SSL Hardening and Hector Voice Bot Deployment

Securing the Infrastructure and Deploying a Discord Bot

HTTPS Everywhere

Enabled Always Use HTTPS and HSTS across all seven Cloudflare zones. Upgraded aj-domain.uk from flexible to full SSL. Fixed redirect issues on AudioBookShelf, Jitsi, and the web hosting container where X-Forwarded-Proto headers weren't being passed correctly.

All 26 external domains verified as serving securely. A straightforward but important infrastructure hardening task.

Hector Voice Bot Goes Live

Deployed the Hector discord-voice bot to the liquidgecko server via DW Service remote desktop. The deployment involved pulling from Azure Container Registry, configuring environment variables, and applying a critical discord.py runtime fix (upgrading from 2.5.2 to 2.6.4 to fix voice WebSocket error 4006).

Full verification completed: bot authentication, wake word detection, and TTS playback all confirmed working. Created a pull request upstream to make the discord.py version requirement permanent in the Docker image.

Plex Music Browser

Installed FileBrowser for Plex music management, accessible via URL. Required fixing a 403 Forbidden error by adjusting ownership for the unprivileged container's UID mapping.