MODEL: gpt-3.5-turbo
-      CHATGPT_MAX_TOKENS: 1000
-      CHATGPT_TEMPERATURE: 0
-      EMAIL_ALERT: true # true or false
-      EMAIL_HOST: postal-smtp
-      EMAIL_PORT: 25
-      EMAIL_USERNAME: ${POSTAL_SMTP_AUTH_USER}
-      EMAIL_PASSWORD: ${POSTAL_SMTP_AUTH_PASSWORD}
-      EMAIL_SEND_TO: noreply@${MY_TLD}
-      STATS_ENABLED: true # true or false
-      STATS_SCR: https://stats.mirotalk.com/script.js
-      STATS_ID: c7615aa7-ceec-464a-baba-54cb605d7261
-    expose:
-      - 3000
-    hostname: mirotalk
-    image: mirotalk/p2p:latest
-    labels:
-      swag: enable
-      swag_port: 3000
-      swag_proto: http
-      swag_url: meet.${MY_TLD}
-      swag_server_custom_directive: |
-        access_log /config/log/$$host_access.log ;
-        error_log /config/log/$$host_error.log ;
-      swag.uptime-kuma.enabled: true
-      swag.uptime-kuma.monitor.url: https://social.${MY_TLD}
-      swag.uptime-kuma.monitor.interval: 300
-      homepage.group: Social
-      homepage.name: MiroTalk
-      homepage.href: https://meet.${MY_TLD}
-      homepage.icon: sh-mirotalk.svg
-      homepage.description: Simple, secure, and fast real-time video conferences
-    restart: unless-stopped
-    volumes:
-      - ${DOCKER_VOLUME_CONFIG}/mirotalk/app/src/config.js:/src/app/src/config.js:ro
-      - ${DOCKER_VOLUME_CONFIG}/mirotalk/app/:/src/app/:ro
-      - ${DOCKER_VOLUME_CONFIG}/mirotalk/public/:/src/public/:ro
   mixpost:
     container_name: mixpost
     image: inovector/mixpost:latest
@@ -3102,15 +3608,16 @@ services:
     container_name: omni-tools
     image: iib0011/omni-tools:latest
     labels:
-      homepage.group: Personal Services
+      homepage.group: Personal/Professional Services
       homepage.name: OmniTools
-      homepage.href: https://ombi.${MY_TLD}
+      homepage.href: https://otools.${MY_TLD}
       homepage.icon: sh-omnitools.svg
       homepage.description: Tools for common tasks
       swag: enable
       swag_server_custom_directive: |
         access_log /config/log/$$host_access.log ;
         error_log /config/log/$$host_error.log ;
+      swag_url: otools.${MY_TLD}
       swag.uptime-kuma.enabled: true
       swag.uptime-kuma.monitor.url: https://otools.${MY_TLD}
       swag.uptime-kuma.monitor.interval: 300
@@ -3652,7 +4159,7 @@ services:
     container_name: redlib
     environment:
       REDLIB_SFW_ONLY: off
-      REDLIB_BANNER: 
+      REDLIB_BANNER:
       REDLIB_ROBOTS_DISABLE_INDEXING: off
       REDLIB_PUSHSHIFT_FRONTEND: undelete.pullpush.io
       REDLIB_DEFAULT_THEME: nord
@@ -3666,7 +4173,7 @@ services:
       REDLIB_DEFAULT_USE_HLS: off
       REDLIB_DEFAULT_HIDE_HLS_NOTIFICATION: off
       REDLIB_DEFAULT_AUTOPLAY_VIDEOS: off
-      REDLIB_DEFAULT_SUBSCRIPTIONS: 
+      REDLIB_DEFAULT_SUBSCRIPTIONS:
       REDLIB_DEFAULT_HIDE_AWARDS: off
       REDLIB_DEFAULT_DISABLE_VISIT_REDDIT_CONFIRMATION: off
       REDLIB_DEFAULT_HIDE_SCORE: off
@@ -3908,7 +4415,7 @@ services:
       - ALL
     container_name: searxng
     environment:
-      SEARXNG_BASE_URL: https://${SEARXNG_BASE_URL:-localhost}/
+      SEARXNG_BASE_URL: https://search.${MY_TLD}
     image: searxng/searxng:latest
     labels:
       homepage.group: Personal/Professional Services
@@ -4613,8 +5120,8 @@ services:
   watchtower:
     container_name: watchtower
     environment:
-      REPO_PASS: 
-      REPO_USER: 
+      REPO_PASS:
+      REPO_USER:
       TZ: America/New_York
       WATCHTOWER_CLEANUP: true
       WATCHTOWER_INCLUDE_STOPPED: false
@@ -4622,7 +5129,7 @@ services:
       WATCHTOWER_NOTIFICATIONS: gotify
       WATCHTOWER_NOTIFICATIONS_LEVEL: info
       WATCHTOWER_NOTIFICATION_TEMPLATE: '{{range .}}{{.Message}}{{println}}{{end}}'
-      WATCHTOWER_NOTIFICATION_URL: 
+      WATCHTOWER_NOTIFICATION_URL:
       WATCHTOWER_SCHEDULE: 0 0 4 * * *
       WATCHTOWER_TIMEOUT: 30s
       WATCHTOWER_HTTP_API_METRICS: true