Improving compatibility with corporate setups

I have deployed a Jitsi Meet setup based on docker-jitsi-meet. Jitsi Meet isn’t the only service deployed on the host so web is behind a Traefik reverse proxy, which also implements HTTPS termination. I have enabled Websocket support, which is also handled by Traefik and forwarded to the jvb container. Port 10000/udp and 4443/tcp are directly mapped to the host for the jvb container.

Some clients need to access the instance through a corporate firewall/proxy setup, which filters everything except port 80 and 443 and also does not support Websockets.

Is there a way to make the JVB TCP harvester play nicely behind the Traefik instance (for this TLS/SNI would be required)? Obviously, I cannot expose the port 443 directly as this is already taken by Traefik.


P.S.: Allocating a separate IP address for JVB would possibly an option (so I could directly map port 443 into the jvb container), but I’d like to avoid this if possible