Vish/homelab-optimized
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Sanitized mirror from private repository - 2026-03-24 12:45:58 UTC
Some checks failed
Documentation / Deploy to GitHub Pages (push) Has been cancelled
Details
Documentation / Build Docusaurus (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Gitea Mirror Bot
2026-03-24 12:45:58 +00:00
commit c727d0bfb1
1265 changed files with 311415 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
hosts/vms/matrix-ubuntu/docker-compose.livekit.yml Normal file
View File

@@ -0,0 +1,39 @@
# LiveKit SFU + JWT service for MatrixRTC (Element X / Element Call)
# Host: matrix-ubuntu (192.168.0.154 / 100.85.21.51)
# Deploy path: /opt/livekit/
#
# Public endpoints (via NPM on Calypso -> livekit.mx.vish.gg):
# LiveKit SFU: https://livekit.mx.vish.gg/livekit/sfu/
# JWT service: https://livekit.mx.vish.gg/livekit/jwt/
# Healthcheck: https://livekit.mx.vish.gg/livekit/jwt/healthz
#
# Announced via .well-known/matrix/client on mx.vish.gg:
# "org.matrix.msc4143.rtc_foci": [{"type":"livekit","livekit_service_url":"https://livekit.mx.vish.gg/livekit/jwt"}]
#
# NOTE: This compose file lives at /opt/livekit/docker-compose.yml on matrix-ubuntu
# It is NOT deployed via Portainer GitOps — managed manually on the host.
# Config file: /opt/livekit/livekit.yaml
services:
livekit:
image: livekit/livekit-server:latest
container_name: livekit
command: --config /etc/livekit/livekit.yaml
volumes:
- /opt/livekit/livekit.yaml:/etc/livekit/livekit.yaml:ro
# network_mode: host — uses host networking for WebRTC NAT traversal
# Ports: 7880 (HTTP/WS), 7881 (RTC TCP), 50000-60000/udp (WebRTC media)
network_mode: host
restart: unless-stopped
lk-jwt-service:
image: ghcr.io/element-hq/lk-jwt-service:latest-ci
container_name: lk-jwt-service
environment:
- LIVEKIT_URL=wss://livekit.mx.vish.gg
- LIVEKIT_KEY=livekit_key
- LIVEKIT_SECRET=800649495d6b00e27fbafc71REDACTED_GITEA_TOKEN # pragma: allowlist secret
- LIVEKIT_FULL_ACCESS_HOMESERVERS=mx.vish.gg
ports:
- "8089:8080"
restart: unless-stopped

22
hosts/vms/matrix-ubuntu/livekit-config.yaml Normal file
View File

@@ -0,0 +1,22 @@
# LiveKit SFU configuration
# Deployed at: /opt/livekit/livekit.yaml on matrix-ubuntu
# Docs: https://docs.livekit.io/home/self-hosting/deployment/
port: 7880
rtc:
tcp_port: 7881
port_range_start: 50000
port_range_end: 60000
use_external_ip: true # Auto-detects 184.23.52.14
use_ice_lite: true
room:
auto_create: false # Required — lk-jwt-service creates rooms for authorized users only
keys:
# API key name: livekit_key
# Secret stored in livekit.yml docker-compose env var
livekit_key: 800649495d6b00e27fbafc71REDACTED_GITEA_TOKEN # pragma: allowlist secret
logging:
level: info

22
hosts/vms/matrix-ubuntu/nginx-proxy-manager.yaml Normal file
View File

@@ -0,0 +1,22 @@
# Nginx Proxy Manager — matrix-ubuntu VM
# Reverse proxy for all homelab domains
# Ports: 80 (HTTP), 443 (HTTPS), 81 (Admin UI)
# URL: http://192.168.0.154:81 (admin)
#
# Migrated from Calypso 2026-03-20 to enable split-horizon DNS
# (Synology nginx on Calypso occupied ports 80/443)
services:
nginx-proxy-manager:
image: jc21/nginx-proxy-manager:latest
container_name: nginx-proxy-manager
ports:
- "80:80"
- "443:443"
- "81:81"
environment:
TZ: America/Los_Angeles
volumes:
- /opt/npm/data:/data
- /opt/npm/letsencrypt:/etc/letsencrypt
restart: unless-stopped