diff --git a/README.md b/README.md
index 6068361..e103d74 100644
--- a/README.md
+++ b/README.md
@@ -1,12 +1,37 @@
+Note: Make sure no secrets are leaked!
+```bash
+gitleaks detect --source . -v
+```
+
 # Server Setups and Stuff we Self Host
 
 Shell scripts, ansible scripts and config files for foss united servers and self-hosted applications.
 
-### List of Applications 
+### List of Applications
 
 - [Listmonk](https://listmonk.app) - For sending bulk emails and newsletter
-- [Nextcloud](./servers/apps/nextcloud/README.md) - Nextcloud instance self hosted for FOSS United Team's internal usage, and for switching from the GSuite (like Google Docs, Google Sheets).
+
+  https://listmonk.fossunited.org (only admin access)
+
 - [Vaultwarden](./servers/apps/vaultwarden/README.md) - Password Management on Organization and User level
 - [Mattermost](./servers/apps/mattermost/mattermost.md) - For Internal team discussions
+
+  https://mattermost.fossunited.org (only team access)
+
+- [Livecode](https://github.com/fossunited/falcon) -  A service that execute code in any programming language in a sandboxed environment.
+- [Jisti](https://github.com/jitsi/jitsi-meet) - For all Meetings in and around organization
+
+  https://meet.fossunited.org (open for all to use)
+
+  - It also has Etherpad lite for meeting notes
+
+    https://meet.fossunited.org/etherpad/p/dtest (open for all)
+
+- [Caddy file server](https://caddyserver.com/) - For file sharing with community
+
+  https://files.fossunited.org/ (seldom used, has some files)
+
+
+#### Seldom Used (or Ignored)
+- [Nextcloud](./servers/apps/nextcloud/README.md) - Nextcloud instance self hosted for FOSS United Team's internal usage, and for switching from the GSuite (like Google Docs, Google Sheets).
 - [Librechat](https://www.librechat.ai/) - AI chat platform/search engine called [Echo](https://echo.fossunited.org)
-- [Livecode](https://github.com/fossunited/falcon) -  A service that execute code in any programming language in a sandboxed environment. 
diff --git a/servers/README.md b/servers/README.md
index cc7961d..cf7e313 100644
--- a/servers/README.md
+++ b/servers/README.md
@@ -16,6 +16,7 @@ Services Running:
 - nginx
 - frape-bench
 - livecode
+- caddy
 
 Important Locations:
 - /home/fossunited/frappe-bench
diff --git a/servers/apps/caddy/Caddyfile b/servers/apps/caddy/Caddyfile
new file mode 100644
index 0000000..a435661
--- /dev/null
+++ b/servers/apps/caddy/Caddyfile
@@ -0,0 +1,46 @@
+# again same password as listmonk to decrypt (in emacs M-x epa-decrypt-region)
+-----BEGIN PGP MESSAGE-----
+
+jA0ECQMKduqVxERu8UD/0o8B4hJWwSwrcHzypx+hn4e0GYJcmqeOw0eVxlndWUF+
+mxGo87FHqEn2oUgI+z5MkGQa9UqlosNLReGO4DpaHQWoJqC+oYUVrf42LMXjZUYi
+wUP3Ccvq0bhD7S2F9IapF121OdyqYK9i6Bus09JGAjKvF6IwQQ4/p1UAMUDr9LC3
+hRIcQIxOdWHcNTvZpjW3eQ==
+=DBeZ
+-----END PGP MESSAGE-----
+
+# Jitsi
+meet.fossunited.org {
+    handle_path /etherpad/* {
+        reverse_proxy etherpad.meet.jitsi:9001
+    }
+    handle {
+        reverse_proxy 139.144.1.25:8000 {
+            header_up X-Real-IP {remote_host}
+        }
+    }
+}
+# Excalidraw backend for jitsi
+whiteboard.meet.fossunited.org {
+    reverse_proxy 139.144.1.25:8695 {
+        header_up Host {host}
+        header_up X-Real-IP {remote_host}
+        # WebSocket upgrade support
+        transport http {
+            keepalive 30s
+        }
+    }
+}     
+
+files.fossunited.org {
+	file_server {
+		browse
+	}
+	root * /filebrowser
+}     
+filemanager.fossunited.org {
+        reverse_proxy 139.144.1.25:8090
+}
+
+fureport.tamilnadu.tech {
+	reverse_proxy ghost-blog:2368
+}
diff --git a/servers/apps/caddy/Dockerfile b/servers/apps/caddy/Dockerfile
new file mode 100644
index 0000000..bf5069a
--- /dev/null
+++ b/servers/apps/caddy/Dockerfile
@@ -0,0 +1,9 @@
+FROM caddy:builder-alpine AS builder
+
+RUN xcaddy build \
+    --with github.com/caddy-dns/cloudflare
+
+FROM caddy:alpine
+
+COPY --from=builder /usr/bin/caddy /usr/bin/caddy
+
diff --git a/servers/apps/caddy/README.md b/servers/apps/caddy/README.md
new file mode 100644
index 0000000..83ec087
--- /dev/null
+++ b/servers/apps/caddy/README.md
@@ -0,0 +1,3 @@
+- Instead of nginx, caddy is used for reverse proxy and routing
+
+- Is in same jitsi server itself
diff --git a/servers/apps/caddy/compose.yml b/servers/apps/caddy/compose.yml
new file mode 100644
index 0000000..e6518d2
--- /dev/null
+++ b/servers/apps/caddy/compose.yml
@@ -0,0 +1,26 @@
+services:
+  caddy:
+    image: caddy
+    restart: unless-stopped
+    ports:
+      - "80:80"
+      - "443:443"
+      - "443:443/udp"
+    volumes:
+      - ./Caddyfile:/etc/caddy/Caddyfile
+      - /root/filebrowser/srv:/filebrowser
+      - caddy_data:/data
+      - caddy_config:/config
+    networks:
+      - default
+      - jitsi
+
+networks:
+  default:
+  jitsi:
+    external: true
+    name: docker-jitsi-meet_meet.jitsi
+
+volumes:
+  caddy_data:
+  caddy_config:
diff --git a/servers/apps/filebrowser/compose.yml b/servers/apps/filebrowser/compose.yml
new file mode 100644
index 0000000..a1f084b
--- /dev/null
+++ b/servers/apps/filebrowser/compose.yml
@@ -0,0 +1,11 @@
+services:
+    filebrowser:
+        image: filebrowser/filebrowser
+        restart: unless-stopped
+        volumes:
+          - ./srv:/srv
+          - ./db:/database
+          - ./config:/config
+        ports:
+          - 8090:80
+        user: 1000:1000
diff --git a/servers/apps/filebrowser/config/settings.json b/servers/apps/filebrowser/config/settings.json
new file mode 100644
index 0000000..e787ef8
--- /dev/null
+++ b/servers/apps/filebrowser/config/settings.json
@@ -0,0 +1,8 @@
+{
+  "port": 80,
+  "baseURL": "",
+  "address": "",
+  "log": "stdout",
+  "database": "/database/filebrowser.db",
+  "root": "/srv"
+}
\ No newline at end of file
diff --git a/servers/apps/filebrowser/readme.md b/servers/apps/filebrowser/readme.md
new file mode 100644
index 0000000..6b0c291
--- /dev/null
+++ b/servers/apps/filebrowser/readme.md
@@ -0,0 +1,5 @@
+## A simple caddy file browser
+
+https://files.fossunited.org
+
+To add files, either ssh and add or via admin panel: https://filemanager.fossunited.org
diff --git a/servers/apps/jitsi/.env b/servers/apps/jitsi/.env
new file mode 100644
index 0000000..b5a47b7
--- /dev/null
+++ b/servers/apps/jitsi/.env
@@ -0,0 +1,270 @@
+# shellcheck disable=SC2034
+
+################################################################################
+################################################################################
+# Welcome to the Jitsi Meet Docker setup!
+#
+# This sample .env file contains some basic options to get you started.
+# The full options reference can be found here:
+# https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-docker
+################################################################################
+################################################################################
+
+
+#
+# Basic configuration options
+#
+
+# Directory where all configuration will be stored
+CONFIG=~/.jitsi-meet-cfg
+
+# Exposed HTTP port (will redirect to HTTPS port)
+HTTP_PORT=8000
+
+# Exposed HTTPS port
+HTTPS_PORT=8443
+
+# System time zone
+TZ=UTC
+
+# Public URL for the web service (required)
+# Keep in mind that if you use a non-standard HTTPS port, it has to appear in the public URL
+PUBLIC_URL=https://meet.fossunited.org
+
+# Media IP addresses to advertise by the JVB
+# This setting deprecates DOCKER_HOST_ADDRESS, and supports a comma separated list of IPs
+# See the "Running behind NAT or on a LAN environment" section in the Handbook:
+# https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-docker#running-behind-nat-or-on-a-lan-environment
+JVB_ADVERTISE_IPS=139.144.1.25
+
+#
+# Memory limits for Java components
+#
+
+#JICOFO_MAX_MEMORY=3072m
+#VIDEOBRIDGE_MAX_MEMORY=3072m
+
+#
+# JaaS Components (beta)
+# https://jaas.8x8.vc
+#
+
+# Enable JaaS Components (hosted Jigasi)
+# NOTE: if Let's Encrypt is enabled a JaaS account will be automatically created, using the provided email in LETSENCRYPT_EMAIL
+#ENABLE_JAAS_COMPONENTS=0
+
+#
+# Let's Encrypt configuration
+#
+
+# Enable Let's Encrypt certificate generation
+ENABLE_LETSENCRYPT=0
+DISABLE_HTTPS=1
+# Domain for which to generate the certificate
+#LETSENCRYPT_DOMAIN=meet.example.com
+
+# E-Mail for receiving important account notifications (mandatory)
+#LETSENCRYPT_EMAIL=alice@atlanta.net
+
+# Use the staging server (for avoiding rate limits while testing)
+#LETSENCRYPT_USE_STAGING=1
+
+# Set ACME server. Default is zerossl, you can peek one at https://github.com/acmesh-official/acme.sh/wiki/Server
+#LETSENCRYPT_ACME_SERVER="letsencrypt"
+
+#
+# Etherpad integration (for document sharing)
+#
+
+# Set the etherpad-lite URL in the docker local network (uncomment to enable)
+ENABLE_ETHERPAD=1
+ETHERPAD_URL_BASE=http://etherpad.meet.jitsi:9001
+ETHERPAD_PUBLIC_URL=https://meet.fossunited.org/etherpad/p/
+
+# Name your etherpad instance!
+ETHERPAD_TITLE=Video Chat
+
+# The default text of a pad
+ETHERPAD_DEFAULT_PAD_TEXT="Welcome to Web Chat!\n\n"
+
+# Name of the skin for etherpad
+ETHERPAD_SKIN_NAME=colibris
+
+# Skin variants for etherpad
+ETHERPAD_SKIN_VARIANTS="super-light-toolbar super-light-editor light-background full-width-editor"
+
+#
+# Whiteboard integration
+#
+
+WHITEBOARD_ENABLED=true
+# Internal URL — use the host IP since excalidraw is in a separate compose project
+WHITEBOARD_COLLAB_SERVER_URL_BASE=http://139.144.1.25:8695
+WHITEBOARD_COLLAB_SERVER_PUBLIC_URL=https://whiteboard.meet.fossunited.org
+
+#
+# Basic Jigasi configuration options (needed for SIP gateway support)
+#
+
+# SIP URI for incoming / outgoing calls
+#JIGASI_SIP_URI=test@sip2sip.info
+
+# Password for the specified SIP account as a clear text
+-----BEGIN PGP MESSAGE-----
+
+jA0ECQMKUx53LTE1YC7/0loBJMiBWvB/vVtTBiTIKRm6Hh7K3SOFlmCCSukHBPCb
+cRmqUsXD39oMVBvTUmrFBzyPhRAquivTLqB52zNLBUQDCcj/aZcBAOaNX4fA2IBH
+By1PdyY4BKi8TJE=
+=dmoI
+-----END PGP MESSAGE-----
+
+# SIP server (use the SIP account domain if in doubt)
+#JIGASI_SIP_SERVER=sip2sip.info
+
+# SIP server port
+#JIGASI_SIP_PORT=5060
+
+# SIP server transport
+#JIGASI_SIP_TRANSPORT=UDP
+
+
+#
+# Authentication configuration (see handbook for details)
+#
+
+# Enable authentication (will ask for login and password to join the meeting)
+#ENABLE_AUTH=1
+
+# Enable guest access (if authentication is enabled, this allows for users to be held in lobby until registered user lets them in)
+#ENABLE_GUESTS=1
+
+# Select authentication type: internal, jwt, ldap or matrix
+#AUTH_TYPE=internal
+
+# JWT authentication
+#
+
+# Application identifier
+#JWT_APP_ID=my_jitsi_app_id
+
+# Application secret known only to your token generator
+#JWT_APP_SECRET=my_jitsi_app_secret
+
+# (Optional) Set asap_accepted_issuers as a comma separated list
+#JWT_ACCEPTED_ISSUERS=my_web_client,my_app_client
+
+# (Optional) Set asap_accepted_audiences as a comma separated list
+#JWT_ACCEPTED_AUDIENCES=my_server1,my_server2
+
+# LDAP authentication (for more information see the Cyrus SASL saslauthd.conf man page)
+#
+
+# LDAP url for connection
+#LDAP_URL=ldaps://ldap.domain.com/
+
+# LDAP base DN. Can be empty
+#LDAP_BASE=DC=example,DC=domain,DC=com
+
+# LDAP user DN. Do not specify this parameter for the anonymous bind
+#LDAP_BINDDN=CN=binduser,OU=users,DC=example,DC=domain,DC=com
+
+# LDAP user password. Do not specify this parameter for the anonymous bind
+#LDAP_BINDPW=LdapUserPassw0rd
+
+# LDAP filter. Tokens example:
+# %1-9 - if the input key is user@mail.domain.com, then %1 is com, %2 is domain and %3 is mail
+# %s - %s is replaced by the complete service string
+# %r - %r is replaced by the complete realm string
+#LDAP_FILTER=(sAMAccountName=%u)
+
+# LDAP authentication method
+#LDAP_AUTH_METHOD=bind
+
+# LDAP version
+#LDAP_VERSION=3
+
+# LDAP TLS using
+#LDAP_USE_TLS=1
+
+# List of SSL/TLS ciphers to allow
+#LDAP_TLS_CIPHERS=SECURE256:SECURE128:!AES-128-CBC:!ARCFOUR-128:!CAMELLIA-128-CBC:!3DES-CBC:!CAMELLIA-128-CBC
+
+# Require and verify server certificate
+#LDAP_TLS_CHECK_PEER=1
+
+# Path to CA cert file. Used when server certificate verify is enabled
+#LDAP_TLS_CACERT_FILE=/etc/ssl/certs/ca-certificates.crt
+
+# Path to CA certs directory. Used when server certificate verify is enabled
+#LDAP_TLS_CACERT_DIR=/etc/ssl/certs
+
+# Wether to use starttls, implies LDAPv3 and requires ldap:// instead of ldaps://
+# LDAP_START_TLS=1
+
+
+#
+# Security
+#
+# Set these to strong passwords to avoid intruders from impersonating a service account
+# The service(s) won't start unless these are specified
+# Running ./gen-passwords.sh will update .env with strong passwords
+# You may skip the Jigasi and Jibri passwords if you are not using those
+# DO NOT reuse passwords
+#
+
+# [Dilip]: I've added gnupg encryption in region (thought to use age, but emacs had epa already)
+# password to decrypt is same password used for listmonk as on [2026-04-07 Tue]
+# NOTE: use gitleaks to audit!
+
+-----BEGIN PGP MESSAGE-----
+
+jA0ECQMKiKe5Ou2+kCT/0sCzAQuG2WGiBwDLNw3hmLt0ypFNIF5O9iQohaxkrIWO
+59ssaMCxRf0DdNnzmKyFAczF5CaWJoYFyFBPllO7ytB60UeOvjM7+eBuN9litoj2
+VRBQLrz7JALdMtZf7vpYNa3r71AU3CoiXqp3KDlDfYOiylBtQSlMdFqkphUzmLKj
+YmjfldTc++aevcpISB2XBEmHcPX2sZ1D4R3KRac4w3Cx52cOXdLHz70c3rQKZjwU
+pDbyJyntlPNA4SkUdtSSCmI4vfOCYS5nKDlW89oIWbDJrg8bMgJk0f3jdJGzbxFy
+H/XWCK78vPL/IYZOXx25MU/71W4oBDHJLMlBS3Ctga3Nb4MkufPobemZBs+BcNMf
+R8nARZ+AP75YZlAflUFVCKczrmEa+dmfwoeJUXtVBpZ5GmIqCoRZce8KeB2OYUYL
+SOR+RZnI5DtHHTXEXj7aBEHqvgvsT39xPNm4V9UPa2Uk1/vLqADp/Mj1gfUm4FWr
+qMwR3K0=
+=ypo+
+-----END PGP MESSAGE-----
+
+
+#
+# Docker Compose options
+#
+
+# Container restart policy
+RESTART_POLICY=unless-stopped
+
+# Jitsi image version (useful for local development)
+#JITSI_IMAGE_VERSION=latest
+
+-----BEGIN PGP MESSAGE-----
+
+jA0ECQMKw/m7vs4VA6n/0o4BjAj9frLpdw8GF/TOuQxxyxeCJ5biNgChhrrC9HA9
+j0Rb6IM9s22UpktVll97foOjCih930mTCTbchpxbu/of1QxDGLWugOt7WjBLPXSG
+hufu9tM9SpioonU3MK/oUxVBUFoOTbP/Zp86UBcR15bWSb5i/PyxLidZ1LUemIMj
+RYBkRmCOH1HArNcjH/Rs
+=M3mt
+-----END PGP MESSAGE-----
+
+TURN_HOST=turn.meet.fossunited.org
+TURN_PORT=3478
+JVB_STUN_SERVERS=turn.meet.fossunited.org:3478
+
+ENABLE_LIVESTREAMING=1
+ENABLE_RECORDING=1
+
+# Web (frontend) config
+RESOLUTION=1080
+RESOLUTION_MIN=180
+RESOLUTION_WIDTH=1920
+RESOLUTION_WIDTH_MIN=320
+
+# avoid turning off screen share due to bad network?
+ENABLE_ADAPTIVE_MODE=false
+DISABLE_VIDEO_SUSPEND=true
+CHANNEL_LAST_N=-1
+ENABLE_SIMULCAST=false
\ No newline at end of file
diff --git a/servers/apps/jitsi/README.md b/servers/apps/jitsi/README.md
new file mode 100644
index 0000000..f4c80ca
--- /dev/null
+++ b/servers/apps/jitsi/README.md
@@ -0,0 +1,87 @@
+# Server
+
+- uname -a
+`Linux localhost 6.1.0-37-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.140-1 (2025-05-22) x86_64 GNU/Linux`
+
+```bash
+echo "=== CPU ==="
+lscpu | grep -E 'Model name|CPU\(s\)|Thread|Core|Socket'
+
+echo -e "\n=== RAM ==="
+free -h
+
+echo -e "\n=== Disk ==="
+df -h /
+
+echo -e "\n=== OS ==="
+cat /etc/os-release | grep PRETTY_NAME
+
+echo -e "\n=== Kernel ==="
+uname -r
+```
+
+```text
+=== CPU ===
+CPU(s):                                  4
+On-line CPU(s) list:                     0-3
+Model name:                              AMD EPYC 7713 64-Core Processor
+BIOS Model name:                         pc-q35-7.2  CPU @ 2.0GHz
+Thread(s) per core:                      1
+Core(s) per socket:                      4
+Socket(s):                               1
+NUMA node0 CPU(s):                       0-3
+
+=== RAM ===
+               total        used        free      shared  buff/cache   available
+Mem:           7.8Gi       2.1Gi       2.9Gi       2.3Mi       3.0Gi       5.7Gi
+Swap:          511Mi       103Mi       408Mi
+
+=== Disk ===
+Filesystem      Size  Used Avail Use% Mounted on
+/dev/sda        157G   16G  134G  11% /
+
+=== OS ===
+PRETTY_NAME="Debian GNU/Linux 12 (bookworm)"
+
+=== Kernel ===
+6.1.0-37-amd64
+```
+
+# Jitsi Meet on Docker
+
+[Jitsi](https://jitsi.org/) is a set of Open Source projects that allows you to easily build and deploy secure videoconferencing solutions.
+
+[Jitsi Meet](https://jitsi.org/jitsi-meet/) is a fully encrypted, 100% Open Source video conferencing solution that you can use all day, every day, for free — with no account needed.
+
+This repository contains the necessary tools to run a Jitsi Meet stack on [Docker](https://www.docker.com) using [Docker Compose](https://docs.docker.com/compose/).
+
+- The docker setup is directly from: https://github.com/jitsi/docker-jitsi-meet
+
+Only config changes to `.env` is made, thats it.
+
+- `config.js`: jitsi frontend Web configuration
+  - ~/.jitsi-meet-cfg/web/config.js
+
+- `docker-compose.yml` is same as default
+  just that etherpad is included to bundle with jitsi
+  
+- `.env` file is configured as required.
+
+## Updating
+
+- Modify `.env` file and run: `docker compose up -d --force-recreate` in that dir (~/docker-jitsi-meet)
+- `docker network connect docker-jitsi-meet_meet.jitsi caddy-caddy-1` (if caddy network is not synced with jitsi for etherpad to work)
+- `docker compose -f ~/docker-jitsi-meet/docker-compose.yml restart web` (restart web if testing frontned changes via config.js)
+
+
+## TODOs
+
+- [ ] Make fossunited team moderator for all. Any guest who joins early becomes mod, we need Mod for team forcefully (may need Auth or some weird setup)
+
+## Changes
+
+### April 2026
+- Connect etherpad to jitsi to make it usable
+- Set max resolution to 1080
+- Removed adaptive mode to avoid screen share getting turned off to save bandwidth
+- Make etherpad files persist by mounting volume
diff --git a/servers/apps/jitsi/config.js b/servers/apps/jitsi/config.js
new file mode 100644
index 0000000..3ea23c3
--- /dev/null
+++ b/servers/apps/jitsi/config.js
@@ -0,0 +1,239 @@
+// Jitsi Meet configuration.
+
+var config = {};
+
+config.hosts = {};
+config.hosts.domain = 'meet.jitsi';
+
+var subdir = '<!--# echo var="subdir" default="" -->';
+var subdomain = '<!--# echo var="subdomain" default="" -->';
+if (subdir.startsWith('<!--')) {
+    subdir = '';
+}
+if (subdomain) {
+    subdomain = subdomain.substring(0,subdomain.length-1).split('.').join('_').toLowerCase() + '.';
+}
+config.hosts.muc = 'muc.' + subdomain + 'meet.jitsi';
+config.bosh = 'https://meet.fossunited.org/' + subdir + 'http-bind';
+config.websocket = 'wss://meet.fossunited.org/' + subdir + 'xmpp-websocket';
+config.bridgeChannel = {
+    preferSctp: true
+};
+
+
+// Video configuration.
+//
+
+config.resolution = 720;
+config.constraints = {
+    video: {
+        height: { ideal: 720, max: 720, min: 180 },
+        width: { ideal: 1280, max: 1280, min: 320},
+    }
+};
+
+config.startVideoMuted = 10;
+config.startWithVideoMuted = false;
+
+config.flags = {
+    sourceNameSignaling: true,
+    sendMultipleVideoStreams: true,
+    receiveMultipleVideoStreams: true
+};
+
+// ScreenShare Configuration.
+//
+
+// Audio configuration.
+//
+
+config.enableNoAudioDetection = true;
+config.enableTalkWhileMuted = false;
+config.disableAP = false;
+config.disableAGC = false;
+
+config.audioQuality = {
+    stereo: false
+};
+
+config.startAudioOnly = false;
+config.startAudioMuted = 10;
+config.startWithAudioMuted = false;
+config.startSilent = false;
+config.enableOpusRed = false;
+config.disableAudioLevels = false;
+config.enableNoisyMicDetection = true;
+
+
+// Peer-to-Peer options.
+//
+
+config.p2p = {
+    enabled: true,
+    codecPreferenceOrder: ["AV1", "VP9", "VP8", "H264"],
+    mobileCodecPreferenceOrder: ["VP8", "VP9", "H264", "AV1"]
+};
+
+// Breakout Rooms
+//
+
+config.hideAddRoomButton = false;
+
+
+// Etherpad
+//
+
+config.etherpad_base = 'https://meet.fossunited.org/etherpad/p/';
+// Recording.
+//
+
+config.hiddenDomain = 'hidden.meet.jitsi';
+config.recordingService = {
+    // Whether to enable file recording or not using the "service" defined by the finalizer in Jibri
+    enabled: true,
+
+    // Whether to show the possibility to share file recording with other people
+    // (e.g. meeting participants), based on the actual implementation
+    // on the backend.
+    sharingEnabled: false
+};
+
+// Live streaming configuration.
+config.liveStreaming = {
+    enabled: true,
+    dataPrivacyLink: 'https://policies.google.com/privacy',
+    helpLink: 'https://jitsi.org/live',
+    termsLink: 'https://www.youtube.com/t/terms',
+    validatorRegExpString: '^(?:[a-zA-Z0-9]{4}(?:-(?!$)|$)){4}'
+};
+
+
+// Local recording configuration.
+config.localRecording = {
+    disable: false,
+    notifyAllParticipants: false,
+    disableSelfRecording: false
+};
+
+
+// Analytics.
+//
+
+config.analytics = {};
+
+// Dial in/out services.
+//
+
+
+// Calendar service integration.
+//
+
+config.enableCalendarIntegration = false;
+
+// Invitation service.
+//
+
+// Miscellaneous.
+//
+
+// Prejoin page.
+config.prejoinConfig = {
+    enabled: true,
+
+    // Hides the participant name editing field in the prejoin screen.
+    hideDisplayName: false
+};
+
+// List of buttons to hide from the extra join options dropdown on prejoin screen.
+// Welcome page.
+config.welcomePage = {
+    disabled: false
+};
+
+// Close page.
+config.enableClosePage = false;
+
+// Default language.
+// Require users to always specify a display name.
+config.requireDisplayName = false;
+
+// Chrome extension banner.
+// Disables profile and the edit of all fields from the profile settings (display name and email)
+config.disableProfile = false;
+
+// Room password (false for anything, number for max digits)
+config.roomPasswordNumberOfDigits = false;
+// Advanced.
+//
+
+// Transcriptions (subtitles and buttons can be configured in interface_config)
+config.transcription = {
+    enabled: false,
+    translationLanguages: [],
+    translationLanguagesHead: ['en'],
+    useAppLanguage: true,
+    preferredLanguage: 'en-US',
+    disableStartForAll: false,
+    autoCaptionOnRecord: false,
+};
+
+// Dynamic branding
+// Deployment information.
+//
+
+config.deploymentInfo = {};
+
+// Deep Linking
+config.disableDeepLinking = false;
+
+// P2P preferred codec
+// Video quality settings.
+//
+
+config.videoQuality = {};
+config.videoQuality.codecPreferenceOrder = ["AV1", "VP9", "VP8", "H264"];
+config.videoQuality.mobileCodecPreferenceOrder = ["VP8", "VP9", "H264", "AV1"];
+config.videoQuality.enableAdaptiveMode = true;
+
+config.videoQuality.av1 = {};
+
+config.videoQuality.h264 = {};
+
+config.videoQuality.vp8 = {};
+
+config.videoQuality.vp9 = {};
+
+// Reactions
+config.disableReactions = false;
+
+// Polls
+config.disablePolls = false;
+
+// Configure toolbar buttons
+// Hides the buttons at pre-join screen
+// Configure remote participant video menu
+config.remoteVideoMenu = {
+    disabled: false,
+    disableKick: false,
+    disableGrantModerator: false,
+    disablePrivateChat: false
+};
+
+// Configure e2eping
+config.e2eping = {
+    enabled: false
+};
+
+
+
+// Settings for the Excalidraw whiteboard integration.
+config.whiteboard = {
+    enabled: true,
+collabServerBaseUrl: 'https://whiteboard.meet.fossunited.org'
+};
+
+// JaaS support: pre-configure image if JAAS_APP_ID was set.
+// Testing
+config.testing = {
+    enableCodecSelectionAPI: true
+};
diff --git a/servers/apps/jitsi/docker-compose.yml b/servers/apps/jitsi/docker-compose.yml
new file mode 100644
index 0000000..f915292
--- /dev/null
+++ b/servers/apps/jitsi/docker-compose.yml
@@ -0,0 +1,586 @@
+version: '3.5'
+
+services:
+    # Frontend
+    web:
+        image: jitsi/web:${JITSI_IMAGE_VERSION:-stable-10184}
+        restart: ${RESTART_POLICY:-unless-stopped}
+        ports:
+            - '${HTTP_PORT}:80'
+            #- '${HTTPS_PORT}:443'
+        volumes:
+            - ${CONFIG}/web:/config:Z
+            - ${CONFIG}/web/crontabs:/var/spool/cron/crontabs:Z
+            - ${CONFIG}/transcripts:/usr/share/jitsi-meet/transcripts:Z
+            - ${CONFIG}/web/load-test:/usr/share/jitsi-meet/load-test:Z
+        labels:
+            service: "jitsi-web"
+        environment:
+            - AMPLITUDE_ID
+            - ANALYTICS_SCRIPT_URLS
+            - ANALYTICS_WHITELISTED_EVENTS
+            - AUDIO_QUALITY_OPUS_BITRATE
+            - AUTO_CAPTION_ON_RECORD
+            - BRANDING_DATA_URL
+            - BOSH_RELATIVE
+            - CHROME_EXTENSION_BANNER_JSON
+            - CODEC_ORDER_JVB
+            - CODEC_ORDER_JVB_MOBILE
+            - CODEC_ORDER_P2P
+            - CODEC_ORDER_P2P_MOBILE
+            - COLIBRI_WEBSOCKET_PORT
+            - COLIBRI_WEBSOCKET_JVB_LOOKUP_NAME
+            - COLIBRI_WEBSOCKET_REGEX
+            - CONFCODE_URL
+            - CORS_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN
+            - DEFAULT_LANGUAGE
+            - DEPLOYMENTINFO_ENVIRONMENT
+            - DEPLOYMENTINFO_ENVIRONMENT_TYPE
+            - DEPLOYMENTINFO_REGION
+            - DEPLOYMENTINFO_SHARD
+            - DESKTOP_SHARING_FRAMERATE_AUTO
+            - DESKTOP_SHARING_FRAMERATE_MIN
+            - DESKTOP_SHARING_FRAMERATE_MAX
+            - DIALIN_NUMBERS_URL
+            - DIALOUT_AUTH_URL
+            - DIALOUT_CODES_URL
+            - DISABLE_AUDIO_LEVELS
+            - DISABLE_COLIBRI_WEBSOCKET_JVB_LOOKUP
+            - DISABLE_DEEP_LINKING
+            - DISABLE_GRANT_MODERATOR
+            - DISABLE_HTTPS
+            - DISABLE_KICKOUT
+            - DISABLE_LOCAL_RECORDING
+            - DISABLE_POLLS
+            - DISABLE_PRIVATE_CHAT
+            - DISABLE_PROFILE
+            - DISABLE_REACTIONS
+            - DISABLE_REMOTE_VIDEO_MENU
+            - DISABLE_START_FOR_ALL
+            - DROPBOX_APPKEY
+            - DROPBOX_REDIRECT_URI
+            - DYNAMIC_BRANDING_URL
+            - ENABLE_ADAPTIVE_MODE
+            - ENABLE_AUDIO_PROCESSING
+            - ENABLE_AUTOMATIC_GAIN_CONTROL
+            - ENABLE_AUTH
+            - ENABLE_AUTH_DOMAIN
+            - ENABLE_BREAKOUT_ROOMS
+            - ENABLE_CALENDAR
+            - ENABLE_COLIBRI_WEBSOCKET
+            - ENABLE_COLIBRI_WEBSOCKET_UNSAFE_REGEX
+            - ENABLE_E2EPING
+            - ENABLE_FILE_RECORDING_SHARING
+            - ENABLE_GUESTS
+            - ENABLE_HSTS
+            - ENABLE_HTTP_REDIRECT
+            - ENABLE_IPV6
+            - ENABLE_LETSENCRYPT
+            - ENABLE_NO_AUDIO_DETECTION
+            - ENABLE_NOISY_MIC_DETECTION
+            - ENABLE_OCTO
+            - ENABLE_OPUS_RED
+            - ENABLE_PREJOIN_PAGE
+            - ENABLE_P2P
+            - ENABLE_WELCOME_PAGE
+            - ENABLE_CLOSE_PAGE
+            - ENABLE_LIVESTREAMING
+            - ENABLE_LIVESTREAMING_DATA_PRIVACY_LINK
+            - ENABLE_LIVESTREAMING_HELP_LINK
+            - ENABLE_LIVESTREAMING_TERMS_LINK
+            - ENABLE_LIVESTREAMING_VALIDATOR_REGEXP_STRING
+            - ENABLE_LOAD_TEST_CLIENT
+            - ENABLE_LOCAL_RECORDING_NOTIFY_ALL_PARTICIPANT
+            - ENABLE_LOCAL_RECORDING_SELF_START
+            - ENABLE_RECORDING
+            - ENABLE_REMB
+            - ENABLE_REQUIRE_DISPLAY_NAME
+            - ENABLE_SERVICE_RECORDING
+            - ENABLE_SIMULCAST
+            - ENABLE_STATS_ID
+            - ENABLE_STEREO
+            - ENABLE_SUBDOMAINS
+            - ENABLE_TALK_WHILE_MUTED
+            - ENABLE_TCC
+            - ENABLE_TRANSCRIPTIONS
+            - ENABLE_VLA
+            - ENABLE_XMPP_WEBSOCKET
+            - ENABLE_JAAS_COMPONENTS
+            - ETHERPAD_PUBLIC_URL
+            - ETHERPAD_URL_BASE
+            - E2EPING_NUM_REQUESTS
+            - E2EPING_MAX_CONFERENCE_SIZE
+            - E2EPING_MAX_MESSAGE_PER_SECOND
+            - GOOGLE_ANALYTICS_ID
+            - GOOGLE_API_APP_CLIENT_ID
+            - HIDE_PREMEETING_BUTTONS
+            - HIDE_PREJOIN_DISPLAY_NAME
+            - HIDE_PREJOIN_EXTRA_BUTTONS
+            - INVITE_SERVICE_URL
+            - JVB_PREFER_SCTP
+            - LETSENCRYPT_DOMAIN
+            - LETSENCRYPT_EMAIL
+            - LETSENCRYPT_USE_STAGING
+            - LETSENCRYPT_ACME_SERVER
+            - MATOMO_ENDPOINT
+            - MATOMO_SITE_ID
+            - MICROSOFT_API_APP_CLIENT_ID
+            - NGINX_KEEPALIVE_TIMEOUT
+            - NGINX_RESOLVER
+            - NGINX_WORKER_PROCESSES
+            - NGINX_WORKER_CONNECTIONS
+            - PEOPLE_SEARCH_URL
+            - PREFERRED_LANGUAGE
+            - PUBLIC_URL
+            - P2P_PREFERRED_CODEC
+            - P2P_STUN_SERVERS
+            - RESOLUTION
+            - RESOLUTION_MIN
+            - RESOLUTION_WIDTH
+            - RESOLUTION_WIDTH_MIN
+            - START_AUDIO_MUTED
+            - START_AUDIO_ONLY
+            - START_SILENT
+            - START_WITH_AUDIO_MUTED
+            - START_VIDEO_MUTED
+            - START_WITH_VIDEO_MUTED
+            - TOKEN_AUTH_URL
+            - TOOLBAR_BUTTONS
+            - TRANSLATION_LANGUAGES
+            - TRANSLATION_LANGUAGES_HEAD
+            - TZ
+            - USE_APP_LANGUAGE
+            - VIDEOQUALITY_BITRATE_H264_LOW
+            - VIDEOQUALITY_BITRATE_H264_STANDARD
+            - VIDEOQUALITY_BITRATE_H264_HIGH
+            - VIDEOQUALITY_BITRATE_H264_FULL
+            - VIDEOQUALITY_BITRATE_H264_ULTRA
+            - VIDEOQUALITY_BITRATE_H264_SS_HIGH
+            - VIDEOQUALITY_BITRATE_VP8_LOW
+            - VIDEOQUALITY_BITRATE_VP8_STANDARD
+            - VIDEOQUALITY_BITRATE_VP8_HIGH
+            - VIDEOQUALITY_BITRATE_VP8_FULL
+            - VIDEOQUALITY_BITRATE_VP8_ULTRA
+            - VIDEOQUALITY_BITRATE_VP8_SS_HIGH
+            - VIDEOQUALITY_BITRATE_VP9_LOW
+            - VIDEOQUALITY_BITRATE_VP9_STANDARD
+            - VIDEOQUALITY_BITRATE_VP9_HIGH
+            - VIDEOQUALITY_BITRATE_VP9_FULL
+            - VIDEOQUALITY_BITRATE_VP9_ULTRA
+            - VIDEOQUALITY_BITRATE_VP9_SS_HIGH
+            - VIDEOQUALITY_BITRATE_AV1_LOW
+            - VIDEOQUALITY_BITRATE_AV1_STANDARD
+            - VIDEOQUALITY_BITRATE_AV1_HIGH
+            - VIDEOQUALITY_BITRATE_AV1_FULL
+            - VIDEOQUALITY_BITRATE_AV1_ULTRA
+            - VIDEOQUALITY_BITRATE_AV1_SS_HIGH
+            - VIDEOQUALITY_PREFERRED_CODEC
+            - XMPP_AUTH_DOMAIN
+            - XMPP_BOSH_URL_BASE
+            - XMPP_DOMAIN
+            - XMPP_GUEST_DOMAIN
+            - XMPP_MUC_DOMAIN
+            - XMPP_HIDDEN_DOMAIN
+            - XMPP_PORT
+            - XMPP_RECORDER_DOMAIN
+            - WHITEBOARD_COLLAB_SERVER_PUBLIC_URL
+            - WHITEBOARD_COLLAB_SERVER_URL_BASE
+        networks:
+            meet.jitsi:
+        depends_on:
+            - jvb
+
+    # XMPP server
+    prosody:
+        image: jitsi/prosody:${JITSI_IMAGE_VERSION:-stable-10184}
+        restart: ${RESTART_POLICY:-unless-stopped}
+        expose:
+            - '${XMPP_PORT:-5222}'
+            - '${PROSODY_S2S_PORT:-5269}'
+            - '5347'
+            - '${PROSODY_HTTP_PORT:-5280}'
+        labels:
+            service: "jitsi-prosody"
+        volumes:
+            - ${CONFIG}/prosody/config:/config:Z
+            - ${CONFIG}/prosody/prosody-plugins-custom:/prosody-plugins-custom:Z
+        environment:
+            - AUTH_TYPE
+            - DISABLE_POLLS
+            - ENABLE_AUTH
+            - ENABLE_AV_MODERATION
+            - ENABLE_BREAKOUT_ROOMS
+            - ENABLE_END_CONFERENCE
+            - ENABLE_GUESTS
+            - ENABLE_IPV6
+            - ENABLE_LOBBY
+            - ENABLE_RECORDING
+            - ENABLE_S2S
+            - ENABLE_TRANSCRIPTIONS
+            - ENABLE_VISITORS
+            - ENABLE_XMPP_WEBSOCKET
+            - ENABLE_JAAS_COMPONENTS
+            - GC_TYPE
+            - GC_INC_TH
+            - GC_INC_SPEED
+            - GC_INC_STEP_SIZE
+            - GC_GEN_MIN_TH
+            - GC_GEN_MAX_TH
+            - GLOBAL_CONFIG
+            - GLOBAL_MODULES
+            - JIBRI_RECORDER_USER
+            - JIBRI_RECORDER_PASSWORD
+            - JIBRI_SIP_BREWERY_MUC
+            - JIBRI_XMPP_USER
+            - JIBRI_XMPP_PASSWORD
+            - JICOFO_AUTH_PASSWORD
+            - JICOFO_COMPONENT_SECRET
+            - JIGASI_TRANSCRIBER_PASSWORD
+            - JIGASI_TRANSCRIBER_USER
+            - JIGASI_XMPP_USER
+            - JIGASI_XMPP_PASSWORD
+            - JVB_AUTH_USER
+            - JVB_AUTH_PASSWORD
+            - JWT_APP_ID
+            - JWT_APP_SECRET
+            - JWT_ACCEPTED_ISSUERS
+            - JWT_ACCEPTED_AUDIENCES
+            - JWT_ASAP_KEYSERVER
+            - JWT_ALLOW_EMPTY
+            - JWT_AUTH_TYPE
+            - JWT_ENABLE_DOMAIN_VERIFICATION
+            - JWT_SIGN_TYPE
+            - JWT_TOKEN_AUTH_MODULE
+            - MATRIX_UVS_URL
+            - MATRIX_UVS_ISSUER
+            - MATRIX_UVS_AUTH_TOKEN
+            - MATRIX_UVS_SYNC_POWER_LEVELS
+            - MATRIX_LOBBY_BYPASS
+            - LOG_LEVEL
+            - LDAP_AUTH_METHOD
+            - LDAP_BASE
+            - LDAP_BINDDN
+            - LDAP_BINDPW
+            - LDAP_FILTER
+            - LDAP_VERSION
+            - LDAP_TLS_CIPHERS
+            - LDAP_TLS_CHECK_PEER
+            - LDAP_TLS_CACERT_FILE
+            - LDAP_TLS_CACERT_DIR
+            - LDAP_START_TLS
+            - LDAP_URL
+            - LDAP_USE_TLS
+            - MAX_PARTICIPANTS
+            - PROSODY_ADMINS
+            - PROSODY_AUTH_TYPE
+            - PROSODY_C2S_LIMIT
+            - PROSODY_C2S_REQUIRE_ENCRYPTION
+            - PROSODY_RESERVATION_ENABLED
+            - PROSODY_RESERVATION_REST_BASE_URL
+            - PROSODY_DISABLE_C2S_LIMIT
+            - PROSODY_DISABLE_S2S_LIMIT
+            - PROSODY_ENABLE_FILTER_MESSAGES
+            - PROSODY_ENABLE_RATE_LIMITS
+            - PROSODY_ENABLE_RECORDING_METADATA
+            - PROSODY_ENABLE_STANZA_COUNTS
+            - PROSODY_ENABLE_S2S
+            - PROSODY_ENABLE_METRICS
+            - PROSODY_GUEST_AUTH_TYPE
+            - PROSODY_HTTP_PORT
+            - PROSODY_LOG_CONFIG
+            - PROSODY_METRICS_ALLOWED_CIDR
+            - PROSODY_MODE
+            - PROSODY_RATE_LIMIT_LOGIN_RATE
+            - PROSODY_RATE_LIMIT_SESSION_RATE
+            - PROSODY_RATE_LIMIT_TIMEOUT
+            - PROSODY_RATE_LIMIT_ALLOW_RANGES
+            - PROSODY_RATE_LIMIT_CACHE_SIZE
+            - PROSODY_S2S_LIMIT
+            - PROSODY_S2S_PORT
+            - PROSODY_TRUSTED_PROXIES
+            - PROSODY_VISITOR_INDEX
+            - PROSODY_VISITORS_MUC_PREFIX
+            - PROSODY_VISITORS_S2S_VHOSTS
+            - PUBLIC_URL
+            - STUN_HOST
+            - STUN_PORT
+            - TURN_CREDENTIALS
+            - TURN_USERNAME
+            - TURN_PASSWORD
+            - TURN_HOST
+            - TURNS_HOST
+            - TURN_PORT
+            - TURNS_PORT
+            - TURN_TRANSPORT
+            - TURN_TTL
+            - TZ
+            - VISITORS_MAX_VISITORS_PER_NODE
+            - VISITORS_XMPP_DOMAIN
+            - VISITORS_XMPP_SERVER
+            - VISITORS_XMPP_PORT
+            - XMPP_BREAKOUT_MUC_MODULES
+            - XMPP_CONFIGURATION
+            - XMPP_DOMAIN
+            - XMPP_AUTH_DOMAIN
+            - XMPP_GUEST_DOMAIN
+            - XMPP_MUC_DOMAIN
+            - XMPP_INTERNAL_MUC_DOMAIN
+            - XMPP_LOBBY_MUC_MODULES
+            - XMPP_MODULES
+            - XMPP_MUC_MODULES
+            - XMPP_MUC_CONFIGURATION
+            - XMPP_INTERNAL_MUC_MODULES
+            - XMPP_HIDDEN_DOMAIN
+            - XMPP_PORT
+            - XMPP_RECORDER_DOMAIN
+            - XMPP_SERVER_S2S_PORT
+            - XMPP_SPEAKERSTATS_MODULES
+        networks:
+            meet.jitsi:
+                aliases:
+                    - ${XMPP_SERVER:-xmpp.meet.jitsi}
+
+    # Focus component
+    jicofo:
+        image: jitsi/jicofo:${JITSI_IMAGE_VERSION:-stable-10184}
+        restart: ${RESTART_POLICY:-unless-stopped}
+        ports:
+            - '127.0.0.1:${JICOFO_REST_PORT:-8888}:8888'
+        volumes:
+            - ${CONFIG}/jicofo:/config:Z
+        labels:
+            service: "jitsi-jicofo"
+        environment:
+            - AUTH_TYPE
+            - BRIDGE_AVG_PARTICIPANT_STRESS
+            - BRIDGE_STRESS_THRESHOLD
+            - ENABLE_AUTH
+            - ENABLE_AUTO_OWNER
+            - ENABLE_MODERATOR_CHECKS
+            - ENABLE_CODEC_VP8
+            - ENABLE_CODEC_VP9
+            - ENABLE_CODEC_AV1
+            - ENABLE_CODEC_H264
+            - ENABLE_CODEC_OPUS_RED
+            - ENABLE_JVB_XMPP_SERVER
+            - ENABLE_OCTO
+            - ENABLE_OCTO_SCTP
+            - ENABLE_RECORDING
+            - ENABLE_SCTP
+            - ENABLE_SHARED_DOCUMENT_RANDOM_NAME
+            - ENABLE_TRANSCRIPTIONS
+            - ENABLE_VISITORS
+            - ENABLE_AUTO_LOGIN
+            - JICOFO_AUTH_LIFETIME
+            - JICOFO_AUTH_PASSWORD
+            - JICOFO_AUTH_TYPE
+            - JICOFO_BRIDGE_REGION_GROUPS
+            - JICOFO_ENABLE_AUTH
+            - JICOFO_ENABLE_BRIDGE_HEALTH_CHECKS
+            - JICOFO_CONF_INITIAL_PARTICIPANT_WAIT_TIMEOUT
+            - JICOFO_CONF_SINGLE_PARTICIPANT_TIMEOUT
+            - JICOFO_CONF_SOURCE_SIGNALING_DELAYS
+            - JICOFO_CONF_MAX_AUDIO_SENDERS
+            - JICOFO_CONF_MAX_VIDEO_SENDERS
+            - JICOFO_CONF_STRIP_SIMULCAST
+            - JICOFO_CONF_SSRC_REWRITING
+            - JICOFO_ENABLE_HEALTH_CHECKS
+            - JICOFO_ENABLE_ICE_FAILURE_DETECTION
+            - JICOFO_ENABLE_LOAD_REDISTRIBUTION
+            - JICOFO_ENABLE_REST
+            - JICOFO_HEALTH_CHECKS_USE_PRESENCE
+            - JICOFO_MAX_MEMORY
+            - JICOFO_MULTI_STREAM_BACKWARD_COMPAT
+            - JICOFO_OCTO_REGION
+            - JICOFO_TRUSTED_DOMAINS
+            - JIBRI_BREWERY_MUC
+            - JIBRI_REQUEST_RETRIES
+            - JIBRI_PENDING_TIMEOUT
+            - JIGASI_BREWERY_MUC
+            - JIGASI_SIP_URI
+            - JIGASI_TRUSTED_DOMAINS
+            - JVB_BREWERY_MUC
+            - JVB_XMPP_AUTH_DOMAIN
+            - JVB_XMPP_INTERNAL_MUC_DOMAIN
+            - JVB_XMPP_PORT
+            - JVB_XMPP_SERVER
+            - MAX_BRIDGE_PARTICIPANTS
+            - OCTO_BRIDGE_SELECTION_STRATEGY
+            - PROSODY_VISITORS_MUC_PREFIX
+            - SENTRY_DSN="${JICOFO_SENTRY_DSN:-0}"
+            - SENTRY_ENVIRONMENT
+            - SENTRY_RELEASE
+            - TZ
+            - VISITORS_MAX_PARTICIPANTS
+            - VISITORS_MAX_VISITORS_PER_NODE
+            - VISITORS_XMPP_AUTH_DOMAIN
+            - VISITORS_XMPP_SERVER
+            - VISITORS_XMPP_DOMAIN
+            - XMPP_DOMAIN
+            - XMPP_AUTH_DOMAIN
+            - XMPP_INTERNAL_MUC_DOMAIN
+            - XMPP_MUC_DOMAIN
+            - XMPP_HIDDEN_DOMAIN
+            - XMPP_SERVER
+            - XMPP_PORT
+            - XMPP_RECORDER_DOMAIN
+            - MAX_SSRCS_PER_USER
+            - MAX_SSRC_GROUPS_PER_USER
+        depends_on:
+            - prosody
+        networks:
+            meet.jitsi:
+
+    # Video bridge
+    jvb:
+        image: jitsi/jvb:${JITSI_IMAGE_VERSION:-stable-10184}
+        restart: ${RESTART_POLICY:-unless-stopped}
+        ports:
+            - '${JVB_PORT:-10000}:${JVB_PORT:-10000}/udp'
+            - '127.0.0.1:${JVB_COLIBRI_PORT:-8080}:8080'
+        volumes:
+            - ${CONFIG}/jvb:/config:Z
+        labels:
+            service: "jitsi-jvb"
+        environment:
+            - AUTOSCALER_SIDECAR_KEY_FILE
+            - AUTOSCALER_SIDECAR_KEY_ID
+            - AUTOSCALER_SIDECAR_GROUP_NAME
+            - AUTOSCALER_SIDECAR_HOST_ID
+            - AUTOSCALER_SIDECAR_INSTANCE_ID
+            - AUTOSCALER_SIDECAR_PORT
+            - AUTOSCALER_SIDECAR_REGION
+            - AUTOSCALER_SIDECAR_SHUTDOWN_POLLING_INTERVAL
+            - AUTOSCALER_SIDECAR_STATS_POLLING_INTERVAL
+            - DOCKER_HOST_ADDRESS
+            - ENABLE_COLIBRI_WEBSOCKET
+            - ENABLE_JVB_XMPP_SERVER
+            - ENABLE_OCTO
+            - ENABLE_SCTP
+            - JVB_ADVERTISE_IPS
+            - JVB_ADVERTISE_PRIVATE_CANDIDATES
+            - JVB_AUTH_USER
+            - JVB_AUTH_PASSWORD
+            - JVB_BREWERY_MUC
+            - JVB_CC_TRUST_BWE
+            - JVB_DISABLE_STUN
+            - JVB_DISABLE_XMPP
+            - JVB_INSTANCE_ID
+            - JVB_PORT
+            - JVB_MUC_NICKNAME
+            - JVB_STUN_SERVERS
+            - JVB_LOG_FILE
+            - JVB_OCTO_BIND_ADDRESS
+            - JVB_OCTO_REGION
+            - JVB_OCTO_RELAY_ID
+            - JVB_REQUIRE_VALID_ADDRESS
+            - JVB_USE_USRSCTP
+            - JVB_WS_DOMAIN
+            - JVB_WS_SERVER_ID
+            - JVB_WS_TLS
+            - JVB_XMPP_AUTH_DOMAIN
+            - JVB_XMPP_INTERNAL_MUC_DOMAIN
+            - JVB_XMPP_PORT
+            - JVB_XMPP_SERVER
+            - PUBLIC_URL
+            - SENTRY_DSN="${JVB_SENTRY_DSN:-0}"
+            - SENTRY_ENVIRONMENT
+            - SENTRY_RELEASE
+            - COLIBRI_REST_ENABLED
+            - SHUTDOWN_REST_ENABLED
+            - TZ
+            - VIDEOBRIDGE_MAX_MEMORY
+            - XMPP_AUTH_DOMAIN
+            - XMPP_INTERNAL_MUC_DOMAIN
+            - XMPP_SERVER
+            - XMPP_PORT
+        depends_on:
+            - prosody
+        networks:
+            meet.jitsi:
+    etherpad:
+        image: etherpad/etherpad:1.8.6
+        restart: ${RESTART_POLICY:-unless-stopped}
+        environment:
+            - TITLE=${ETHERPAD_TITLE}
+            - DEFAULT_PAD_TEXT=${ETHERPAD_DEFAULT_PAD_TEXT}
+            - SKIN_NAME=${ETHERPAD_SKIN_NAME}
+            - SKIN_VARIANTS=${ETHERPAD_SKIN_VARIANTS}
+            - SUPPRESS_ERRORS_IN_PAD_TEXT=true
+        volumes:
+            - etherpad_data:/opt/etherpad-lite/var
+        networks:
+            meet.jitsi:
+                aliases:
+                    - etherpad.meet.jitsi
+    
+    jibri:
+        image: jitsi/jibri:${JITSI_IMAGE_VERSION:-stable-10184}
+        restart: ${RESTART_POLICY:-unless-stopped}
+        volumes:
+            - ${CONFIG}/jibri:/config:Z
+        shm_size: '2gb'
+        cap_add:
+            - SYS_ADMIN
+        environment:
+            - AUTOSCALER_SIDECAR_KEY_FILE
+            - AUTOSCALER_SIDECAR_KEY_ID
+            - AUTOSCALER_SIDECAR_GROUP_NAME
+            - AUTOSCALER_SIDECAR_HOST_ID
+            - AUTOSCALER_SIDECAR_INSTANCE_ID
+            - AUTOSCALER_SIDECAR_PORT
+            - AUTOSCALER_SIDECAR_REGION
+            - AUTOSCALER_SIDECAR_SHUTDOWN_POLLING_INTERVAL
+            - AUTOSCALER_SIDECAR_STATS_POLLING_INTERVAL
+            - AUTOSCALER_URL
+            - CHROMIUM_FLAGS
+            - DISPLAY=:0
+            - ENABLE_STATS_D
+            - IGNORE_CERTIFICATE_ERRORS
+            - JIBRI_WEBHOOK_SUBSCRIBERS
+            - JIBRI_INSTANCE_ID
+            - JIBRI_ENABLE_PROMETHEUS
+            - JIBRI_HTTP_API_EXTERNAL_PORT
+            - JIBRI_HTTP_API_INTERNAL_PORT
+            - JIBRI_RECORDING_RESOLUTION
+            - JIBRI_RECORDING_VIDEO_ENCODE_PRESET_RECORDING
+            - JIBRI_RECORDING_VIDEO_ENCODE_PRESET_STREAMING
+            - JIBRI_RECORDING_CONSTANT_RATE_FACTOR
+            - JIBRI_RECORDING_FRAMERATE
+            - JIBRI_RECORDING_QUEUE_SIZE
+            - JIBRI_RECORDING_STREAMING_MAX_BITRATE
+            - JIBRI_USAGE_TIMEOUT
+            - JIBRI_XMPP_USER
+            - JIBRI_XMPP_PASSWORD
+            - JIBRI_XORG_HORIZ_SYNC
+            - JIBRI_XORG_VERT_REFRESH
+            - JIBRI_BREWERY_MUC
+            - JIBRI_RECORDER_USER
+            - JIBRI_RECORDER_PASSWORD
+            - JIBRI_RECORDING_DIR
+            - JIBRI_FINALIZE_RECORDING_SCRIPT_PATH
+            - JIBRI_STRIP_DOMAIN_JID
+            - JIBRI_STATSD_HOST
+            - JIBRI_STATSD_PORT
+            - LOCAL_ADDRESS
+            - PUBLIC_URL
+            - TZ
+            - XMPP_AUTH_DOMAIN
+            - XMPP_DOMAIN
+            - XMPP_INTERNAL_MUC_DOMAIN
+            - XMPP_MUC_DOMAIN
+            - XMPP_HIDDEN_DOMAIN
+            - XMPP_SERVER
+            - XMPP_PORT
+            - XMPP_RECORDER_DOMAIN
+            - XMPP_TRUST_ALL_CERTS
+        depends_on:
+            - jicofo
+        networks:
+            meet.jitsi:
+# Custom network so all services can communicate using a FQDN
+networks:
+    meet.jitsi:
+
+volumes:
+    etherpad_data: