sync with parent

* feat: add calendar event data to transcript webhook payload and implement get_by_id method

* Update server/reflector/worker/webhook.py

Co-authored-by: pr-agent-monadical[bot] <198624643+pr-agent-monadical[bot]@users.noreply.github.com>

* Update server/reflector/worker/webhook.py

Co-authored-by: pr-agent-monadical[bot] <198624643+pr-agent-monadical[bot]@users.noreply.github.com>

* style: format conditional time fields with line breaks for better readability

* docs: add calendar event fields to transcript.completed webhook payload schema

---------

Co-authored-by: pr-agent-monadical[bot] <198624643+pr-agent-monadical[bot]@users.noreply.github.com>

.github/workflows/docker-frontend.yml

@@ -0,0 +1,57 @@
+name: Build and Push Frontend Docker Image
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - 'www/**'
+      - '.github/workflows/docker-frontend.yml'
+  workflow_dispatch:
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}-frontend
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Log in to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=ref,event=branch
+            type=sha,prefix={{branch}}-
+            type=raw,value=latest,enable={{is_default_branch}}
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: ./www
+          file: ./www/Dockerfile
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          platforms: linux/amd64,linux/arm64

.github/workflows/test_next_server.yml

@@ -0,0 +1,45 @@
+name: Test Next Server
+
+on:
+  pull_request:
+    paths:
+      - "www/**"
+  push:
+    branches:
+      - main
+    paths:
+      - "www/**"
+
+jobs:
+  test-next-server:
+    runs-on: ubuntu-latest
+
+    defaults:
+      run:
+        working-directory: ./www
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Setup Node.js
+      uses: actions/setup-node@v4
+      with:
+        node-version: '20'
+
+    - name: Install pnpm
+      uses: pnpm/action-setup@v4
+      with:
+        version: 8
+
+    - name: Setup Node.js cache
+      uses: actions/setup-node@v4
+      with:
+        node-version: '20'
+        cache: 'pnpm'
+        cache-dependency-path: './www/pnpm-lock.yaml'
+
+    - name: Install dependencies
+      run: pnpm install
+
+    - name: Run tests
+      run: pnpm test

.gitignore

@@ -17,3 +17,4 @@ server/test.sqlite
 CLAUDE.local.md
 www/.env.development
 www/.env.production
+.playwright-mcp

CHANGELOG.md

@@ -1,5 +1,113 @@
 # Changelog
 
+## [0.14.0](https://github.com/Monadical-SAS/reflector/compare/v0.13.1...v0.14.0) (2025-10-08)
+
+
+### Features
+
+* Add calendar event data to transcript webhook payload ([#689](https://github.com/Monadical-SAS/reflector/issues/689)) ([5f6910e](https://github.com/Monadical-SAS/reflector/commit/5f6910e5131b7f28f86c9ecdcc57fed8412ee3cd))
+* container build for www / github ([#672](https://github.com/Monadical-SAS/reflector/issues/672)) ([969bd84](https://github.com/Monadical-SAS/reflector/commit/969bd84fcc14851d1a101412a0ba115f1b7cde82))
+* docker-compose for production frontend ([#664](https://github.com/Monadical-SAS/reflector/issues/664)) ([5bf64b5](https://github.com/Monadical-SAS/reflector/commit/5bf64b5a41f64535e22849b4bb11734d4dbb4aae))
+
+
+### Bug Fixes
+
+* restore feature boolean logic ([#671](https://github.com/Monadical-SAS/reflector/issues/671)) ([3660884](https://github.com/Monadical-SAS/reflector/commit/36608849ec64e953e3be456172502762e3c33df9))
+* security review ([#656](https://github.com/Monadical-SAS/reflector/issues/656)) ([5d98754](https://github.com/Monadical-SAS/reflector/commit/5d98754305c6c540dd194dda268544f6d88bfaf8))
+* update transcript list on reprocess ([#676](https://github.com/Monadical-SAS/reflector/issues/676)) ([9a71af1](https://github.com/Monadical-SAS/reflector/commit/9a71af145ee9b833078c78d0c684590ab12e9f0e))
+* upgrade nemo toolkit ([#678](https://github.com/Monadical-SAS/reflector/issues/678)) ([eef6dc3](https://github.com/Monadical-SAS/reflector/commit/eef6dc39037329b65804297786d852dddb0557f9))
+
+## [0.13.1](https://github.com/Monadical-SAS/reflector/compare/v0.13.0...v0.13.1) (2025-09-22)
+
+
+### Bug Fixes
+
+* TypeError on not all arguments converted during string formatting in logger ([#667](https://github.com/Monadical-SAS/reflector/issues/667)) ([565a629](https://github.com/Monadical-SAS/reflector/commit/565a62900f5a02fc946b68f9269a42190ed70ab6))
+
+## [0.13.0](https://github.com/Monadical-SAS/reflector/compare/v0.12.1...v0.13.0) (2025-09-19)
+
+
+### Features
+
+* room form edit with enter ([#662](https://github.com/Monadical-SAS/reflector/issues/662)) ([47716f6](https://github.com/Monadical-SAS/reflector/commit/47716f6e5ddee952609d2fa0ffabdfa865286796))
+
+
+### Bug Fixes
+
+* invalid cleanup call ([#660](https://github.com/Monadical-SAS/reflector/issues/660)) ([0abcebf](https://github.com/Monadical-SAS/reflector/commit/0abcebfc9491f87f605f21faa3e53996fafedd9a))
+
+## [0.12.1](https://github.com/Monadical-SAS/reflector/compare/v0.12.0...v0.12.1) (2025-09-17)
+
+
+### Bug Fixes
+
+* production blocked because having existing meeting with room_id null ([#657](https://github.com/Monadical-SAS/reflector/issues/657)) ([870e860](https://github.com/Monadical-SAS/reflector/commit/870e8605171a27155a9cbee215eeccb9a8d6c0a2))
+
+## [0.12.0](https://github.com/Monadical-SAS/reflector/compare/v0.11.0...v0.12.0) (2025-09-17)
+
+
+### Features
+
+* calendar integration ([#608](https://github.com/Monadical-SAS/reflector/issues/608)) ([6f680b5](https://github.com/Monadical-SAS/reflector/commit/6f680b57954c688882c4ed49f40f161c52a00a24))
+* self-hosted gpu api ([#636](https://github.com/Monadical-SAS/reflector/issues/636)) ([ab859d6](https://github.com/Monadical-SAS/reflector/commit/ab859d65a6bded904133a163a081a651b3938d42))
+
+
+### Bug Fixes
+
+* ignore player hotkeys for text inputs ([#646](https://github.com/Monadical-SAS/reflector/issues/646)) ([fa049e8](https://github.com/Monadical-SAS/reflector/commit/fa049e8d068190ce7ea015fd9fcccb8543f54a3f))
+
+## [0.11.0](https://github.com/Monadical-SAS/reflector/compare/v0.10.0...v0.11.0) (2025-09-16)
+
+
+### Features
+
+* remove profanity filter that was there for conference ([#652](https://github.com/Monadical-SAS/reflector/issues/652)) ([b42f7cf](https://github.com/Monadical-SAS/reflector/commit/b42f7cfc606783afcee792590efcc78b507468ab))
+
+
+### Bug Fixes
+
+* zulip and consent handler on the file pipeline ([#645](https://github.com/Monadical-SAS/reflector/issues/645)) ([5f143fe](https://github.com/Monadical-SAS/reflector/commit/5f143fe3640875dcb56c26694254a93189281d17))
+* zulip stream and topic selection in share dialog ([#644](https://github.com/Monadical-SAS/reflector/issues/644)) ([c546e69](https://github.com/Monadical-SAS/reflector/commit/c546e69739e68bb74fbc877eb62609928e5b8de6))
+
+## [0.10.0](https://github.com/Monadical-SAS/reflector/compare/v0.9.0...v0.10.0) (2025-09-11)
+
+
+### Features
+
+* replace nextjs-config with environment variables ([#632](https://github.com/Monadical-SAS/reflector/issues/632)) ([369ecdf](https://github.com/Monadical-SAS/reflector/commit/369ecdff13f3862d926a9c0b87df52c9d94c4dde))
+
+
+### Bug Fixes
+
+* anonymous users transcript permissions ([#621](https://github.com/Monadical-SAS/reflector/issues/621)) ([f81fe99](https://github.com/Monadical-SAS/reflector/commit/f81fe9948a9237b3e0001b2d8ca84f54d76878f9))
+* auth post ([#624](https://github.com/Monadical-SAS/reflector/issues/624)) ([cde99ca](https://github.com/Monadical-SAS/reflector/commit/cde99ca2716f84ba26798f289047732f0448742e))
+* auth post ([#626](https://github.com/Monadical-SAS/reflector/issues/626)) ([3b85ff3](https://github.com/Monadical-SAS/reflector/commit/3b85ff3bdf4fb053b103070646811bc990c0e70a))
+* auth post ([#627](https://github.com/Monadical-SAS/reflector/issues/627)) ([962038e](https://github.com/Monadical-SAS/reflector/commit/962038ee3f2a555dc3c03856be0e4409456e0996))
+* missing follow_redirects=True on modal endpoint ([#630](https://github.com/Monadical-SAS/reflector/issues/630)) ([fc363bd](https://github.com/Monadical-SAS/reflector/commit/fc363bd49b17b075e64f9186e5e0185abc325ea7))
+* sync backend and frontend token refresh logic ([#614](https://github.com/Monadical-SAS/reflector/issues/614)) ([5a5b323](https://github.com/Monadical-SAS/reflector/commit/5a5b3233820df9536da75e87ce6184a983d4713a))
+
+## [0.9.0](https://github.com/Monadical-SAS/reflector/compare/v0.8.2...v0.9.0) (2025-09-06)
+
+
+### Features
+
+* frontend openapi react query ([#606](https://github.com/Monadical-SAS/reflector/issues/606)) ([c4d2825](https://github.com/Monadical-SAS/reflector/commit/c4d2825c81f81ad8835629fbf6ea8c7383f8c31b))
+
+
+### Bug Fixes
+
+* align whisper transcriber api with parakeet ([#602](https://github.com/Monadical-SAS/reflector/issues/602)) ([0663700](https://github.com/Monadical-SAS/reflector/commit/0663700a615a4af69a03c96c410f049e23ec9443))
+* kv use tls explicit ([#610](https://github.com/Monadical-SAS/reflector/issues/610)) ([08d88ec](https://github.com/Monadical-SAS/reflector/commit/08d88ec349f38b0d13e0fa4cb73486c8dfd31836))
+* source kind for file processing ([#601](https://github.com/Monadical-SAS/reflector/issues/601)) ([dc82f8b](https://github.com/Monadical-SAS/reflector/commit/dc82f8bb3bdf3ab3d4088e592a30fd63907319e1))
+* token refresh locking ([#613](https://github.com/Monadical-SAS/reflector/issues/613)) ([7f5a4c9](https://github.com/Monadical-SAS/reflector/commit/7f5a4c9ddc7fd098860c8bdda2ca3b57f63ded2f))
+
+## [0.8.2](https://github.com/Monadical-SAS/reflector/compare/v0.8.1...v0.8.2) (2025-08-29)
+
+
+### Bug Fixes
+
+* search-logspam ([#593](https://github.com/Monadical-SAS/reflector/issues/593)) ([695d1a9](https://github.com/Monadical-SAS/reflector/commit/695d1a957d4cd862753049f9beed88836cabd5ab))
+
 ## [0.8.1](https://github.com/Monadical-SAS/reflector/compare/v0.8.0...v0.8.1) (2025-08-29)
 
 

CLAUDE.md

@@ -66,7 +66,6 @@ pnpm install
 
 # Copy configuration templates
 cp .env_template .env
-cp config-template.ts config.ts
 ```
 
 **Development:**
@@ -152,7 +151,7 @@ All endpoints prefixed `/v1/`:
 
 **Frontend** (`www/.env`):
 - `NEXTAUTH_URL`, `NEXTAUTH_SECRET` - Authentication configuration
-- `NEXT_PUBLIC_REFLECTOR_API_URL` - Backend API endpoint
+- `REFLECTOR_API_URL` - Backend API endpoint
 - `REFLECTOR_DOMAIN_CONFIG` - Feature flags and domain settings
 
 ## Testing Strategy

CODER_BRIEFING.md

@@ -0,0 +1,345 @@
+# Multi-Provider Video Platform Implementation - Coder Briefing
+
+## Your Mission
+
+Implement multi-provider video platform support in Reflector, allowing the system to work with both Whereby and Daily.co video conferencing providers. The goal is to abstract the current Whereby-only implementation and add Daily.co as a second provider, with the ability to switch between them via environment variables.
+
+**Branch:** `igor/dailico-2` (you're already on it)
+
+**Estimated Time:** 12-16 hours (senior engineer)
+
+**Complexity:** Medium-High (requires careful integration with existing codebase)
+
+---
+
+## What You Have
+
+### 1. **PLAN.md** - Your Technical Specification (2,452 lines)
+   - Complete step-by-step implementation guide
+   - All code examples you need
+   - Architecture diagrams and design rationale
+   - Testing strategy and success metrics
+   - **Read this first** to understand the overall approach
+
+### 2. **IMPLEMENTATION_GUIDE.md** - Your Practical Guide
+   - What to copy vs. adapt vs. rewrite
+   - Common pitfalls and how to avoid them
+   - Verification checklists for each phase
+   - Decision trees for implementation choices
+   - **Use this as your day-to-day reference**
+
+### 3. **Reference Implementation** - `./reflector-dailyco-reference/`
+   - Working implementation from 2.5 months ago
+   - Good architecture and patterns
+   - **BUT:** 91 commits behind current main, DO NOT merge directly
+   - Use for inspiration and code patterns only
+
+---
+
+## Critical Context: Why Not Just Merge?
+
+The reference branch (`origin/igor/feat-dailyco`) was started on August 1, 2025 and is now severely diverged from main:
+
+- **91 commits behind main**
+- Main has 12x more changes (45,840 insertions vs 3,689)
+- Main added: calendar integration, webhooks, full-text search, React Query migration, security fixes
+- Reference removed: features that main still has and needs
+
+**Merging would be a disaster.** We're implementing fresh on current main, using the reference for validated patterns.
+
+---
+
+## High-Level Approach
+
+### Phase 1: Analysis (2 hours)
+- Study current Whereby integration
+- Define abstraction requirements
+- Create standard data models
+
+### Phase 2: Abstraction Layer (4-5 hours)
+- Build platform abstraction (base class, registry, factory)
+- Extract Whereby into the abstraction
+- Update database schema (add `platform` field)
+- Integrate into rooms.py **without breaking calendar/webhooks**
+
+### Phase 3: Daily.co Implementation (4-5 hours)
+- Implement Daily.co client
+- Add webhook handler
+- Create frontend components (rewrite API calls for React Query)
+- Add recording processing
+
+### Phase 4: Testing (2-3 hours)
+- Unit tests for platform abstraction
+- Integration tests for webhooks
+- Manual testing with both providers
+
+---
+
+## Key Files You'll Touch
+
+### Backend (New)
+```
+server/reflector/video_platforms/
+├── __init__.py
+├── base.py              ← Abstract base class
+├── models.py            ← Platform, MeetingData, VideoPlatformConfig
+├── registry.py          ← Platform registration system
+├── factory.py           ← Client creation and config
+├── whereby.py           ← Whereby client wrapper
+├── daily.py             ← Daily.co client
+└── mock.py              ← Mock client for testing
+
+server/reflector/views/daily.py       ← Daily.co webhooks
+server/tests/test_video_platforms.py  ← Platform tests
+server/tests/test_daily_webhook.py    ← Webhook tests
+```
+
+### Backend (Modified - Careful!)
+```
+server/reflector/settings.py          ← Add Daily.co settings
+server/reflector/db/rooms.py          ← Add platform field, PRESERVE calendar fields
+server/reflector/db/meetings.py       ← Add platform field
+server/reflector/views/rooms.py       ← Integrate abstraction, PRESERVE calendar/webhooks
+server/reflector/worker/process.py    ← Add process_recording_from_url task
+server/reflector/app.py               ← Register daily router
+server/env.example                    ← Document new env vars
+```
+
+### Frontend (New)
+```
+www/app/[roomName]/components/
+├── RoomContainer.tsx    ← Platform router
+├── DailyRoom.tsx        ← Daily.co component (rewrite API calls!)
+└── WherebyRoom.tsx      ← Extract existing logic
+```
+
+### Frontend (Modified)
+```
+www/app/[roomName]/page.tsx           ← Use RoomContainer
+www/package.json                      ← Add @daily-co/daily-js
+```
+
+### Database
+```
+server/migrations/versions/XXXXXX_add_platform_support.py  ← Generate fresh migration
+```
+
+---
+
+## Critical Warnings ⚠️
+
+### 1. **DO NOT Copy Database Migrations**
+The reference migration has the wrong `down_revision` and is based on old schema.
+```bash
+# Instead:
+cd server
+uv run alembic revision -m "add_platform_support"
+# Then edit the generated file
+```
+
+### 2. **DO NOT Remove Main's Features**
+Main has calendar integration, webhooks, ICS sync that reference doesn't have.
+When modifying `rooms.py`, only change meeting creation logic, preserve everything else.
+
+### 3. **DO NOT Copy Frontend API Calls**
+Reference uses old OpenAPI client. Main uses React Query.
+Check how main currently makes API calls and replicate that pattern.
+
+### 4. **DO NOT Copy package.json/migrations**
+These files are severely outdated in reference.
+
+### 5. **Preserve Type Safety**
+Use `TYPE_CHECKING` imports to avoid circular dependencies:
+```python
+from typing import TYPE_CHECKING
+if TYPE_CHECKING:
+    from reflector.db.rooms import Room
+```
+
+---
+
+## How to Start
+
+### Day 1 Morning: Setup & Understanding (2-3 hours)
+```bash
+# 1. Verify you're on the right branch
+git branch
+# Should show: igor/dailico-2
+
+# 2. Read the docs (in order)
+# - PLAN.md (skim to understand scope, read Phase 1 carefully)
+# - IMPLEMENTATION_GUIDE.md (read fully, bookmark it)
+
+# 3. Study current Whereby integration
+cat server/reflector/views/rooms.py | grep -A 20 "whereby"
+cat www/app/[roomName]/page.tsx
+
+# 4. Check reference implementation structure
+ls -la reflector-dailyco-reference/server/reflector/video_platforms/
+```
+
+### Day 1 Afternoon: Phase 1 Execution (2-3 hours)
+```bash
+# 5. Copy video_platforms directory from reference
+cp -r reflector-dailyco-reference/server/reflector/video_platforms/ \
+      server/reflector/
+
+# 6. Review and fix imports
+cd server
+uv run ruff check reflector/video_platforms/
+
+# 7. Add settings to settings.py (see PLAN.md Phase 2.7)
+
+# 8. Test imports work
+uv run python -c "from reflector.video_platforms import create_platform_client; print('OK')"
+```
+
+### Day 2: Phase 2 - Database & Integration (4-5 hours)
+```bash
+# 9. Generate migration
+uv run alembic revision -m "add_platform_support"
+# Edit the file following PLAN.md Phase 2.8
+
+# 10. Update Room/Meeting models
+# Add platform field, PRESERVE all existing fields
+
+# 11. Integrate into rooms.py
+# Carefully modify meeting creation, preserve calendar/webhooks
+
+# 12. Add Daily.co webhook handler
+cp reflector-dailyco-reference/server/reflector/views/daily.py \
+   server/reflector/views/
+# Register in app.py
+```
+
+### Day 3: Phase 3 - Frontend & Testing (4-5 hours)
+```bash
+# 13. Create frontend components
+mkdir -p www/app/[roomName]/components
+
+# 14. Add Daily.co dependency
+cd www
+pnpm add @daily-co/daily-js@^0.81.0
+
+# 15. Create RoomContainer, DailyRoom, WherebyRoom
+# IMPORTANT: Rewrite API calls using React Query patterns
+
+# 16. Regenerate types
+pnpm openapi
+
+# 17. Copy and adapt tests
+cp reflector-dailyco-reference/server/tests/test_*.py server/tests/
+
+# 18. Run tests
+cd server
+REDIS_HOST=localhost \
+CELERY_BROKER_URL=redis://localhost:6379/1 \
+uv run pytest tests/test_video_platforms.py -v
+```
+
+---
+
+## Verification Checklist
+
+After implementation, all of these must pass:
+
+**Backend:**
+- [ ] `cd server && uv run ruff check .` passes
+- [ ] `uv run alembic upgrade head` works cleanly
+- [ ] `uv run pytest tests/test_video_platforms.py` passes
+- [ ] Can import: `from reflector.video_platforms import create_platform_client`
+- [ ] Settings has all Daily.co variables
+
+**Frontend:**
+- [ ] `cd www && pnpm lint` passes
+- [ ] No TypeScript errors
+- [ ] `pnpm openapi` generates platform field
+- [ ] No `@ts-ignore` for platform field
+
+**Integration:**
+- [ ] Whereby meetings still work (existing flow unchanged)
+- [ ] Calendar/webhook features still work in rooms.py
+- [ ] env.example documents all new variables
+
+---
+
+## When You're Stuck
+
+### Check These Resources:
+1. **PLAN.md** - Detailed code examples for your exact scenario
+2. **IMPLEMENTATION_GUIDE.md** - Common pitfalls section
+3. **Reference code** - See how it was solved before
+4. **Git diff** - Compare reference to your implementation
+
+### Compare Files:
+```bash
+# See what reference did
+diff reflector-dailyco-reference/server/reflector/views/rooms.py \
+     server/reflector/views/rooms.py
+
+# See what changed in main since reference branch
+git log --oneline --since="2025-08-01" -- server/reflector/views/rooms.py
+```
+
+### Common Issues:
+- **Circular imports:** Use `TYPE_CHECKING` pattern
+- **Tests fail with postgres error:** Use `REDIS_HOST=localhost` env vars
+- **Frontend API calls broken:** Check current React Query patterns in main
+- **Migrations fail:** Ensure you generated fresh, not copied
+
+---
+
+## Success Looks Like
+
+When you're done:
+- ✅ All tests pass
+- ✅ Linting passes
+- ✅ Can create Whereby meetings (unchanged behavior)
+- ✅ Can create Daily.co meetings (with env vars)
+- ✅ Calendar/webhooks still work
+- ✅ Frontend has no TypeScript errors
+- ✅ Platform selection via environment variables works
+
+---
+
+## Communication
+
+If you need clarification on requirements, have questions about architecture decisions, or find issues with the spec, document them clearly with:
+- What you expected
+- What you found
+- Your proposed solution
+
+The PLAN.md document is comprehensive but you may find edge cases. Use your engineering judgment and document decisions.
+
+---
+
+## Final Notes
+
+**This is not a simple copy-paste job.** You're doing careful integration work where you need to:
+- Understand the abstraction pattern (PLAN.md)
+- Preserve all of main's features
+- Adapt reference code to current patterns
+- Think about edge cases and testing
+
+Take your time with Phase 2 (rooms.py integration) - that's where most bugs will come from if you accidentally break calendar/webhook features.
+
+**Good luck! You've got comprehensive specs, working reference code, and a clean starting point. You can do this.**
+
+---
+
+## Quick Reference
+
+```bash
+# Your workspace
+├── PLAN.md                        ← Complete technical spec (read first)
+├── IMPLEMENTATION_GUIDE.md        ← Practical guide (bookmark this)
+├── CODER_BRIEFING.md             ← This file
+└── reflector-dailyco-reference/   ← Reference implementation (inspiration only)
+
+# Key commands
+cd server && uv run ruff check .                    # Lint backend
+cd www && pnpm lint                                  # Lint frontend
+cd server && uv run alembic revision -m "..."       # Create migration
+cd www && pnpm openapi                              # Regenerate types
+cd server && uv run pytest -v                       # Run tests
+```

IMPLEMENTATION_GUIDE.md

@@ -0,0 +1,489 @@
+# Daily.co Implementation Guide
+
+## Overview
+Implement multi-provider video platform support (Whereby + Daily.co) following PLAN.md.
+
+## Reference Code Location
+- **Reference branch:** `origin/igor/feat-dailyco` (on remote)
+- **Worktree location:** `./reflector-dailyco-reference/`
+- **Status:** Reference only - DO NOT merge or copy directly
+
+## What Exists in Reference Branch (For Inspiration)
+
+### ✅ Can Use As Reference (Well-Implemented)
+```
+server/reflector/video_platforms/
+├── base.py              ← Platform abstraction (good design, copy-safe)
+├── models.py            ← Data models (copy-safe)
+├── registry.py          ← Registry pattern (copy-safe)
+├── factory.py           ← Factory pattern (needs settings updates)
+├── whereby.py           ← Whereby client (needs adaptation)
+├── daily.py             ← Daily.co client (needs adaptation)
+└── mock.py              ← Mock client (copy-safe for tests)
+
+server/reflector/views/daily.py       ← Webhook handler (needs adaptation)
+server/tests/test_video_platforms.py  ← Tests (good reference)
+server/tests/test_daily_webhook.py    ← Tests (good reference)
+
+www/app/[roomName]/components/
+├── RoomContainer.tsx    ← Platform router (needs React Query)
+├── DailyRoom.tsx        ← Daily component (needs React Query)
+└── WherebyRoom.tsx      ← Whereby extraction (needs React Query)
+```
+
+### ⚠️ Needs Significant Changes (Use Logic Only)
+- `server/reflector/db/rooms.py` - Reference removed calendar/webhook fields that main has
+- `server/reflector/db/meetings.py` - Same issue (missing user_id handling differences)
+- `server/reflector/views/rooms.py` - Main has calendar integration, webhooks, ICS sync
+- `server/reflector/worker/process.py` - Main has different recording flow
+- Migration files - Must regenerate against current main schema
+
+### ❌ Do NOT Use (Outdated/Incompatible)
+- `package.json`/`pnpm-lock.yaml` - Main uses different dependency versions
+- Frontend API client calls - Main uses React Query (reference uses old OpenAPI client)
+- Database migrations - Must create new ones from scratch
+- Any files that delete features present in main (search, calendar, webhooks)
+
+## Key Differences: Reference vs Current Main
+
+| Aspect | Reference Branch | Current Main | Action Required |
+|--------|------------------|--------------|-----------------|
+| **API client** | Old OpenAPI generated | React Query hooks | Rewrite all API calls |
+| **Database schema** | Simplified (removed features) | Has calendar, webhooks, full-text search | Merge carefully, preserve main features |
+| **Settings** | Aug 2025 structure | Current structure | Adapt carefully |
+| **Migrations** | Branched from Aug 1 | Current main (91+ commits ahead) | Regenerate from scratch |
+| **Frontend deps** | `@daily-co/daily-js@0.81.0` | Check current versions | Update to compatible versions |
+| **Package manager** | yarn | pnpm (maybe both?) | Use what main uses |
+
+## Branch Divergence Analysis
+
+**The reference branch is 91 commits behind main and severely diverged:**
+- Reference: 8 commits, 3,689 insertions, 425 deletions
+- Main since divergence: 320 files changed, 45,840 insertions, 16,827 deletions
+- **Main has 12x more changes**
+
+**Major features in main that reference lacks:**
+1. Calendar integration (ICS sync with rooms)
+2. Self-hosted GPU API infrastructure
+3. Frontend OpenAPI React Query migration
+4. Full-text search (backend + frontend)
+5. Webhook system for room events
+6. Environment variable migration
+7. Security fixes and auth improvements
+8. Docker production frontend
+9. Meeting user ID removal (schema change)
+10. NextJS version upgrades
+
+**High conflict risk files:**
+- `server/reflector/views/rooms.py` - 12x more changes in main
+- `server/reflector/db/rooms.py` - Main added 7+ fields
+- `www/package.json` - NextJS major version bump
+- Database migrations - 20+ new migrations in main
+
+## Implementation Approach
+
+### Phase 1: Copy Clean Abstractions (1-2 hours)
+
+**Files to copy directly from reference:**
+```bash
+# Core abstraction (review but mostly safe to copy)
+cp -r reflector-dailyco-reference/server/reflector/video_platforms/ \
+      server/reflector/
+
+# BUT review each file for:
+# - Import paths (make sure they match current main)
+# - Settings references (adapt to current settings.py)
+# - Type imports (ensure no circular dependencies)
+```
+
+**After copying, immediately:**
+```bash
+cd server
+# Check for issues
+uv run ruff check reflector/video_platforms/
+# Fix any import errors or type issues
+```
+
+### Phase 2: Adapt to Current Main (2-3 hours)
+
+**2.1 Settings Integration**
+
+File: `server/reflector/settings.py`
+
+Add at the appropriate location (near existing Whereby settings):
+
+```python
+# Daily.co API Integration (NEW)
+DAILY_API_KEY: str | None = None
+DAILY_WEBHOOK_SECRET: str | None = None
+DAILY_SUBDOMAIN: str | None = None
+AWS_DAILY_S3_BUCKET: str | None = None
+AWS_DAILY_S3_REGION: str = "us-west-2"
+AWS_DAILY_ROLE_ARN: str | None = None
+
+# Platform Migration Feature Flags (NEW)
+DAILY_MIGRATION_ENABLED: bool = False  # Conservative default
+DAILY_MIGRATION_ROOM_IDS: list[str] = []
+DEFAULT_VIDEO_PLATFORM: Literal["whereby", "daily"] = "whereby"
+```
+
+**2.2 Database Migration**
+
+⚠️ **CRITICAL: Do NOT copy migration from reference**
+
+Generate new migration:
+```bash
+cd server
+uv run alembic revision -m "add_platform_support"
+```
+
+Edit the generated migration file to add `platform` column:
+```python
+def upgrade():
+    with op.batch_alter_table("room", schema=None) as batch_op:
+        batch_op.add_column(
+            sa.Column("platform", sa.String(), nullable=False, server_default="whereby")
+        )
+
+    with op.batch_alter_table("meeting", schema=None) as batch_op:
+        batch_op.add_column(
+            sa.Column("platform", sa.String(), nullable=False, server_default="whereby")
+        )
+```
+
+**2.3 Update Database Models**
+
+File: `server/reflector/db/rooms.py`
+
+Add platform field (preserve all existing fields from main):
+```python
+from typing import TYPE_CHECKING
+
+if TYPE_CHECKING:
+    from reflector.video_platforms.models import Platform
+
+class Room:
+    # ... ALL existing fields from main (calendar, webhooks, etc.) ...
+
+    # NEW: Platform field
+    platform: "Platform" = sqlalchemy.Column(
+        sqlalchemy.String,
+        nullable=False,
+        server_default="whereby",
+    )
+```
+
+File: `server/reflector/db/meetings.py`
+
+Same approach - add platform field, preserve everything from main.
+
+**2.4 Integrate Platform Abstraction into rooms.py**
+
+⚠️ **This is the most delicate part - main has calendar/webhook features**
+
+File: `server/reflector/views/rooms.py`
+
+Strategy:
+1. Add imports at top
+2. Modify meeting creation logic only
+3. Preserve all calendar/webhook/ICS logic from main
+
+```python
+# Add imports
+from reflector.video_platforms import (
+    create_platform_client,
+    get_platform_for_room,
+)
+
+# In create_meeting endpoint:
+# OLD: Direct Whereby API calls
+# NEW: Platform abstraction
+
+# Find the meeting creation section and replace:
+platform = get_platform_for_room(room.id)
+client = create_platform_client(platform)
+
+meeting_data = await client.create_meeting(
+    room_name_prefix=room.name,
+    end_date=meeting_data.end_date,
+    room=room,
+)
+
+# Then create Meeting record with meeting_data.platform, meeting_data.meeting_id, etc.
+```
+
+**2.5 Add Daily.co Webhook Handler**
+
+Copy from reference, minimal changes needed:
+```bash
+cp reflector-dailyco-reference/server/reflector/views/daily.py \
+   server/reflector/views/
+```
+
+Register in `server/reflector/app.py`:
+```python
+from reflector.views import daily
+
+app.include_router(daily.router, prefix="/v1/daily", tags=["daily"])
+```
+
+**2.6 Add Recording Processing Task**
+
+File: `server/reflector/worker/process.py`
+
+Add the `process_recording_from_url` task from reference (copy the function).
+
+### Phase 3: Frontend Adaptation (3-4 hours)
+
+**3.1 Determine Current API Client Pattern**
+
+First, check how main currently makes API calls:
+```bash
+cd www
+grep -r "api\." app/ | head -20
+# Look for patterns like: api.v1Something()
+```
+
+**3.2 Create Components**
+
+Copy component structure from reference but **rewrite all API calls**:
+
+```bash
+mkdir -p www/app/[roomName]/components
+```
+
+Files to create:
+- `RoomContainer.tsx` - Platform router (mostly copy-safe, just fix imports)
+- `DailyRoom.tsx` - Needs React Query API calls
+- `WherebyRoom.tsx` - Extract current room page logic
+
+**Example React Query pattern** (adapt to your actual API):
+```typescript
+import { api } from '@/app/api/client'
+
+// In DailyRoom.tsx
+const handleConsent = async () => {
+  try {
+    await api.v1MeetingAudioConsent({
+      path: { meeting_id: meeting.id },
+      body: { consent: true },
+    })
+    // ...
+  } catch (error) {
+    // ...
+  }
+}
+```
+
+**3.3 Add Daily.co Dependency**
+
+Check current package manager:
+```bash
+cd www
+ls package-lock.json yarn.lock pnpm-lock.yaml
+```
+
+Then install:
+```bash
+# If using pnpm
+pnpm add @daily-co/daily-js@^0.81.0
+
+# If using yarn
+yarn add @daily-co/daily-js@^0.81.0
+```
+
+**3.4 Update TypeScript Types**
+
+After backend changes, regenerate types:
+```bash
+cd www
+pnpm openapi  # or yarn openapi
+```
+
+This should pick up the new `platform` field on Meeting type.
+
+### Phase 4: Testing (2-3 hours)
+
+**4.1 Copy Test Structure**
+
+```bash
+cp reflector-dailyco-reference/server/tests/test_video_platforms.py \
+   server/tests/
+
+cp reflector-dailyco-reference/server/tests/test_daily_webhook.py \
+   server/tests/
+```
+
+**4.2 Fix Test Imports and Fixtures**
+
+Update imports to match current test infrastructure:
+- Check `server/tests/conftest.py` for fixture patterns
+- Update database access patterns if changed
+- Fix any import errors
+
+**4.3 Run Tests**
+
+```bash
+cd server
+# Run with environment variables for Mac
+REDIS_HOST=localhost \
+CELERY_BROKER_URL=redis://localhost:6379/1 \
+CELERY_RESULT_BACKEND=redis://localhost:6379/1 \
+uv run pytest tests/test_video_platforms.py -v
+```
+
+### Phase 5: Environment Configuration
+
+**Update `server/env.example`:**
+
+Add at the end:
+```bash
+# Daily.co API Integration
+DAILY_API_KEY=your-daily-api-key
+DAILY_WEBHOOK_SECRET=your-daily-webhook-secret
+DAILY_SUBDOMAIN=your-subdomain
+AWS_DAILY_S3_BUCKET=your-daily-bucket
+AWS_DAILY_S3_REGION=us-west-2
+AWS_DAILY_ROLE_ARN=arn:aws:iam::ACCOUNT:role/DailyRecording
+
+# Platform Selection
+DAILY_MIGRATION_ENABLED=false           # Master switch
+DAILY_MIGRATION_ROOM_IDS=[]            # Specific room IDs
+DEFAULT_VIDEO_PLATFORM=whereby          # Default platform
+```
+
+## Decision Tree: Copy vs Adapt vs Rewrite
+
+```
+┌─ Is it pure abstraction logic? (base.py, registry.py, models.py)
+│  YES → Copy directly, review imports
+│  NO  → Continue ↓
+│
+├─ Does it touch database models?
+│  YES → Adapt carefully, preserve main's fields
+│  NO  → Continue ↓
+│
+├─ Does it make API calls on frontend?
+│  YES → Rewrite using React Query
+│  NO  → Continue ↓
+│
+├─ Is it a database migration?
+│  YES → Generate fresh from current schema
+│  NO  → Continue ↓
+│
+└─ Does it touch rooms.py or core business logic?
+   YES → Merge carefully, preserve calendar/webhooks
+   NO  → Safe to adapt from reference
+```
+
+## Verification Checklist
+
+After each phase, verify:
+
+**Phase 1 (Abstraction Layer):**
+- [ ] `uv run ruff check server/reflector/video_platforms/` passes
+- [ ] No circular import errors
+- [ ] Can import `from reflector.video_platforms import create_platform_client`
+
+**Phase 2 (Backend Integration):**
+- [ ] `uv run ruff check server/` passes
+- [ ] Migration file generated (not copied)
+- [ ] Room and Meeting models have platform field
+- [ ] rooms.py still has calendar/webhook features
+
+**Phase 3 (Frontend):**
+- [ ] `pnpm lint` passes
+- [ ] No TypeScript errors
+- [ ] No `@ts-ignore` for platform field
+- [ ] API calls use React Query patterns
+
+**Phase 4 (Testing):**
+- [ ] Tests can be collected: `pytest tests/test_video_platforms.py --collect-only`
+- [ ] Database fixtures work
+- [ ] Mock platform works
+
+**Phase 5 (Config):**
+- [ ] env.example has Daily.co variables
+- [ ] settings.py has all new variables
+- [ ] No duplicate variable definitions
+
+## Common Pitfalls
+
+### 1. Database Schema Conflicts
+**Problem:** Reference removed fields that main has (calendar, webhooks)
+**Solution:** Always preserve main's fields, only add platform field
+
+### 2. Migration Conflicts
+**Problem:** Reference migration has wrong `down_revision`
+**Solution:** Always generate fresh migration from current main
+
+### 3. Frontend API Calls
+**Problem:** Reference uses old API client patterns
+**Solution:** Check current main's API usage, replicate that pattern
+
+### 4. Import Errors
+**Problem:** Circular imports with TYPE_CHECKING
+**Solution:** Use `if TYPE_CHECKING:` for Room/Meeting imports in video_platforms
+
+### 5. Test Database Issues
+**Problem:** Tests fail with "could not translate host name 'postgres'"
+**Solution:** Use environment variables: `REDIS_HOST=localhost DATABASE_URL=...`
+
+### 6. Preserved Features Broken
+**Problem:** Calendar/webhook features stop working
+**Solution:** Carefully review rooms.py diff, only change meeting creation, not calendar logic
+
+## File Modification Summary
+
+**New files (can copy):**
+- `server/reflector/video_platforms/*.py` (entire directory)
+- `server/reflector/views/daily.py`
+- `server/tests/test_video_platforms.py`
+- `server/tests/test_daily_webhook.py`
+- `www/app/[roomName]/components/RoomContainer.tsx`
+- `www/app/[roomName]/components/DailyRoom.tsx`
+- `www/app/[roomName]/components/WherebyRoom.tsx`
+
+**Modified files (careful merging):**
+- `server/reflector/settings.py` - Add Daily.co settings
+- `server/reflector/db/rooms.py` - Add platform field
+- `server/reflector/db/meetings.py` - Add platform field
+- `server/reflector/views/rooms.py` - Integrate platform abstraction
+- `server/reflector/worker/process.py` - Add process_recording_from_url
+- `server/reflector/app.py` - Register daily router
+- `server/env.example` - Add Daily.co variables
+- `www/app/[roomName]/page.tsx` - Use RoomContainer
+- `www/package.json` - Add @daily-co/daily-js
+
+**Generated files (do not copy):**
+- `server/migrations/versions/XXXXXX_add_platform_support.py` - Generate fresh
+
+## Success Metrics
+
+Implementation is complete when:
+- [ ] All tests pass (including new platform tests)
+- [ ] Linting passes (ruff, pnpm lint)
+- [ ] Migration applies cleanly: `uv run alembic upgrade head`
+- [ ] Can create Whereby meeting (existing flow unchanged)
+- [ ] Can create Daily.co meeting (with env vars set)
+- [ ] Frontend loads without TypeScript errors
+- [ ] No features from main were accidentally removed
+
+## Getting Help
+
+**Reference documentation locations:**
+- Implementation plan: `PLAN.md`
+- Reference implementation: `./reflector-dailyco-reference/`
+- Current main codebase: `./ ` (current directory)
+
+**Compare implementations:**
+```bash
+# Compare specific files
+diff reflector-dailyco-reference/server/reflector/video_platforms/base.py \
+     server/reflector/video_platforms/base.py
+
+# See what changed in rooms.py between reference branch point and now
+git log --oneline --since="2025-08-01" -- server/reflector/views/rooms.py
+```
+
+**Key insight:** The reference branch validates the approach and provides working code patterns, but you're implementing fresh against current main to avoid merge conflicts and preserve all new features.

README.md

@@ -99,11 +99,10 @@ Start with `cd www`.
 
 ```bash
 pnpm install
-cp .env_template .env
-cp config-template.ts config.ts
+cp .env.example .env
 ```
 
-Then, fill in the environment variables in `.env` and the configuration in `config.ts` as needed. If you are unsure on how to proceed, ask in Zulip.
+Then, fill in the environment variables in `.env` as needed. If you are unsure on how to proceed, ask in Zulip.
 
 **Run in development mode**
 
@@ -168,3 +167,41 @@ You can manually process an audio file by calling the process tool:
 ```bash
 uv run python -m reflector.tools.process path/to/audio.wav
 ```
+
+## Build-time env variables
+
+Next.js projects are more used to NEXT_PUBLIC_ prefixed buildtime vars. We don't have those for the reason we need to serve a ccustomizable prebuild docker container.
+
+Instead, all the variables are runtime. Variables needed to the frontend are served to the frontend app at initial render.
+
+It also means there's no static prebuild and no static files to serve for js/html.
+
+## Feature Flags
+
+Reflector uses environment variable-based feature flags to control application functionality. These flags allow you to enable or disable features without code changes.
+
+### Available Feature Flags
+
+| Feature Flag | Environment Variable |
+|-------------|---------------------|
+| `requireLogin` | `FEATURE_REQUIRE_LOGIN` |
+| `privacy` | `FEATURE_PRIVACY` |
+| `browse` | `FEATURE_BROWSE` |
+| `sendToZulip` | `FEATURE_SEND_TO_ZULIP` |
+| `rooms` | `FEATURE_ROOMS` |
+
+### Setting Feature Flags
+
+Feature flags are controlled via environment variables using the pattern `FEATURE_{FEATURE_NAME}` where `{FEATURE_NAME}` is the SCREAMING_SNAKE_CASE version of the feature name.
+
+**Examples:**
+```bash
+# Enable user authentication requirement
+FEATURE_REQUIRE_LOGIN=true
+
+# Disable browse functionality
+FEATURE_BROWSE=false
+
+# Enable Zulip integration
+FEATURE_SEND_TO_ZULIP=true
+```

docker-compose.prod.yml

@@ -0,0 +1,39 @@
+# Production Docker Compose configuration for Frontend
+# Usage: docker compose -f docker-compose.prod.yml up -d
+
+services:
+  web:
+    build:
+      context: ./www
+      dockerfile: Dockerfile
+    image: reflector-frontend:latest
+    environment:
+      - KV_URL=${KV_URL:-redis://redis:6379}
+      - SITE_URL=${SITE_URL}
+      - API_URL=${API_URL}
+      - WEBSOCKET_URL=${WEBSOCKET_URL}
+      - NEXTAUTH_URL=${NEXTAUTH_URL:-http://localhost:3000}
+      - NEXTAUTH_SECRET=${NEXTAUTH_SECRET:-changeme-in-production}
+      - AUTHENTIK_ISSUER=${AUTHENTIK_ISSUER}
+      - AUTHENTIK_CLIENT_ID=${AUTHENTIK_CLIENT_ID}
+      - AUTHENTIK_CLIENT_SECRET=${AUTHENTIK_CLIENT_SECRET}
+      - AUTHENTIK_REFRESH_TOKEN_URL=${AUTHENTIK_REFRESH_TOKEN_URL}
+      - SENTRY_DSN=${SENTRY_DSN}
+      - SENTRY_IGNORE_API_RESOLUTION_ERROR=${SENTRY_IGNORE_API_RESOLUTION_ERROR:-1}
+    depends_on:
+      - redis
+    restart: unless-stopped
+
+  redis:
+    image: redis:7.2-alpine
+    restart: unless-stopped
+    healthcheck:
+      test: ["CMD", "redis-cli", "ping"]
+      interval: 30s
+      timeout: 3s
+      retries: 3
+    volumes:
+      - redis_data:/data
+
+volumes:
+  redis_data:

docker-compose.yml

@@ -6,6 +6,7 @@ services:
       - 1250:1250
     volumes:
       - ./server/:/app/
+      - /app/.venv
     env_file:
       - ./server/.env
     environment:
@@ -16,6 +17,7 @@ services:
       context: server
     volumes:
       - ./server/:/app/
+      - /app/.venv
     env_file:
       - ./server/.env
     environment:
@@ -26,6 +28,7 @@ services:
       context: server
     volumes:
       - ./server/:/app/
+      - /app/.venv
     env_file:
       - ./server/.env
     environment:
@@ -36,7 +39,7 @@ services:
     ports:
       - 6379:6379
   web:
-    image: node:18
+    image: node:22-alpine
     ports:
       - "3000:3000"
     command: sh -c "corepack enable && pnpm install && pnpm dev"
@@ -47,6 +50,8 @@ services:
       - /app/node_modules
     env_file:
       - ./www/.env.local
+    environment:
+      - NODE_ENV=development
 
   postgres:
     image: postgres:17

gpu/modal_deployments/.gitignore

@@ -0,0 +1,33 @@
+# OS / Editor
+.DS_Store
+.vscode/
+.idea/
+
+# Python
+__pycache__/
+*.py[cod]
+*$py.class
+
+# Logs
+*.log
+
+# Env and secrets
+.env
+.env.*
+*.env
+*.secret
+
+# Build / dist
+build/
+dist/
+.eggs/
+*.egg-info/
+
+# Coverage / test
+.pytest_cache/
+.coverage*
+htmlcov/
+
+# Modal local state (if any)
+modal_mounts/
+.modal_cache/

gpu/modal_deployments/reflector_transcriber.py

@@ -0,0 +1,608 @@
+import os
+import sys
+import threading
+import uuid
+from typing import Generator, Mapping, NamedTuple, NewType, TypedDict
+from urllib.parse import urlparse
+
+import modal
+
+MODEL_NAME = "large-v2"
+MODEL_COMPUTE_TYPE: str = "float16"
+MODEL_NUM_WORKERS: int = 1
+MINUTES = 60  # seconds
+SAMPLERATE = 16000
+UPLOADS_PATH = "/uploads"
+CACHE_PATH = "/models"
+SUPPORTED_FILE_EXTENSIONS = ["mp3", "mp4", "mpeg", "mpga", "m4a", "wav", "webm"]
+VAD_CONFIG = {
+    "batch_max_duration": 30.0,
+    "silence_padding": 0.5,
+    "window_size": 512,
+}
+
+
+WhisperUniqFilename = NewType("WhisperUniqFilename", str)
+AudioFileExtension = NewType("AudioFileExtension", str)
+
+app = modal.App("reflector-transcriber")
+
+model_cache = modal.Volume.from_name("models", create_if_missing=True)
+upload_volume = modal.Volume.from_name("whisper-uploads", create_if_missing=True)
+
+
+class TimeSegment(NamedTuple):
+    """Represents a time segment with start and end times."""
+
+    start: float
+    end: float
+
+
+class AudioSegment(NamedTuple):
+    """Represents an audio segment with timing and audio data."""
+
+    start: float
+    end: float
+    audio: any
+
+
+class TranscriptResult(NamedTuple):
+    """Represents a transcription result with text and word timings."""
+
+    text: str
+    words: list["WordTiming"]
+
+
+class WordTiming(TypedDict):
+    """Represents a word with its timing information."""
+
+    word: str
+    start: float
+    end: float
+
+
+def download_model():
+    from faster_whisper import download_model
+
+    model_cache.reload()
+
+    download_model(MODEL_NAME, cache_dir=CACHE_PATH)
+
+    model_cache.commit()
+
+
+image = (
+    modal.Image.debian_slim(python_version="3.12")
+    .env(
+        {
+            "HF_HUB_ENABLE_HF_TRANSFER": "1",
+            "LD_LIBRARY_PATH": (
+                "/usr/local/lib/python3.12/site-packages/nvidia/cudnn/lib/:"
+                "/opt/conda/lib/python3.12/site-packages/nvidia/cublas/lib/"
+            ),
+        }
+    )
+    .apt_install("ffmpeg")
+    .pip_install(
+        "huggingface_hub==0.27.1",
+        "hf-transfer==0.1.9",
+        "torch==2.5.1",
+        "faster-whisper==1.1.1",
+        "fastapi==0.115.12",
+        "requests",
+        "librosa==0.10.1",
+        "numpy<2",
+        "silero-vad==5.1.0",
+    )
+    .run_function(download_model, volumes={CACHE_PATH: model_cache})
+)
+
+
+def detect_audio_format(url: str, headers: Mapping[str, str]) -> AudioFileExtension:
+    parsed_url = urlparse(url)
+    url_path = parsed_url.path
+
+    for ext in SUPPORTED_FILE_EXTENSIONS:
+        if url_path.lower().endswith(f".{ext}"):
+            return AudioFileExtension(ext)
+
+    content_type = headers.get("content-type", "").lower()
+    if "audio/mpeg" in content_type or "audio/mp3" in content_type:
+        return AudioFileExtension("mp3")
+    if "audio/wav" in content_type:
+        return AudioFileExtension("wav")
+    if "audio/mp4" in content_type:
+        return AudioFileExtension("mp4")
+
+    raise ValueError(
+        f"Unsupported audio format for URL: {url}. "
+        f"Supported extensions: {', '.join(SUPPORTED_FILE_EXTENSIONS)}"
+    )
+
+
+def download_audio_to_volume(
+    audio_file_url: str,
+) -> tuple[WhisperUniqFilename, AudioFileExtension]:
+    import requests
+    from fastapi import HTTPException
+
+    response = requests.head(audio_file_url, allow_redirects=True)
+    if response.status_code == 404:
+        raise HTTPException(status_code=404, detail="Audio file not found")
+
+    response = requests.get(audio_file_url, allow_redirects=True)
+    response.raise_for_status()
+
+    audio_suffix = detect_audio_format(audio_file_url, response.headers)
+    unique_filename = WhisperUniqFilename(f"{uuid.uuid4()}.{audio_suffix}")
+    file_path = f"{UPLOADS_PATH}/{unique_filename}"
+
+    with open(file_path, "wb") as f:
+        f.write(response.content)
+
+    upload_volume.commit()
+    return unique_filename, audio_suffix
+
+
+def pad_audio(audio_array, sample_rate: int = SAMPLERATE):
+    """Add 0.5s of silence if audio is shorter than the silence_padding window.
+
+    Whisper does not require this strictly, but aligning behavior with Parakeet
+    avoids edge-case crashes on extremely short inputs and makes comparisons easier.
+    """
+    import numpy as np
+
+    audio_duration = len(audio_array) / sample_rate
+    if audio_duration < VAD_CONFIG["silence_padding"]:
+        silence_samples = int(sample_rate * VAD_CONFIG["silence_padding"])
+        silence = np.zeros(silence_samples, dtype=np.float32)
+        return np.concatenate([audio_array, silence])
+    return audio_array
+
+
+@app.cls(
+    gpu="A10G",
+    timeout=5 * MINUTES,
+    scaledown_window=5 * MINUTES,
+    image=image,
+    volumes={CACHE_PATH: model_cache, UPLOADS_PATH: upload_volume},
+)
+@modal.concurrent(max_inputs=10)
+class TranscriberWhisperLive:
+    """Live transcriber class for small audio segments (A10G).
+
+    Mirrors the Parakeet live class API but uses Faster-Whisper under the hood.
+    """
+
+    @modal.enter()
+    def enter(self):
+        import faster_whisper
+        import torch
+
+        self.lock = threading.Lock()
+        self.use_gpu = torch.cuda.is_available()
+        self.device = "cuda" if self.use_gpu else "cpu"
+        self.model = faster_whisper.WhisperModel(
+            MODEL_NAME,
+            device=self.device,
+            compute_type=MODEL_COMPUTE_TYPE,
+            num_workers=MODEL_NUM_WORKERS,
+            download_root=CACHE_PATH,
+            local_files_only=True,
+        )
+        print(f"Model is on device: {self.device}")
+
+    @modal.method()
+    def transcribe_segment(
+        self,
+        filename: str,
+        language: str = "en",
+    ):
+        """Transcribe a single uploaded audio file by filename."""
+        upload_volume.reload()
+
+        file_path = f"{UPLOADS_PATH}/{filename}"
+        if not os.path.exists(file_path):
+            raise FileNotFoundError(f"File not found: {file_path}")
+
+        with self.lock:
+            with NoStdStreams():
+                segments, _ = self.model.transcribe(
+                    file_path,
+                    language=language,
+                    beam_size=5,
+                    word_timestamps=True,
+                    vad_filter=True,
+                    vad_parameters={"min_silence_duration_ms": 500},
+                )
+
+        segments = list(segments)
+        text = "".join(segment.text for segment in segments).strip()
+        words = [
+            {
+                "word": word.word,
+                "start": round(float(word.start), 2),
+                "end": round(float(word.end), 2),
+            }
+            for segment in segments
+            for word in segment.words
+        ]
+
+        return {"text": text, "words": words}
+
+    @modal.method()
+    def transcribe_batch(
+        self,
+        filenames: list[str],
+        language: str = "en",
+    ):
+        """Transcribe multiple uploaded audio files and return per-file results."""
+        upload_volume.reload()
+
+        results = []
+        for filename in filenames:
+            file_path = f"{UPLOADS_PATH}/{filename}"
+            if not os.path.exists(file_path):
+                raise FileNotFoundError(f"Batch file not found: {file_path}")
+
+            with self.lock:
+                with NoStdStreams():
+                    segments, _ = self.model.transcribe(
+                        file_path,
+                        language=language,
+                        beam_size=5,
+                        word_timestamps=True,
+                        vad_filter=True,
+                        vad_parameters={"min_silence_duration_ms": 500},
+                    )
+
+            segments = list(segments)
+            text = "".join(seg.text for seg in segments).strip()
+            words = [
+                {
+                    "word": w.word,
+                    "start": round(float(w.start), 2),
+                    "end": round(float(w.end), 2),
+                }
+                for seg in segments
+                for w in seg.words
+            ]
+
+            results.append(
+                {
+                    "filename": filename,
+                    "text": text,
+                    "words": words,
+                }
+            )
+
+        return results
+
+
+@app.cls(
+    gpu="L40S",
+    timeout=15 * MINUTES,
+    image=image,
+    volumes={CACHE_PATH: model_cache, UPLOADS_PATH: upload_volume},
+)
+class TranscriberWhisperFile:
+    """File transcriber for larger/longer audio, using VAD-driven batching (L40S)."""
+
+    @modal.enter()
+    def enter(self):
+        import faster_whisper
+        import torch
+        from silero_vad import load_silero_vad
+
+        self.lock = threading.Lock()
+        self.use_gpu = torch.cuda.is_available()
+        self.device = "cuda" if self.use_gpu else "cpu"
+        self.model = faster_whisper.WhisperModel(
+            MODEL_NAME,
+            device=self.device,
+            compute_type=MODEL_COMPUTE_TYPE,
+            num_workers=MODEL_NUM_WORKERS,
+            download_root=CACHE_PATH,
+            local_files_only=True,
+        )
+        self.vad_model = load_silero_vad(onnx=False)
+
+    @modal.method()
+    def transcribe_segment(
+        self, filename: str, timestamp_offset: float = 0.0, language: str = "en"
+    ):
+        import librosa
+        import numpy as np
+        from silero_vad import VADIterator
+
+        def vad_segments(
+            audio_array,
+            sample_rate: int = SAMPLERATE,
+            window_size: int = VAD_CONFIG["window_size"],
+        ) -> Generator[TimeSegment, None, None]:
+            """Generate speech segments as TimeSegment using Silero VAD."""
+            iterator = VADIterator(self.vad_model, sampling_rate=sample_rate)
+            start = None
+            for i in range(0, len(audio_array), window_size):
+                chunk = audio_array[i : i + window_size]
+                if len(chunk) < window_size:
+                    chunk = np.pad(
+                        chunk, (0, window_size - len(chunk)), mode="constant"
+                    )
+                speech = iterator(chunk)
+                if not speech:
+                    continue
+                if "start" in speech:
+                    start = speech["start"]
+                    continue
+                if "end" in speech and start is not None:
+                    end = speech["end"]
+                    yield TimeSegment(
+                        start / float(SAMPLERATE), end / float(SAMPLERATE)
+                    )
+                    start = None
+            iterator.reset_states()
+
+        upload_volume.reload()
+        file_path = f"{UPLOADS_PATH}/{filename}"
+        if not os.path.exists(file_path):
+            raise FileNotFoundError(f"File not found: {file_path}")
+
+        audio_array, _sr = librosa.load(file_path, sr=SAMPLERATE, mono=True)
+
+        # Batch segments up to ~30s windows by merging contiguous VAD segments
+        merged_batches: list[TimeSegment] = []
+        batch_start = None
+        batch_end = None
+        max_duration = VAD_CONFIG["batch_max_duration"]
+        for segment in vad_segments(audio_array):
+            seg_start, seg_end = segment.start, segment.end
+            if batch_start is None:
+                batch_start, batch_end = seg_start, seg_end
+                continue
+            if seg_end - batch_start <= max_duration:
+                batch_end = seg_end
+            else:
+                merged_batches.append(TimeSegment(batch_start, batch_end))
+                batch_start, batch_end = seg_start, seg_end
+        if batch_start is not None and batch_end is not None:
+            merged_batches.append(TimeSegment(batch_start, batch_end))
+
+        all_text = []
+        all_words = []
+
+        for segment in merged_batches:
+            start_time, end_time = segment.start, segment.end
+            s_idx = int(start_time * SAMPLERATE)
+            e_idx = int(end_time * SAMPLERATE)
+            segment = audio_array[s_idx:e_idx]
+            segment = pad_audio(segment, SAMPLERATE)
+
+            with self.lock:
+                segments, _ = self.model.transcribe(
+                    segment,
+                    language=language,
+                    beam_size=5,
+                    word_timestamps=True,
+                    vad_filter=True,
+                    vad_parameters={"min_silence_duration_ms": 500},
+                )
+
+            segments = list(segments)
+            text = "".join(seg.text for seg in segments).strip()
+            words = [
+                {
+                    "word": w.word,
+                    "start": round(float(w.start) + start_time + timestamp_offset, 2),
+                    "end": round(float(w.end) + start_time + timestamp_offset, 2),
+                }
+                for seg in segments
+                for w in seg.words
+            ]
+            if text:
+                all_text.append(text)
+            all_words.extend(words)
+
+        return {"text": " ".join(all_text), "words": all_words}
+
+
+def detect_audio_format(url: str, headers: dict) -> str:
+    from urllib.parse import urlparse
+
+    from fastapi import HTTPException
+
+    url_path = urlparse(url).path
+    for ext in SUPPORTED_FILE_EXTENSIONS:
+        if url_path.lower().endswith(f".{ext}"):
+            return ext
+
+    content_type = headers.get("content-type", "").lower()
+    if "audio/mpeg" in content_type or "audio/mp3" in content_type:
+        return "mp3"
+    if "audio/wav" in content_type:
+        return "wav"
+    if "audio/mp4" in content_type:
+        return "mp4"
+
+    raise HTTPException(
+        status_code=400,
+        detail=(
+            f"Unsupported audio format for URL. Supported extensions: {', '.join(SUPPORTED_FILE_EXTENSIONS)}"
+        ),
+    )
+
+
+def download_audio_to_volume(audio_file_url: str) -> tuple[str, str]:
+    import requests
+    from fastapi import HTTPException
+
+    response = requests.head(audio_file_url, allow_redirects=True)
+    if response.status_code == 404:
+        raise HTTPException(status_code=404, detail="Audio file not found")
+
+    response = requests.get(audio_file_url, allow_redirects=True)
+    response.raise_for_status()
+
+    audio_suffix = detect_audio_format(audio_file_url, response.headers)
+    unique_filename = f"{uuid.uuid4()}.{audio_suffix}"
+    file_path = f"{UPLOADS_PATH}/{unique_filename}"
+
+    with open(file_path, "wb") as f:
+        f.write(response.content)
+
+    upload_volume.commit()
+    return unique_filename, audio_suffix
+
+
+@app.function(
+    scaledown_window=60,
+    timeout=600,
+    secrets=[
+        modal.Secret.from_name("reflector-gpu"),
+    ],
+    volumes={CACHE_PATH: model_cache, UPLOADS_PATH: upload_volume},
+    image=image,
+)
+@modal.concurrent(max_inputs=40)
+@modal.asgi_app()
+def web():
+    from fastapi import (
+        Body,
+        Depends,
+        FastAPI,
+        Form,
+        HTTPException,
+        UploadFile,
+        status,
+    )
+    from fastapi.security import OAuth2PasswordBearer
+
+    transcriber_live = TranscriberWhisperLive()
+    transcriber_file = TranscriberWhisperFile()
+
+    app = FastAPI()
+
+    oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
+
+    def apikey_auth(apikey: str = Depends(oauth2_scheme)):
+        if apikey == os.environ["REFLECTOR_GPU_APIKEY"]:
+            return
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Invalid API key",
+            headers={"WWW-Authenticate": "Bearer"},
+        )
+
+    class TranscriptResponse(dict):
+        pass
+
+    @app.post("/v1/audio/transcriptions", dependencies=[Depends(apikey_auth)])
+    def transcribe(
+        file: UploadFile = None,
+        files: list[UploadFile] | None = None,
+        model: str = Form(MODEL_NAME),
+        language: str = Form("en"),
+        batch: bool = Form(False),
+    ):
+        if not file and not files:
+            raise HTTPException(
+                status_code=400, detail="Either 'file' or 'files' parameter is required"
+            )
+        if batch and not files:
+            raise HTTPException(
+                status_code=400, detail="Batch transcription requires 'files'"
+            )
+
+        upload_files = [file] if file else files
+
+        uploaded_filenames: list[str] = []
+        for upload_file in upload_files:
+            audio_suffix = upload_file.filename.split(".")[-1]
+            if audio_suffix not in SUPPORTED_FILE_EXTENSIONS:
+                raise HTTPException(
+                    status_code=400,
+                    detail=(
+                        f"Unsupported audio format. Supported extensions: {', '.join(SUPPORTED_FILE_EXTENSIONS)}"
+                    ),
+                )
+
+            unique_filename = f"{uuid.uuid4()}.{audio_suffix}"
+            file_path = f"{UPLOADS_PATH}/{unique_filename}"
+            with open(file_path, "wb") as f:
+                content = upload_file.file.read()
+                f.write(content)
+            uploaded_filenames.append(unique_filename)
+
+        upload_volume.commit()
+
+        try:
+            if batch and len(upload_files) > 1:
+                func = transcriber_live.transcribe_batch.spawn(
+                    filenames=uploaded_filenames,
+                    language=language,
+                )
+                results = func.get()
+                return {"results": results}
+
+            results = []
+            for filename in uploaded_filenames:
+                func = transcriber_live.transcribe_segment.spawn(
+                    filename=filename,
+                    language=language,
+                )
+                result = func.get()
+                result["filename"] = filename
+                results.append(result)
+
+            return {"results": results} if len(results) > 1 else results[0]
+        finally:
+            for filename in uploaded_filenames:
+                try:
+                    file_path = f"{UPLOADS_PATH}/{filename}"
+                    os.remove(file_path)
+                except Exception:
+                    pass
+            upload_volume.commit()
+
+    @app.post("/v1/audio/transcriptions-from-url", dependencies=[Depends(apikey_auth)])
+    def transcribe_from_url(
+        audio_file_url: str = Body(
+            ..., description="URL of the audio file to transcribe"
+        ),
+        model: str = Body(MODEL_NAME),
+        language: str = Body("en"),
+        timestamp_offset: float = Body(0.0),
+    ):
+        unique_filename, _audio_suffix = download_audio_to_volume(audio_file_url)
+        try:
+            func = transcriber_file.transcribe_segment.spawn(
+                filename=unique_filename,
+                timestamp_offset=timestamp_offset,
+                language=language,
+            )
+            result = func.get()
+            return result
+        finally:
+            try:
+                file_path = f"{UPLOADS_PATH}/{unique_filename}"
+                os.remove(file_path)
+                upload_volume.commit()
+            except Exception:
+                pass
+
+    return app
+
+
+class NoStdStreams:
+    def __init__(self):
+        self.devnull = open(os.devnull, "w")
+
+    def __enter__(self):
+        self._stdout, self._stderr = sys.stdout, sys.stderr
+        self._stdout.flush()
+        self._stderr.flush()
+        sys.stdout, sys.stderr = self.devnull, self.devnull
+
+    def __exit__(self, exc_type, exc_value, traceback):
+        sys.stdout, sys.stderr = self._stdout, self._stderr
+        self.devnull.close()

gpu/modal_deployments/reflector_transcriber_parakeet.py

@@ -77,7 +77,7 @@ image = (
     .pip_install(
         "hf_transfer==0.1.9",
         "huggingface_hub[hf-xet]==0.31.2",
-        "nemo_toolkit[asr]==2.3.0",
+        "nemo_toolkit[asr]==2.5.0",
         "cuda-python==12.8.0",
         "fastapi==0.115.12",
         "numpy<2",

gpu/self_hosted/.env.example

@@ -0,0 +1,2 @@
+REFLECTOR_GPU_APIKEY=
+HF_TOKEN=

gpu/self_hosted/.gitignore

@@ -0,0 +1,38 @@
+cache/
+
+# OS / Editor
+.DS_Store
+.vscode/
+.idea/
+
+# Python
+__pycache__/
+*.py[cod]
+*$py.class
+
+# Env and secrets
+.env
+*.env
+*.secret
+HF_TOKEN
+REFLECTOR_GPU_APIKEY
+
+# Virtual env / uv
+.venv/
+venv/
+ENV/
+uv/
+
+# Build / dist
+build/
+dist/
+.eggs/
+*.egg-info/
+
+# Coverage / test
+.pytest_cache/
+.coverage*
+htmlcov/
+
+# Logs
+*.log

gpu/self_hosted/Dockerfile

@@ -0,0 +1,46 @@
+FROM python:3.12-slim
+
+ENV PYTHONUNBUFFERED=1 \
+    UV_LINK_MODE=copy \
+    UV_NO_CACHE=1
+
+WORKDIR /tmp
+RUN apt-get update \
+ && apt-get install -y \
+    ffmpeg \
+    curl \
+    ca-certificates \
+    gnupg \
+    wget \
+ && apt-get clean
+# Add NVIDIA CUDA repo for Debian 12 (bookworm) and install cuDNN 9 for CUDA 12
+ADD https://developer.download.nvidia.com/compute/cuda/repos/debian12/x86_64/cuda-keyring_1.1-1_all.deb /cuda-keyring.deb
+RUN dpkg -i /cuda-keyring.deb \
+ && rm /cuda-keyring.deb \
+ && apt-get update \
+ && apt-get install -y --no-install-recommends \
+    cuda-cudart-12-6 \
+    libcublas-12-6 \
+    libcudnn9-cuda-12 \
+    libcudnn9-dev-cuda-12 \
+ && apt-get clean \
+ && rm -rf /var/lib/apt/lists/*
+ADD https://astral.sh/uv/install.sh /uv-installer.sh
+RUN sh /uv-installer.sh && rm /uv-installer.sh
+ENV PATH="/root/.local/bin/:$PATH"
+ENV LD_LIBRARY_PATH="/usr/local/cuda/lib64:/usr/lib/x86_64-linux-gnu:$LD_LIBRARY_PATH"
+
+RUN mkdir -p /app
+WORKDIR /app
+COPY pyproject.toml uv.lock /app/
+
+
+COPY ./app /app/app
+COPY ./main.py /app/
+COPY ./runserver.sh /app/
+
+EXPOSE 8000
+
+CMD ["sh", "/app/runserver.sh"]
+
+

gpu/self_hosted/README.md

@@ -0,0 +1,73 @@
+# Self-hosted Model API
+
+Run transcription, translation, and diarization services compatible with Reflector's GPU Model API. Works on CPU or GPU.
+
+Environment variables
+
+- REFLECTOR_GPU_APIKEY: Optional Bearer token. If unset, auth is disabled.
+- HF_TOKEN: Optional. Required for diarization to download pyannote pipelines
+
+Requirements
+
+- FFmpeg must be installed and on PATH (used for URL-based and segmented transcription)
+- Python 3.12+
+- NVIDIA GPU optional. If available, it will be used automatically
+
+Local run
+Set env vars in self_hosted/.env file
+uv sync
+
+uv run uvicorn main:app --host 0.0.0.0 --port 8000
+
+Authentication
+
+- If REFLECTOR_GPU_APIKEY is set, include header: Authorization: Bearer <key>
+
+Endpoints
+
+- POST /v1/audio/transcriptions
+
+  - multipart/form-data
+  - fields: file (single file) OR files[] (multiple files), language, batch (true/false)
+  - response: single { text, words, filename } or { results: [ ... ] }
+
+- POST /v1/audio/transcriptions-from-url
+
+  - application/json
+  - body: { audio_file_url, language, timestamp_offset }
+  - response: { text, words }
+
+- POST /translate
+
+  - text: query parameter
+  - body (application/json): { source_language, target_language }
+  - response: { text: { <src>: original, <tgt>: translated } }
+
+- POST /diarize
+  - query parameters: audio_file_url, timestamp (optional)
+  - requires HF_TOKEN to be set (for pyannote)
+  - response: { diarization: [ { start, end, speaker } ] }
+
+OpenAPI docs
+
+- Visit /docs when the server is running
+
+Docker
+
+- Not yet provided in this directory. A Dockerfile will be added later. For now, use Local run above
+
+Conformance tests
+
+# From this directory
+
+TRANSCRIPT_URL=http://localhost:8000 \
+TRANSCRIPT_API_KEY=dev-key \
+uv run -m pytest -m model_api --no-cov ../../server/tests/test_model_api_transcript.py
+
+TRANSLATION_URL=http://localhost:8000 \
+TRANSLATION_API_KEY=dev-key \
+uv run -m pytest -m model_api --no-cov ../../server/tests/test_model_api_translation.py
+
+DIARIZATION_URL=http://localhost:8000 \
+DIARIZATION_API_KEY=dev-key \
+uv run -m pytest -m model_api --no-cov ../../server/tests/test_model_api_diarization.py

gpu/self_hosted/app/auth.py

@@ -0,0 +1,19 @@
+import os
+
+from fastapi import Depends, HTTPException, status
+from fastapi.security import OAuth2PasswordBearer
+
+oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
+
+
+def apikey_auth(apikey: str = Depends(oauth2_scheme)):
+    required_key = os.environ.get("REFLECTOR_GPU_APIKEY")
+    if not required_key:
+        return
+    if apikey == required_key:
+        return
+    raise HTTPException(
+        status_code=status.HTTP_401_UNAUTHORIZED,
+        detail="Invalid API key",
+        headers={"WWW-Authenticate": "Bearer"},
+    )

gpu/self_hosted/app/config.py

@@ -0,0 +1,12 @@
+from pathlib import Path
+
+SUPPORTED_FILE_EXTENSIONS = ["mp3", "mp4", "mpeg", "mpga", "m4a", "wav", "webm"]
+SAMPLE_RATE = 16000
+VAD_CONFIG = {
+    "batch_max_duration": 30.0,
+    "silence_padding": 0.5,
+    "window_size": 512,
+}
+
+# App-level paths
+UPLOADS_PATH = Path("/tmp/whisper-uploads")

gpu/self_hosted/app/factory.py

@@ -0,0 +1,30 @@
+from contextlib import asynccontextmanager
+
+from fastapi import FastAPI
+
+from .routers.diarization import router as diarization_router
+from .routers.transcription import router as transcription_router
+from .routers.translation import router as translation_router
+from .services.transcriber import WhisperService
+from .services.diarizer import PyannoteDiarizationService
+from .utils import ensure_dirs
+
+
+@asynccontextmanager
+async def lifespan(app: FastAPI):
+    ensure_dirs()
+    whisper_service = WhisperService()
+    whisper_service.load()
+    app.state.whisper = whisper_service
+    diarization_service = PyannoteDiarizationService()
+    diarization_service.load()
+    app.state.diarizer = diarization_service
+    yield
+
+
+def create_app() -> FastAPI:
+    app = FastAPI(lifespan=lifespan)
+    app.include_router(transcription_router)
+    app.include_router(translation_router)
+    app.include_router(diarization_router)
+    return app

gpu/self_hosted/app/routers/diarization.py

@@ -0,0 +1,30 @@
+from typing import List
+
+from fastapi import APIRouter, Depends, Request
+from pydantic import BaseModel
+
+from ..auth import apikey_auth
+from ..services.diarizer import PyannoteDiarizationService
+from ..utils import download_audio_file
+
+router = APIRouter(tags=["diarization"])
+
+
+class DiarizationSegment(BaseModel):
+    start: float
+    end: float
+    speaker: int
+
+
+class DiarizationResponse(BaseModel):
+    diarization: List[DiarizationSegment]
+
+
+@router.post(
+    "/diarize", dependencies=[Depends(apikey_auth)], response_model=DiarizationResponse
+)
+def diarize(request: Request, audio_file_url: str, timestamp: float = 0.0):
+    with download_audio_file(audio_file_url) as (file_path, _ext):
+        file_path = str(file_path)
+        diarizer: PyannoteDiarizationService = request.app.state.diarizer
+        return diarizer.diarize_file(file_path, timestamp=timestamp)

gpu/self_hosted/app/routers/transcription.py

@@ -0,0 +1,109 @@
+import uuid
+from typing import Optional, Union
+
+from fastapi import APIRouter, Body, Depends, Form, HTTPException, Request, UploadFile
+from pydantic import BaseModel
+from pathlib import Path
+from ..auth import apikey_auth
+from ..config import SUPPORTED_FILE_EXTENSIONS, UPLOADS_PATH
+from ..services.transcriber import MODEL_NAME
+from ..utils import cleanup_uploaded_files, download_audio_file
+
+router = APIRouter(prefix="/v1/audio", tags=["transcription"])
+
+
+class WordTiming(BaseModel):
+    word: str
+    start: float
+    end: float
+
+
+class TranscriptResult(BaseModel):
+    text: str
+    words: list[WordTiming]
+    filename: Optional[str] = None
+
+
+class TranscriptBatchResponse(BaseModel):
+    results: list[TranscriptResult]
+
+
+@router.post(
+    "/transcriptions",
+    dependencies=[Depends(apikey_auth)],
+    response_model=Union[TranscriptResult, TranscriptBatchResponse],
+)
+def transcribe(
+    request: Request,
+    file: UploadFile = None,
+    files: list[UploadFile] | None = None,
+    model: str = Form(MODEL_NAME),
+    language: str = Form("en"),
+    batch: bool = Form(False),
+):
+    service = request.app.state.whisper
+    if not file and not files:
+        raise HTTPException(
+            status_code=400, detail="Either 'file' or 'files' parameter is required"
+        )
+    if batch and not files:
+        raise HTTPException(
+            status_code=400, detail="Batch transcription requires 'files'"
+        )
+
+    upload_files = [file] if file else files
+
+    uploaded_paths: list[Path] = []
+    with cleanup_uploaded_files(uploaded_paths):
+        for upload_file in upload_files:
+            audio_suffix = upload_file.filename.split(".")[-1].lower()
+            if audio_suffix not in SUPPORTED_FILE_EXTENSIONS:
+                raise HTTPException(
+                    status_code=400,
+                    detail=(
+                        f"Unsupported audio format. Supported extensions: {', '.join(SUPPORTED_FILE_EXTENSIONS)}"
+                    ),
+                )
+            unique_filename = f"{uuid.uuid4()}.{audio_suffix}"
+            file_path = UPLOADS_PATH / unique_filename
+            with open(file_path, "wb") as f:
+                content = upload_file.file.read()
+                f.write(content)
+            uploaded_paths.append(file_path)
+
+        if batch and len(upload_files) > 1:
+            results = []
+            for path in uploaded_paths:
+                result = service.transcribe_file(str(path), language=language)
+                result["filename"] = path.name
+                results.append(result)
+            return {"results": results}
+
+        results = []
+        for path in uploaded_paths:
+            result = service.transcribe_file(str(path), language=language)
+            result["filename"] = path.name
+            results.append(result)
+
+        return {"results": results} if len(results) > 1 else results[0]
+
+
+@router.post(
+    "/transcriptions-from-url",
+    dependencies=[Depends(apikey_auth)],
+    response_model=TranscriptResult,
+)
+def transcribe_from_url(
+    request: Request,
+    audio_file_url: str = Body(..., description="URL of the audio file to transcribe"),
+    model: str = Body(MODEL_NAME),
+    language: str = Body("en"),
+    timestamp_offset: float = Body(0.0),
+):
+    service = request.app.state.whisper
+    with download_audio_file(audio_file_url) as (file_path, _ext):
+        file_path = str(file_path)
+        result = service.transcribe_vad_url_segment(
+            file_path=file_path, timestamp_offset=timestamp_offset, language=language
+        )
+        return result

gpu/self_hosted/app/routers/translation.py

@@ -0,0 +1,28 @@
+from typing import Dict
+
+from fastapi import APIRouter, Body, Depends
+from pydantic import BaseModel
+
+from ..auth import apikey_auth
+from ..services.translator import TextTranslatorService
+
+router = APIRouter(tags=["translation"])
+
+translator = TextTranslatorService()
+
+
+class TranslationResponse(BaseModel):
+    text: Dict[str, str]
+
+
+@router.post(
+    "/translate",
+    dependencies=[Depends(apikey_auth)],
+    response_model=TranslationResponse,
+)
+def translate(
+    text: str,
+    source_language: str = Body("en"),
+    target_language: str = Body("fr"),
+):
+    return translator.translate(text, source_language, target_language)

gpu/self_hosted/app/services/diarizer.py

@@ -0,0 +1,42 @@
+import os
+import threading
+
+import torch
+import torchaudio
+from pyannote.audio import Pipeline
+
+
+class PyannoteDiarizationService:
+    def __init__(self):
+        self._pipeline = None
+        self._device = "cpu"
+        self._lock = threading.Lock()
+
+    def load(self):
+        self._device = "cuda" if torch.cuda.is_available() else "cpu"
+        self._pipeline = Pipeline.from_pretrained(
+            "pyannote/speaker-diarization-3.1",
+            use_auth_token=os.environ.get("HF_TOKEN"),
+        )
+        self._pipeline.to(torch.device(self._device))
+
+    def diarize_file(self, file_path: str, timestamp: float = 0.0) -> dict:
+        if self._pipeline is None:
+            self.load()
+        waveform, sample_rate = torchaudio.load(file_path)
+        with self._lock:
+            diarization = self._pipeline(
+                {"waveform": waveform, "sample_rate": sample_rate}
+            )
+        words = []
+        for diarization_segment, _, speaker in diarization.itertracks(yield_label=True):
+            words.append(
+                {
+                    "start": round(timestamp + diarization_segment.start, 3),
+                    "end": round(timestamp + diarization_segment.end, 3),
+                    "speaker": int(speaker[-2:])
+                    if speaker and speaker[-2:].isdigit()
+                    else 0,
+                }
+            )
+        return {"diarization": words}

gpu/self_hosted/app/services/transcriber.py

@@ -0,0 +1,208 @@
+import os
+import shutil
+import subprocess
+import threading
+from typing import Generator
+
+import faster_whisper
+import librosa
+import numpy as np
+import torch
+from fastapi import HTTPException
+from silero_vad import VADIterator, load_silero_vad
+
+from ..config import SAMPLE_RATE, VAD_CONFIG
+
+# Whisper configuration (service-local defaults)
+MODEL_NAME = "large-v2"
+# None delegates compute type to runtime: float16 on CUDA, int8 on CPU
+MODEL_COMPUTE_TYPE = None
+MODEL_NUM_WORKERS = 1
+CACHE_PATH = os.path.join(os.path.expanduser("~"), ".cache", "reflector-whisper")
+from ..utils import NoStdStreams
+
+
+class WhisperService:
+    def __init__(self):
+        self.model = None
+        self.device = "cpu"
+        self.lock = threading.Lock()
+
+    def load(self):
+        self.device = "cuda" if torch.cuda.is_available() else "cpu"
+        compute_type = MODEL_COMPUTE_TYPE or (
+            "float16" if self.device == "cuda" else "int8"
+        )
+        self.model = faster_whisper.WhisperModel(
+            MODEL_NAME,
+            device=self.device,
+            compute_type=compute_type,
+            num_workers=MODEL_NUM_WORKERS,
+            download_root=CACHE_PATH,
+        )
+
+    def pad_audio(self, audio_array, sample_rate: int = SAMPLE_RATE):
+        audio_duration = len(audio_array) / sample_rate
+        if audio_duration < VAD_CONFIG["silence_padding"]:
+            silence_samples = int(sample_rate * VAD_CONFIG["silence_padding"])
+            silence = np.zeros(silence_samples, dtype=np.float32)
+            return np.concatenate([audio_array, silence])
+        return audio_array
+
+    def enforce_word_timing_constraints(self, words: list[dict]) -> list[dict]:
+        if len(words) <= 1:
+            return words
+        enforced: list[dict] = []
+        for i, word in enumerate(words):
+            current = dict(word)
+            if i < len(words) - 1:
+                next_start = words[i + 1]["start"]
+                if current["end"] > next_start:
+                    current["end"] = next_start
+            enforced.append(current)
+        return enforced
+
+    def transcribe_file(self, file_path: str, language: str = "en") -> dict:
+        input_for_model: str | "object" = file_path
+        try:
+            audio_array, _sample_rate = librosa.load(
+                file_path, sr=SAMPLE_RATE, mono=True
+            )
+            if len(audio_array) / float(SAMPLE_RATE) < VAD_CONFIG["silence_padding"]:
+                input_for_model = self.pad_audio(audio_array, SAMPLE_RATE)
+        except Exception:
+            pass
+
+        with self.lock:
+            with NoStdStreams():
+                segments, _ = self.model.transcribe(
+                    input_for_model,
+                    language=language,
+                    beam_size=5,
+                    word_timestamps=True,
+                    vad_filter=True,
+                    vad_parameters={"min_silence_duration_ms": 500},
+                )
+
+        segments = list(segments)
+        text = "".join(segment.text for segment in segments).strip()
+        words = [
+            {
+                "word": word.word,
+                "start": round(float(word.start), 2),
+                "end": round(float(word.end), 2),
+            }
+            for segment in segments
+            for word in segment.words
+        ]
+        words = self.enforce_word_timing_constraints(words)
+        return {"text": text, "words": words}
+
+    def transcribe_vad_url_segment(
+        self, file_path: str, timestamp_offset: float = 0.0, language: str = "en"
+    ) -> dict:
+        def load_audio_via_ffmpeg(input_path: str, sample_rate: int) -> np.ndarray:
+            ffmpeg_bin = shutil.which("ffmpeg") or "ffmpeg"
+            cmd = [
+                ffmpeg_bin,
+                "-nostdin",
+                "-threads",
+                "1",
+                "-i",
+                input_path,
+                "-f",
+                "f32le",
+                "-acodec",
+                "pcm_f32le",
+                "-ac",
+                "1",
+                "-ar",
+                str(sample_rate),
+                "pipe:1",
+            ]
+            try:
+                proc = subprocess.run(
+                    cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE, check=True
+                )
+            except Exception as e:
+                raise HTTPException(status_code=400, detail=f"ffmpeg failed: {e}")
+            audio = np.frombuffer(proc.stdout, dtype=np.float32)
+            return audio
+
+        def vad_segments(
+            audio_array,
+            sample_rate: int = SAMPLE_RATE,
+            window_size: int = VAD_CONFIG["window_size"],
+        ) -> Generator[tuple[float, float], None, None]:
+            vad_model = load_silero_vad(onnx=False)
+            iterator = VADIterator(vad_model, sampling_rate=sample_rate)
+            start = None
+            for i in range(0, len(audio_array), window_size):
+                chunk = audio_array[i : i + window_size]
+                if len(chunk) < window_size:
+                    chunk = np.pad(
+                        chunk, (0, window_size - len(chunk)), mode="constant"
+                    )
+                speech = iterator(chunk)
+                if not speech:
+                    continue
+                if "start" in speech:
+                    start = speech["start"]
+                    continue
+                if "end" in speech and start is not None:
+                    end = speech["end"]
+                    yield (start / float(SAMPLE_RATE), end / float(SAMPLE_RATE))
+                    start = None
+            iterator.reset_states()
+
+        audio_array = load_audio_via_ffmpeg(file_path, SAMPLE_RATE)
+
+        merged_batches: list[tuple[float, float]] = []
+        batch_start = None
+        batch_end = None
+        max_duration = VAD_CONFIG["batch_max_duration"]
+        for seg_start, seg_end in vad_segments(audio_array):
+            if batch_start is None:
+                batch_start, batch_end = seg_start, seg_end
+                continue
+            if seg_end - batch_start <= max_duration:
+                batch_end = seg_end
+            else:
+                merged_batches.append((batch_start, batch_end))
+                batch_start, batch_end = seg_start, seg_end
+        if batch_start is not None and batch_end is not None:
+            merged_batches.append((batch_start, batch_end))
+
+        all_text = []
+        all_words = []
+        for start_time, end_time in merged_batches:
+            s_idx = int(start_time * SAMPLE_RATE)
+            e_idx = int(end_time * SAMPLE_RATE)
+            segment = audio_array[s_idx:e_idx]
+            segment = self.pad_audio(segment, SAMPLE_RATE)
+            with self.lock:
+                segments, _ = self.model.transcribe(
+                    segment,
+                    language=language,
+                    beam_size=5,
+                    word_timestamps=True,
+                    vad_filter=True,
+                    vad_parameters={"min_silence_duration_ms": 500},
+                )
+            segments = list(segments)
+            text = "".join(seg.text for seg in segments).strip()
+            words = [
+                {
+                    "word": w.word,
+                    "start": round(float(w.start) + start_time + timestamp_offset, 2),
+                    "end": round(float(w.end) + start_time + timestamp_offset, 2),
+                }
+                for seg in segments
+                for w in seg.words
+            ]
+            if text:
+                all_text.append(text)
+            all_words.extend(words)
+
+        all_words = self.enforce_word_timing_constraints(all_words)
+        return {"text": " ".join(all_text), "words": all_words}

gpu/self_hosted/app/services/translator.py

@@ -0,0 +1,44 @@
+import threading
+
+from transformers import MarianMTModel, MarianTokenizer, pipeline
+
+
+class TextTranslatorService:
+    """Simple text-to-text translator using HuggingFace MarianMT models.
+
+    This mirrors the modal translator API shape but uses text translation only.
+    """
+
+    def __init__(self):
+        self._pipeline = None
+        self._lock = threading.Lock()
+
+    def load(self, source_language: str = "en", target_language: str = "fr"):
+        # Pick a default MarianMT model pair if available; fall back to Helsinki-NLP en->fr
+        model_name = self._resolve_model_name(source_language, target_language)
+        tokenizer = MarianTokenizer.from_pretrained(model_name)
+        model = MarianMTModel.from_pretrained(model_name)
+        self._pipeline = pipeline("translation", model=model, tokenizer=tokenizer)
+
+    def _resolve_model_name(self, src: str, tgt: str) -> str:
+        # Minimal mapping; extend as needed
+        pair = (src.lower(), tgt.lower())
+        mapping = {
+            ("en", "fr"): "Helsinki-NLP/opus-mt-en-fr",
+            ("fr", "en"): "Helsinki-NLP/opus-mt-fr-en",
+            ("en", "es"): "Helsinki-NLP/opus-mt-en-es",
+            ("es", "en"): "Helsinki-NLP/opus-mt-es-en",
+            ("en", "de"): "Helsinki-NLP/opus-mt-en-de",
+            ("de", "en"): "Helsinki-NLP/opus-mt-de-en",
+        }
+        return mapping.get(pair, "Helsinki-NLP/opus-mt-en-fr")
+
+    def translate(self, text: str, source_language: str, target_language: str) -> dict:
+        if self._pipeline is None:
+            self.load(source_language, target_language)
+        with self._lock:
+            results = self._pipeline(
+                text, src_lang=source_language, tgt_lang=target_language
+            )
+        translated = results[0]["translation_text"] if results else ""
+        return {"text": {source_language: text, target_language: translated}}

gpu/self_hosted/app/utils.py

@@ -0,0 +1,107 @@
+import logging
+import os
+import sys
+import uuid
+from contextlib import contextmanager
+from typing import Mapping
+from urllib.parse import urlparse
+from pathlib import Path
+
+import requests
+from fastapi import HTTPException
+
+from .config import SUPPORTED_FILE_EXTENSIONS, UPLOADS_PATH
+
+logger = logging.getLogger(__name__)
+
+
+class NoStdStreams:
+    def __init__(self):
+        self.devnull = open(os.devnull, "w")
+
+    def __enter__(self):
+        self._stdout, self._stderr = sys.stdout, sys.stderr
+        self._stdout.flush()
+        self._stderr.flush()
+        sys.stdout, sys.stderr = self.devnull, self.devnull
+
+    def __exit__(self, exc_type, exc_value, traceback):
+        sys.stdout, sys.stderr = self._stdout, self._stderr
+        self.devnull.close()
+
+
+def ensure_dirs():
+    UPLOADS_PATH.mkdir(parents=True, exist_ok=True)
+
+
+def detect_audio_format(url: str, headers: Mapping[str, str]) -> str:
+    url_path = urlparse(url).path
+    for ext in SUPPORTED_FILE_EXTENSIONS:
+        if url_path.lower().endswith(f".{ext}"):
+            return ext
+
+    content_type = headers.get("content-type", "").lower()
+    if "audio/mpeg" in content_type or "audio/mp3" in content_type:
+        return "mp3"
+    if "audio/wav" in content_type:
+        return "wav"
+    if "audio/mp4" in content_type:
+        return "mp4"
+
+    raise HTTPException(
+        status_code=400,
+        detail=(
+            f"Unsupported audio format for URL. Supported extensions: {', '.join(SUPPORTED_FILE_EXTENSIONS)}"
+        ),
+    )
+
+
+def download_audio_to_uploads(audio_file_url: str) -> tuple[Path, str]:
+    response = requests.head(audio_file_url, allow_redirects=True)
+    if response.status_code == 404:
+        raise HTTPException(status_code=404, detail="Audio file not found")
+
+    response = requests.get(audio_file_url, allow_redirects=True)
+    response.raise_for_status()
+
+    audio_suffix = detect_audio_format(audio_file_url, response.headers)
+    unique_filename = f"{uuid.uuid4()}.{audio_suffix}"
+    file_path: Path = UPLOADS_PATH / unique_filename
+
+    with open(file_path, "wb") as f:
+        f.write(response.content)
+
+    return file_path, audio_suffix
+
+
+@contextmanager
+def download_audio_file(audio_file_url: str):
+    """Download an audio file to UPLOADS_PATH and remove it after use.
+
+    Yields (file_path: Path, audio_suffix: str).
+    """
+    file_path, audio_suffix = download_audio_to_uploads(audio_file_url)
+    try:
+        yield file_path, audio_suffix
+    finally:
+        try:
+            file_path.unlink(missing_ok=True)
+        except Exception as e:
+            logger.error("Error deleting temporary file %s: %s", file_path, e)
+
+
+@contextmanager
+def cleanup_uploaded_files(file_paths: list[Path]):
+    """Ensure provided file paths are removed after use.
+
+    The provided list can be populated inside the context; all present entries
+    at exit will be deleted.
+    """
+    try:
+        yield file_paths
+    finally:
+        for path in list(file_paths):
+            try:
+                path.unlink(missing_ok=True)
+            except Exception as e:
+                logger.error("Error deleting temporary file %s: %s", path, e)

gpu/self_hosted/compose.yml

@@ -0,0 +1,10 @@
+services:
+  reflector_gpu:
+    build:
+      context: .
+    ports:
+      - "8000:8000"
+    env_file:
+      - .env
+    volumes:
+      - ./cache:/root/.cache

gpu/self_hosted/main.py

@@ -0,0 +1,3 @@
+from app.factory import create_app
+
+app = create_app()

gpu/self_hosted/pyproject.toml

@@ -0,0 +1,19 @@
+[project]
+name = "reflector-gpu"
+version = "0.1.0"
+description = "Self-hosted GPU service for speech transcription, diarization, and translation via FastAPI."
+readme = "README.md"
+requires-python = ">=3.12"
+dependencies = [
+    "fastapi[standard]>=0.116.1",
+    "uvicorn[standard]>=0.30.0",
+    "torch>=2.3.0",
+    "faster-whisper>=1.1.0",
+    "librosa==0.10.1",
+    "numpy<2",
+    "silero-vad==5.1.0",
+    "transformers>=4.35.0",
+    "sentencepiece",
+    "pyannote.audio==3.1.0",
+    "torchaudio>=2.3.0",
+]

gpu/self_hosted/runserver.sh

@@ -0,0 +1,17 @@
+#!/bin/sh
+set -e
+
+export PATH="/root/.local/bin:$PATH"
+cd /app
+
+# Install Python dependencies at runtime (first run or when FORCE_SYNC=1)
+if [ ! -d "/app/.venv" ] || [ "$FORCE_SYNC" = "1" ]; then
+  echo "[startup] Installing Python dependencies with uv..."
+  uv sync --compile-bytecode --locked
+else
+  echo "[startup] Using existing virtual environment at /app/.venv"
+fi
+
+exec uv run uvicorn main:app --host 0.0.0.0 --port 8000
+
+

server/DAILYCO_TEST.md

@@ -0,0 +1,613 @@
+# Daily.co Integration Test Plan
+
+## ✅ IMPLEMENTATION STATUS: Real Transcription Active
+
+**This test validates Daily.co multitrack recording integration with REAL transcription/diarization.**
+
+The implementation includes complete audio processing pipeline:
+- **Multitrack recordings** from Daily.co S3 (separate audio stream per participant)
+- **PyAV-based audio mixdown** with PTS-based track alignment
+- **Real transcription** via Modal GPU backend (Whisper)
+- **Real diarization** via Modal GPU backend (speaker identification)
+- **Per-track transcription** with timestamp synchronization
+- **Complete database entities** (recording, transcript, topics, participants, words)
+
+**Processing pipeline** (`PipelineMainMultitrack`):
+1. Download all audio tracks from Daily.co S3
+2. Align tracks by PTS (presentation timestamp) to handle late joiners
+3. Mix tracks into single audio file for unified playback
+4. Transcribe each track individually with proper offset handling
+5. Perform diarization on mixed audio
+6. Generate topics, summaries, and word-level timestamps
+7. Convert audio to MP3 and generate waveform visualization
+
+**Note:** A stub processor (`process_daily_recording`) exists for testing webhook flow without GPU costs, but the production code path uses `process_multitrack_recording` with full ML pipeline.
+
+---
+
+## Prerequisites
+
+**1. Environment Variables** (check in `.env.development.local`):
+```bash
+# Daily.co API Configuration
+DAILY_API_KEY=<key>
+DAILY_SUBDOMAIN=monadical
+DAILY_WEBHOOK_SECRET=<base64-encoded-secret>
+AWS_DAILY_S3_BUCKET=reflector-dailyco-local
+AWS_DAILY_S3_REGION=us-east-1
+AWS_DAILY_ROLE_ARN=arn:aws:iam::950402358378:role/DailyCo
+DAILY_MIGRATION_ENABLED=true
+DAILY_MIGRATION_ROOM_IDS=["552640fd-16f2-4162-9526-8cf40cd2357e"]
+
+# Transcription/Diarization Backend (Required for real processing)
+DIARIZATION_BACKEND=modal
+DIARIZATION_MODAL_API_KEY=<modal-api-key>
+# TRANSCRIPTION_BACKEND is not explicitly set (uses default/modal)
+```
+
+**2. Services Running:**
+```bash
+docker compose ps  # server, postgres, redis, worker, beat should be UP
+```
+
+**IMPORTANT:** Worker and beat services MUST be running for transcription processing:
+```bash
+docker compose up -d worker beat
+```
+
+**3. ngrok Tunnel for Webhooks:**
+```bash
+# Start ngrok (if not already running)
+ngrok http 1250 --log=stdout > /tmp/ngrok.log 2>&1 &
+
+# Get public URL
+curl -s http://localhost:4040/api/tunnels | python3 -c "import sys, json; data=json.load(sys.stdin); print(data['tunnels'][0]['public_url'])"
+```
+
+**Current ngrok URL:** `https://0503947384a3.ngrok-free.app` (as of last registration)
+
+**4. Webhook Created:**
+```bash
+cd server
+uv run python scripts/recreate_daily_webhook.py https://0503947384a3.ngrok-free.app/v1/daily/webhook
+# Verify: "Created webhook <uuid> (state: ACTIVE)"
+```
+
+**Current webhook status:** ✅ ACTIVE (webhook ID: dad5ad16-ceca-488e-8fc5-dae8650b51d0)
+
+---
+
+## Test 1: Database Configuration
+
+**Check room platform:**
+```bash
+docker-compose exec -T postgres psql -U reflector -d reflector -c \
+  "SELECT id, name, platform, recording_type FROM room WHERE name = 'test2';"
+```
+
+**Expected:**
+```
+id: 552640fd-16f2-4162-9526-8cf40cd2357e
+name: test2
+platform: whereby  # DB value (overridden by env var DAILY_MIGRATION_ROOM_IDS)
+recording_type: cloud
+```
+
+**Clear old meetings:**
+```bash
+docker-compose exec -T postgres psql -U reflector -d reflector -c \
+  "UPDATE meeting SET is_active = false WHERE room_id = '552640fd-16f2-4162-9526-8cf40cd2357e';"
+```
+
+---
+
+## Test 2: Meeting Creation with Auto-Recording
+
+**Create meeting:**
+```bash
+curl -s -X POST http://localhost:1250/v1/rooms/test2/meeting \
+  -H "Content-Type: application/json" \
+  -d '{"allow_duplicated":false}' | python3 -m json.tool
+```
+
+**Expected Response:**
+```json
+{
+  "room_name": "test2-YYYYMMDDHHMMSS",  // Includes "test2" prefix!
+  "room_url": "https://monadical.daily.co/test2-...?t=<JWT_TOKEN>",  // Has token!
+  "platform": "daily",
+  "recording_type": "cloud"  // DB value (Whereby-specific)
+}
+```
+
+**Decode token to verify auto-recording:**
+```bash
+# Extract token from room_url, decode JWT payload
+echo "<token>" | python3 -c "
+import sys, json, base64
+token = sys.stdin.read().strip()
+payload = token.split('.')[1] + '=' * (4 - len(token.split('.')[1]) % 4)
+print(json.dumps(json.loads(base64.b64decode(payload)), indent=2))
+"
+```
+
+**Expected token payload:**
+```json
+{
+  "r": "test2-YYYYMMDDHHMMSS",  // Room name
+  "sr": true,  // start_recording: true ✅
+  "d": "...",  // Domain ID
+  "iat": 1234567890
+}
+```
+
+---
+
+## Test 3: Daily.co API Verification
+
+**Check room configuration:**
+```bash
+ROOM_NAME="<from previous step>"
+curl -s -X GET "https://api.daily.co/v1/rooms/$ROOM_NAME" \
+  -H "Authorization: Bearer $DAILY_API_KEY" | python3 -m json.tool
+```
+
+**Expected config:**
+```json
+{
+  "config": {
+    "enable_recording": "raw-tracks",  // ✅
+    "recordings_bucket": {
+      "bucket_name": "reflector-dailyco-local",
+      "bucket_region": "us-east-1",
+      "assume_role_arn": "arn:aws:iam::950402358378:role/DailyCo"
+    }
+  }
+}
+```
+
+---
+
+## Test 4: Browser UI Test (Playwright MCP)
+
+**Using Claude Code MCP tools:**
+
+**Load room:**
+```
+Use: mcp__playwright__browser_navigate
+Input: {"url": "http://localhost:3000/test2"}
+
+Then wait 12 seconds for iframe to load
+```
+
+**Verify Daily.co iframe loaded:**
+```
+Use: mcp__playwright__browser_snapshot
+
+Expected in snapshot:
+- iframe element with src containing "monadical.daily.co"
+- Daily.co pre-call UI visible
+```
+
+**Take screenshot:**
+```
+Use: mcp__playwright__browser_take_screenshot
+Input: {"filename": "test2-before-join.png"}
+
+Expected: Daily.co pre-call UI with "Join" button visible
+```
+
+**Join meeting:**
+```
+Note: Daily.co iframe interaction requires clicking inside iframe.
+Use: mcp__playwright__browser_click
+Input: {"element": "Join button in Daily.co iframe", "ref": "<ref-from-snapshot>"}
+
+Then wait 5 seconds for call to connect
+```
+
+**Verify in-call:**
+```
+Use: mcp__playwright__browser_take_screenshot
+Input: {"filename": "test2-in-call.png"}
+
+Expected: "Waiting for others to join" or participant video visible
+```
+
+**Leave meeting:**
+```
+Use: mcp__playwright__browser_click
+Input: {"element": "Leave button in Daily.co iframe", "ref": "<ref-from-snapshot>"}
+```
+
+---
+
+**Alternative: JavaScript snippets (for manual testing):**
+
+```javascript
+await page.goto('http://localhost:3000/test2');
+await new Promise(f => setTimeout(f, 12000));  // Wait for load
+
+// Verify iframe
+const iframes = document.querySelectorAll('iframe');
+// Expected: 1 iframe with src containing "monadical.daily.co"
+
+// Screenshot
+await page.screenshot({ path: 'test2-before-join.png' });
+
+// Join
+await page.locator('iframe').contentFrame().getByRole('button', { name: 'Join' }).click();
+await new Promise(f => setTimeout(f, 5000));
+
+// In-call screenshot
+await page.screenshot({ path: 'test2-in-call.png' });
+
+// Leave
+await page.locator('iframe').contentFrame().getByRole('button', { name: 'Leave' }).click();
+```
+
+---
+
+## Test 5: Webhook Verification
+
+**Check server logs for webhooks:**
+```bash
+docker-compose logs --since 15m server 2>&1 | grep -i "participant joined\|recording started"
+```
+
+**Expected logs:**
+```
+[info] Participant joined | meeting_id=... | num_clients=1 | recording_type=cloud | recording_trigger=automatic-2nd-participant
+[info] Recording started | meeting_id=... | recording_id=... | platform=daily
+```
+
+**Check Daily.co webhook delivery logs:**
+```bash
+curl -s -X GET "https://api.daily.co/v1/logs/webhooks?limit=20" \
+  -H "Authorization: Bearer $DAILY_API_KEY" | python3 -c "
+import sys, json
+logs = json.load(sys.stdin)
+for log in logs[:10]:
+    req = json.loads(log['request'])
+    room = req.get('payload', {}).get('room') or req.get('payload', {}).get('room_name', 'N/A')
+    print(f\"{req['type']:30s} | room: {room:30s} | status: {log['status']}\")
+"
+```
+
+**Expected output:**
+```
+participant.joined             | room: test2-YYYYMMDDHHMMSS       | status: 200
+recording.started              | room: test2-YYYYMMDDHHMMSS       | status: 200
+participant.left               | room: test2-YYYYMMDDHHMMSS       | status: 200
+recording.ready-to-download    | room: test2-YYYYMMDDHHMMSS       | status: 200
+```
+
+**Check database updated:**
+```bash
+docker-compose exec -T postgres psql -U reflector -d reflector -c \
+  "SELECT room_name, num_clients FROM meeting WHERE room_name LIKE 'test2-%' ORDER BY end_date DESC LIMIT 1;"
+```
+
+**Expected:**
+```
+room_name: test2-YYYYMMDDHHMMSS
+num_clients: 0  // After participant left
+```
+
+---
+
+## Test 6: Recording in S3
+
+**List recent recordings:**
+```bash
+curl -s -X GET "https://api.daily.co/v1/recordings" \
+  -H "Authorization: Bearer $DAILY_API_KEY" | python3 -c "
+import sys, json
+data = json.load(sys.stdin)
+for rec in data.get('data', [])[:5]:
+    if 'test2-' in rec.get('room_name', ''):
+        print(f\"Room: {rec['room_name']}\")
+        print(f\"Status: {rec['status']}\")
+        print(f\"Duration: {rec.get('duration', 0)}s\")
+        print(f\"S3 key: {rec.get('s3key', 'N/A')}\")
+        print(f\"Tracks: {len(rec.get('tracks', []))} files\")
+        for track in rec.get('tracks', []):
+            print(f\"  - {track['type']}: {track['s3Key'].split('/')[-1]} ({track['size']} bytes)\")
+        print()
+"
+```
+
+**Expected output:**
+```
+Room: test2-20251009192341
+Status: finished
+Duration: ~30-120s
+S3 key: monadical/test2-20251009192341/1760037914930
+Tracks: 2 files
+  - audio: 1760037914930-<uuid>-cam-audio-1760037915265 (~400 KB)
+  - video: 1760037914930-<uuid>-cam-video-1760037915269 (~10-30 MB)
+```
+
+**Verify S3 path structure:**
+- `monadical/` - Daily.co subdomain
+- `test2-20251009192341/` - Reflector room name + timestamp
+- `<timestamp>-<participant-uuid>-<media-type>-<track-start>.webm` - Individual track files
+
+---
+
+## Test 7: Database Check - Recording and Transcript
+
+**Check recording created:**
+```bash
+docker-compose exec -T postgres psql -U reflector -d reflector -c \
+  "SELECT id, bucket_name, object_key, status, meeting_id, recorded_at
+   FROM recording
+   ORDER BY recorded_at DESC LIMIT 1;"
+```
+
+**Expected:**
+```
+id: <recording-id-from-webhook>
+bucket_name: reflector-dailyco-local
+object_key: monadical/test2-<timestamp>/<recording-timestamp>-<uuid>-cam-audio-<track-start>.webm
+status: completed
+meeting_id: <meeting-id>
+recorded_at: <recent-timestamp>
+```
+
+**Check transcript created:**
+```bash
+docker compose exec -T postgres psql -U reflector -d reflector -c \
+  "SELECT id, title, status, duration, recording_id, meeting_id, room_id
+   FROM transcript
+   ORDER BY created_at DESC LIMIT 1;"
+```
+
+**Expected (REAL transcription):**
+```
+id: <transcript-id>
+title: <AI-generated title based on actual conversation content>
+status: uploaded  (audio file processed and available)
+duration: <actual meeting duration in seconds>
+recording_id: <same-as-recording-id-above>
+meeting_id: <meeting-id>
+room_id: 552640fd-16f2-4162-9526-8cf40cd2357e
+```
+
+**Note:** Title and content will reflect the ACTUAL conversation, not mock data. Processing time depends on recording length and GPU backend availability (Modal).
+
+**Verify audio file exists:**
+```bash
+ls -lh data/<transcript-id>/upload.webm
+```
+
+**Expected:**
+```
+-rw-r--r-- 1 user staff ~100-200K Oct 10 18:48 upload.webm
+```
+
+**Check transcript topics (REAL transcription):**
+```bash
+TRANSCRIPT_ID=$(docker compose exec -T postgres psql -U reflector -d reflector -t -c \
+  "SELECT id FROM transcript ORDER BY created_at DESC LIMIT 1;")
+
+docker compose exec -T postgres psql -U reflector -d reflector -c \
+  "SELECT
+     jsonb_array_length(topics) as num_topics,
+     jsonb_array_length(participants) as num_participants,
+     short_summary,
+     title
+   FROM transcript
+   WHERE id = '$TRANSCRIPT_ID';"
+```
+
+**Expected (REAL data):**
+```
+num_topics: <varies based on conversation>
+num_participants: <actual number of participants who spoke>
+short_summary: <AI-generated summary of actual conversation>
+title: <AI-generated title based on content>
+```
+
+**Check topics contain actual transcription:**
+```bash
+docker compose exec -T postgres psql -U reflector -d reflector -c \
+  "SELECT topics->0->'title', topics->0->'summary', topics->0->'transcript'
+   FROM transcript
+   ORDER BY created_at DESC LIMIT 1;" | head -20
+```
+
+**Expected output:** Will contain the ACTUAL transcribed conversation from the Daily.co meeting, not mock data.
+
+**Check participants:**
+```bash
+docker compose exec -T postgres psql -U reflector -d reflector -c \
+  "SELECT participants FROM transcript ORDER BY created_at DESC LIMIT 1;" \
+  | python3 -c "import sys, json; data=json.loads(sys.stdin.read()); print(json.dumps(data, indent=2))"
+```
+
+**Expected (REAL diarization):**
+```json
+[
+  {
+    "id": "<uuid>",
+    "speaker": 0,
+    "name": "Speaker 1"
+  },
+  {
+    "id": "<uuid>",
+    "speaker": 1,
+    "name": "Speaker 2"
+  }
+]
+```
+
+**Note:** Speaker names will be generic ("Speaker 1", "Speaker 2", etc.) as determined by the diarization backend. Number of participants depends on how many actually spoke during the meeting.
+
+**Check word-level data:**
+```bash
+docker compose exec -T postgres psql -U reflector -d reflector -c \
+  "SELECT jsonb_array_length(topics->0->'words') as num_words_first_topic
+   FROM transcript
+   ORDER BY created_at DESC LIMIT 1;"
+```
+
+**Expected:**
+```
+num_words_first_topic: <varies based on actual conversation length and topic chunking>
+```
+
+**Verify speaker diarization in words:**
+```bash
+docker compose exec -T postgres psql -U reflector -d reflector -c \
+  "SELECT
+     topics->0->'words'->0->>'text' as first_word,
+     topics->0->'words'->0->>'speaker' as speaker,
+     topics->0->'words'->0->>'start' as start_time,
+     topics->0->'words'->0->>'end' as end_time
+   FROM transcript
+   ORDER BY created_at DESC LIMIT 1;"
+```
+
+**Expected (REAL transcription):**
+```
+first_word: <actual first word from transcription>
+speaker: 0, 1, 2, ... (actual speaker ID from diarization)
+start_time: <actual timestamp in seconds>
+end_time: <actual end timestamp>
+```
+
+**Note:** All timestamps and speaker IDs are from real transcription/diarization, synchronized across tracks.
+
+---
+
+## Test 8: Recording Type Verification
+
+**Check what Daily.co received:**
+```bash
+curl -s -X GET "https://api.daily.co/v1/rooms/test2-<timestamp>" \
+  -H "Authorization: Bearer $DAILY_API_KEY" | python3 -m json.tool | grep "enable_recording"
+```
+
+**Expected:**
+```json
+"enable_recording": "raw-tracks"
+```
+
+**NOT:** `"enable_recording": "cloud"` (that would be wrong - we want raw tracks)
+
+---
+
+## Troubleshooting
+
+### Issue: No webhooks received
+
+**Check webhook state:**
+```bash
+curl -s -X GET "https://api.daily.co/v1/webhooks" \
+  -H "Authorization: Bearer $DAILY_API_KEY" | python3 -m json.tool
+```
+
+**If state is FAILED:**
+```bash
+cd server
+uv run python scripts/recreate_daily_webhook.py https://<ngrok-url>/v1/daily/webhook
+```
+
+### Issue: Webhooks return 422
+
+**Check server logs:**
+```bash
+docker-compose logs --tail=50 server | grep "Failed to parse webhook event"
+```
+
+**Common cause:** Event structure mismatch. Daily.co events use:
+```json
+{
+  "version": "1.0.0",
+  "type": "participant.joined",
+  "payload": {...},  // NOT "data"
+  "event_ts": 123.456  // NOT "ts"
+}
+```
+
+### Issue: Recording not starting
+
+1. **Check token has `sr: true`:**
+   - Decode JWT token from room_url query param
+   - Should contain `"sr": true`
+
+2. **Check Daily.co room config:**
+   - `enable_recording` must be set (not false)
+   - For raw-tracks: must be exactly `"raw-tracks"`
+
+3. **Check participant actually joined:**
+   - Logs should show "Participant joined"
+   - Must click "Join" button, not just pre-call screen
+
+### Issue: Recording in S3 but wrong format
+
+**Daily.co recording types:**
+- `"cloud"` → Single MP4 file (`download_link` in webhook)
+- `"raw-tracks"` → Multiple WebM files (`tracks` array in webhook)
+- `"raw-tracks-audio-only"` → Only audio WebM files
+
+**Current implementation:** Always uses `"raw-tracks"` (better for transcription)
+
+---
+
+## Quick Validation Commands
+
+**One-liner to verify everything:**
+```bash
+# 1. Check room exists
+docker-compose exec -T postgres psql -U reflector -d reflector -c \
+  "SELECT name, platform FROM room WHERE name = 'test2';" && \
+
+# 2. Create meeting
+MEETING=$(curl -s -X POST http://localhost:1250/v1/rooms/test2/meeting \
+  -H "Content-Type: application/json" -d '{"allow_duplicated":false}') && \
+echo "$MEETING" | python3 -c "import sys,json; m=json.load(sys.stdin); print(f'Room: {m[\"room_name\"]}\nURL: {m[\"room_url\"][:80]}...')" && \
+
+# 3. Check Daily.co config
+ROOM_NAME=$(echo "$MEETING" | python3 -c "import sys,json; print(json.load(sys.stdin)['room_name'])") && \
+curl -s -X GET "https://api.daily.co/v1/rooms/$ROOM_NAME" \
+  -H "Authorization: Bearer $DAILY_API_KEY" | python3 -c "import sys,json; print(f'Recording: {json.load(sys.stdin)[\"config\"][\"enable_recording\"]}')"
+```
+
+**Expected output:**
+```
+name: test2, platform: whereby
+Room: test2-20251009192341
+URL: https://monadical.daily.co/test2-20251009192341?t=eyJhbGc...
+Recording: raw-tracks
+```
+
+---
+
+## Success Criteria Checklist
+
+- [x] Room name includes Reflector room prefix (`test2-...`)
+- [x] Meeting URL contains JWT token (`?t=...`)
+- [x] Token has `sr: true` (auto-recording enabled)
+- [x] Daily.co room config: `enable_recording: "raw-tracks"`
+- [x] Browser loads Daily.co interface (not Whereby)
+- [x] Recording auto-starts when participant joins
+- [x] Webhooks received: participant.joined, recording.started, participant.left, recording.ready-to-download
+- [x] Recording status: `finished`
+- [x] S3 contains 2 files: audio (.webm) and video (.webm)
+- [x] S3 path: `monadical/test2-{timestamp}/{recording-start-ts}-{participant-uuid}-cam-{audio|video}-{track-start-ts}`
+- [x] Database `num_clients` increments/decrements correctly
+- [x] **Database recording entry created** with correct S3 path and status `completed`
+- [ ] **Database transcript entry created** with status `uploaded`
+- [ ] **Audio file downloaded** to `data/{transcript_id}/upload.webm`
+- [ ] **Transcript has REAL data**: AI-generated title based on conversation
+- [ ] **Transcript has topics** generated from actual content
+- [ ] **Transcript has participants** with proper speaker diarization
+- [ ] **Topics contain word-level data** with accurate timestamps and speaker IDs
+- [ ] **Total duration** matches actual meeting length
+- [ ] **MP3 and waveform files generated** by file processing pipeline
+- [ ] **Frontend transcript page loads** without "Failed to load audio" error
+- [ ] **Audio player functional** with working playback and waveform visualization
+- [ ] **Multitrack processing completed** without errors in worker logs
+- [ ] **Modal GPU backends accessible** (transcription and diarization)

server/Dockerfile

@@ -6,7 +6,7 @@ ENV PYTHONUNBUFFERED=1 \
 
 # builder install base dependencies
 WORKDIR /tmp
-RUN apt-get update && apt-get install -y curl && apt-get clean
+RUN apt-get update && apt-get install -y curl ffmpeg && apt-get clean
 ADD https://astral.sh/uv/install.sh /uv-installer.sh
 RUN sh /uv-installer.sh && rm /uv-installer.sh
 ENV PATH="/root/.local/bin/:$PATH"

server/docs/gpu/api-transcription.md

@@ -0,0 +1,194 @@
+## Reflector GPU Transcription API (Specification)
+
+This document defines the Reflector GPU transcription API that all implementations must adhere to. Current implementations include NVIDIA Parakeet (NeMo) and Whisper (faster-whisper), both deployed on Modal.com. The API surface and response shapes are OpenAI/Whisper-compatible, so clients can switch implementations by changing only the base URL.
+
+### Base URL and Authentication
+
+- Example base URLs (Modal web endpoints):
+
+  - Parakeet: `https://<account>--reflector-transcriber-parakeet-web.modal.run`
+  - Whisper: `https://<account>--reflector-transcriber-web.modal.run`
+
+- All endpoints are served under `/v1` and require a Bearer token:
+
+```
+Authorization: Bearer <REFLECTOR_GPU_APIKEY>
+```
+
+Note: To switch implementations, deploy the desired variant and point `TRANSCRIPT_URL` to its base URL. The API is identical.
+
+### Supported file types
+
+`mp3, mp4, mpeg, mpga, m4a, wav, webm`
+
+### Models and languages
+
+- Parakeet (NVIDIA NeMo): default `nvidia/parakeet-tdt-0.6b-v2`
+  - Language support: only `en`. Other languages return HTTP 400.
+- Whisper (faster-whisper): default `large-v2` (or deployment-specific)
+  - Language support: multilingual (per Whisper model capabilities).
+
+Note: The `model` parameter is accepted by all implementations for interface parity. Some backends may treat it as informational.
+
+### Endpoints
+
+#### POST /v1/audio/transcriptions
+
+Transcribe one or more uploaded audio files.
+
+Request: multipart/form-data
+
+- `file` (File) — optional. Single file to transcribe.
+- `files` (File[]) — optional. One or more files to transcribe.
+- `model` (string) — optional. Defaults to the implementation-specific model (see above).
+- `language` (string) — optional, defaults to `en`.
+  - Parakeet: only `en` is accepted; other values return HTTP 400
+  - Whisper: model-dependent; typically multilingual
+- `batch` (boolean) — optional, defaults to `false`.
+
+Notes:
+
+- Provide either `file` or `files`, not both. If neither is provided, HTTP 400.
+- `batch` requires `files`; using `batch=true` without `files` returns HTTP 400.
+- Response shape for multiple files is the same regardless of `batch`.
+- Files sent to this endpoint are processed in a single pass (no VAD/chunking). This is intended for short clips (roughly ≤ 30s; depends on GPU memory/model). For longer audio, prefer `/v1/audio/transcriptions-from-url` which supports VAD-based chunking.
+
+Responses
+
+Single file response:
+
+```json
+{
+  "text": "transcribed text",
+  "words": [
+    { "word": "hello", "start": 0.0, "end": 0.5 },
+    { "word": "world", "start": 0.5, "end": 1.0 }
+  ],
+  "filename": "audio.mp3"
+}
+```
+
+Multiple files response:
+
+```json
+{
+  "results": [
+    {"filename": "a1.mp3", "text": "...", "words": [...]},
+    {"filename": "a2.mp3", "text": "...", "words": [...]}]
+}
+```
+
+Notes:
+
+- Word objects always include keys: `word`, `start`, `end`.
+- Some implementations may include a trailing space in `word` to match Whisper tokenization behavior; clients should trim if needed.
+
+Example curl (single file):
+
+```bash
+curl -X POST \
+  -H "Authorization: Bearer $REFLECTOR_GPU_APIKEY" \
+  -F "file=@/path/to/audio.mp3" \
+  -F "language=en" \
+  "$BASE_URL/v1/audio/transcriptions"
+```
+
+Example curl (multiple files, batch):
+
+```bash
+curl -X POST \
+  -H "Authorization: Bearer $REFLECTOR_GPU_APIKEY" \
+  -F "files=@/path/a1.mp3" -F "files=@/path/a2.mp3" \
+  -F "batch=true" -F "language=en" \
+  "$BASE_URL/v1/audio/transcriptions"
+```
+
+#### POST /v1/audio/transcriptions-from-url
+
+Transcribe a single remote audio file by URL.
+
+Request: application/json
+
+Body parameters:
+
+- `audio_file_url` (string) — required. URL of the audio file to transcribe.
+- `model` (string) — optional. Defaults to the implementation-specific model (see above).
+- `language` (string) — optional, defaults to `en`. Parakeet only accepts `en`.
+- `timestamp_offset` (number) — optional, defaults to `0.0`. Added to each word's `start`/`end` in the response.
+
+```json
+{
+  "audio_file_url": "https://example.com/audio.mp3",
+  "model": "nvidia/parakeet-tdt-0.6b-v2",
+  "language": "en",
+  "timestamp_offset": 0.0
+}
+```
+
+Response:
+
+```json
+{
+  "text": "transcribed text",
+  "words": [
+    { "word": "hello", "start": 10.0, "end": 10.5 },
+    { "word": "world", "start": 10.5, "end": 11.0 }
+  ]
+}
+```
+
+Notes:
+
+- `timestamp_offset` is added to each word’s `start`/`end` in the response.
+- Implementations may perform VAD-based chunking and batching for long-form audio; word timings are adjusted accordingly.
+
+Example curl:
+
+```bash
+curl -X POST \
+  -H "Authorization: Bearer $REFLECTOR_GPU_APIKEY" \
+  -H "Content-Type: application/json" \
+  -d '{
+        "audio_file_url": "https://example.com/audio.mp3",
+        "language": "en",
+        "timestamp_offset": 0
+      }' \
+  "$BASE_URL/v1/audio/transcriptions-from-url"
+```
+
+### Error handling
+
+- 400 Bad Request
+  - Parakeet: `language` other than `en`
+  - Missing required parameters (`file`/`files` for upload; `audio_file_url` for URL endpoint)
+  - Unsupported file extension
+- 401 Unauthorized
+  - Missing or invalid Bearer token
+- 404 Not Found
+  - `audio_file_url` does not exist
+
+### Implementation details
+
+- GPUs: A10G for small-file/live, L40S for large-file URL transcription (subject to deployment)
+- VAD chunking and segment batching; word timings adjusted and overlapping ends constrained
+- Pads very short segments (< 0.5s) to avoid model crashes on some backends
+
+### Server configuration (Reflector API)
+
+Set the Reflector server to use the Modal backend and point `TRANSCRIPT_URL` to your chosen deployment:
+
+```
+TRANSCRIPT_BACKEND=modal
+TRANSCRIPT_URL=https://<account>--reflector-transcriber-parakeet-web.modal.run
+TRANSCRIPT_MODAL_API_KEY=<REFLECTOR_GPU_APIKEY>
+```
+
+### Conformance tests
+
+Use the pytest-based conformance tests to validate any new implementation (including self-hosted) against this spec:
+
+```
+TRANSCRIPT_URL=https://<your-deployment-base> \
+TRANSCRIPT_MODAL_API_KEY=your-api-key \
+uv run -m pytest -m model_api --no-cov server/tests/test_model_api_transcript.py
+```

server/docs/webhook.md

@@ -14,7 +14,7 @@ Webhooks are configured at the room level with two fields:
 
 ### `transcript.completed`
 
-Triggered when a transcript has been fully processed, including transcription, diarization, summarization, and topic detection.
+Triggered when a transcript has been fully processed, including transcription, diarization, summarization, topic detection and calendar event integration.
 
 ### `test`
 
@@ -128,6 +128,27 @@ This event includes a convenient URL for accessing the transcript:
   "room": {
     "id": "room-789",
     "name": "Product Team Room"
+  },
+  "calendar_event": {
+    "id": "calendar-event-123",
+    "ics_uid": "event-123",
+    "title": "Q3 Product Planning Meeting",
+    "start_time": "2025-08-27T12:00:00Z",
+    "end_time": "2025-08-27T12:30:00Z",
+    "description": "Team discussed Q3 product roadmap, prioritizing mobile app features and API improvements.",
+    "location": "Conference Room 1",
+    "attendees": [
+      {
+        "id": "participant-1",
+        "name": "John Doe",
+        "speaker": "Speaker 1"
+      },
+      {
+        "id": "participant-2",
+        "name": "Jane Smith",
+        "speaker": "Speaker 2"
+      }
+    ]
   }
 }
 ```

server/env.example

@@ -27,7 +27,7 @@ AUTH_JWT_AUDIENCE=
 #TRANSCRIPT_MODAL_API_KEY=xxxxx
 
 TRANSCRIPT_BACKEND=modal
-TRANSCRIPT_URL=https://monadical-sas--reflector-transcriber-web.modal.run
+TRANSCRIPT_URL=https://monadical-sas--reflector-transcriber-parakeet-web.modal.run
 TRANSCRIPT_MODAL_API_KEY=
 
 ## =======================================================
@@ -71,3 +71,27 @@ DIARIZATION_URL=https://monadical-sas--reflector-diarizer-web.modal.run
 
 ## Sentry DSN configuration
 #SENTRY_DSN=
+
+## =======================================================
+## Video Platform Configuration
+## =======================================================
+
+## Whereby
+#WHEREBY_API_KEY=your-whereby-api-key
+#WHEREBY_WEBHOOK_SECRET=your-whereby-webhook-secret
+#AWS_WHEREBY_ACCESS_KEY_ID=your-aws-key
+#AWS_WHEREBY_ACCESS_KEY_SECRET=your-aws-secret
+#AWS_PROCESS_RECORDING_QUEUE_URL=https://sqs.us-west-2.amazonaws.com/...
+
+## Daily.co
+#DAILY_API_KEY=your-daily-api-key
+#DAILY_WEBHOOK_SECRET=your-daily-webhook-secret
+#DAILY_SUBDOMAIN=your-subdomain
+#AWS_DAILY_S3_BUCKET=your-daily-bucket
+#AWS_DAILY_S3_REGION=us-west-2
+#AWS_DAILY_ROLE_ARN=arn:aws:iam::ACCOUNT:role/DailyRecording
+
+## Platform Selection
+#DAILY_MIGRATION_ENABLED=false           # Enable Daily.co support
+#DAILY_MIGRATION_ROOM_IDS=[]            # Specific rooms to use Daily
+#DEFAULT_VIDEO_PLATFORM=whereby          # Default platform for new rooms

server/gpu/modal_deployments/reflector_transcriber.py

@@ -1,161 +0,0 @@
-import os
-import tempfile
-import threading
-
-import modal
-from pydantic import BaseModel
-
-MODELS_DIR = "/models"
-
-MODEL_NAME = "large-v2"
-MODEL_COMPUTE_TYPE: str = "float16"
-MODEL_NUM_WORKERS: int = 1
-
-MINUTES = 60  # seconds
-
-volume = modal.Volume.from_name("models", create_if_missing=True)
-
-app = modal.App("reflector-transcriber")
-
-
-def download_model():
-    from faster_whisper import download_model
-
-    volume.reload()
-
-    download_model(MODEL_NAME, cache_dir=MODELS_DIR)
-
-    volume.commit()
-
-
-image = (
-    modal.Image.debian_slim(python_version="3.12")
-    .pip_install(
-        "huggingface_hub==0.27.1",
-        "hf-transfer==0.1.9",
-        "torch==2.5.1",
-        "faster-whisper==1.1.1",
-    )
-    .env(
-        {
-            "HF_HUB_ENABLE_HF_TRANSFER": "1",
-            "LD_LIBRARY_PATH": (
-                "/usr/local/lib/python3.12/site-packages/nvidia/cudnn/lib/:"
-                "/opt/conda/lib/python3.12/site-packages/nvidia/cublas/lib/"
-            ),
-        }
-    )
-    .run_function(download_model, volumes={MODELS_DIR: volume})
-)
-
-
-@app.cls(
-    gpu="A10G",
-    timeout=5 * MINUTES,
-    scaledown_window=5 * MINUTES,
-    allow_concurrent_inputs=6,
-    image=image,
-    volumes={MODELS_DIR: volume},
-)
-class Transcriber:
-    @modal.enter()
-    def enter(self):
-        import faster_whisper
-        import torch
-
-        self.lock = threading.Lock()
-        self.use_gpu = torch.cuda.is_available()
-        self.device = "cuda" if self.use_gpu else "cpu"
-        self.model = faster_whisper.WhisperModel(
-            MODEL_NAME,
-            device=self.device,
-            compute_type=MODEL_COMPUTE_TYPE,
-            num_workers=MODEL_NUM_WORKERS,
-            download_root=MODELS_DIR,
-            local_files_only=True,
-        )
-
-    @modal.method()
-    def transcribe_segment(
-        self,
-        audio_data: str,
-        audio_suffix: str,
-        language: str,
-    ):
-        with tempfile.NamedTemporaryFile("wb+", suffix=f".{audio_suffix}") as fp:
-            fp.write(audio_data)
-
-            with self.lock:
-                segments, _ = self.model.transcribe(
-                    fp.name,
-                    language=language,
-                    beam_size=5,
-                    word_timestamps=True,
-                    vad_filter=True,
-                    vad_parameters={"min_silence_duration_ms": 500},
-                )
-
-            segments = list(segments)
-            text = "".join(segment.text for segment in segments)
-            words = [
-                {"word": word.word, "start": word.start, "end": word.end}
-                for segment in segments
-                for word in segment.words
-            ]
-
-            return {"text": text, "words": words}
-
-
-@app.function(
-    scaledown_window=60,
-    timeout=60,
-    allow_concurrent_inputs=40,
-    secrets=[
-        modal.Secret.from_name("reflector-gpu"),
-    ],
-    volumes={MODELS_DIR: volume},
-)
-@modal.asgi_app()
-def web():
-    from fastapi import Body, Depends, FastAPI, HTTPException, UploadFile, status
-    from fastapi.security import OAuth2PasswordBearer
-    from typing_extensions import Annotated
-
-    transcriber = Transcriber()
-
-    app = FastAPI()
-
-    oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
-
-    supported_file_types = ["mp3", "mp4", "mpeg", "mpga", "m4a", "wav", "webm"]
-
-    def apikey_auth(apikey: str = Depends(oauth2_scheme)):
-        if apikey != os.environ["REFLECTOR_GPU_APIKEY"]:
-            raise HTTPException(
-                status_code=status.HTTP_401_UNAUTHORIZED,
-                detail="Invalid API key",
-                headers={"WWW-Authenticate": "Bearer"},
-            )
-
-    class TranscriptResponse(BaseModel):
-        result: dict
-
-    @app.post("/v1/audio/transcriptions", dependencies=[Depends(apikey_auth)])
-    def transcribe(
-        file: UploadFile,
-        model: str = "whisper-1",
-        language: Annotated[str, Body(...)] = "en",
-    ) -> TranscriptResponse:
-        audio_data = file.file.read()
-        audio_suffix = file.filename.split(".")[-1]
-        assert audio_suffix in supported_file_types
-
-        func = transcriber.transcribe_segment.spawn(
-            audio_data=audio_data,
-            audio_suffix=audio_suffix,
-            language=language,
-        )
-        result = func.get()
-        return result
-
-    return app

server/migrations/versions/0ce521cda2ee_remove_user_id_from_meeting_table.py

@@ -0,0 +1,36 @@
+"""remove user_id from meeting table
+
+Revision ID: 0ce521cda2ee
+Revises: 6dec9fb5b46c
+Create Date: 2025-09-10 12:40:55.688899
+
+"""
+
+from typing import Sequence, Union
+
+import sqlalchemy as sa
+from alembic import op
+
+# revision identifiers, used by Alembic.
+revision: str = "0ce521cda2ee"
+down_revision: Union[str, None] = "6dec9fb5b46c"
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.batch_alter_table("meeting", schema=None) as batch_op:
+        batch_op.drop_column("user_id")
+
+    # ### end Alembic commands ###
+
+
+def downgrade() -> None:
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.batch_alter_table("meeting", schema=None) as batch_op:
+        batch_op.add_column(
+            sa.Column("user_id", sa.VARCHAR(), autoincrement=False, nullable=True)
+        )
+
+    # ### end Alembic commands ###

server/migrations/versions/1e49625677e4_add_platform_support.py

@@ -0,0 +1,50 @@
+"""add_platform_support
+
+Revision ID: 1e49625677e4
+Revises: dc035ff72fd5
+Create Date: 2025-10-08 13:17:29.943612
+
+"""
+
+from typing import Sequence, Union
+
+import sqlalchemy as sa
+from alembic import op
+
+# revision identifiers, used by Alembic.
+revision: str = "1e49625677e4"
+down_revision: Union[str, None] = "dc035ff72fd5"
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    """Add platform field with default 'whereby' for backward compatibility."""
+    with op.batch_alter_table("room", schema=None) as batch_op:
+        batch_op.add_column(
+            sa.Column(
+                "platform",
+                sa.String(),
+                nullable=False,
+                server_default="whereby",
+            )
+        )
+
+    with op.batch_alter_table("meeting", schema=None) as batch_op:
+        batch_op.add_column(
+            sa.Column(
+                "platform",
+                sa.String(),
+                nullable=False,
+                server_default="whereby",
+            )
+        )
+
+
+def downgrade() -> None:
+    """Remove platform field."""
+    with op.batch_alter_table("meeting", schema=None) as batch_op:
+        batch_op.drop_column("platform")
+
+    with op.batch_alter_table("room", schema=None) as batch_op:
+        batch_op.drop_column("platform")

server/migrations/versions/2ae3db106d4e_clean_up_orphaned_room_id_references_in_.py

@@ -0,0 +1,32 @@
+"""clean up orphaned room_id references in meeting table
+
+Revision ID: 2ae3db106d4e
+Revises: def1b5867d4c
+Create Date: 2025-09-11 10:35:15.759967
+
+"""
+
+from typing import Sequence, Union
+
+from alembic import op
+
+# revision identifiers, used by Alembic.
+revision: str = "2ae3db106d4e"
+down_revision: Union[str, None] = "def1b5867d4c"
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    # Set room_id to NULL for meetings that reference non-existent rooms
+    op.execute("""
+        UPDATE meeting
+        SET room_id = NULL
+        WHERE room_id IS NOT NULL
+          AND room_id NOT IN (SELECT id FROM room WHERE id IS NOT NULL)
+    """)
+
+
+def downgrade() -> None:
+    # Cannot restore orphaned references - no operation needed
+    pass

server/migrations/versions/6025e9b2bef2_remove_one_active_meeting_per_room_.py

@@ -0,0 +1,53 @@
+"""remove_one_active_meeting_per_room_constraint
+
+Revision ID: 6025e9b2bef2
+Revises: 2ae3db106d4e
+Create Date: 2025-08-18 18:45:44.418392
+
+"""
+
+from typing import Sequence, Union
+
+import sqlalchemy as sa
+from alembic import op
+
+# revision identifiers, used by Alembic.
+revision: str = "6025e9b2bef2"
+down_revision: Union[str, None] = "2ae3db106d4e"
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    # Remove the unique constraint that prevents multiple active meetings per room
+    # This is needed to support calendar integration with overlapping meetings
+    # Check if index exists before trying to drop it
+    from alembic import context
+
+    if context.get_context().dialect.name == "postgresql":
+        conn = op.get_bind()
+        result = conn.execute(
+            sa.text(
+                "SELECT 1 FROM pg_indexes WHERE indexname = 'idx_one_active_meeting_per_room'"
+            )
+        )
+        if result.fetchone():
+            op.drop_index("idx_one_active_meeting_per_room", table_name="meeting")
+    else:
+        # For SQLite, just try to drop it
+        try:
+            op.drop_index("idx_one_active_meeting_per_room", table_name="meeting")
+        except:
+            pass
+
+
+def downgrade() -> None:
+    # Restore the unique constraint
+    op.create_index(
+        "idx_one_active_meeting_per_room",
+        "meeting",
+        ["room_id"],
+        unique=True,
+        postgresql_where=sa.text("is_active = true"),
+        sqlite_where=sa.text("is_active = 1"),
+    )

server/migrations/versions/6dec9fb5b46c_make_meeting_room_id_required_and_add_.py

@@ -0,0 +1,35 @@
+"""make meeting room_id required and add foreign key
+
+Revision ID: 6dec9fb5b46c
+Revises: 61882a919591
+Create Date: 2025-09-10 10:47:06.006819
+
+"""
+
+from typing import Sequence, Union
+
+from alembic import op
+
+# revision identifiers, used by Alembic.
+revision: str = "6dec9fb5b46c"
+down_revision: Union[str, None] = "61882a919591"
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.batch_alter_table("meeting", schema=None) as batch_op:
+        batch_op.create_foreign_key(
+            None, "room", ["room_id"], ["id"], ondelete="CASCADE"
+        )
+
+    # ### end Alembic commands ###
+
+
+def downgrade() -> None:
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.batch_alter_table("meeting", schema=None) as batch_op:
+        batch_op.drop_constraint("meeting_room_id_fkey", type_="foreignkey")
+
+    # ### end Alembic commands ###

server/migrations/versions/d4a1c446458c_add_grace_period_fields_to_meeting.py

@@ -0,0 +1,34 @@
+"""add_grace_period_fields_to_meeting
+
+Revision ID: d4a1c446458c
+Revises: 6025e9b2bef2
+Create Date: 2025-08-18 18:50:37.768052
+
+"""
+
+from typing import Sequence, Union
+
+import sqlalchemy as sa
+from alembic import op
+
+# revision identifiers, used by Alembic.
+revision: str = "d4a1c446458c"
+down_revision: Union[str, None] = "6025e9b2bef2"
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    # Add fields to track when participants left for grace period logic
+    op.add_column(
+        "meeting", sa.Column("last_participant_left_at", sa.DateTime(timezone=True))
+    )
+    op.add_column(
+        "meeting",
+        sa.Column("grace_period_minutes", sa.Integer, server_default=sa.text("15")),
+    )
+
+
+def downgrade() -> None:
+    op.drop_column("meeting", "grace_period_minutes")
+    op.drop_column("meeting", "last_participant_left_at")

server/migrations/versions/d8e204bbf615_add_calendar.py

@@ -0,0 +1,129 @@
+"""add calendar
+
+Revision ID: d8e204bbf615
+Revises: d4a1c446458c
+Create Date: 2025-09-10 19:56:22.295756
+
+"""
+
+from typing import Sequence, Union
+
+import sqlalchemy as sa
+from alembic import op
+from sqlalchemy.dialects import postgresql
+
+# revision identifiers, used by Alembic.
+revision: str = "d8e204bbf615"
+down_revision: Union[str, None] = "d4a1c446458c"
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.create_table(
+        "calendar_event",
+        sa.Column("id", sa.String(), nullable=False),
+        sa.Column("room_id", sa.String(), nullable=False),
+        sa.Column("ics_uid", sa.Text(), nullable=False),
+        sa.Column("title", sa.Text(), nullable=True),
+        sa.Column("description", sa.Text(), nullable=True),
+        sa.Column("start_time", sa.DateTime(timezone=True), nullable=False),
+        sa.Column("end_time", sa.DateTime(timezone=True), nullable=False),
+        sa.Column("attendees", postgresql.JSONB(astext_type=sa.Text()), nullable=True),
+        sa.Column("location", sa.Text(), nullable=True),
+        sa.Column("ics_raw_data", sa.Text(), nullable=True),
+        sa.Column("last_synced", sa.DateTime(timezone=True), nullable=False),
+        sa.Column(
+            "is_deleted", sa.Boolean(), server_default=sa.text("false"), nullable=False
+        ),
+        sa.Column("created_at", sa.DateTime(timezone=True), nullable=False),
+        sa.Column("updated_at", sa.DateTime(timezone=True), nullable=False),
+        sa.ForeignKeyConstraint(
+            ["room_id"],
+            ["room.id"],
+            name="fk_calendar_event_room_id",
+            ondelete="CASCADE",
+        ),
+        sa.PrimaryKeyConstraint("id"),
+        sa.UniqueConstraint("room_id", "ics_uid", name="uq_room_calendar_event"),
+    )
+    with op.batch_alter_table("calendar_event", schema=None) as batch_op:
+        batch_op.create_index(
+            "idx_calendar_event_deleted",
+            ["is_deleted"],
+            unique=False,
+            postgresql_where=sa.text("NOT is_deleted"),
+        )
+        batch_op.create_index(
+            "idx_calendar_event_room_start", ["room_id", "start_time"], unique=False
+        )
+
+    with op.batch_alter_table("meeting", schema=None) as batch_op:
+        batch_op.add_column(sa.Column("calendar_event_id", sa.String(), nullable=True))
+        batch_op.add_column(
+            sa.Column(
+                "calendar_metadata",
+                postgresql.JSONB(astext_type=sa.Text()),
+                nullable=True,
+            )
+        )
+        batch_op.create_index(
+            "idx_meeting_calendar_event", ["calendar_event_id"], unique=False
+        )
+        batch_op.create_foreign_key(
+            "fk_meeting_calendar_event_id",
+            "calendar_event",
+            ["calendar_event_id"],
+            ["id"],
+            ondelete="SET NULL",
+        )
+
+    with op.batch_alter_table("room", schema=None) as batch_op:
+        batch_op.add_column(sa.Column("ics_url", sa.Text(), nullable=True))
+        batch_op.add_column(
+            sa.Column(
+                "ics_fetch_interval", sa.Integer(), server_default="300", nullable=True
+            )
+        )
+        batch_op.add_column(
+            sa.Column(
+                "ics_enabled",
+                sa.Boolean(),
+                server_default=sa.text("false"),
+                nullable=False,
+            )
+        )
+        batch_op.add_column(
+            sa.Column("ics_last_sync", sa.DateTime(timezone=True), nullable=True)
+        )
+        batch_op.add_column(sa.Column("ics_last_etag", sa.Text(), nullable=True))
+        batch_op.create_index("idx_room_ics_enabled", ["ics_enabled"], unique=False)
+
+    # ### end Alembic commands ###
+
+
+def downgrade() -> None:
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.batch_alter_table("room", schema=None) as batch_op:
+        batch_op.drop_index("idx_room_ics_enabled")
+        batch_op.drop_column("ics_last_etag")
+        batch_op.drop_column("ics_last_sync")
+        batch_op.drop_column("ics_enabled")
+        batch_op.drop_column("ics_fetch_interval")
+        batch_op.drop_column("ics_url")
+
+    with op.batch_alter_table("meeting", schema=None) as batch_op:
+        batch_op.drop_constraint("fk_meeting_calendar_event_id", type_="foreignkey")
+        batch_op.drop_index("idx_meeting_calendar_event")
+        batch_op.drop_column("calendar_metadata")
+        batch_op.drop_column("calendar_event_id")
+
+    with op.batch_alter_table("calendar_event", schema=None) as batch_op:
+        batch_op.drop_index("idx_calendar_event_room_start")
+        batch_op.drop_index(
+            "idx_calendar_event_deleted", postgresql_where=sa.text("NOT is_deleted")
+        )
+
+    op.drop_table("calendar_event")
+    # ### end Alembic commands ###

server/migrations/versions/dc035ff72fd5_remove_grace_period_fields.py

@@ -0,0 +1,43 @@
+"""remove_grace_period_fields
+
+Revision ID: dc035ff72fd5
+Revises: d8e204bbf615
+Create Date: 2025-09-11 10:36:45.197588
+
+"""
+
+from typing import Sequence, Union
+
+import sqlalchemy as sa
+from alembic import op
+
+# revision identifiers, used by Alembic.
+revision: str = "dc035ff72fd5"
+down_revision: Union[str, None] = "d8e204bbf615"
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    # Remove grace period columns from meeting table
+    op.drop_column("meeting", "last_participant_left_at")
+    op.drop_column("meeting", "grace_period_minutes")
+
+
+def downgrade() -> None:
+    # Add back grace period columns to meeting table
+    op.add_column(
+        "meeting",
+        sa.Column(
+            "last_participant_left_at", sa.DateTime(timezone=True), nullable=True
+        ),
+    )
+    op.add_column(
+        "meeting",
+        sa.Column(
+            "grace_period_minutes",
+            sa.Integer(),
+            server_default=sa.text("15"),
+            nullable=True,
+        ),
+    )

server/migrations/versions/def1b5867d4c_make_meeting_room_id_nullable_but_keep_.py

@@ -0,0 +1,34 @@
+"""make meeting room_id nullable but keep foreign key
+
+Revision ID: def1b5867d4c
+Revises: 0ce521cda2ee
+Create Date: 2025-09-11 09:42:18.697264
+
+"""
+
+from typing import Sequence, Union
+
+import sqlalchemy as sa
+from alembic import op
+
+# revision identifiers, used by Alembic.
+revision: str = "def1b5867d4c"
+down_revision: Union[str, None] = "0ce521cda2ee"
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.batch_alter_table("meeting", schema=None) as batch_op:
+        batch_op.alter_column("room_id", existing_type=sa.VARCHAR(), nullable=True)
+
+    # ### end Alembic commands ###
+
+
+def downgrade() -> None:
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.batch_alter_table("meeting", schema=None) as batch_op:
+        batch_op.alter_column("room_id", existing_type=sa.VARCHAR(), nullable=False)
+
+    # ### end Alembic commands ###

server/pyproject.toml

@@ -12,7 +12,6 @@ dependencies = [
     "requests>=2.31.0",
     "aiortc>=1.5.0",
     "sortedcontainers>=2.4.0",
-    "loguru>=0.7.0",
     "pydantic-settings>=2.0.2",
     "structlog>=23.1.0",
     "uvicorn[standard]>=0.23.1",
@@ -27,7 +26,6 @@ dependencies = [
     "prometheus-fastapi-instrumentator>=6.1.0",
     "sentencepiece>=0.1.99",
     "protobuf>=4.24.3",
-    "profanityfilter>=2.0.6",
     "celery>=5.3.4",
     "redis>=5.0.1",
     "python-jose[cryptography]>=3.3.0",
@@ -40,6 +38,7 @@ dependencies = [
     "llama-index-llms-openai-like>=0.4.0",
     "pytest-env>=1.1.5",
     "webvtt-py>=0.5.0",
+    "icalendar>=6.0.0",
 ]
 
 [dependency-groups]
@@ -113,13 +112,14 @@ source = ["reflector"]
 [tool.pytest_env]
 ENVIRONMENT = "pytest"
 DATABASE_URL = "postgresql://test_user:test_password@localhost:15432/reflector_test"
+AUTH_BACKEND = "jwt"
 
 [tool.pytest.ini_options]
 addopts = "-ra -q --disable-pytest-warnings --cov --cov-report html -v"
 testpaths = ["tests"]
 asyncio_mode = "auto"
 markers = [
-    "gpu_modal: mark test to run only with GPU Modal endpoints (deselect with '-m \"not gpu_modal\"')",
+    "model_api: tests for the unified model-serving HTTP API (backend- and hardware-agnostic)",
 ]
 
 [tool.ruff.lint]
@@ -131,7 +131,7 @@ select = [
 
 [tool.ruff.lint.per-file-ignores]
 "reflector/processors/summary/summary_builder.py" = ["E501"]
-"gpu/**.py" = ["PLC0415"]
+"gpu/modal_deployments/**.py" = ["PLC0415"]
 "reflector/tools/**.py" = ["PLC0415"]
 "migrations/versions/**.py" = ["PLC0415"]
 "tests/**.py" = ["PLC0415"]

server/reflector/app.py

@@ -12,6 +12,7 @@ from reflector.events import subscribers_shutdown, subscribers_startup
 from reflector.logger import logger
 from reflector.metrics import metrics_init
 from reflector.settings import settings
+from reflector.views.daily import router as daily_router
 from reflector.views.meetings import router as meetings_router
 from reflector.views.rooms import router as rooms_router
 from reflector.views.rtc_offer import router as rtc_offer_router
@@ -26,6 +27,7 @@ from reflector.views.transcripts_upload import router as transcripts_upload_rout
 from reflector.views.transcripts_webrtc import router as transcripts_webrtc_router
 from reflector.views.transcripts_websocket import router as transcripts_websocket_router
 from reflector.views.user import router as user_router
+from reflector.views.user_websocket import router as user_ws_router
 from reflector.views.whereby import router as whereby_router
 from reflector.views.zulip import router as zulip_router
 
@@ -65,6 +67,12 @@ app.add_middleware(
     allow_headers=["*"],
 )
 
+
+@app.get("/health")
+async def health():
+    return {"status": "healthy"}
+
+
 # metrics
 instrumentator = Instrumentator(
     excluded_handlers=["/docs", "/metrics"],
@@ -84,8 +92,10 @@ app.include_router(transcripts_websocket_router, prefix="/v1")
 app.include_router(transcripts_webrtc_router, prefix="/v1")
 app.include_router(transcripts_process_router, prefix="/v1")
 app.include_router(user_router, prefix="/v1")
+app.include_router(user_ws_router, prefix="/v1")
 app.include_router(zulip_router, prefix="/v1")
 app.include_router(whereby_router, prefix="/v1")
+app.include_router(daily_router, prefix="/v1/daily")
 add_pagination(app)
 
 # prepare celery

server/reflector/auth/auth_jwt.py

@@ -67,7 +67,8 @@ def current_user(
     try:
         payload = jwtauth.verify_token(token)
         sub = payload["sub"]
-        return UserInfo(sub=sub)
+        email = payload["email"]
+        return UserInfo(sub=sub, email=email)
     except JWTError as e:
         logger.error(f"JWT error: {e}")
         raise HTTPException(status_code=401, detail="Invalid authentication")

server/reflector/db/__init__.py

@@ -24,6 +24,7 @@ def get_database() -> databases.Database:
 
 
 # import models
+import reflector.db.calendar_events  # noqa
 import reflector.db.meetings  # noqa
 import reflector.db.recordings  # noqa
 import reflector.db.rooms  # noqa

server/reflector/db/calendar_events.py

@@ -0,0 +1,187 @@
+from datetime import datetime, timedelta, timezone
+from typing import Any
+
+import sqlalchemy as sa
+from pydantic import BaseModel, Field
+from sqlalchemy.dialects.postgresql import JSONB
+
+from reflector.db import get_database, metadata
+from reflector.utils import generate_uuid4
+
+calendar_events = sa.Table(
+    "calendar_event",
+    metadata,
+    sa.Column("id", sa.String, primary_key=True),
+    sa.Column(
+        "room_id",
+        sa.String,
+        sa.ForeignKey("room.id", ondelete="CASCADE", name="fk_calendar_event_room_id"),
+        nullable=False,
+    ),
+    sa.Column("ics_uid", sa.Text, nullable=False),
+    sa.Column("title", sa.Text),
+    sa.Column("description", sa.Text),
+    sa.Column("start_time", sa.DateTime(timezone=True), nullable=False),
+    sa.Column("end_time", sa.DateTime(timezone=True), nullable=False),
+    sa.Column("attendees", JSONB),
+    sa.Column("location", sa.Text),
+    sa.Column("ics_raw_data", sa.Text),
+    sa.Column("last_synced", sa.DateTime(timezone=True), nullable=False),
+    sa.Column("is_deleted", sa.Boolean, nullable=False, server_default=sa.false()),
+    sa.Column("created_at", sa.DateTime(timezone=True), nullable=False),
+    sa.Column("updated_at", sa.DateTime(timezone=True), nullable=False),
+    sa.UniqueConstraint("room_id", "ics_uid", name="uq_room_calendar_event"),
+    sa.Index("idx_calendar_event_room_start", "room_id", "start_time"),
+    sa.Index(
+        "idx_calendar_event_deleted",
+        "is_deleted",
+        postgresql_where=sa.text("NOT is_deleted"),
+    ),
+)
+
+
+class CalendarEvent(BaseModel):
+    id: str = Field(default_factory=generate_uuid4)
+    room_id: str
+    ics_uid: str
+    title: str | None = None
+    description: str | None = None
+    start_time: datetime
+    end_time: datetime
+    attendees: list[dict[str, Any]] | None = None
+    location: str | None = None
+    ics_raw_data: str | None = None
+    last_synced: datetime = Field(default_factory=lambda: datetime.now(timezone.utc))
+    is_deleted: bool = False
+    created_at: datetime = Field(default_factory=lambda: datetime.now(timezone.utc))
+    updated_at: datetime = Field(default_factory=lambda: datetime.now(timezone.utc))
+
+
+class CalendarEventController:
+    async def get_by_room(
+        self,
+        room_id: str,
+        include_deleted: bool = False,
+        start_after: datetime | None = None,
+        end_before: datetime | None = None,
+    ) -> list[CalendarEvent]:
+        query = calendar_events.select().where(calendar_events.c.room_id == room_id)
+
+        if not include_deleted:
+            query = query.where(calendar_events.c.is_deleted == False)
+
+        if start_after:
+            query = query.where(calendar_events.c.start_time >= start_after)
+
+        if end_before:
+            query = query.where(calendar_events.c.end_time <= end_before)
+
+        query = query.order_by(calendar_events.c.start_time.asc())
+
+        results = await get_database().fetch_all(query)
+        return [CalendarEvent(**result) for result in results]
+
+    async def get_upcoming(
+        self, room_id: str, minutes_ahead: int = 120
+    ) -> list[CalendarEvent]:
+        """Get upcoming events for a room within the specified minutes, including currently happening events."""
+        now = datetime.now(timezone.utc)
+        future_time = now + timedelta(minutes=minutes_ahead)
+
+        query = (
+            calendar_events.select()
+            .where(
+                sa.and_(
+                    calendar_events.c.room_id == room_id,
+                    calendar_events.c.is_deleted == False,
+                    calendar_events.c.start_time <= future_time,
+                    calendar_events.c.end_time >= now,
+                )
+            )
+            .order_by(calendar_events.c.start_time.asc())
+        )
+
+        results = await get_database().fetch_all(query)
+        return [CalendarEvent(**result) for result in results]
+
+    async def get_by_id(self, event_id: str) -> CalendarEvent | None:
+        query = calendar_events.select().where(calendar_events.c.id == event_id)
+        result = await get_database().fetch_one(query)
+        return CalendarEvent(**result) if result else None
+
+    async def get_by_ics_uid(self, room_id: str, ics_uid: str) -> CalendarEvent | None:
+        query = calendar_events.select().where(
+            sa.and_(
+                calendar_events.c.room_id == room_id,
+                calendar_events.c.ics_uid == ics_uid,
+            )
+        )
+        result = await get_database().fetch_one(query)
+        return CalendarEvent(**result) if result else None
+
+    async def upsert(self, event: CalendarEvent) -> CalendarEvent:
+        existing = await self.get_by_ics_uid(event.room_id, event.ics_uid)
+
+        if existing:
+            event.id = existing.id
+            event.created_at = existing.created_at
+            event.updated_at = datetime.now(timezone.utc)
+
+            query = (
+                calendar_events.update()
+                .where(calendar_events.c.id == existing.id)
+                .values(**event.model_dump())
+            )
+        else:
+            query = calendar_events.insert().values(**event.model_dump())
+
+        await get_database().execute(query)
+        return event
+
+    async def soft_delete_missing(
+        self, room_id: str, current_ics_uids: list[str]
+    ) -> int:
+        """Soft delete future events that are no longer in the calendar."""
+        now = datetime.now(timezone.utc)
+
+        select_query = calendar_events.select().where(
+            sa.and_(
+                calendar_events.c.room_id == room_id,
+                calendar_events.c.start_time > now,
+                calendar_events.c.is_deleted == False,
+                calendar_events.c.ics_uid.notin_(current_ics_uids)
+                if current_ics_uids
+                else True,
+            )
+        )
+
+        to_delete = await get_database().fetch_all(select_query)
+        delete_count = len(to_delete)
+
+        if delete_count > 0:
+            update_query = (
+                calendar_events.update()
+                .where(
+                    sa.and_(
+                        calendar_events.c.room_id == room_id,
+                        calendar_events.c.start_time > now,
+                        calendar_events.c.is_deleted == False,
+                        calendar_events.c.ics_uid.notin_(current_ics_uids)
+                        if current_ics_uids
+                        else True,
+                    )
+                )
+                .values(is_deleted=True, updated_at=now)
+            )
+
+            await get_database().execute(update_query)
+
+        return delete_count
+
+    async def delete_by_room(self, room_id: str) -> int:
+        query = calendar_events.delete().where(calendar_events.c.room_id == room_id)
+        result = await get_database().execute(query)
+        return result.rowcount
+
+
+calendar_events_controller = CalendarEventController()

server/reflector/db/meetings.py

@@ -1,12 +1,13 @@
 from datetime import datetime
-from typing import Literal
+from typing import Any, Literal
 
 import sqlalchemy as sa
-from fastapi import HTTPException
 from pydantic import BaseModel, Field
+from sqlalchemy.dialects.postgresql import JSONB
 
 from reflector.db import get_database, metadata
 from reflector.db.rooms import Room
+from reflector.platform_types import Platform
 from reflector.utils import generate_uuid4
 
 meetings = sa.Table(
@@ -18,8 +19,12 @@ meetings = sa.Table(
     sa.Column("host_room_url", sa.String),
     sa.Column("start_date", sa.DateTime(timezone=True)),
     sa.Column("end_date", sa.DateTime(timezone=True)),
-    sa.Column("user_id", sa.String),
-    sa.Column("room_id", sa.String),
+    sa.Column(
+        "room_id",
+        sa.String,
+        sa.ForeignKey("room.id", ondelete="CASCADE"),
+        nullable=True,
+    ),
     sa.Column("is_locked", sa.Boolean, nullable=False, server_default=sa.false()),
     sa.Column("room_mode", sa.String, nullable=False, server_default="normal"),
     sa.Column("recording_type", sa.String, nullable=False, server_default="cloud"),
@@ -41,13 +46,24 @@ meetings = sa.Table(
         nullable=False,
         server_default=sa.true(),
     ),
-    sa.Index("idx_meeting_room_id", "room_id"),
-    sa.Index(
-        "idx_one_active_meeting_per_room",
-        "room_id",
-        unique=True,
-        postgresql_where=sa.text("is_active = true"),
+    sa.Column(
+        "calendar_event_id",
+        sa.String,
+        sa.ForeignKey(
+            "calendar_event.id",
+            ondelete="SET NULL",
+            name="fk_meeting_calendar_event_id",
+        ),
     ),
+    sa.Column("calendar_metadata", JSONB),
+    sa.Column(
+        "platform",
+        sa.String,
+        nullable=False,
+        server_default="whereby",
+    ),
+    sa.Index("idx_meeting_room_id", "room_id"),
+    sa.Index("idx_meeting_calendar_event", "calendar_event_id"),
 )
 
 meeting_consent = sa.Table(
@@ -81,15 +97,18 @@ class Meeting(BaseModel):
     host_room_url: str
     start_date: datetime
     end_date: datetime
-    user_id: str | None = None
-    room_id: str | None = None
+    room_id: str | None
     is_locked: bool = False
     room_mode: Literal["normal", "group"] = "normal"
     recording_type: Literal["none", "local", "cloud"] = "cloud"
-    recording_trigger: Literal[
+    recording_trigger: Literal[  # whereby-specific
         "none", "prompt", "automatic", "automatic-2nd-participant"
     ] = "automatic-2nd-participant"
     num_clients: int = 0
+    is_active: bool = True
+    calendar_event_id: str | None = None
+    calendar_metadata: dict[str, Any] | None = None
+    platform: Platform = "whereby"
 
 
 class MeetingController:
@@ -101,12 +120,11 @@ class MeetingController:
         host_room_url: str,
         start_date: datetime,
         end_date: datetime,
-        user_id: str,
         room: Room,
+        calendar_event_id: str | None = None,
+        calendar_metadata: dict[str, Any] | None = None,
+        platform: Platform = "whereby",
     ):
-        """
-        Create a new meeting
-        """
         meeting = Meeting(
             id=id,
             room_name=room_name,
@@ -114,41 +132,47 @@ class MeetingController:
             host_room_url=host_room_url,
             start_date=start_date,
             end_date=end_date,
-            user_id=user_id,
             room_id=room.id,
             is_locked=room.is_locked,
             room_mode=room.room_mode,
             recording_type=room.recording_type,
             recording_trigger=room.recording_trigger,
+            calendar_event_id=calendar_event_id,
+            calendar_metadata=calendar_metadata,
+            platform=platform,
         )
         query = meetings.insert().values(**meeting.model_dump())
         await get_database().execute(query)
         return meeting
 
     async def get_all_active(self) -> list[Meeting]:
-        """
-        Get active meetings.
-        """
         query = meetings.select().where(meetings.c.is_active)
         return await get_database().fetch_all(query)
 
     async def get_by_room_name(
         self,
         room_name: str,
-    ) -> Meeting:
+    ) -> Meeting | None:
         """
         Get a meeting by room name.
+        For backward compatibility, returns the most recent meeting.
         """
-        query = meetings.select().where(meetings.c.room_name == room_name)
+        end_date = getattr(meetings.c, "end_date")
+        query = (
+            meetings.select()
+            .where(meetings.c.room_name == room_name)
+            .order_by(end_date.desc())
+        )
         result = await get_database().fetch_one(query)
         if not result:
             return None
 
         return Meeting(**result)
 
-    async def get_active(self, room: Room, current_time: datetime) -> Meeting:
+    async def get_active(self, room: Room, current_time: datetime) -> Meeting | None:
         """
         Get latest active meeting for a room.
+        For backward compatibility, returns the most recent active meeting.
         """
         end_date = getattr(meetings.c, "end_date")
         query = (
@@ -168,37 +192,85 @@ class MeetingController:
 
         return Meeting(**result)
 
+    async def get_all_active_for_room(
+        self, room: Room, current_time: datetime
+    ) -> list[Meeting]:
+        end_date = getattr(meetings.c, "end_date")
+        query = (
+            meetings.select()
+            .where(
+                sa.and_(
+                    meetings.c.room_id == room.id,
+                    meetings.c.end_date > current_time,
+                    meetings.c.is_active,
+                )
+            )
+            .order_by(end_date.desc())
+        )
+        results = await get_database().fetch_all(query)
+        return [Meeting(**result) for result in results]
+
+    async def get_active_by_calendar_event(
+        self, room: Room, calendar_event_id: str, current_time: datetime
+    ) -> Meeting | None:
+        """
+        Get active meeting for a specific calendar event.
+        """
+        query = meetings.select().where(
+            sa.and_(
+                meetings.c.room_id == room.id,
+                meetings.c.calendar_event_id == calendar_event_id,
+                meetings.c.end_date > current_time,
+                meetings.c.is_active,
+            )
+        )
+        result = await get_database().fetch_one(query)
+        if not result:
+            return None
+        return Meeting(**result)
+
     async def get_by_id(self, meeting_id: str, **kwargs) -> Meeting | None:
-        """
-        Get a meeting by id
-        """
         query = meetings.select().where(meetings.c.id == meeting_id)
         result = await get_database().fetch_one(query)
         if not result:
             return None
         return Meeting(**result)
 
-    async def get_by_id_for_http(self, meeting_id: str, user_id: str | None) -> Meeting:
-        """
-        Get a meeting by ID for HTTP request.
-
-        If not found, it will raise a 404 error.
-        """
-        query = meetings.select().where(meetings.c.id == meeting_id)
+    async def get_by_calendar_event(self, calendar_event_id: str) -> Meeting | None:
+        query = meetings.select().where(
+            meetings.c.calendar_event_id == calendar_event_id
+        )
         result = await get_database().fetch_one(query)
         if not result:
-            raise HTTPException(status_code=404, detail="Meeting not found")
-
-        meeting = Meeting(**result)
-        if result["user_id"] != user_id:
-            meeting.host_room_url = ""
-
-        return meeting
+            return None
+        return Meeting(**result)
 
     async def update_meeting(self, meeting_id: str, **kwargs):
         query = meetings.update().where(meetings.c.id == meeting_id).values(**kwargs)
         await get_database().execute(query)
 
+    async def increment_num_clients(self, meeting_id: str):
+        """Atomically increment participant count."""
+        query = (
+            meetings.update()
+            .where(meetings.c.id == meeting_id)
+            .values(num_clients=meetings.c.num_clients + 1)
+        )
+        await get_database().execute(query)
+
+    async def decrement_num_clients(self, meeting_id: str):
+        """Atomically decrement participant count (min 0)."""
+        query = (
+            meetings.update()
+            .where(meetings.c.id == meeting_id)
+            .values(
+                num_clients=sa.case(
+                    (meetings.c.num_clients > 0, meetings.c.num_clients - 1), else_=0
+                )
+            )
+        )
+        await get_database().execute(query)
+
 
 class MeetingConsentController:
     async def get_by_meeting_id(self, meeting_id: str) -> list[MeetingConsent]:
@@ -219,10 +291,9 @@ class MeetingConsentController:
         result = await get_database().fetch_one(query)
         if result is None:
             return None
-        return MeetingConsent(**result) if result else None
+        return MeetingConsent(**result)
 
     async def upsert(self, consent: MeetingConsent) -> MeetingConsent:
-        """Create new consent or update existing one for authenticated users"""
         if consent.user_id:
             # For authenticated users, check if consent already exists
             # not transactional but we're ok with that; the consents ain't deleted anyways

server/reflector/db/rooms.py

@@ -1,7 +1,7 @@
 import secrets
 from datetime import datetime, timezone
 from sqlite3 import IntegrityError
-from typing import Literal
+from typing import Literal, Optional
 
 import sqlalchemy
 from fastapi import HTTPException
@@ -9,6 +9,7 @@ from pydantic import BaseModel, Field
 from sqlalchemy.sql import false, or_
 
 from reflector.db import get_database, metadata
+from reflector.platform_types import Platform
 from reflector.utils import generate_uuid4
 
 rooms = sqlalchemy.Table(
@@ -43,7 +44,21 @@ rooms = sqlalchemy.Table(
     ),
     sqlalchemy.Column("webhook_url", sqlalchemy.String, nullable=True),
     sqlalchemy.Column("webhook_secret", sqlalchemy.String, nullable=True),
+    sqlalchemy.Column("ics_url", sqlalchemy.Text),
+    sqlalchemy.Column("ics_fetch_interval", sqlalchemy.Integer, server_default="300"),
+    sqlalchemy.Column(
+        "ics_enabled", sqlalchemy.Boolean, nullable=False, server_default=false()
+    ),
+    sqlalchemy.Column("ics_last_sync", sqlalchemy.DateTime(timezone=True)),
+    sqlalchemy.Column("ics_last_etag", sqlalchemy.Text),
+    sqlalchemy.Column(
+        "platform",
+        sqlalchemy.String,
+        nullable=False,
+        server_default="whereby",
+    ),
     sqlalchemy.Index("idx_room_is_shared", "is_shared"),
+    sqlalchemy.Index("idx_room_ics_enabled", "ics_enabled"),
 )
 
 
@@ -58,12 +73,18 @@ class Room(BaseModel):
     is_locked: bool = False
     room_mode: Literal["normal", "group"] = "normal"
     recording_type: Literal["none", "local", "cloud"] = "cloud"
-    recording_trigger: Literal[
+    recording_trigger: Literal[  # whereby-specific
         "none", "prompt", "automatic", "automatic-2nd-participant"
     ] = "automatic-2nd-participant"
     is_shared: bool = False
     webhook_url: str | None = None
     webhook_secret: str | None = None
+    ics_url: str | None = None
+    ics_fetch_interval: int = 300
+    ics_enabled: bool = False
+    ics_last_sync: datetime | None = None
+    ics_last_etag: str | None = None
+    platform: Platform = "whereby"
 
 
 class RoomController:
@@ -114,6 +135,10 @@ class RoomController:
         is_shared: bool,
         webhook_url: str = "",
         webhook_secret: str = "",
+        ics_url: str | None = None,
+        ics_fetch_interval: int = 300,
+        ics_enabled: bool = False,
+        platform: Optional[Platform] = None,
     ):
         """
         Add a new room
@@ -134,6 +159,10 @@ class RoomController:
             is_shared=is_shared,
             webhook_url=webhook_url,
             webhook_secret=webhook_secret,
+            ics_url=ics_url,
+            ics_fetch_interval=ics_fetch_interval,
+            ics_enabled=ics_enabled,
+            platform=platform or "whereby",
         )
         query = rooms.insert().values(**room.model_dump())
         try:
@@ -198,6 +227,13 @@ class RoomController:
 
         return room
 
+    async def get_ics_enabled(self) -> list[Room]:
+        query = rooms.select().where(
+            rooms.c.ics_enabled == True, rooms.c.ics_url != None
+        )
+        results = await get_database().fetch_all(query)
+        return [Room(**result) for result in results]
+
     async def remove_by_id(
         self,
         room_id: str,

server/reflector/db/search.py

@@ -8,12 +8,14 @@ from typing import Annotated, Any, Dict, Iterator
 
 import sqlalchemy
 import webvtt
+from databases.interfaces import Record as DbRecord
 from fastapi import HTTPException
 from pydantic import (
     BaseModel,
     Field,
     NonNegativeFloat,
     NonNegativeInt,
+    TypeAdapter,
     ValidationError,
     constr,
     field_serializer,
@@ -21,9 +23,10 @@ from pydantic import (
 
 from reflector.db import get_database
 from reflector.db.rooms import rooms
-from reflector.db.transcripts import SourceKind, transcripts
+from reflector.db.transcripts import SourceKind, TranscriptStatus, transcripts
 from reflector.db.utils import is_postgresql
 from reflector.logger import logger
+from reflector.utils.string import NonEmptyString, try_parse_non_empty_string
 
 DEFAULT_SEARCH_LIMIT = 20
 SNIPPET_CONTEXT_LENGTH = 50  # Characters before/after match to include
@@ -31,12 +34,13 @@ DEFAULT_SNIPPET_MAX_LENGTH = NonNegativeInt(150)
 DEFAULT_MAX_SNIPPETS = NonNegativeInt(3)
 LONG_SUMMARY_MAX_SNIPPETS = 2
 
-SearchQueryBase = constr(min_length=0, strip_whitespace=True)
+SearchQueryBase = constr(min_length=1, strip_whitespace=True)
 SearchLimitBase = Annotated[int, Field(ge=1, le=100)]
 SearchOffsetBase = Annotated[int, Field(ge=0)]
 SearchTotalBase = Annotated[int, Field(ge=0)]
 
 SearchQuery = Annotated[SearchQueryBase, Field(description="Search query text")]
+search_query_adapter = TypeAdapter(SearchQuery)
 SearchLimit = Annotated[SearchLimitBase, Field(description="Results per page")]
 SearchOffset = Annotated[
     SearchOffsetBase, Field(description="Number of results to skip")
@@ -88,7 +92,7 @@ class WebVTTProcessor:
     @staticmethod
     def generate_snippets(
         webvtt_content: WebVTTContent,
-        query: str,
+        query: SearchQuery,
         max_snippets: NonNegativeInt = DEFAULT_MAX_SNIPPETS,
     ) -> list[str]:
         """Generate snippets from WebVTT content."""
@@ -125,7 +129,7 @@ class SnippetCandidate:
 class SearchParameters(BaseModel):
     """Validated search parameters for full-text search."""
 
-    query_text: SearchQuery
+    query_text: SearchQuery | None = None
     limit: SearchLimit = DEFAULT_SEARCH_LIMIT
     offset: SearchOffset = 0
     user_id: str | None = None
@@ -157,7 +161,7 @@ class SearchResult(BaseModel):
     room_name: str | None = None
     source_kind: SourceKind
     created_at: datetime
-    status: str = Field(..., min_length=1)
+    status: TranscriptStatus = Field(..., min_length=1)
     rank: float = Field(..., ge=0, le=1)
     duration: NonNegativeFloat | None = Field(..., description="Duration in seconds")
     search_snippets: list[str] = Field(
@@ -199,15 +203,13 @@ class SnippetGenerator:
             prev_start = start
 
     @staticmethod
-    def count_matches(text: str, query: str) -> NonNegativeInt:
+    def count_matches(text: str, query: SearchQuery) -> NonNegativeInt:
         """Count total number of matches for a query in text."""
         ZERO = NonNegativeInt(0)
         if not text:
             logger.warning("Empty text for search query in count_matches")
             return ZERO
-        if not query:
-            logger.warning("Empty query for search text in count_matches")
-            return ZERO
+        assert query is not None
         return NonNegativeInt(
             sum(1 for _ in SnippetGenerator.find_all_matches(text, query))
         )
@@ -243,13 +245,14 @@ class SnippetGenerator:
     @staticmethod
     def generate(
         text: str,
-        query: str,
+        query: SearchQuery,
         max_length: NonNegativeInt = DEFAULT_SNIPPET_MAX_LENGTH,
         max_snippets: NonNegativeInt = DEFAULT_MAX_SNIPPETS,
     ) -> list[str]:
         """Generate snippets from text."""
-        if not text or not query:
-            logger.warning("Empty text or query for generate_snippets")
+        assert query is not None
+        if not text:
+            logger.warning("Empty text for generate_snippets")
             return []
 
         candidates = (
@@ -270,7 +273,7 @@ class SnippetGenerator:
     @staticmethod
     def from_summary(
         summary: str,
-        query: str,
+        query: SearchQuery,
         max_snippets: NonNegativeInt = LONG_SUMMARY_MAX_SNIPPETS,
     ) -> list[str]:
         """Generate snippets from summary text."""
@@ -278,9 +281,9 @@ class SnippetGenerator:
 
     @staticmethod
     def combine_sources(
-        summary: str | None,
+        summary: NonEmptyString | None,
         webvtt: WebVTTContent | None,
-        query: str,
+        query: SearchQuery,
         max_total: NonNegativeInt = DEFAULT_MAX_SNIPPETS,
     ) -> tuple[list[str], NonNegativeInt]:
         """Combine snippets from multiple sources and return total match count.
@@ -289,6 +292,11 @@ class SnippetGenerator:
 
         snippets can be empty for real in case of e.g. title match
         """
+
+        assert (
+            summary is not None or webvtt is not None
+        ), "At least one source must be present"
+
         webvtt_matches = 0
         summary_matches = 0
 
@@ -355,8 +363,8 @@ class SearchController:
                 else_=rooms.c.name,
             ).label("room_name"),
         ]
-
-        if params.query_text:
+        search_query = None
+        if params.query_text is not None:
             search_query = sqlalchemy.func.websearch_to_tsquery(
                 "english", params.query_text
             )
@@ -373,7 +381,9 @@ class SearchController:
             transcripts.join(rooms, transcripts.c.room_id == rooms.c.id, isouter=True)
         )
 
-        if params.query_text:
+        if params.query_text is not None:
+            # because already initialized based on params.query_text presence above
+            assert search_query is not None
             base_query = base_query.where(
                 transcripts.c.search_vector_en.op("@@")(search_query)
             )
@@ -393,7 +403,7 @@ class SearchController:
                 transcripts.c.source_kind == params.source_kind
             )
 
-        if params.query_text:
+        if params.query_text is not None:
             order_by = sqlalchemy.desc(sqlalchemy.text("rank"))
         else:
             order_by = sqlalchemy.desc(transcripts.c.created_at)
@@ -407,19 +417,29 @@ class SearchController:
         )
         total = await get_database().fetch_val(count_query)
 
-        def _process_result(r) -> SearchResult:
+        def _process_result(r: DbRecord) -> SearchResult:
             r_dict: Dict[str, Any] = dict(r)
+
             webvtt_raw: str | None = r_dict.pop("webvtt", None)
+            webvtt: WebVTTContent | None
             if webvtt_raw:
                 webvtt = WebVTTProcessor.parse(webvtt_raw)
             else:
                 webvtt = None
-            long_summary: str | None = r_dict.pop("long_summary", None)
+
+            long_summary_r: str | None = r_dict.pop("long_summary", None)
+            long_summary: NonEmptyString = try_parse_non_empty_string(long_summary_r)
             room_name: str | None = r_dict.pop("room_name", None)
             db_result = SearchResultDB.model_validate(r_dict)
 
-            snippets, total_match_count = SnippetGenerator.combine_sources(
-                long_summary, webvtt, params.query_text, DEFAULT_MAX_SNIPPETS
+            at_least_one_source = webvtt is not None or long_summary is not None
+            has_query = params.query_text is not None
+            snippets, total_match_count = (
+                SnippetGenerator.combine_sources(
+                    long_summary, webvtt, params.query_text, DEFAULT_MAX_SNIPPETS
+                )
+                if has_query and at_least_one_source
+                else ([], 0)
             )
 
             return SearchResult(

server/reflector/db/transcripts.py

@@ -647,6 +647,19 @@ class TranscriptController:
         query = transcripts.delete().where(transcripts.c.recording_id == recording_id)
         await get_database().execute(query)
 
+    @staticmethod
+    def user_can_mutate(transcript: Transcript, user_id: str | None) -> bool:
+        """
+        Returns True if the given user is allowed to modify the transcript.
+
+        Policy:
+        - Anonymous transcripts (user_id is None) cannot be modified via API
+        - Only the owner (matching user_id) can modify their transcript
+        """
+        if transcript.user_id is None:
+            return False
+        return user_id and transcript.user_id == user_id
+
     @asynccontextmanager
     async def transaction(self):
         """

server/reflector/pipelines/MULTITRACK_FIX_SUMMARY.md

@@ -0,0 +1,84 @@
+# Multitrack Pipeline Fix Summary
+
+## Problem
+Whisper timestamps were incorrect because it ignores leading silence in audio files. Daily.co tracks can have arbitrary amounts of silence before speech starts.
+
+## Solution
+**Pad tracks BEFORE transcription using stream metadata `start_time`**
+
+This makes Whisper timestamps automatically correct relative to recording start.
+
+## Key Changes in `main_multitrack_pipeline_fixed.py`
+
+### 1. Added `pad_track_for_transcription()` method (lines 55-172)
+
+```python
+async def pad_track_for_transcription(
+    self,
+    track_data: bytes,
+    track_idx: int,
+    storage,
+) -> tuple[bytes, str]:
+```
+
+- Extracts stream metadata `start_time` using PyAV
+- Creates PyAV filter graph with `adelay` filter to add padding
+- Stores padded track to S3 and returns URL
+- Uses same audio processing library (PyAV) already in the pipeline
+
+### 2. Modified `process()` method
+
+#### REMOVED (lines 255-302):
+- Entire filename parsing for offsets - NOT NEEDED ANYMORE
+- The complex regex parsing of Daily.co filenames
+- Offset adjustment after transcription
+
+#### ADDED (lines 371-382):
+- Padding step BEFORE transcription:
+```python
+# PAD TRACKS BEFORE TRANSCRIPTION - THIS IS THE KEY FIX!
+padded_track_urls: list[str] = []
+for idx, data in enumerate(track_datas):
+    if not data:
+        padded_track_urls.append("")
+        continue
+
+    _, padded_url = await self.pad_track_for_transcription(
+        data, idx, storage
+    )
+    padded_track_urls.append(padded_url)
+```
+
+#### MODIFIED (lines 385-435):
+- Transcribe PADDED tracks instead of raw tracks
+- Removed all timestamp offset adjustment code
+- Just set speaker ID - timestamps already correct!
+
+```python
+# NO OFFSET ADJUSTMENT NEEDED!
+# Timestamps are already correct because we transcribed padded tracks
+# Just set speaker ID
+for w in t.words:
+    w.speaker = idx
+```
+
+## Why This Works
+
+1. **Stream metadata is authoritative**: Daily.co sets `start_time` in the WebM container
+2. **PyAV respects metadata**: `audio_stream.start_time * audio_stream.time_base` gives seconds
+3. **Padding before transcription**: Whisper sees continuous audio from time 0
+4. **Automatic alignment**: Word at 51s in padded track = 51s in recording
+
+## Testing
+
+Process the test recording (daily-20251020193458) and verify:
+- Participant 0 words appear at ~2s
+- Participant 1 words appear at ~51s
+- No word interleaving
+- Correct chronological order
+
+## Files
+
+- **Original**: `main_multitrack_pipeline.py`
+- **Fixed**: `main_multitrack_pipeline_fixed.py`
+- **Test data**: `/Users/firfi/work/clients/monadical/reflector/1760988935484-*.webm`

server/reflector/pipelines/main_file_pipeline.py

@@ -12,7 +12,7 @@ from pathlib import Path
 
 import av
 import structlog
-from celery import shared_task
+from celery import chain, shared_task
 
 from reflector.asynctask import asynctask
 from reflector.db.rooms import rooms_controller
@@ -26,6 +26,8 @@ from reflector.logger import logger
 from reflector.pipelines.main_live_pipeline import (
     PipelineMainBase,
     broadcast_to_sockets,
+    task_cleanup_consent,
+    task_pipeline_post_to_zulip,
 )
 from reflector.processors import (
     AudioFileWriterProcessor,
@@ -129,7 +131,7 @@ class PipelineMainFile(PipelineMainBase):
 
         self.logger.info("File pipeline complete")
 
-        await transcripts_controller.set_status(transcript.id, "ended")
+        await self.set_status(transcript.id, "ended")
 
     async def extract_and_write_audio(
         self, file_path: Path, transcript: Transcript
@@ -379,6 +381,28 @@ class PipelineMainFile(PipelineMainBase):
         await processor.flush()
 
 
+@shared_task
+@asynctask
+async def task_send_webhook_if_needed(*, transcript_id: str):
+    """Send webhook if this is a room recording with webhook configured"""
+    transcript = await transcripts_controller.get_by_id(transcript_id)
+    if not transcript:
+        return
+
+    if transcript.source_kind == SourceKind.ROOM and transcript.room_id:
+        room = await rooms_controller.get_by_id(transcript.room_id)
+        if room and room.webhook_url:
+            logger.info(
+                "Dispatching webhook",
+                transcript_id=transcript_id,
+                room_id=room.id,
+                webhook_url=room.webhook_url,
+            )
+            send_transcript_webhook.delay(
+                transcript_id, room.id, event_id=uuid.uuid4().hex
+            )
+
+
 @shared_task
 @asynctask
 async def task_pipeline_file_process(*, transcript_id: str):
@@ -406,16 +430,10 @@ async def task_pipeline_file_process(*, transcript_id: str):
         await pipeline.set_status(transcript_id, "error")
         raise
 
-    # Trigger webhook if this is a room recording with webhook configured
-    if transcript.source_kind == SourceKind.ROOM and transcript.room_id:
-        room = await rooms_controller.get_by_id(transcript.room_id)
-        if room and room.webhook_url:
-            logger.info(
-                "Dispatching webhook task",
-                transcript_id=transcript_id,
-                room_id=room.id,
-                webhook_url=room.webhook_url,
-            )
-            send_transcript_webhook.delay(
-                transcript_id, room.id, event_id=uuid.uuid4().hex
-            )
+    # Run post-processing chain: consent cleanup -> zulip -> webhook
+    post_chain = chain(
+        task_cleanup_consent.si(transcript_id=transcript_id),
+        task_pipeline_post_to_zulip.si(transcript_id=transcript_id),
+        task_send_webhook_if_needed.si(transcript_id=transcript_id),
+    )
+    post_chain.delay()

server/reflector/pipelines/main_live_pipeline.py

@@ -85,6 +85,20 @@ def broadcast_to_sockets(func):
             message=resp.model_dump(mode="json"),
         )
 
+        transcript = await transcripts_controller.get_by_id(self.transcript_id)
+        if transcript and transcript.user_id:
+            # Emit only relevant events to the user room to avoid noisy updates.
+            # Allowed: STATUS, FINAL_TITLE, DURATION. All are prefixed with TRANSCRIPT_
+            allowed_user_events = {"STATUS", "FINAL_TITLE", "DURATION"}
+            if resp.event in allowed_user_events:
+                await self.ws_manager.send_json(
+                    room_id=f"user:{transcript.user_id}",
+                    message={
+                        "event": f"TRANSCRIPT_{resp.event}",
+                        "data": {"id": self.transcript_id, **resp.data},
+                    },
+                )
+
     return wrapper
 
 

server/reflector/pipelines/main_multitrack_pipeline.backup.py

@@ -0,0 +1,510 @@
+import asyncio
+import io
+from fractions import Fraction
+
+import av
+import boto3
+import structlog
+from av.audio.resampler import AudioResampler
+from celery import chain, shared_task
+
+from reflector.asynctask import asynctask
+from reflector.db.transcripts import (
+    TranscriptStatus,
+    TranscriptText,
+    transcripts_controller,
+)
+from reflector.logger import logger
+from reflector.pipelines.main_file_pipeline import task_send_webhook_if_needed
+from reflector.pipelines.main_live_pipeline import (
+    PipelineMainBase,
+    task_cleanup_consent,
+    task_pipeline_post_to_zulip,
+)
+from reflector.processors import (
+    AudioFileWriterProcessor,
+    TranscriptFinalSummaryProcessor,
+    TranscriptFinalTitleProcessor,
+    TranscriptTopicDetectorProcessor,
+)
+from reflector.processors.file_transcript import FileTranscriptInput
+from reflector.processors.file_transcript_auto import FileTranscriptAutoProcessor
+from reflector.processors.types import TitleSummary
+from reflector.processors.types import (
+    Transcript as TranscriptType,
+)
+from reflector.settings import settings
+from reflector.storage import get_transcripts_storage
+
+
+class EmptyPipeline:
+    def __init__(self, logger: structlog.BoundLogger):
+        self.logger = logger
+
+    def get_pref(self, k, d=None):
+        return d
+
+    async def emit(self, event):
+        pass
+
+
+class PipelineMainMultitrack(PipelineMainBase):
+    """Process multiple participant tracks for a transcript without mixing audio."""
+
+    def __init__(self, transcript_id: str):
+        super().__init__(transcript_id=transcript_id)
+        self.logger = logger.bind(transcript_id=self.transcript_id)
+        self.empty_pipeline = EmptyPipeline(logger=self.logger)
+
+    async def mixdown_tracks(
+        self,
+        track_datas: list[bytes],
+        writer: AudioFileWriterProcessor,
+        offsets_seconds: list[float] | None = None,
+    ) -> None:
+        """
+        Minimal multi-track mixdown using a PyAV filter graph (amix), no resampling.
+        """
+
+        # Discover target sample rate from first decodable frame
+        target_sample_rate: int | None = None
+        for data in track_datas:
+            if not data:
+                continue
+            try:
+                container = av.open(io.BytesIO(data))
+                try:
+                    for frame in container.decode(audio=0):
+                        target_sample_rate = frame.sample_rate
+                        break
+                finally:
+                    container.close()
+            except Exception:
+                continue
+            if target_sample_rate:
+                break
+
+        if not target_sample_rate:
+            self.logger.warning("Mixdown skipped - no decodable audio frames found")
+            return
+
+        # Build PyAV filter graph:
+        # N abuffer (s32/stereo)
+        #   -> optional adelay per input (for alignment)
+        #   -> amix (s32)
+        #   -> aformat(s16)
+        #   -> sink
+        graph = av.filter.Graph()
+        inputs = []
+        valid_track_datas = [d for d in track_datas if d]
+        # Align offsets list with the filtered inputs (skip empties)
+        input_offsets_seconds = None
+        if offsets_seconds is not None:
+            input_offsets_seconds = [
+                offsets_seconds[i] for i, d in enumerate(track_datas) if d
+            ]
+        for idx, data in enumerate(valid_track_datas):
+            args = (
+                f"time_base=1/{target_sample_rate}:"
+                f"sample_rate={target_sample_rate}:"
+                f"sample_fmt=s32:"
+                f"channel_layout=stereo"
+            )
+            in_ctx = graph.add("abuffer", args=args, name=f"in{idx}")
+            inputs.append(in_ctx)
+
+        if not inputs:
+            self.logger.warning("Mixdown skipped - no valid inputs for graph")
+            return
+
+        mixer = graph.add("amix", args=f"inputs={len(inputs)}:normalize=0", name="mix")
+
+        fmt = graph.add(
+            "aformat",
+            args=(
+                f"sample_fmts=s32:channel_layouts=stereo:sample_rates={target_sample_rate}"
+            ),
+            name="fmt",
+        )
+
+        sink = graph.add("abuffersink", name="out")
+
+        # Optional per-input delay before mixing
+        delays_ms: list[int] = []
+        if input_offsets_seconds is not None:
+            base = min(input_offsets_seconds) if input_offsets_seconds else 0.0
+            delays_ms = [
+                max(0, int(round((o - base) * 1000))) for o in input_offsets_seconds
+            ]
+        else:
+            delays_ms = [0 for _ in inputs]
+
+        for idx, in_ctx in enumerate(inputs):
+            delay_ms = delays_ms[idx] if idx < len(delays_ms) else 0
+            if delay_ms > 0:
+                # adelay requires one value per channel; use same for stereo
+                adelay = graph.add(
+                    "adelay",
+                    args=f"delays={delay_ms}|{delay_ms}:all=1",
+                    name=f"delay{idx}",
+                )
+                in_ctx.link_to(adelay)
+                adelay.link_to(mixer, 0, idx)
+            else:
+                in_ctx.link_to(mixer, 0, idx)
+        mixer.link_to(fmt)
+        fmt.link_to(sink)
+        graph.configure()
+
+        # Open containers for decoding
+        containers = []
+        for i, d in enumerate(valid_track_datas):
+            try:
+                c = av.open(io.BytesIO(d))
+                containers.append(c)
+            except Exception as e:
+                self.logger.warning(
+                    "Mixdown: failed to open container", input=i, error=str(e)
+                )
+                containers.append(None)
+        # Filter out Nones for decoders
+        containers = [c for c in containers if c is not None]
+        decoders = [c.decode(audio=0) for c in containers]
+        active = [True] * len(decoders)
+        # Per-input resamplers to enforce s32/stereo at the same rate (no resample of rate)
+        resamplers = [
+            AudioResampler(format="s32", layout="stereo", rate=target_sample_rate)
+            for _ in decoders
+        ]
+
+        try:
+            # Round-robin feed frames into graph, pull mixed frames as they become available
+            while any(active):
+                for i, (dec, is_active) in enumerate(zip(decoders, active)):
+                    if not is_active:
+                        continue
+                    try:
+                        frame = next(dec)
+                    except StopIteration:
+                        active[i] = False
+                        continue
+
+                    # Enforce same sample rate; convert format/layout to s16/stereo (no resample)
+                    if frame.sample_rate != target_sample_rate:
+                        # Skip frames with differing rate
+                        continue
+                    out_frames = resamplers[i].resample(frame) or []
+                    for rf in out_frames:
+                        rf.sample_rate = target_sample_rate
+                        rf.time_base = Fraction(1, target_sample_rate)
+                        inputs[i].push(rf)
+
+                    # Drain available mixed frames
+                    while True:
+                        try:
+                            mixed = sink.pull()
+                        except Exception:
+                            break
+                        mixed.sample_rate = target_sample_rate
+                        mixed.time_base = Fraction(1, target_sample_rate)
+                        await writer.push(mixed)
+
+            # Signal EOF to inputs and drain remaining
+            for in_ctx in inputs:
+                in_ctx.push(None)
+            while True:
+                try:
+                    mixed = sink.pull()
+                except Exception:
+                    break
+                mixed.sample_rate = target_sample_rate
+                mixed.time_base = Fraction(1, target_sample_rate)
+                await writer.push(mixed)
+        finally:
+            for c in containers:
+                c.close()
+
+    async def set_status(self, transcript_id: str, status: TranscriptStatus):
+        async with self.lock_transaction():
+            return await transcripts_controller.set_status(transcript_id, status)
+
+    async def process(self, bucket_name: str, track_keys: list[str]):
+        transcript = await self.get_transcript()
+
+        s3 = boto3.client(
+            "s3",
+            region_name=settings.RECORDING_STORAGE_AWS_REGION,
+            aws_access_key_id=settings.RECORDING_STORAGE_AWS_ACCESS_KEY_ID,
+            aws_secret_access_key=settings.RECORDING_STORAGE_AWS_SECRET_ACCESS_KEY,
+        )
+
+        storage = get_transcripts_storage()
+
+        # Pre-download bytes for all tracks for mixing and transcription
+        track_datas: list[bytes] = []
+        for key in track_keys:
+            try:
+                obj = s3.get_object(Bucket=bucket_name, Key=key)
+                track_datas.append(obj["Body"].read())
+            except Exception as e:
+                self.logger.warning(
+                    "Skipping track - cannot read S3 object", key=key, error=str(e)
+                )
+                track_datas.append(b"")
+
+        # Extract offsets from Daily.co filename timestamps
+        # Format: {rec_start_ts}-{uuid}-{media_type}-{track_start_ts}.{ext}
+        # Example: 1760988935484-uuid-cam-audio-1760988935922
+        import re
+
+        offsets_seconds: list[float] = []
+        recording_start_ts: int | None = None
+
+        for key in track_keys:
+            # Parse Daily.co raw-tracks filename pattern
+            match = re.search(r"(\d+)-([0-9a-f-]{36})-(cam-audio)-(\d+)", key)
+            if not match:
+                self.logger.warning(
+                    "Track key doesn't match Daily.co pattern, using 0.0 offset",
+                    key=key,
+                )
+                offsets_seconds.append(0.0)
+                continue
+
+            rec_start_ts = int(match.group(1))
+            track_start_ts = int(match.group(4))
+
+            # Validate all tracks belong to same recording
+            if recording_start_ts is None:
+                recording_start_ts = rec_start_ts
+            elif rec_start_ts != recording_start_ts:
+                self.logger.error(
+                    "Track belongs to different recording",
+                    key=key,
+                    expected_start=recording_start_ts,
+                    got_start=rec_start_ts,
+                )
+                offsets_seconds.append(0.0)
+                continue
+
+            # Calculate offset in seconds
+            offset_ms = track_start_ts - rec_start_ts
+            offset_s = offset_ms / 1000.0
+
+            self.logger.info(
+                "Parsed track offset from filename",
+                key=key,
+                recording_start=rec_start_ts,
+                track_start=track_start_ts,
+                offset_seconds=offset_s,
+            )
+
+            offsets_seconds.append(max(0.0, offset_s))
+
+        # Mixdown all available tracks into transcript.audio_mp3_filename, preserving sample rate
+        try:
+            mp3_writer = AudioFileWriterProcessor(
+                path=str(transcript.audio_mp3_filename)
+            )
+            await self.mixdown_tracks(track_datas, mp3_writer, offsets_seconds)
+            await mp3_writer.flush()
+        except Exception as e:
+            self.logger.error("Mixdown failed", error=str(e))
+
+        speaker_transcripts: list[TranscriptType] = []
+        for idx, key in enumerate(track_keys):
+            ext = ".mp4"
+
+            try:
+                obj = s3.get_object(Bucket=bucket_name, Key=key)
+                data = obj["Body"].read()
+            except Exception as e:
+                self.logger.error(
+                    "Skipping track - cannot read S3 object", key=key, error=str(e)
+                )
+                continue
+
+            storage_path = f"file_pipeline/{transcript.id}/tracks/track_{idx}{ext}"
+            try:
+                await storage.put_file(storage_path, data)
+                audio_url = await storage.get_file_url(storage_path)
+            except Exception as e:
+                self.logger.error(
+                    "Skipping track - cannot upload to storage", key=key, error=str(e)
+                )
+                continue
+
+            try:
+                t = await self.transcribe_file(audio_url, transcript.source_language)
+            except Exception as e:
+                self.logger.error(
+                    "Transcription via default backend failed, trying local whisper",
+                    key=key,
+                    url=audio_url,
+                    error=str(e),
+                )
+                try:
+                    fallback = FileTranscriptAutoProcessor(name="whisper")
+                    result = None
+
+                    async def capture_result(r):
+                        nonlocal result
+                        result = r
+
+                    fallback.on(capture_result)
+                    await fallback.push(
+                        FileTranscriptInput(
+                            audio_url=audio_url, language=transcript.source_language
+                        )
+                    )
+                    await fallback.flush()
+                    if not result:
+                        raise Exception("No transcript captured in fallback")
+                    t = result
+                except Exception as e2:
+                    self.logger.error(
+                        "Skipping track - transcription failed after fallback",
+                        key=key,
+                        url=audio_url,
+                        error=str(e2),
+                    )
+                    continue
+
+            if not t.words:
+                continue
+            # Shift word timestamps by the track's offset so all are relative to 00:00
+            track_offset = offsets_seconds[idx] if idx < len(offsets_seconds) else 0.0
+            for w in t.words:
+                try:
+                    if hasattr(w, "start") and w.start is not None:
+                        w.start = float(w.start) + track_offset
+                    if hasattr(w, "end") and w.end is not None:
+                        w.end = float(w.end) + track_offset
+                except Exception:
+                    pass
+                w.speaker = idx
+            speaker_transcripts.append(t)
+
+        if not speaker_transcripts:
+            raise Exception("No valid track transcriptions")
+
+        merged_words = []
+        for t in speaker_transcripts:
+            merged_words.extend(t.words)
+        merged_words.sort(key=lambda w: w.start)
+
+        merged_transcript = TranscriptType(words=merged_words, translation=None)
+
+        await transcripts_controller.append_event(
+            transcript,
+            event="TRANSCRIPT",
+            data=TranscriptText(
+                text=merged_transcript.text, translation=merged_transcript.translation
+            ),
+        )
+
+        topics = await self.detect_topics(merged_transcript, transcript.target_language)
+        await asyncio.gather(
+            self.generate_title(topics),
+            self.generate_summaries(topics),
+            return_exceptions=False,
+        )
+
+        await self.set_status(transcript.id, "ended")
+
+    async def transcribe_file(self, audio_url: str, language: str) -> TranscriptType:
+        processor = FileTranscriptAutoProcessor()
+        input_data = FileTranscriptInput(audio_url=audio_url, language=language)
+
+        result: TranscriptType | None = None
+
+        async def capture_result(transcript):
+            nonlocal result
+            result = transcript
+
+        processor.on(capture_result)
+        await processor.push(input_data)
+        await processor.flush()
+
+        if not result:
+            raise ValueError("No transcript captured")
+
+        return result
+
+    async def detect_topics(
+        self, transcript: TranscriptType, target_language: str
+    ) -> list[TitleSummary]:
+        chunk_size = 300
+        topics: list[TitleSummary] = []
+
+        async def on_topic(topic: TitleSummary):
+            topics.append(topic)
+            return await self.on_topic(topic)
+
+        topic_detector = TranscriptTopicDetectorProcessor(callback=on_topic)
+        topic_detector.set_pipeline(self.empty_pipeline)
+
+        for i in range(0, len(transcript.words), chunk_size):
+            chunk_words = transcript.words[i : i + chunk_size]
+            if not chunk_words:
+                continue
+
+            chunk_transcript = TranscriptType(
+                words=chunk_words, translation=transcript.translation
+            )
+            await topic_detector.push(chunk_transcript)
+
+        await topic_detector.flush()
+        return topics
+
+    async def generate_title(self, topics: list[TitleSummary]):
+        if not topics:
+            self.logger.warning("No topics for title generation")
+            return
+
+        processor = TranscriptFinalTitleProcessor(callback=self.on_title)
+        processor.set_pipeline(self.empty_pipeline)
+
+        for topic in topics:
+            await processor.push(topic)
+
+        await processor.flush()
+
+    async def generate_summaries(self, topics: list[TitleSummary]):
+        if not topics:
+            self.logger.warning("No topics for summary generation")
+            return
+
+        transcript = await self.get_transcript()
+        processor = TranscriptFinalSummaryProcessor(
+            transcript=transcript,
+            callback=self.on_long_summary,
+            on_short_summary=self.on_short_summary,
+        )
+        processor.set_pipeline(self.empty_pipeline)
+
+        for topic in topics:
+            await processor.push(topic)
+
+        await processor.flush()
+
+
+@shared_task
+@asynctask
+async def task_pipeline_multitrack_process(
+    *, transcript_id: str, bucket_name: str, track_keys: list[str]
+):
+    pipeline = PipelineMainMultitrack(transcript_id=transcript_id)
+    try:
+        await pipeline.set_status(transcript_id, "processing")
+        await pipeline.process(bucket_name, track_keys)
+    except Exception:
+        await pipeline.set_status(transcript_id, "error")
+        raise
+
+    post_chain = chain(
+        task_cleanup_consent.si(transcript_id=transcript_id),
+        task_pipeline_post_to_zulip.si(transcript_id=transcript_id),
+        task_send_webhook_if_needed.si(transcript_id=transcript_id),
+    )
+    post_chain.delay()

server/reflector/pipelines/main_multitrack_pipeline.py

@@ -0,0 +1,654 @@
+import asyncio
+import io
+from fractions import Fraction
+
+import av
+import boto3
+import structlog
+from av.audio.resampler import AudioResampler
+from celery import chain, shared_task
+
+from reflector.asynctask import asynctask
+from reflector.db.transcripts import (
+    TranscriptStatus,
+    TranscriptWaveform,
+    transcripts_controller,
+)
+from reflector.logger import logger
+from reflector.pipelines.main_file_pipeline import task_send_webhook_if_needed
+from reflector.pipelines.main_live_pipeline import (
+    PipelineMainBase,
+    broadcast_to_sockets,
+    task_cleanup_consent,
+    task_pipeline_post_to_zulip,
+)
+from reflector.processors import (
+    AudioFileWriterProcessor,
+    TranscriptFinalSummaryProcessor,
+    TranscriptFinalTitleProcessor,
+    TranscriptTopicDetectorProcessor,
+)
+from reflector.processors.audio_waveform_processor import AudioWaveformProcessor
+from reflector.processors.file_transcript import FileTranscriptInput
+from reflector.processors.file_transcript_auto import FileTranscriptAutoProcessor
+from reflector.processors.types import TitleSummary
+from reflector.processors.types import (
+    Transcript as TranscriptType,
+)
+from reflector.settings import settings
+from reflector.storage import get_transcripts_storage
+
+
+class EmptyPipeline:
+    def __init__(self, logger: structlog.BoundLogger):
+        self.logger = logger
+
+    def get_pref(self, k, d=None):
+        return d
+
+    async def emit(self, event):
+        pass
+
+
+class PipelineMainMultitrack(PipelineMainBase):
+    """Process multiple participant tracks for a transcript without mixing audio."""
+
+    def __init__(self, transcript_id: str):
+        super().__init__(transcript_id=transcript_id)
+        self.logger = logger.bind(transcript_id=self.transcript_id)
+        self.empty_pipeline = EmptyPipeline(logger=self.logger)
+
+    async def pad_track_for_transcription(
+        self,
+        track_data: bytes,
+        track_idx: int,
+        storage,
+    ) -> tuple[bytes, str]:
+        """
+        Pad a single track with silence based on stream metadata start_time.
+        This ensures Whisper timestamps will be relative to recording start.
+        Uses ffmpeg subprocess approach proven to work with python-raw-tracks-align.
+
+        Returns: (padded_data, storage_url)
+        """
+        import json
+        import math
+        import subprocess
+        import tempfile
+
+        if not track_data:
+            return b"", ""
+
+        transcript = await self.get_transcript()
+
+        # Create temp files for ffmpeg processing
+        with tempfile.NamedTemporaryFile(suffix=".webm", delete=False) as input_file:
+            input_file.write(track_data)
+            input_file_path = input_file.name
+
+        output_file_path = input_file_path.replace(".webm", "_padded.webm")
+
+        try:
+            # Get stream metadata using ffprobe
+            ffprobe_cmd = [
+                "ffprobe",
+                "-v",
+                "error",
+                "-show_entries",
+                "stream=start_time",
+                "-of",
+                "json",
+                input_file_path,
+            ]
+
+            result = subprocess.run(
+                ffprobe_cmd, capture_output=True, text=True, check=True
+            )
+            metadata = json.loads(result.stdout)
+
+            # Extract start_time from stream metadata
+            start_time_seconds = 0.0
+            if metadata.get("streams") and len(metadata["streams"]) > 0:
+                start_time_str = metadata["streams"][0].get("start_time", "0")
+                start_time_seconds = float(start_time_str)
+
+            self.logger.info(
+                f"Track {track_idx} stream metadata: start_time={start_time_seconds:.3f}s",
+                track_idx=track_idx,
+            )
+
+            # If no padding needed, use original
+            if start_time_seconds <= 0:
+                storage_path = f"file_pipeline/{transcript.id}/tracks/original_track_{track_idx}.webm"
+                await storage.put_file(storage_path, track_data)
+                url = await storage.get_file_url(storage_path)
+                return track_data, url
+
+            # Calculate delay in milliseconds
+            delay_ms = math.floor(start_time_seconds * 1000)
+
+            # Run ffmpeg to pad the audio while maintaining WebM/Opus format for Modal compatibility
+            # ffmpeg quirk: aresample needs to come before adelay in the filter chain
+            ffmpeg_cmd = [
+                "ffmpeg",
+                "-hide_banner",
+                "-loglevel",
+                "error",
+                "-y",  # overwrite output
+                "-i",
+                input_file_path,
+                "-af",
+                f"aresample=async=1,adelay={delay_ms}:all=true",
+                "-c:a",
+                "libopus",  # Keep Opus codec for Modal compatibility
+                "-b:a",
+                "128k",  # Standard bitrate for Opus
+                output_file_path,
+            ]
+
+            self.logger.info(
+                f"Padding track {track_idx} with {delay_ms}ms delay using ffmpeg",
+                track_idx=track_idx,
+                delay_ms=delay_ms,
+                command=" ".join(ffmpeg_cmd),
+            )
+
+            result = subprocess.run(ffmpeg_cmd, capture_output=True, text=True)
+            if result.returncode != 0:
+                self.logger.error(
+                    f"ffmpeg padding failed for track {track_idx}",
+                    track_idx=track_idx,
+                    stderr=result.stderr,
+                    returncode=result.returncode,
+                )
+                raise Exception(f"ffmpeg padding failed: {result.stderr}")
+
+            # Read the padded output
+            with open(output_file_path, "rb") as f:
+                padded_data = f.read()
+
+            # Store padded track
+            storage_path = (
+                f"file_pipeline/{transcript.id}/tracks/padded_track_{track_idx}.webm"
+            )
+            await storage.put_file(storage_path, padded_data)
+            padded_url = await storage.get_file_url(storage_path)
+
+            self.logger.info(
+                f"Successfully padded track {track_idx} with {start_time_seconds:.3f}s offset, stored at {storage_path}",
+                track_idx=track_idx,
+                delay_ms=delay_ms,
+                padded_url=padded_url,
+                padded_size=len(padded_data),
+            )
+
+            return padded_data, padded_url
+
+        finally:
+            # Clean up temp files
+            import os
+
+            try:
+                os.unlink(input_file_path)
+            except:
+                pass
+            try:
+                os.unlink(output_file_path)
+            except:
+                pass
+
+    async def mixdown_tracks(
+        self,
+        track_datas: list[bytes],
+        writer: AudioFileWriterProcessor,
+        offsets_seconds: list[float] | None = None,
+    ) -> None:
+        """
+        Minimal multi-track mixdown using a PyAV filter graph (amix), no resampling.
+        """
+
+        # Discover target sample rate from first decodable frame
+        target_sample_rate: int | None = None
+        for data in track_datas:
+            if not data:
+                continue
+            try:
+                container = av.open(io.BytesIO(data))
+                try:
+                    for frame in container.decode(audio=0):
+                        target_sample_rate = frame.sample_rate
+                        break
+                finally:
+                    container.close()
+            except Exception:
+                continue
+            if target_sample_rate:
+                break
+
+        if not target_sample_rate:
+            self.logger.warning("Mixdown skipped - no decodable audio frames found")
+            return
+
+        # Build PyAV filter graph:
+        # N abuffer (s32/stereo)
+        #   -> optional adelay per input (for alignment)
+        #   -> amix (s32)
+        #   -> aformat(s16)
+        #   -> sink
+        graph = av.filter.Graph()
+        inputs = []
+        valid_track_datas = [d for d in track_datas if d]
+        # Align offsets list with the filtered inputs (skip empties)
+        input_offsets_seconds = None
+        if offsets_seconds is not None:
+            input_offsets_seconds = [
+                offsets_seconds[i] for i, d in enumerate(track_datas) if d
+            ]
+        for idx, data in enumerate(valid_track_datas):
+            args = (
+                f"time_base=1/{target_sample_rate}:"
+                f"sample_rate={target_sample_rate}:"
+                f"sample_fmt=s32:"
+                f"channel_layout=stereo"
+            )
+            in_ctx = graph.add("abuffer", args=args, name=f"in{idx}")
+            inputs.append(in_ctx)
+
+        if not inputs:
+            self.logger.warning("Mixdown skipped - no valid inputs for graph")
+            return
+
+        mixer = graph.add("amix", args=f"inputs={len(inputs)}:normalize=0", name="mix")
+
+        fmt = graph.add(
+            "aformat",
+            args=(
+                f"sample_fmts=s32:channel_layouts=stereo:sample_rates={target_sample_rate}"
+            ),
+            name="fmt",
+        )
+
+        sink = graph.add("abuffersink", name="out")
+
+        # Optional per-input delay before mixing
+        delays_ms: list[int] = []
+        if input_offsets_seconds is not None:
+            base = min(input_offsets_seconds) if input_offsets_seconds else 0.0
+            delays_ms = [
+                max(0, int(round((o - base) * 1000))) for o in input_offsets_seconds
+            ]
+        else:
+            delays_ms = [0 for _ in inputs]
+
+        for idx, in_ctx in enumerate(inputs):
+            delay_ms = delays_ms[idx] if idx < len(delays_ms) else 0
+            if delay_ms > 0:
+                # adelay requires one value per channel; use same for stereo
+                adelay = graph.add(
+                    "adelay",
+                    args=f"delays={delay_ms}|{delay_ms}:all=1",
+                    name=f"delay{idx}",
+                )
+                in_ctx.link_to(adelay)
+                adelay.link_to(mixer, 0, idx)
+            else:
+                in_ctx.link_to(mixer, 0, idx)
+        mixer.link_to(fmt)
+        fmt.link_to(sink)
+        graph.configure()
+
+        # Open containers for decoding
+        containers = []
+        for i, d in enumerate(valid_track_datas):
+            try:
+                c = av.open(io.BytesIO(d))
+                containers.append(c)
+            except Exception as e:
+                self.logger.warning(
+                    "Mixdown: failed to open container", input=i, error=str(e)
+                )
+                containers.append(None)
+        # Filter out Nones for decoders
+        containers = [c for c in containers if c is not None]
+        decoders = [c.decode(audio=0) for c in containers]
+        active = [True] * len(decoders)
+        # Per-input resamplers to enforce s32/stereo at the same rate (no resample of rate)
+        resamplers = [
+            AudioResampler(format="s32", layout="stereo", rate=target_sample_rate)
+            for _ in decoders
+        ]
+
+        try:
+            # Round-robin feed frames into graph, pull mixed frames as they become available
+            while any(active):
+                for i, (dec, is_active) in enumerate(zip(decoders, active)):
+                    if not is_active:
+                        continue
+                    try:
+                        frame = next(dec)
+                    except StopIteration:
+                        active[i] = False
+                        continue
+
+                    # Enforce same sample rate; convert format/layout to s16/stereo (no resample)
+                    if frame.sample_rate != target_sample_rate:
+                        # Skip frames with differing rate
+                        continue
+                    out_frames = resamplers[i].resample(frame) or []
+                    for rf in out_frames:
+                        rf.sample_rate = target_sample_rate
+                        rf.time_base = Fraction(1, target_sample_rate)
+                        inputs[i].push(rf)
+
+                    # Drain available mixed frames
+                    while True:
+                        try:
+                            mixed = sink.pull()
+                        except Exception:
+                            break
+                        mixed.sample_rate = target_sample_rate
+                        mixed.time_base = Fraction(1, target_sample_rate)
+                        await writer.push(mixed)
+
+            # Signal EOF to inputs and drain remaining
+            for in_ctx in inputs:
+                in_ctx.push(None)
+            while True:
+                try:
+                    mixed = sink.pull()
+                except Exception:
+                    break
+                mixed.sample_rate = target_sample_rate
+                mixed.time_base = Fraction(1, target_sample_rate)
+                await writer.push(mixed)
+        finally:
+            for c in containers:
+                c.close()
+
+    @broadcast_to_sockets
+    async def set_status(self, transcript_id: str, status: TranscriptStatus):
+        async with self.lock_transaction():
+            return await transcripts_controller.set_status(transcript_id, status)
+
+    async def on_waveform(self, data):
+        async with self.transaction():
+            waveform = TranscriptWaveform(waveform=data)
+            transcript = await self.get_transcript()
+            return await transcripts_controller.append_event(
+                transcript=transcript, event="WAVEFORM", data=waveform
+            )
+
+    async def process(self, bucket_name: str, track_keys: list[str]):
+        transcript = await self.get_transcript()
+
+        s3 = boto3.client(
+            "s3",
+            region_name=settings.RECORDING_STORAGE_AWS_REGION,
+            aws_access_key_id=settings.RECORDING_STORAGE_AWS_ACCESS_KEY_ID,
+            aws_secret_access_key=settings.RECORDING_STORAGE_AWS_SECRET_ACCESS_KEY,
+        )
+
+        storage = get_transcripts_storage()
+
+        # Pre-download bytes for all tracks for mixing and transcription
+        track_datas: list[bytes] = []
+        for key in track_keys:
+            try:
+                obj = s3.get_object(Bucket=bucket_name, Key=key)
+                track_datas.append(obj["Body"].read())
+            except Exception as e:
+                self.logger.warning(
+                    "Skipping track - cannot read S3 object", key=key, error=str(e)
+                )
+                track_datas.append(b"")
+
+        # PAD TRACKS FIRST - this creates full-length tracks with correct timeline
+        padded_track_datas: list[bytes] = []
+        padded_track_urls: list[str] = []
+        for idx, data in enumerate(track_datas):
+            if not data:
+                padded_track_datas.append(b"")
+                padded_track_urls.append("")
+                continue
+
+            padded_data, padded_url = await self.pad_track_for_transcription(
+                data, idx, storage
+            )
+            padded_track_datas.append(padded_data)
+            padded_track_urls.append(padded_url)
+            self.logger.info(f"Padded track {idx} for transcription: {padded_url}")
+
+        # Mixdown PADDED tracks (already aligned with timeline) into transcript.audio_mp3_filename
+        try:
+            # Ensure data directory exists
+            transcript.data_path.mkdir(parents=True, exist_ok=True)
+
+            mp3_writer = AudioFileWriterProcessor(
+                path=str(transcript.audio_mp3_filename),
+                on_duration=self.on_duration,
+            )
+            # Use PADDED tracks with NO additional offsets (already aligned by padding)
+            await self.mixdown_tracks(
+                padded_track_datas, mp3_writer, offsets_seconds=None
+            )
+            await mp3_writer.flush()
+
+            # Upload the mixed audio to S3 for web playback
+            if transcript.audio_mp3_filename.exists():
+                mp3_data = transcript.audio_mp3_filename.read_bytes()
+                storage_path = f"{transcript.id}/audio.mp3"
+                await storage.put_file(storage_path, mp3_data)
+                mp3_url = await storage.get_file_url(storage_path)
+
+                # Update transcript to indicate audio is in storage
+                await transcripts_controller.update(
+                    transcript, {"audio_location": "storage"}
+                )
+
+                self.logger.info(
+                    f"Uploaded mixed audio to storage",
+                    storage_path=storage_path,
+                    size=len(mp3_data),
+                    url=mp3_url,
+                )
+            else:
+                self.logger.warning("Mixdown file does not exist after processing")
+        except Exception as e:
+            self.logger.error("Mixdown failed", error=str(e), exc_info=True)
+
+        # Generate waveform from the mixed audio file
+        if transcript.audio_mp3_filename.exists():
+            try:
+                self.logger.info("Generating waveform from mixed audio")
+                waveform_processor = AudioWaveformProcessor(
+                    audio_path=transcript.audio_mp3_filename,
+                    waveform_path=transcript.audio_waveform_filename,
+                    on_waveform=self.on_waveform,
+                )
+                waveform_processor.set_pipeline(self.empty_pipeline)
+                await waveform_processor.flush()
+                self.logger.info("Waveform generated successfully")
+            except Exception as e:
+                self.logger.error(
+                    "Waveform generation failed", error=str(e), exc_info=True
+                )
+
+        # Transcribe PADDED tracks - timestamps will be automatically correct!
+        speaker_transcripts: list[TranscriptType] = []
+        for idx, padded_url in enumerate(padded_track_urls):
+            if not padded_url:
+                continue
+
+            try:
+                # Transcribe the PADDED track
+                t = await self.transcribe_file(padded_url, transcript.source_language)
+            except Exception as e:
+                self.logger.error(
+                    "Transcription via default backend failed, trying local whisper",
+                    track_idx=idx,
+                    url=padded_url,
+                    error=str(e),
+                )
+                try:
+                    fallback = FileTranscriptAutoProcessor(name="whisper")
+                    result = None
+
+                    async def capture_result(r):
+                        nonlocal result
+                        result = r
+
+                    fallback.on(capture_result)
+                    await fallback.push(
+                        FileTranscriptInput(
+                            audio_url=padded_url, language=transcript.source_language
+                        )
+                    )
+                    await fallback.flush()
+                    if not result:
+                        raise Exception("No transcript captured in fallback")
+                    t = result
+                except Exception as e2:
+                    self.logger.error(
+                        "Skipping track - transcription failed after fallback",
+                        track_idx=idx,
+                        url=padded_url,
+                        error=str(e2),
+                    )
+                    continue
+
+            if not t.words:
+                continue
+
+            # NO OFFSET ADJUSTMENT NEEDED!
+            # Timestamps are already correct because we transcribed padded tracks
+            # Just set speaker ID
+            for w in t.words:
+                w.speaker = idx
+
+            speaker_transcripts.append(t)
+            self.logger.info(
+                f"Track {idx} transcribed successfully with {len(t.words)} words",
+                track_idx=idx,
+            )
+
+        if not speaker_transcripts:
+            raise Exception("No valid track transcriptions")
+
+        # Merge all words and sort by timestamp
+        merged_words = []
+        for t in speaker_transcripts:
+            merged_words.extend(t.words)
+        merged_words.sort(
+            key=lambda w: w.start if hasattr(w, "start") and w.start is not None else 0
+        )
+
+        merged_transcript = TranscriptType(words=merged_words, translation=None)
+
+        # Emit TRANSCRIPT event through the shared handler (persists and broadcasts)
+        await self.on_transcript(merged_transcript)
+
+        topics = await self.detect_topics(merged_transcript, transcript.target_language)
+        await asyncio.gather(
+            self.generate_title(topics),
+            self.generate_summaries(topics),
+            return_exceptions=False,
+        )
+
+        await self.set_status(transcript.id, "ended")
+
+    async def transcribe_file(self, audio_url: str, language: str) -> TranscriptType:
+        processor = FileTranscriptAutoProcessor()
+        input_data = FileTranscriptInput(audio_url=audio_url, language=language)
+
+        result: TranscriptType | None = None
+
+        async def capture_result(transcript):
+            nonlocal result
+            result = transcript
+
+        processor.on(capture_result)
+        await processor.push(input_data)
+        await processor.flush()
+
+        if not result:
+            raise ValueError("No transcript captured")
+
+        return result
+
+    async def detect_topics(
+        self, transcript: TranscriptType, target_language: str
+    ) -> list[TitleSummary]:
+        chunk_size = 300
+        topics: list[TitleSummary] = []
+
+        async def on_topic(topic: TitleSummary):
+            topics.append(topic)
+            return await self.on_topic(topic)
+
+        topic_detector = TranscriptTopicDetectorProcessor(callback=on_topic)
+        topic_detector.set_pipeline(self.empty_pipeline)
+
+        for i in range(0, len(transcript.words), chunk_size):
+            chunk_words = transcript.words[i : i + chunk_size]
+            if not chunk_words:
+                continue
+
+            chunk_transcript = TranscriptType(
+                words=chunk_words, translation=transcript.translation
+            )
+            await topic_detector.push(chunk_transcript)
+
+        await topic_detector.flush()
+        return topics
+
+    async def generate_title(self, topics: list[TitleSummary]):
+        if not topics:
+            self.logger.warning("No topics for title generation")
+            return
+
+        processor = TranscriptFinalTitleProcessor(callback=self.on_title)
+        processor.set_pipeline(self.empty_pipeline)
+
+        for topic in topics:
+            await processor.push(topic)
+
+        await processor.flush()
+
+    async def generate_summaries(self, topics: list[TitleSummary]):
+        if not topics:
+            self.logger.warning("No topics for summary generation")
+            return
+
+        transcript = await self.get_transcript()
+        processor = TranscriptFinalSummaryProcessor(
+            transcript=transcript,
+            callback=self.on_long_summary,
+            on_short_summary=self.on_short_summary,
+        )
+        processor.set_pipeline(self.empty_pipeline)
+
+        for topic in topics:
+            await processor.push(topic)
+
+        await processor.flush()
+
+
+@shared_task
+@asynctask
+async def task_pipeline_multitrack_process(
+    *, transcript_id: str, bucket_name: str, track_keys: list[str]
+):
+    pipeline = PipelineMainMultitrack(transcript_id=transcript_id)
+    try:
+        await pipeline.set_status(transcript_id, "processing")
+        await pipeline.process(bucket_name, track_keys)
+    except Exception:
+        await pipeline.set_status(transcript_id, "error")
+        raise
+
+    post_chain = chain(
+        task_cleanup_consent.si(transcript_id=transcript_id),
+        task_pipeline_post_to_zulip.si(transcript_id=transcript_id),
+        task_send_webhook_if_needed.si(transcript_id=transcript_id),
+    )
+    post_chain.delay()

server/reflector/pipelines/main_multitrack_pipeline_fixed.py

@@ -0,0 +1,629 @@
+import asyncio
+import io
+from fractions import Fraction
+
+import av
+import boto3
+import structlog
+from av.audio.resampler import AudioResampler
+from celery import chain, shared_task
+
+from reflector.asynctask import asynctask
+from reflector.db.transcripts import (
+    TranscriptStatus,
+    TranscriptText,
+    transcripts_controller,
+)
+from reflector.logger import logger
+from reflector.pipelines.main_file_pipeline import task_send_webhook_if_needed
+from reflector.pipelines.main_live_pipeline import (
+    PipelineMainBase,
+    task_cleanup_consent,
+    task_pipeline_post_to_zulip,
+)
+from reflector.processors import (
+    AudioFileWriterProcessor,
+    TranscriptFinalSummaryProcessor,
+    TranscriptFinalTitleProcessor,
+    TranscriptTopicDetectorProcessor,
+)
+from reflector.processors.file_transcript import FileTranscriptInput
+from reflector.processors.file_transcript_auto import FileTranscriptAutoProcessor
+from reflector.processors.types import TitleSummary
+from reflector.processors.types import (
+    Transcript as TranscriptType,
+)
+from reflector.settings import settings
+from reflector.storage import get_transcripts_storage
+
+
+class EmptyPipeline:
+    def __init__(self, logger: structlog.BoundLogger):
+        self.logger = logger
+
+    def get_pref(self, k, d=None):
+        return d
+
+    async def emit(self, event):
+        pass
+
+
+class PipelineMainMultitrack(PipelineMainBase):
+    """Process multiple participant tracks for a transcript without mixing audio."""
+
+    def __init__(self, transcript_id: str):
+        super().__init__(transcript_id=transcript_id)
+        self.logger = logger.bind(transcript_id=self.transcript_id)
+        self.empty_pipeline = EmptyPipeline(logger=self.logger)
+
+    async def pad_track_for_transcription(
+        self,
+        track_data: bytes,
+        track_idx: int,
+        storage,
+    ) -> tuple[bytes, str]:
+        """
+        Pad a single track with silence based on stream metadata start_time.
+        This ensures Whisper timestamps will be relative to recording start.
+
+        Returns: (padded_data, storage_url)
+        """
+        if not track_data:
+            return b"", ""
+
+        transcript = await self.get_transcript()
+
+        # Get stream metadata start_time using PyAV
+        container = av.open(io.BytesIO(track_data))
+        try:
+            audio_stream = container.streams.audio[0]
+
+            # Extract start_time from stream metadata
+            if (
+                audio_stream.start_time is not None
+                and audio_stream.time_base is not None
+            ):
+                start_time_seconds = float(
+                    audio_stream.start_time * audio_stream.time_base
+                )
+            else:
+                start_time_seconds = 0.0
+
+            sample_rate = audio_stream.sample_rate
+            codec_name = audio_stream.codec.name
+        finally:
+            container.close()
+
+        self.logger.info(
+            f"Track {track_idx} stream metadata: start_time={start_time_seconds:.3f}s, sample_rate={sample_rate}",
+            track_idx=track_idx,
+        )
+
+        # If no padding needed, use original
+        if start_time_seconds <= 0:
+            storage_path = (
+                f"file_pipeline/{transcript.id}/tracks/original_track_{track_idx}.webm"
+            )
+            await storage.put_file(storage_path, track_data)
+            url = await storage.get_file_url(storage_path)
+            return track_data, url
+
+        # Create PyAV filter graph for padding
+        graph = av.filter.Graph()
+
+        # Input buffer
+        in_args = (
+            f"time_base=1/{sample_rate}:"
+            f"sample_rate={sample_rate}:"
+            f"sample_fmt=s16:"
+            f"channel_layout=stereo"
+        )
+        input_buffer = graph.add("abuffer", args=in_args, name="in")
+
+        # Add delay filter for padding
+        delay_ms = int(start_time_seconds * 1000)
+        delay_filter = graph.add(
+            "adelay", args=f"delays={delay_ms}|{delay_ms}:all=1", name="delay"
+        )
+
+        # Output sink
+        sink = graph.add("abuffersink", name="out")
+
+        # Link filters
+        input_buffer.link_to(delay_filter)
+        delay_filter.link_to(sink)
+
+        graph.configure()
+
+        # Process audio through filter
+        output_bytes = io.BytesIO()
+        output_container = av.open(output_bytes, "w", format="webm")
+        output_stream = output_container.add_stream("libopus", rate=sample_rate)
+        output_stream.channels = 2
+
+        # Reopen input for processing
+        input_container = av.open(io.BytesIO(track_data))
+        resampler = AudioResampler(format="s16", layout="stereo", rate=sample_rate)
+
+        try:
+            # Process frames
+            for frame in input_container.decode(audio=0):
+                # Resample to match filter requirements
+                resampled_frames = resampler.resample(frame)
+                for resampled_frame in resampled_frames:
+                    resampled_frame.pts = frame.pts
+                    resampled_frame.time_base = Fraction(1, sample_rate)
+                    input_buffer.push(resampled_frame)
+
+                    # Pull from filter and encode
+                    while True:
+                        try:
+                            out_frame = sink.pull()
+                            out_frame.pts = out_frame.pts if out_frame.pts else 0
+                            out_frame.time_base = Fraction(1, sample_rate)
+                            for packet in output_stream.encode(out_frame):
+                                output_container.mux(packet)
+                        except av.BlockingIOError:
+                            break
+
+            # Flush
+            input_buffer.push(None)
+            while True:
+                try:
+                    out_frame = sink.pull()
+                    for packet in output_stream.encode(out_frame):
+                        output_container.mux(packet)
+                except (av.BlockingIOError, av.EOFError):
+                    break
+
+            # Flush encoder
+            for packet in output_stream.encode(None):
+                output_container.mux(packet)
+
+        finally:
+            input_container.close()
+            output_container.close()
+
+        padded_data = output_bytes.getvalue()
+
+        # Store padded track
+        storage_path = (
+            f"file_pipeline/{transcript.id}/tracks/padded_track_{track_idx}.webm"
+        )
+        await storage.put_file(storage_path, padded_data)
+        padded_url = await storage.get_file_url(storage_path)
+
+        self.logger.info(
+            f"Padded track {track_idx} with {start_time_seconds:.3f}s offset, stored at {storage_path}",
+            track_idx=track_idx,
+            delay_ms=delay_ms,
+            padded_url=padded_url,
+        )
+
+        return padded_data, padded_url
+
+    async def mixdown_tracks(
+        self,
+        track_datas: list[bytes],
+        writer: AudioFileWriterProcessor,
+        offsets_seconds: list[float] | None = None,
+    ) -> None:
+        """
+        Minimal multi-track mixdown using a PyAV filter graph (amix), no resampling.
+        """
+
+        # Discover target sample rate from first decodable frame
+        target_sample_rate: int | None = None
+        for data in track_datas:
+            if not data:
+                continue
+            try:
+                container = av.open(io.BytesIO(data))
+                try:
+                    for frame in container.decode(audio=0):
+                        target_sample_rate = frame.sample_rate
+                        break
+                finally:
+                    container.close()
+            except Exception:
+                continue
+            if target_sample_rate:
+                break
+
+        if not target_sample_rate:
+            self.logger.warning("Mixdown skipped - no decodable audio frames found")
+            return
+
+        # Build PyAV filter graph:
+        # N abuffer (s32/stereo)
+        #   -> optional adelay per input (for alignment)
+        #   -> amix (s32)
+        #   -> aformat(s16)
+        #   -> sink
+        graph = av.filter.Graph()
+        inputs = []
+        valid_track_datas = [d for d in track_datas if d]
+        # Align offsets list with the filtered inputs (skip empties)
+        input_offsets_seconds = None
+        if offsets_seconds is not None:
+            input_offsets_seconds = [
+                offsets_seconds[i] for i, d in enumerate(track_datas) if d
+            ]
+        for idx, data in enumerate(valid_track_datas):
+            args = (
+                f"time_base=1/{target_sample_rate}:"
+                f"sample_rate={target_sample_rate}:"
+                f"sample_fmt=s32:"
+                f"channel_layout=stereo"
+            )
+            in_ctx = graph.add("abuffer", args=args, name=f"in{idx}")
+            inputs.append(in_ctx)
+
+        if not inputs:
+            self.logger.warning("Mixdown skipped - no valid inputs for graph")
+            return
+
+        mixer = graph.add("amix", args=f"inputs={len(inputs)}:normalize=0", name="mix")
+
+        fmt = graph.add(
+            "aformat",
+            args=(
+                f"sample_fmts=s32:channel_layouts=stereo:sample_rates={target_sample_rate}"
+            ),
+            name="fmt",
+        )
+
+        sink = graph.add("abuffersink", name="out")
+
+        # Optional per-input delay before mixing
+        delays_ms: list[int] = []
+        if input_offsets_seconds is not None:
+            base = min(input_offsets_seconds) if input_offsets_seconds else 0.0
+            delays_ms = [
+                max(0, int(round((o - base) * 1000))) for o in input_offsets_seconds
+            ]
+        else:
+            delays_ms = [0 for _ in inputs]
+
+        for idx, in_ctx in enumerate(inputs):
+            delay_ms = delays_ms[idx] if idx < len(delays_ms) else 0
+            if delay_ms > 0:
+                # adelay requires one value per channel; use same for stereo
+                adelay = graph.add(
+                    "adelay",
+                    args=f"delays={delay_ms}|{delay_ms}:all=1",
+                    name=f"delay{idx}",
+                )
+                in_ctx.link_to(adelay)
+                adelay.link_to(mixer, 0, idx)
+            else:
+                in_ctx.link_to(mixer, 0, idx)
+        mixer.link_to(fmt)
+        fmt.link_to(sink)
+        graph.configure()
+
+        # Open containers for decoding
+        containers = []
+        for i, d in enumerate(valid_track_datas):
+            try:
+                c = av.open(io.BytesIO(d))
+                containers.append(c)
+            except Exception as e:
+                self.logger.warning(
+                    "Mixdown: failed to open container", input=i, error=str(e)
+                )
+                containers.append(None)
+        # Filter out Nones for decoders
+        containers = [c for c in containers if c is not None]
+        decoders = [c.decode(audio=0) for c in containers]
+        active = [True] * len(decoders)
+        # Per-input resamplers to enforce s32/stereo at the same rate (no resample of rate)
+        resamplers = [
+            AudioResampler(format="s32", layout="stereo", rate=target_sample_rate)
+            for _ in decoders
+        ]
+
+        try:
+            # Round-robin feed frames into graph, pull mixed frames as they become available
+            while any(active):
+                for i, (dec, is_active) in enumerate(zip(decoders, active)):
+                    if not is_active:
+                        continue
+                    try:
+                        frame = next(dec)
+                    except StopIteration:
+                        active[i] = False
+                        continue
+
+                    # Enforce same sample rate; convert format/layout to s16/stereo (no resample)
+                    if frame.sample_rate != target_sample_rate:
+                        # Skip frames with differing rate
+                        continue
+                    out_frames = resamplers[i].resample(frame) or []
+                    for rf in out_frames:
+                        rf.sample_rate = target_sample_rate
+                        rf.time_base = Fraction(1, target_sample_rate)
+                        inputs[i].push(rf)
+
+                    # Drain available mixed frames
+                    while True:
+                        try:
+                            mixed = sink.pull()
+                        except Exception:
+                            break
+                        mixed.sample_rate = target_sample_rate
+                        mixed.time_base = Fraction(1, target_sample_rate)
+                        await writer.push(mixed)
+
+            # Signal EOF to inputs and drain remaining
+            for in_ctx in inputs:
+                in_ctx.push(None)
+            while True:
+                try:
+                    mixed = sink.pull()
+                except Exception:
+                    break
+                mixed.sample_rate = target_sample_rate
+                mixed.time_base = Fraction(1, target_sample_rate)
+                await writer.push(mixed)
+        finally:
+            for c in containers:
+                c.close()
+
+    async def set_status(self, transcript_id: str, status: TranscriptStatus):
+        async with self.lock_transaction():
+            return await transcripts_controller.set_status(transcript_id, status)
+
+    async def process(self, bucket_name: str, track_keys: list[str]):
+        transcript = await self.get_transcript()
+
+        s3 = boto3.client(
+            "s3",
+            region_name=settings.RECORDING_STORAGE_AWS_REGION,
+            aws_access_key_id=settings.RECORDING_STORAGE_AWS_ACCESS_KEY_ID,
+            aws_secret_access_key=settings.RECORDING_STORAGE_AWS_SECRET_ACCESS_KEY,
+        )
+
+        storage = get_transcripts_storage()
+
+        # Pre-download bytes for all tracks for mixing and transcription
+        track_datas: list[bytes] = []
+        for key in track_keys:
+            try:
+                obj = s3.get_object(Bucket=bucket_name, Key=key)
+                track_datas.append(obj["Body"].read())
+            except Exception as e:
+                self.logger.warning(
+                    "Skipping track - cannot read S3 object", key=key, error=str(e)
+                )
+                track_datas.append(b"")
+
+        # REMOVED: Filename offset extraction - not needed anymore!
+        # We use stream metadata start_time for padding instead
+
+        # Get stream metadata start_times for mixing (still useful for mixdown)
+        stream_start_times: list[float] = []
+        for data in track_datas:
+            if not data:
+                stream_start_times.append(0.0)
+                continue
+
+            container = av.open(io.BytesIO(data))
+            try:
+                audio_stream = container.streams.audio[0]
+                if (
+                    audio_stream.start_time is not None
+                    and audio_stream.time_base is not None
+                ):
+                    start_time = float(audio_stream.start_time * audio_stream.time_base)
+                else:
+                    start_time = 0.0
+                stream_start_times.append(start_time)
+            finally:
+                container.close()
+
+        # Mixdown all available tracks into transcript.audio_mp3_filename, using stream metadata offsets
+        try:
+            mp3_writer = AudioFileWriterProcessor(
+                path=str(transcript.audio_mp3_filename)
+            )
+            await self.mixdown_tracks(track_datas, mp3_writer, stream_start_times)
+            await mp3_writer.flush()
+        except Exception as e:
+            self.logger.error("Mixdown failed", error=str(e))
+
+        # PAD TRACKS BEFORE TRANSCRIPTION - THIS IS THE KEY FIX!
+        padded_track_urls: list[str] = []
+        for idx, data in enumerate(track_datas):
+            if not data:
+                padded_track_urls.append("")
+                continue
+
+            _, padded_url = await self.pad_track_for_transcription(data, idx, storage)
+            padded_track_urls.append(padded_url)
+            self.logger.info(f"Padded track {idx} for transcription: {padded_url}")
+
+        # Transcribe PADDED tracks - timestamps will be automatically correct!
+        speaker_transcripts: list[TranscriptType] = []
+        for idx, padded_url in enumerate(padded_track_urls):
+            if not padded_url:
+                continue
+
+            try:
+                # Transcribe the PADDED track
+                t = await self.transcribe_file(padded_url, transcript.source_language)
+            except Exception as e:
+                self.logger.error(
+                    "Transcription via default backend failed, trying local whisper",
+                    track_idx=idx,
+                    url=padded_url,
+                    error=str(e),
+                )
+                try:
+                    fallback = FileTranscriptAutoProcessor(name="whisper")
+                    result = None
+
+                    async def capture_result(r):
+                        nonlocal result
+                        result = r
+
+                    fallback.on(capture_result)
+                    await fallback.push(
+                        FileTranscriptInput(
+                            audio_url=padded_url, language=transcript.source_language
+                        )
+                    )
+                    await fallback.flush()
+                    if not result:
+                        raise Exception("No transcript captured in fallback")
+                    t = result
+                except Exception as e2:
+                    self.logger.error(
+                        "Skipping track - transcription failed after fallback",
+                        track_idx=idx,
+                        url=padded_url,
+                        error=str(e2),
+                    )
+                    continue
+
+            if not t.words:
+                continue
+
+            # NO OFFSET ADJUSTMENT NEEDED!
+            # Timestamps are already correct because we transcribed padded tracks
+            # Just set speaker ID
+            for w in t.words:
+                w.speaker = idx
+
+            speaker_transcripts.append(t)
+            self.logger.info(
+                f"Track {idx} transcribed successfully with {len(t.words)} words",
+                track_idx=idx,
+            )
+
+        if not speaker_transcripts:
+            raise Exception("No valid track transcriptions")
+
+        # Merge all words and sort by timestamp
+        merged_words = []
+        for t in speaker_transcripts:
+            merged_words.extend(t.words)
+        merged_words.sort(
+            key=lambda w: w.start if hasattr(w, "start") and w.start is not None else 0
+        )
+
+        merged_transcript = TranscriptType(words=merged_words, translation=None)
+
+        await transcripts_controller.append_event(
+            transcript,
+            event="TRANSCRIPT",
+            data=TranscriptText(
+                text=merged_transcript.text, translation=merged_transcript.translation
+            ),
+        )
+
+        topics = await self.detect_topics(merged_transcript, transcript.target_language)
+        await asyncio.gather(
+            self.generate_title(topics),
+            self.generate_summaries(topics),
+            return_exceptions=False,
+        )
+
+        await self.set_status(transcript.id, "ended")
+
+    async def transcribe_file(self, audio_url: str, language: str) -> TranscriptType:
+        processor = FileTranscriptAutoProcessor()
+        input_data = FileTranscriptInput(audio_url=audio_url, language=language)
+
+        result: TranscriptType | None = None
+
+        async def capture_result(transcript):
+            nonlocal result
+            result = transcript
+
+        processor.on(capture_result)
+        await processor.push(input_data)
+        await processor.flush()
+
+        if not result:
+            raise ValueError("No transcript captured")
+
+        return result
+
+    async def detect_topics(
+        self, transcript: TranscriptType, target_language: str
+    ) -> list[TitleSummary]:
+        chunk_size = 300
+        topics: list[TitleSummary] = []
+
+        async def on_topic(topic: TitleSummary):
+            topics.append(topic)
+            return await self.on_topic(topic)
+
+        topic_detector = TranscriptTopicDetectorProcessor(callback=on_topic)
+        topic_detector.set_pipeline(self.empty_pipeline)
+
+        for i in range(0, len(transcript.words), chunk_size):
+            chunk_words = transcript.words[i : i + chunk_size]
+            if not chunk_words:
+                continue
+
+            chunk_transcript = TranscriptType(
+                words=chunk_words, translation=transcript.translation
+            )
+            await topic_detector.push(chunk_transcript)
+
+        await topic_detector.flush()
+        return topics
+
+    async def generate_title(self, topics: list[TitleSummary]):
+        if not topics:
+            self.logger.warning("No topics for title generation")
+            return
+
+        processor = TranscriptFinalTitleProcessor(callback=self.on_title)
+        processor.set_pipeline(self.empty_pipeline)
+
+        for topic in topics:
+            await processor.push(topic)
+
+        await processor.flush()
+
+    async def generate_summaries(self, topics: list[TitleSummary]):
+        if not topics:
+            self.logger.warning("No topics for summary generation")
+            return
+
+        transcript = await self.get_transcript()
+        processor = TranscriptFinalSummaryProcessor(
+            transcript=transcript,
+            callback=self.on_long_summary,
+            on_short_summary=self.on_short_summary,
+        )
+        processor.set_pipeline(self.empty_pipeline)
+
+        for topic in topics:
+            await processor.push(topic)
+
+        await processor.flush()
+
+
+@shared_task
+@asynctask
+async def task_pipeline_multitrack_process(
+    *, transcript_id: str, bucket_name: str, track_keys: list[str]
+):
+    pipeline = PipelineMainMultitrack(transcript_id=transcript_id)
+    try:
+        await pipeline.set_status(transcript_id, "processing")
+        await pipeline.process(bucket_name, track_keys)
+    except Exception:
+        await pipeline.set_status(transcript_id, "error")
+        raise
+
+    post_chain = chain(
+        task_cleanup_consent.si(transcript_id=transcript_id),
+        task_pipeline_post_to_zulip.si(transcript_id=transcript_id),
+        task_send_webhook_if_needed.si(transcript_id=transcript_id),
+    )
+    post_chain.delay()

server/reflector/platform_types.py

@@ -0,0 +1,9 @@
+"""Platform type definitions.
+
+This module exists solely to define the Platform literal type without any imports,
+preventing circular import issues when used across the codebase.
+"""
+
+from typing import Literal
+
+Platform = Literal["whereby", "daily"]

server/reflector/processors/file_diarization_modal.py

@@ -47,6 +47,7 @@ class FileDiarizationModalProcessor(FileDiarizationProcessor):
                     "audio_file_url": data.audio_url,
                     "timestamp": 0,
                 },
+                follow_redirects=True,
             )
             response.raise_for_status()
             diarization_data = response.json()["diarization"]

server/reflector/processors/file_transcript_modal.py

@@ -54,6 +54,7 @@ class FileTranscriptModalProcessor(FileTranscriptProcessor):
                     "language": data.language,
                     "batch": True,
                 },
+                follow_redirects=True,
             )
             response.raise_for_status()
             result = response.json()

server/reflector/processors/transcript_topic_detector.py

@@ -1,6 +1,6 @@
 from textwrap import dedent
 
-from pydantic import BaseModel, Field
+from pydantic import BaseModel, ConfigDict, Field
 
 from reflector.llm import LLM
 from reflector.processors.base import Processor
@@ -34,8 +34,14 @@ TOPIC_PROMPT = dedent(
 class TopicResponse(BaseModel):
     """Structured response for topic detection"""
 
-    title: str = Field(description="A descriptive title for the topic being discussed")
-    summary: str = Field(description="A concise 1-2 sentence summary of the discussion")
+    model_config = ConfigDict(populate_by_name=True)
+
+    title: str = Field(
+        description="A descriptive title for the topic being discussed", alias="Title"
+    )
+    summary: str = Field(
+        description="A concise 1-2 sentence summary of the discussion", alias="Summary"
+    )
 
 
 class TranscriptTopicDetectorProcessor(Processor):

server/reflector/processors/types.py

@@ -4,11 +4,8 @@ import tempfile
 from pathlib import Path
 from typing import Annotated, TypedDict
 
-from profanityfilter import ProfanityFilter
 from pydantic import BaseModel, Field, PrivateAttr
 
-from reflector.redis_cache import redis_cache
-
 
 class DiarizationSegment(TypedDict):
     """Type definition for diarization segment containing speaker information"""
@@ -20,9 +17,6 @@ class DiarizationSegment(TypedDict):
 
 PUNC_RE = re.compile(r"[.;:?!…]")
 
-profanity_filter = ProfanityFilter()
-profanity_filter.set_censor("*")
-
 
 class AudioFile(BaseModel):
     name: str
@@ -124,21 +118,11 @@ def words_to_segments(words: list[Word]) -> list[TranscriptSegment]:
 
 class Transcript(BaseModel):
     translation: str | None = None
-    words: list[Word] = None
-
-    @property
-    def raw_text(self):
-        # Uncensored text
-        return "".join([word.text for word in self.words])
-
-    @redis_cache(prefix="profanity", duration=3600 * 24 * 7)
-    def _get_censored_text(self, text: str):
-        return profanity_filter.censor(text).strip()
+    words: list[Word] = []
 
     @property
     def text(self):
-        # Censored text
-        return self._get_censored_text(self.raw_text)
+        return "".join([word.text for word in self.words])
 
     @property
     def human_timestamp(self):
@@ -170,12 +154,6 @@ class Transcript(BaseModel):
             word.start += offset
             word.end += offset
 
-    def clone(self):
-        words = [
-            Word(text=word.text, start=word.start, end=word.end) for word in self.words
-        ]
-        return Transcript(text=self.text, translation=self.translation, words=words)
-
     def as_segments(self) -> list[TranscriptSegment]:
         return words_to_segments(self.words)
 

server/reflector/redis_cache.py

@@ -1,10 +1,17 @@
+import asyncio
 import functools
 import json
+from typing import Optional
 
 import redis
+import redis.asyncio as redis_async
+import structlog
+from redis.exceptions import LockError
 
 from reflector.settings import settings
 
+logger = structlog.get_logger(__name__)
+
 redis_clients = {}
 
 
@@ -21,6 +28,12 @@ def get_redis_client(db=0):
     return redis_clients[db]
 
 
+async def get_async_redis_client(db: int = 0):
+    return await redis_async.from_url(
+        f"redis://{settings.REDIS_HOST}:{settings.REDIS_PORT}/{db}"
+    )
+
+
 def redis_cache(prefix="cache", duration=3600, db=settings.REDIS_CACHE_DB, argidx=1):
     """
     Cache the result of a function in Redis.
@@ -49,3 +62,87 @@ def redis_cache(prefix="cache", duration=3600, db=settings.REDIS_CACHE_DB, argid
         return wrapper
 
     return decorator
+
+
+class RedisAsyncLock:
+    def __init__(
+        self,
+        key: str,
+        timeout: int = 120,
+        extend_interval: int = 30,
+        skip_if_locked: bool = False,
+        blocking: bool = True,
+        blocking_timeout: Optional[float] = None,
+    ):
+        self.key = f"async_lock:{key}"
+        self.timeout = timeout
+        self.extend_interval = extend_interval
+        self.skip_if_locked = skip_if_locked
+        self.blocking = blocking
+        self.blocking_timeout = blocking_timeout
+        self._lock = None
+        self._redis = None
+        self._extend_task = None
+        self._acquired = False
+
+    async def _extend_lock_periodically(self):
+        while True:
+            try:
+                await asyncio.sleep(self.extend_interval)
+                if self._lock:
+                    await self._lock.extend(self.timeout, replace_ttl=True)
+                    logger.debug("Extended lock", key=self.key)
+            except LockError:
+                logger.warning("Failed to extend lock", key=self.key)
+                break
+            except asyncio.CancelledError:
+                break
+            except Exception as e:
+                logger.error("Error extending lock", key=self.key, error=str(e))
+                break
+
+    async def __aenter__(self):
+        self._redis = await get_async_redis_client()
+        self._lock = self._redis.lock(
+            self.key,
+            timeout=self.timeout,
+            blocking=self.blocking,
+            blocking_timeout=self.blocking_timeout,
+        )
+
+        self._acquired = await self._lock.acquire()
+
+        if not self._acquired:
+            if self.skip_if_locked:
+                logger.warning(
+                    "Lock already acquired by another process, skipping", key=self.key
+                )
+                return self
+            else:
+                raise LockError(f"Failed to acquire lock: {self.key}")
+
+        self._extend_task = asyncio.create_task(self._extend_lock_periodically())
+        logger.info("Acquired lock", key=self.key)
+        return self
+
+    async def __aexit__(self, exc_type, exc_val, exc_tb):
+        if self._extend_task:
+            self._extend_task.cancel()
+            try:
+                await self._extend_task
+            except asyncio.CancelledError:
+                pass
+
+        if self._acquired and self._lock:
+            try:
+                await self._lock.release()
+                logger.info("Released lock", key=self.key)
+            except LockError:
+                logger.debug("Lock already released or expired", key=self.key)
+
+        if self._redis:
+            await self._redis.aclose()
+
+    @property
+    def acquired(self) -> bool:
+        return self._acquired

server/reflector/services/ics_sync.py

@@ -0,0 +1,408 @@
+"""
+ICS Calendar Synchronization Service
+
+This module provides services for fetching, parsing, and synchronizing ICS (iCalendar)
+calendar feeds with room booking data in the database.
+
+Key Components:
+- ICSFetchService: Handles HTTP fetching and parsing of ICS calendar data
+- ICSSyncService: Manages the synchronization process between ICS feeds and database
+
+Example Usage:
+    # Sync a room's calendar
+    room = Room(id="room1", name="conference-room", ics_url="https://cal.example.com/room.ics")
+    result = await ics_sync_service.sync_room_calendar(room)
+
+    # Result structure:
+    {
+        "status": "success",  # success|unchanged|error|skipped
+        "hash": "abc123...",  # MD5 hash of ICS content
+        "events_found": 5,    # Events matching this room
+        "total_events": 12,   # Total events in calendar within time window
+        "events_created": 2,  # New events added to database
+        "events_updated": 3,  # Existing events modified
+        "events_deleted": 1   # Events soft-deleted (no longer in calendar)
+    }
+
+Event Matching:
+    Events are matched to rooms by checking if the room's full URL appears in the
+    event's LOCATION or DESCRIPTION fields. Only events within a 25-hour window
+    (1 hour ago to 24 hours from now) are processed.
+
+Input: ICS calendar URL (e.g., "https://calendar.google.com/calendar/ical/...")
+Output: EventData objects with structured calendar information:
+    {
+        "ics_uid": "event123@google.com",
+        "title": "Team Meeting",
+        "description": "Weekly sync meeting",
+        "location": "https://meet.company.com/conference-room",
+        "start_time": datetime(2024, 1, 15, 14, 0, tzinfo=UTC),
+        "end_time": datetime(2024, 1, 15, 15, 0, tzinfo=UTC),
+        "attendees": [
+            {"email": "user@company.com", "name": "John Doe", "role": "ORGANIZER"},
+            {"email": "attendee@company.com", "name": "Jane Smith", "status": "ACCEPTED"}
+        ],
+        "ics_raw_data": "BEGIN:VEVENT\nUID:event123@google.com\n..."
+    }
+"""
+
+import hashlib
+from datetime import date, datetime, timedelta, timezone
+from enum import Enum
+from typing import TypedDict
+
+import httpx
+import pytz
+import structlog
+from icalendar import Calendar, Event
+
+from reflector.db.calendar_events import CalendarEvent, calendar_events_controller
+from reflector.db.rooms import Room, rooms_controller
+from reflector.redis_cache import RedisAsyncLock
+from reflector.settings import settings
+
+logger = structlog.get_logger()
+
+EVENT_WINDOW_DELTA_START = timedelta(hours=-1)
+EVENT_WINDOW_DELTA_END = timedelta(hours=24)
+
+
+class SyncStatus(str, Enum):
+    SUCCESS = "success"
+    UNCHANGED = "unchanged"
+    ERROR = "error"
+    SKIPPED = "skipped"
+
+
+class AttendeeData(TypedDict, total=False):
+    email: str | None
+    name: str | None
+    status: str | None
+    role: str | None
+
+
+class EventData(TypedDict):
+    ics_uid: str
+    title: str | None
+    description: str | None
+    location: str | None
+    start_time: datetime
+    end_time: datetime
+    attendees: list[AttendeeData]
+    ics_raw_data: str
+
+
+class SyncStats(TypedDict):
+    events_created: int
+    events_updated: int
+    events_deleted: int
+
+
+class SyncResultBase(TypedDict):
+    status: SyncStatus
+
+
+class SyncResult(SyncResultBase, total=False):
+    hash: str | None
+    events_found: int
+    total_events: int
+    events_created: int
+    events_updated: int
+    events_deleted: int
+    error: str | None
+    reason: str | None
+
+
+class ICSFetchService:
+    def __init__(self):
+        self.client = httpx.AsyncClient(
+            timeout=30.0, headers={"User-Agent": "Reflector/1.0"}
+        )
+
+    async def fetch_ics(self, url: str) -> str:
+        response = await self.client.get(url)
+        response.raise_for_status()
+
+        return response.text
+
+    def parse_ics(self, ics_content: str) -> Calendar:
+        return Calendar.from_ical(ics_content)
+
+    def extract_room_events(
+        self, calendar: Calendar, room_name: str, room_url: str
+    ) -> tuple[list[EventData], int]:
+        events = []
+        total_events = 0
+        now = datetime.now(timezone.utc)
+        window_start = now + EVENT_WINDOW_DELTA_START
+        window_end = now + EVENT_WINDOW_DELTA_END
+
+        for component in calendar.walk():
+            if component.name != "VEVENT":
+                continue
+
+            status = component.get("STATUS", "").upper()
+            if status == "CANCELLED":
+                continue
+
+            # Count total non-cancelled events in the time window
+            event_data = self._parse_event(component)
+            if event_data and window_start <= event_data["start_time"] <= window_end:
+                total_events += 1
+
+                # Check if event matches this room
+                if self._event_matches_room(component, room_name, room_url):
+                    events.append(event_data)
+
+        return events, total_events
+
+    def _event_matches_room(self, event: Event, room_name: str, room_url: str) -> bool:
+        location = str(event.get("LOCATION", ""))
+        description = str(event.get("DESCRIPTION", ""))
+
+        # Only match full room URL
+        # XXX leaved here as a patterns, to later be extended with tinyurl or such too
+        patterns = [
+            room_url,
+        ]
+
+        # Check location and description for patterns
+        text_to_check = f"{location} {description}".lower()
+        for pattern in patterns:
+            if pattern.lower() in text_to_check:
+                return True
+
+        return False
+
+    def _parse_event(self, event: Event) -> EventData | None:
+        uid = str(event.get("UID", ""))
+        summary = str(event.get("SUMMARY", ""))
+        description = str(event.get("DESCRIPTION", ""))
+        location = str(event.get("LOCATION", ""))
+        dtstart = event.get("DTSTART")
+        dtend = event.get("DTEND")
+
+        if not dtstart:
+            return None
+
+        # Convert fields
+        start_time = self._normalize_datetime(
+            dtstart.dt if hasattr(dtstart, "dt") else dtstart
+        )
+        end_time = (
+            self._normalize_datetime(dtend.dt if hasattr(dtend, "dt") else dtend)
+            if dtend
+            else start_time + timedelta(hours=1)
+        )
+        attendees = self._parse_attendees(event)
+
+        # Get raw event data for storage
+        raw_data = event.to_ical().decode("utf-8")
+
+        return {
+            "ics_uid": uid,
+            "title": summary,
+            "description": description,
+            "location": location,
+            "start_time": start_time,
+            "end_time": end_time,
+            "attendees": attendees,
+            "ics_raw_data": raw_data,
+        }
+
+    def _normalize_datetime(self, dt) -> datetime:
+        # Ensure datetime is with timezone, if not, assume UTC
+        if isinstance(dt, date) and not isinstance(dt, datetime):
+            dt = datetime.combine(dt, datetime.min.time())
+            dt = pytz.UTC.localize(dt)
+        elif isinstance(dt, datetime):
+            if dt.tzinfo is None:
+                dt = pytz.UTC.localize(dt)
+            else:
+                dt = dt.astimezone(pytz.UTC)
+
+        return dt
+
+    def _parse_attendees(self, event: Event) -> list[AttendeeData]:
+        # Extracts attendee information from both ATTENDEE and ORGANIZER properties.
+        # Handles malformed comma-separated email addresses in single ATTENDEE fields
+        # by splitting them into separate attendee entries. Returns a list of attendee
+        # data including email, name, status, and role information.
+        final_attendees = []
+
+        attendees = event.get("ATTENDEE", [])
+        if not isinstance(attendees, list):
+            attendees = [attendees]
+        for att in attendees:
+            email_str = str(att).replace("mailto:", "") if att else None
+
+            # Handle malformed comma-separated email addresses in a single ATTENDEE field
+            if email_str and "," in email_str:
+                # Split comma-separated emails and create separate attendee entries
+                email_parts = [email.strip() for email in email_str.split(",")]
+                for email in email_parts:
+                    if email and "@" in email:
+                        clean_email = email.replace("MAILTO:", "").replace(
+                            "mailto:", ""
+                        )
+                        att_data: AttendeeData = {
+                            "email": clean_email,
+                            "name": att.params.get("CN")
+                            if hasattr(att, "params") and email == email_parts[0]
+                            else None,
+                            "status": att.params.get("PARTSTAT")
+                            if hasattr(att, "params") and email == email_parts[0]
+                            else None,
+                            "role": att.params.get("ROLE")
+                            if hasattr(att, "params") and email == email_parts[0]
+                            else None,
+                        }
+                        final_attendees.append(att_data)
+            else:
+                # Normal single attendee
+                att_data: AttendeeData = {
+                    "email": email_str,
+                    "name": att.params.get("CN") if hasattr(att, "params") else None,
+                    "status": att.params.get("PARTSTAT")
+                    if hasattr(att, "params")
+                    else None,
+                    "role": att.params.get("ROLE") if hasattr(att, "params") else None,
+                }
+                final_attendees.append(att_data)
+
+        # Add organizer
+        organizer = event.get("ORGANIZER")
+        if organizer:
+            org_email = (
+                str(organizer).replace("mailto:", "").replace("MAILTO:", "")
+                if organizer
+                else None
+            )
+            org_data: AttendeeData = {
+                "email": org_email,
+                "name": organizer.params.get("CN")
+                if hasattr(organizer, "params")
+                else None,
+                "role": "ORGANIZER",
+            }
+            final_attendees.append(org_data)
+
+        return final_attendees
+
+
+class ICSSyncService:
+    def __init__(self):
+        self.fetch_service = ICSFetchService()
+
+    async def sync_room_calendar(self, room: Room) -> SyncResult:
+        async with RedisAsyncLock(
+            f"ics_sync_room:{room.id}", skip_if_locked=True
+        ) as lock:
+            if not lock.acquired:
+                logger.warning("ICS sync already in progress for room", room_id=room.id)
+                return {
+                    "status": SyncStatus.SKIPPED,
+                    "reason": "Sync already in progress",
+                }
+
+            return await self._sync_room_calendar(room)
+
+    async def _sync_room_calendar(self, room: Room) -> SyncResult:
+        if not room.ics_enabled or not room.ics_url:
+            return {"status": SyncStatus.SKIPPED, "reason": "ICS not configured"}
+
+        try:
+            if not self._should_sync(room):
+                return {"status": SyncStatus.SKIPPED, "reason": "Not time to sync yet"}
+
+            ics_content = await self.fetch_service.fetch_ics(room.ics_url)
+            calendar = self.fetch_service.parse_ics(ics_content)
+
+            content_hash = hashlib.md5(ics_content.encode()).hexdigest()
+            if room.ics_last_etag == content_hash:
+                logger.info("No changes in ICS for room", room_id=room.id)
+                room_url = f"{settings.UI_BASE_URL}/{room.name}"
+                events, total_events = self.fetch_service.extract_room_events(
+                    calendar, room.name, room_url
+                )
+                return {
+                    "status": SyncStatus.UNCHANGED,
+                    "hash": content_hash,
+                    "events_found": len(events),
+                    "total_events": total_events,
+                    "events_created": 0,
+                    "events_updated": 0,
+                    "events_deleted": 0,
+                }
+
+            # Extract matching events
+            room_url = f"{settings.UI_BASE_URL}/{room.name}"
+            events, total_events = self.fetch_service.extract_room_events(
+                calendar, room.name, room_url
+            )
+            sync_result = await self._sync_events_to_database(room.id, events)
+
+            # Update room sync metadata
+            await rooms_controller.update(
+                room,
+                {
+                    "ics_last_sync": datetime.now(timezone.utc),
+                    "ics_last_etag": content_hash,
+                },
+                mutate=False,
+            )
+
+            return {
+                "status": SyncStatus.SUCCESS,
+                "hash": content_hash,
+                "events_found": len(events),
+                "total_events": total_events,
+                **sync_result,
+            }
+
+        except Exception as e:
+            logger.error("Failed to sync ICS for room", room_id=room.id, error=str(e))
+            return {"status": SyncStatus.ERROR, "error": str(e)}
+
+    def _should_sync(self, room: Room) -> bool:
+        if not room.ics_last_sync:
+            return True
+
+        time_since_sync = datetime.now(timezone.utc) - room.ics_last_sync
+        return time_since_sync.total_seconds() >= room.ics_fetch_interval
+
+    async def _sync_events_to_database(
+        self, room_id: str, events: list[EventData]
+    ) -> SyncStats:
+        created = 0
+        updated = 0
+
+        current_ics_uids = []
+
+        for event_data in events:
+            calendar_event = CalendarEvent(room_id=room_id, **event_data)
+            existing = await calendar_events_controller.get_by_ics_uid(
+                room_id, event_data["ics_uid"]
+            )
+
+            if existing:
+                updated += 1
+            else:
+                created += 1
+
+            await calendar_events_controller.upsert(calendar_event)
+            current_ics_uids.append(event_data["ics_uid"])
+
+        # Soft delete events that are no longer in calendar
+        deleted = await calendar_events_controller.soft_delete_missing(
+            room_id, current_ics_uids
+        )
+
+        return {
+            "events_created": created,
+            "events_updated": updated,
+            "events_deleted": deleted,
+        }
+
+
+ics_sync_service = ICSSyncService()

server/reflector/settings.py

@@ -1,6 +1,9 @@
 from pydantic.types import PositiveInt
 from pydantic_settings import BaseSettings, SettingsConfigDict
 
+from reflector.platform_types import Platform
+from reflector.utils.string import NonEmptyString
+
 
 class Settings(BaseSettings):
     model_config = SettingsConfigDict(
@@ -120,13 +123,26 @@ class Settings(BaseSettings):
 
     # Whereby integration
     WHEREBY_API_URL: str = "https://api.whereby.dev/v1"
-    WHEREBY_API_KEY: str | None = None
+    WHEREBY_API_KEY: NonEmptyString | None = None
     WHEREBY_WEBHOOK_SECRET: str | None = None
     AWS_WHEREBY_ACCESS_KEY_ID: str | None = None
     AWS_WHEREBY_ACCESS_KEY_SECRET: str | None = None
     AWS_PROCESS_RECORDING_QUEUE_URL: str | None = None
     SQS_POLLING_TIMEOUT_SECONDS: int = 60
 
+    # Daily.co integration
+    DAILY_API_KEY: str | None = None
+    DAILY_WEBHOOK_SECRET: str | None = None
+    DAILY_SUBDOMAIN: str | None = None
+    AWS_DAILY_S3_BUCKET: str | None = None
+    AWS_DAILY_S3_REGION: str = "us-west-2"
+    AWS_DAILY_ROLE_ARN: str | None = None
+
+    # Platform Migration Feature Flags
+    DAILY_MIGRATION_ENABLED: bool = False
+    DAILY_MIGRATION_ROOM_IDS: list[str] = []
+    DEFAULT_VIDEO_PLATFORM: Platform = "whereby"
+
     # Zulip integration
     ZULIP_REALM: str | None = None
     ZULIP_API_KEY: str | None = None

server/reflector/utils/string.py

@@ -0,0 +1,23 @@
+from typing import Annotated
+
+from pydantic import Field, TypeAdapter, constr
+
+NonEmptyStringBase = constr(min_length=1, strip_whitespace=False)
+NonEmptyString = Annotated[
+    NonEmptyStringBase,
+    Field(description="A non-empty string", min_length=1),
+]
+non_empty_string_adapter = TypeAdapter(NonEmptyString)
+
+
+def parse_non_empty_string(s: str, error: str | None = None) -> NonEmptyString:
+    try:
+        return non_empty_string_adapter.validate_python(s)
+    except Exception as e:
+        raise ValueError(f"{e}: {error}" if error else e) from e
+
+
+def try_parse_non_empty_string(s: str) -> NonEmptyString | None:
+    if not s:
+        return None
+    return parse_non_empty_string(s)

server/reflector/video_platforms/__init__.py

@@ -0,0 +1,18 @@
+# Video Platform Abstraction Layer
+"""
+This module provides an abstraction layer for different video conferencing platforms.
+It allows seamless switching between providers (Whereby, Daily.co, etc.) without
+changing the core application logic.
+"""
+
+from .base import VideoPlatformClient
+from .models import MeetingData, VideoPlatformConfig
+from .registry import get_platform_client, register_platform
+
+__all__ = [
+    "VideoPlatformClient",
+    "VideoPlatformConfig",
+    "MeetingData",
+    "get_platform_client",
+    "register_platform",
+]

server/reflector/video_platforms/base.py

@@ -0,0 +1,60 @@
+from abc import ABC, abstractmethod
+from datetime import datetime
+from typing import TYPE_CHECKING, Any, Dict, Optional
+
+from reflector.platform_types import Platform
+
+from .models import MeetingData, VideoPlatformConfig
+
+if TYPE_CHECKING:
+    from reflector.db.rooms import Room
+
+
+class VideoPlatformClient(ABC):
+    """Abstract base class for video platform integrations."""
+
+    PLATFORM_NAME: Platform
+
+    def __init__(self, config: VideoPlatformConfig):
+        self.config = config
+
+    @abstractmethod
+    async def create_meeting(
+        self, room_name_prefix: str, end_date: datetime, room: "Room"
+    ) -> MeetingData:
+        """Create a new meeting room."""
+        pass
+
+    @abstractmethod
+    async def get_room_sessions(self, room_name: str) -> Dict[str, Any]:
+        """Get session information for a room."""
+        pass
+
+    @abstractmethod
+    async def delete_room(self, room_name: str) -> bool:
+        """Delete a room. Returns True if successful."""
+        pass
+
+    @abstractmethod
+    async def upload_logo(self, room_name: str, logo_path: str) -> bool:
+        """Upload a logo to the room. Returns True if successful."""
+        pass
+
+    @abstractmethod
+    def verify_webhook_signature(
+        self, body: bytes, signature: str, timestamp: Optional[str] = None
+    ) -> bool:
+        """Verify webhook signature for security."""
+        pass
+
+    def format_recording_config(self, room: "Room") -> Dict[str, Any]:
+        """Format recording configuration for the platform.
+        Can be overridden by specific implementations."""
+        if room.recording_type == "cloud" and self.config.s3_bucket:
+            return {
+                "type": room.recording_type,
+                "bucket": self.config.s3_bucket,
+                "region": self.config.s3_region,
+                "trigger": room.recording_trigger,
+            }
+        return {"type": room.recording_type}

server/reflector/video_platforms/daily.py

@@ -0,0 +1,178 @@
+import hmac
+from datetime import datetime
+from hashlib import sha256
+from http import HTTPStatus
+from typing import Any, Dict, Optional
+
+import httpx
+
+from reflector.db.rooms import Room
+from reflector.platform_types import Platform
+
+from .base import VideoPlatformClient
+from .models import MeetingData, RecordingType, VideoPlatformConfig
+
+
+class DailyClient(VideoPlatformClient):
+    PLATFORM_NAME: Platform = "daily"
+    TIMEOUT = 10
+    BASE_URL = "https://api.daily.co/v1"
+    TIMESTAMP_FORMAT = "%Y%m%d%H%M%S"
+    RECORDING_NONE: RecordingType = "none"
+    RECORDING_CLOUD: RecordingType = "cloud"
+
+    def __init__(self, config: VideoPlatformConfig):
+        super().__init__(config)
+        self.headers = {
+            "Authorization": f"Bearer {config.api_key}",
+            "Content-Type": "application/json",
+        }
+
+    async def create_meeting(
+        self, room_name_prefix: str, end_date: datetime, room: Room
+    ) -> MeetingData:
+        """Create a Daily.co room."""
+        timestamp = datetime.now().strftime(self.TIMESTAMP_FORMAT)
+        if room_name_prefix:
+            room_name = f"{room_name_prefix}-{timestamp}"
+        else:
+            room_name = f"room-{timestamp}"
+
+        data = {
+            "name": room_name,
+            "privacy": "private" if room.is_locked else "public",
+            "properties": {
+                "enable_recording": "raw-tracks"
+                if room.recording_type != self.RECORDING_NONE
+                else False,
+                "enable_chat": True,
+                "enable_screenshare": True,
+                "start_video_off": False,
+                "start_audio_off": False,
+                "exp": int(end_date.timestamp()),
+            },
+        }
+
+        # Configure S3 bucket for recordings
+        # NOTE: Not checking room.recording_type - figure out later if conditional needed
+        assert self.config.s3_bucket, "S3 bucket must be configured"
+        data["properties"]["recordings_bucket"] = {
+            "bucket_name": self.config.s3_bucket,
+            "bucket_region": self.config.s3_region,
+            "assume_role_arn": self.config.aws_role_arn,
+            "allow_api_access": True,
+        }
+
+        from reflector.logger import logger
+
+        async with httpx.AsyncClient() as client:
+            response = await client.post(
+                f"{self.BASE_URL}/rooms",
+                headers=self.headers,
+                json=data,
+                timeout=self.TIMEOUT,
+            )
+            if response.status_code >= 400:
+                logger.error(
+                    "Daily.co API error",
+                    status_code=response.status_code,
+                    response_body=response.text,
+                    request_data=data,
+                )
+            response.raise_for_status()
+            result = response.json()
+
+        # Format response to match our standard
+        room_url = result["url"]
+
+        return MeetingData(
+            meeting_id=result["id"],
+            room_name=result["name"],
+            room_url=room_url,
+            host_room_url=room_url,
+            platform=self.PLATFORM_NAME,
+            extra_data=result,
+        )
+
+    async def get_room_sessions(self, room_name: str) -> Dict[str, Any]:
+        """Get Daily.co room information."""
+        async with httpx.AsyncClient() as client:
+            response = await client.get(
+                f"{self.BASE_URL}/rooms/{room_name}",
+                headers=self.headers,
+                timeout=self.TIMEOUT,
+            )
+            response.raise_for_status()
+            return response.json()
+
+    async def get_room_presence(self, room_name: str) -> Dict[str, Any]:
+        """Get real-time participant data - Daily.co specific feature."""
+        async with httpx.AsyncClient() as client:
+            response = await client.get(
+                f"{self.BASE_URL}/rooms/{room_name}/presence",
+                headers=self.headers,
+                timeout=self.TIMEOUT,
+            )
+            response.raise_for_status()
+            return response.json()
+
+    async def delete_room(self, room_name: str) -> bool:
+        """Delete a Daily.co room."""
+        async with httpx.AsyncClient() as client:
+            response = await client.delete(
+                f"{self.BASE_URL}/rooms/{room_name}",
+                headers=self.headers,
+                timeout=self.TIMEOUT,
+            )
+            # Daily.co returns 200 for success, 404 if room doesn't exist
+            return response.status_code in (HTTPStatus.OK, HTTPStatus.NOT_FOUND)
+
+    async def upload_logo(self, room_name: str, logo_path: str) -> bool:
+        """Daily.co doesn't support custom logos per room - this is a no-op."""
+        return True
+
+    def verify_webhook_signature(
+        self, body: bytes, signature: str, timestamp: Optional[str] = None
+    ) -> bool:
+        """Verify Daily.co webhook signature.
+
+        Daily.co uses:
+        - X-Webhook-Signature header
+        - X-Webhook-Timestamp header
+        - Signature format: HMAC-SHA256(base64_decode(secret), timestamp + '.' + body)
+        - Result is base64 encoded
+        """
+        if not signature or not timestamp:
+            return False
+
+        try:
+            import base64
+
+            secret_bytes = base64.b64decode(self.config.webhook_secret)
+
+            signed_content = timestamp.encode() + b"." + body
+
+            expected = hmac.new(secret_bytes, signed_content, sha256).digest()
+            expected_b64 = base64.b64encode(expected).decode()
+
+            return hmac.compare_digest(expected_b64, signature)
+        except Exception:
+            return False
+
+    async def create_meeting_token(self, room_name: str, enable_recording: bool) -> str:
+        """Create meeting token for auto-recording."""
+        data = {"properties": {"room_name": room_name}}
+
+        if enable_recording:
+            data["properties"]["start_cloud_recording"] = True
+            data["properties"]["enable_recording_ui"] = False
+
+        async with httpx.AsyncClient() as client:
+            response = await client.post(
+                f"{self.BASE_URL}/meeting-tokens",
+                headers=self.headers,
+                json=data,
+                timeout=self.TIMEOUT,
+            )
+            response.raise_for_status()
+            return response.json()["token"]

server/reflector/video_platforms/factory.py

@@ -0,0 +1,80 @@
+"""Factory for creating video platform clients based on configuration."""
+
+from typing import Optional
+
+from reflector.settings import settings
+
+from .base import Platform, VideoPlatformClient, VideoPlatformConfig
+from .registry import get_platform_client
+
+
+def get_platform_config(platform: Platform) -> VideoPlatformConfig:
+    """Get configuration for a specific platform."""
+    if platform == "whereby":
+        if not settings.WHEREBY_API_KEY:
+            raise ValueError(
+                "WHEREBY_API_KEY is required when platform='whereby'. "
+                "Set WHEREBY_API_KEY environment variable."
+            )
+        return VideoPlatformConfig(
+            api_key=settings.WHEREBY_API_KEY,
+            webhook_secret=settings.WHEREBY_WEBHOOK_SECRET or "",
+            api_url=settings.WHEREBY_API_URL,
+            s3_bucket=settings.RECORDING_STORAGE_AWS_BUCKET_NAME,
+            s3_region=settings.RECORDING_STORAGE_AWS_REGION,
+            aws_access_key_id=settings.AWS_WHEREBY_ACCESS_KEY_ID,
+            aws_access_key_secret=settings.AWS_WHEREBY_ACCESS_KEY_SECRET,
+        )
+    elif platform == "daily":
+        if not settings.DAILY_API_KEY:
+            raise ValueError(
+                "DAILY_API_KEY is required when platform='daily'. "
+                "Set DAILY_API_KEY environment variable."
+            )
+        if not settings.DAILY_SUBDOMAIN:
+            raise ValueError(
+                "DAILY_SUBDOMAIN is required when platform='daily'. "
+                "Set DAILY_SUBDOMAIN environment variable."
+            )
+        return VideoPlatformConfig(
+            api_key=settings.DAILY_API_KEY,
+            webhook_secret=settings.DAILY_WEBHOOK_SECRET or "",
+            subdomain=settings.DAILY_SUBDOMAIN,
+            s3_bucket=settings.AWS_DAILY_S3_BUCKET,
+            s3_region=settings.AWS_DAILY_S3_REGION,
+            aws_role_arn=settings.AWS_DAILY_ROLE_ARN,
+        )
+    else:
+        raise ValueError(f"Unknown platform: {platform}")
+
+
+def create_platform_client(platform: Platform) -> VideoPlatformClient:
+    """Create a video platform client instance."""
+    config = get_platform_config(platform)
+    return get_platform_client(platform, config)
+
+
+def get_platform_for_room(
+    room_id: Optional[str] = None, room_platform: Optional[Platform] = None
+) -> Platform:
+    """Determine which platform to use for a room.
+
+    Priority order (highest to lowest):
+    1. DAILY_MIGRATION_ROOM_IDS - env var override for testing/migration
+    2. room_platform - database persisted platform choice
+    3. DEFAULT_VIDEO_PLATFORM - env var fallback
+    """
+    # If Daily migration is disabled, always use Whereby
+    if not settings.DAILY_MIGRATION_ENABLED:
+        return "whereby"
+
+    # Highest priority: If room is in migration list, use Daily (env var override)
+    if room_id and room_id in settings.DAILY_MIGRATION_ROOM_IDS:
+        return "daily"
+
+    # Second priority: Use room's persisted platform from database
+    if room_platform:
+        return room_platform
+
+    # Fallback: Use default platform from env var
+    return settings.DEFAULT_VIDEO_PLATFORM

server/reflector/video_platforms/models.py

@@ -0,0 +1,49 @@
+"""Video platform data models.
+
+Standard data models used across all video platform implementations.
+"""
+
+from typing import Any, Dict, Literal, Optional
+
+from pydantic import BaseModel, Field
+
+from reflector.platform_types import Platform
+
+RecordingType = Literal["none", "local", "cloud"]
+
+
+class MeetingData(BaseModel):
+    """Standardized meeting data returned by all providers."""
+
+    platform: Platform
+    meeting_id: str = Field(description="Platform-specific meeting identifier")
+    room_url: str = Field(description="URL for participants to join")
+    host_room_url: str = Field(description="URL for hosts (may be same as room_url)")
+    room_name: str = Field(description="Human-readable room name")
+    extra_data: Dict[str, Any] = Field(default_factory=dict)
+
+    class Config:
+        json_schema_extra = {
+            "example": {
+                "platform": "whereby",
+                "meeting_id": "12345678",
+                "room_url": "https://subdomain.whereby.com/room-20251008120000",
+                "host_room_url": "https://subdomain.whereby.com/room-20251008120000?roomKey=abc123",
+                "room_name": "room-20251008120000",
+            }
+        }
+
+
+class VideoPlatformConfig(BaseModel):
+    """Platform-agnostic configuration model."""
+
+    api_key: str
+    webhook_secret: str
+    api_url: Optional[str] = None
+    subdomain: Optional[str] = None  # Whereby/Daily subdomain
+    s3_bucket: Optional[str] = None
+    s3_region: Optional[str] = None
+    # Whereby uses access keys, Daily uses IAM role
+    aws_access_key_id: Optional[str] = None
+    aws_access_key_secret: Optional[str] = None
+    aws_role_arn: Optional[str] = None

server/reflector/video_platforms/registry.py

@@ -0,0 +1,39 @@
+from typing import Dict, Type
+
+from .base import Platform, VideoPlatformClient, VideoPlatformConfig
+
+# Registry of available video platforms
+_PLATFORMS: Dict[Platform, Type[VideoPlatformClient]] = {}
+
+
+def register_platform(name: Platform, client_class: Type[VideoPlatformClient]):
+    """Register a video platform implementation."""
+    _PLATFORMS[name] = client_class
+
+
+def get_platform_client(
+    platform: Platform, config: VideoPlatformConfig
+) -> VideoPlatformClient:
+    """Get a video platform client instance."""
+    if platform not in _PLATFORMS:
+        raise ValueError(f"Unknown video platform: {platform}")
+
+    client_class = _PLATFORMS[platform]
+    return client_class(config)
+
+
+def get_available_platforms() -> list[Platform]:
+    """Get list of available platform names."""
+    return list(_PLATFORMS.keys())
+
+
+# Auto-register built-in platforms
+def _register_builtin_platforms():
+    from .daily import DailyClient  # noqa: PLC0415
+    from .whereby import WherebyClient  # noqa: PLC0415
+
+    register_platform("whereby", WherebyClient)
+    register_platform("daily", DailyClient)
+
+
+_register_builtin_platforms()

server/reflector/video_platforms/whereby.py

@@ -0,0 +1,140 @@
+import hmac
+import json
+import re
+import time
+from datetime import datetime
+from hashlib import sha256
+from typing import Any, Dict, Optional
+
+import httpx
+
+from reflector.db.rooms import Room
+
+from .base import MeetingData, Platform, VideoPlatformClient, VideoPlatformConfig
+
+
+class WherebyClient(VideoPlatformClient):
+    """Whereby video platform implementation."""
+
+    PLATFORM_NAME: Platform = "whereby"
+    TIMEOUT = 10  # seconds
+    MAX_ELAPSED_TIME = 60 * 1000  # 1 minute in milliseconds
+
+    def __init__(self, config: VideoPlatformConfig):
+        super().__init__(config)
+        self.headers = {
+            "Content-Type": "application/json; charset=utf-8",
+            "Authorization": f"Bearer {config.api_key}",
+        }
+
+    async def create_meeting(
+        self, room_name_prefix: str, end_date: datetime, room: Room
+    ) -> MeetingData:
+        """Create a Whereby meeting."""
+        data = {
+            "isLocked": room.is_locked,
+            "roomNamePrefix": room_name_prefix,
+            "roomNamePattern": "uuid",
+            "roomMode": room.room_mode,
+            "endDate": end_date.isoformat(),
+            "fields": ["hostRoomUrl"],
+        }
+
+        # Add recording configuration if cloud recording is enabled
+        if room.recording_type == "cloud":
+            data["recording"] = {
+                "type": room.recording_type,
+                "destination": {
+                    "provider": "s3",
+                    "bucket": self.config.s3_bucket,
+                    "accessKeyId": self.config.aws_access_key_id,
+                    "accessKeySecret": self.config.aws_access_key_secret,
+                    "fileFormat": "mp4",
+                },
+                "startTrigger": room.recording_trigger,
+            }
+
+        async with httpx.AsyncClient() as client:
+            response = await client.post(
+                f"{self.config.api_url}/meetings",
+                headers=self.headers,
+                json=data,
+                timeout=self.TIMEOUT,
+            )
+            response.raise_for_status()
+            result = response.json()
+
+        return MeetingData(
+            meeting_id=result["meetingId"],
+            room_name=result["roomName"],
+            room_url=result["roomUrl"],
+            host_room_url=result["hostRoomUrl"],
+            platform=self.PLATFORM_NAME,
+            extra_data=result,
+        )
+
+    async def get_room_sessions(self, room_name: str) -> Dict[str, Any]:
+        """Get Whereby room session information."""
+        async with httpx.AsyncClient() as client:
+            response = await client.get(
+                f"{self.config.api_url}/insights/room-sessions?roomName={room_name}",
+                headers=self.headers,
+                timeout=self.TIMEOUT,
+            )
+            response.raise_for_status()
+            return response.json()
+
+    async def delete_room(self, room_name: str) -> bool:
+        """Whereby doesn't support room deletion - meetings expire automatically."""
+        return True
+
+    async def upload_logo(self, room_name: str, logo_path: str) -> bool:
+        """Upload logo to Whereby room."""
+        async with httpx.AsyncClient() as client:
+            with open(logo_path, "rb") as f:
+                response = await client.put(
+                    f"{self.config.api_url}/rooms/{room_name}/theme/logo",
+                    headers={
+                        "Authorization": f"Bearer {self.config.api_key}",
+                    },
+                    timeout=self.TIMEOUT,
+                    files={"image": f},
+                )
+                response.raise_for_status()
+        return True
+
+    def verify_webhook_signature(
+        self, body: bytes, signature: str, timestamp: Optional[str] = None
+    ) -> bool:
+        """Verify Whereby webhook signature."""
+        if not signature:
+            return False
+
+        matches = re.match(r"t=(.*),v1=(.*)", signature)
+        if not matches:
+            return False
+
+        ts, sig = matches.groups()
+
+        # Check timestamp to prevent replay attacks
+        current_time = int(time.time() * 1000)
+        diff_time = current_time - int(ts) * 1000
+        if diff_time >= self.MAX_ELAPSED_TIME:
+            return False
+
+        # Verify signature
+        body_dict = json.loads(body)
+        signed_payload = f"{ts}.{json.dumps(body_dict, separators=(',', ':'))}"
+        hmac_obj = hmac.new(
+            self.config.webhook_secret.encode("utf-8"),
+            signed_payload.encode("utf-8"),
+            sha256,
+        )
+        expected_signature = hmac_obj.hexdigest()
+
+        try:
+            return hmac.compare_digest(
+                expected_signature.encode("utf-8"), sig.encode("utf-8")
+            )
+        except Exception:
+            return False

server/reflector/views/daily.py

@@ -0,0 +1,235 @@
+"""Daily.co webhook handler endpoint."""
+
+import json
+from typing import Any, Dict, Literal
+
+from fastapi import APIRouter, HTTPException, Request
+from pydantic import BaseModel
+
+from reflector.db.meetings import meetings_controller
+from reflector.logger import logger
+from reflector.settings import settings
+from reflector.video_platforms.factory import create_platform_client
+from reflector.worker.process import process_multitrack_recording
+
+router = APIRouter()
+
+
+class DailyTrack(BaseModel):
+    """Daily.co recording track (audio or video file)."""
+
+    type: Literal["audio", "video"]
+    s3Key: str
+    size: int
+
+
+class DailyWebhookEvent(BaseModel):
+    """Daily webhook event structure."""
+
+    version: str
+    type: str
+    id: str
+    payload: Dict[str, Any]
+    event_ts: float
+
+
+def _extract_room_name(event: DailyWebhookEvent) -> str | None:
+    """Extract room name from Daily event payload.
+
+    Daily.co API inconsistency:
+    - participant.* events use "room" field
+    - recording.* events use "room_name" field
+    """
+    return event.payload.get("room_name") or event.payload.get("room")
+
+
+@router.post("/webhook")
+async def webhook(request: Request):
+    """Handle Daily webhook events.
+
+    Daily.co circuit-breaker: After 3+ failed responses (4xx/5xx), webhook
+    state→FAILED, stops sending events. Reset: scripts/recreate_daily_webhook.py
+    """
+    body = await request.body()
+    signature = request.headers.get("X-Webhook-Signature", "")
+    timestamp = request.headers.get("X-Webhook-Timestamp", "")
+
+    client = create_platform_client("daily")
+
+    # TEMPORARY: Bypass signature check for testing
+    # TODO: Remove this after testing is complete
+    BYPASS_FOR_TESTING = True
+    if not BYPASS_FOR_TESTING:
+        if not client.verify_webhook_signature(body, signature, timestamp):
+            logger.warning(
+                "Invalid webhook signature",
+                signature=signature,
+                timestamp=timestamp,
+                has_body=bool(body),
+            )
+            raise HTTPException(status_code=401, detail="Invalid webhook signature")
+
+    # Parse the JSON body
+    try:
+        body_json = json.loads(body)
+    except json.JSONDecodeError:
+        raise HTTPException(status_code=422, detail="Invalid JSON")
+
+    # Handle Daily's test event during webhook creation
+    if body_json.get("test") == "test":
+        logger.info("Received Daily webhook test event")
+        return {"status": "ok"}
+
+    # Parse as actual event
+    try:
+        event = DailyWebhookEvent(**body_json)
+    except Exception as e:
+        logger.error("Failed to parse webhook event", error=str(e), body=body.decode())
+        raise HTTPException(status_code=422, detail="Invalid event format")
+
+    # Handle participant events
+    if event.type == "participant.joined":
+        await _handle_participant_joined(event)
+    elif event.type == "participant.left":
+        await _handle_participant_left(event)
+    elif event.type == "recording.started":
+        await _handle_recording_started(event)
+    elif event.type == "recording.ready-to-download":
+        await _handle_recording_ready(event)
+    elif event.type == "recording.error":
+        await _handle_recording_error(event)
+
+    return {"status": "ok"}
+
+
+async def _handle_participant_joined(event: DailyWebhookEvent):
+    """Handle participant joined event."""
+    room_name = _extract_room_name(event)
+    if not room_name:
+        logger.warning("participant.joined: no room in payload", payload=event.payload)
+        return
+
+    meeting = await meetings_controller.get_by_room_name(room_name)
+    if meeting:
+        await meetings_controller.increment_num_clients(meeting.id)
+        logger.info(
+            "Participant joined",
+            meeting_id=meeting.id,
+            room_name=room_name,
+            recording_type=meeting.recording_type,
+            recording_trigger=meeting.recording_trigger,
+        )
+    else:
+        logger.warning("participant.joined: meeting not found", room_name=room_name)
+
+
+async def _handle_participant_left(event: DailyWebhookEvent):
+    """Handle participant left event."""
+    room_name = _extract_room_name(event)
+    if not room_name:
+        return
+
+    meeting = await meetings_controller.get_by_room_name(room_name)
+    if meeting:
+        await meetings_controller.decrement_num_clients(meeting.id)
+
+
+async def _handle_recording_started(event: DailyWebhookEvent):
+    """Handle recording started event."""
+    room_name = _extract_room_name(event)
+    if not room_name:
+        logger.warning(
+            "recording.started: no room_name in payload", payload=event.payload
+        )
+        return
+
+    meeting = await meetings_controller.get_by_room_name(room_name)
+    if meeting:
+        logger.info(
+            "Recording started",
+            meeting_id=meeting.id,
+            room_name=room_name,
+            recording_id=event.payload.get("recording_id"),
+            platform="daily",
+        )
+    else:
+        logger.warning("recording.started: meeting not found", room_name=room_name)
+
+
+async def _handle_recording_ready(event: DailyWebhookEvent):
+    """Handle recording ready for download event.
+
+    Daily.co webhook payload for raw-tracks recordings:
+    {
+      "recording_id": "...",
+      "room_name": "test2-20251009192341",
+      "tracks": [
+        {"type": "audio", "s3Key": "monadical/test2-.../uuid-cam-audio-123.webm", "size": 400000},
+        {"type": "video", "s3Key": "monadical/test2-.../uuid-cam-video-456.webm", "size": 30000000}
+      ]
+    }
+    """
+    room_name = _extract_room_name(event)
+    recording_id = event.payload.get("recording_id")
+    tracks_raw = event.payload.get("tracks", [])
+
+    if not room_name or not tracks_raw:
+        logger.warning(
+            "recording.ready-to-download: missing room_name or tracks",
+            room_name=room_name,
+            has_tracks=bool(tracks_raw),
+            payload=event.payload,
+        )
+        return
+
+    # Validate tracks structure
+    try:
+        tracks = [DailyTrack(**t) for t in tracks_raw]
+    except Exception as e:
+        logger.error(
+            "recording.ready-to-download: invalid tracks structure",
+            error=str(e),
+            tracks=tracks_raw,
+        )
+        return
+
+    logger.info(
+        "Recording ready for download",
+        room_name=room_name,
+        recording_id=recording_id,
+        num_tracks=len(tracks),
+        platform="daily",
+    )
+
+    bucket_name = settings.AWS_DAILY_S3_BUCKET
+    if not bucket_name:
+        logger.error(
+            "AWS_DAILY_S3_BUCKET not configured; cannot process Daily recording"
+        )
+        return
+
+    track_keys = [t.s3Key for t in tracks if t.type == "audio"]
+
+    process_multitrack_recording.delay(
+        bucket_name=bucket_name,
+        room_name=room_name,
+        recording_id=recording_id,
+        track_keys=track_keys,
+    )
+
+
+async def _handle_recording_error(event: DailyWebhookEvent):
+    """Handle recording error event."""
+    room_name = _extract_room_name(event)
+    error = event.payload.get("error", "Unknown error")
+
+    if room_name:
+        meeting = await meetings_controller.get_by_room_name(room_name)
+        if meeting:
+            logger.error(
+                "Recording error",
+                meeting_id=meeting.id,
+                room_name=room_name,
+                error=error,
+                platform="daily",
+            )

server/reflector/views/meetings.py

@@ -10,6 +10,7 @@ from reflector.db.meetings import (
     meeting_consent_controller,
     meetings_controller,
 )
+from reflector.db.rooms import rooms_controller
 
 router = APIRouter()
 
@@ -41,3 +42,34 @@ async def meeting_audio_consent(
     updated_consent = await meeting_consent_controller.upsert(consent)
 
     return {"status": "success", "consent_id": updated_consent.id}
+
+
+@router.patch("/meetings/{meeting_id}/deactivate")
+async def meeting_deactivate(
+    meeting_id: str,
+    user: Annotated[Optional[auth.UserInfo], Depends(auth.current_user)],
+):
+    user_id = user["sub"] if user else None
+    if not user_id:
+        raise HTTPException(status_code=401, detail="Authentication required")
+
+    meeting = await meetings_controller.get_by_id(meeting_id)
+    if not meeting:
+        raise HTTPException(status_code=404, detail="Meeting not found")
+
+    if not meeting.is_active:
+        return {"status": "success", "meeting_id": meeting_id}
+
+    # Only room owner or meeting creator can deactivate
+    room = await rooms_controller.get_by_id(meeting.room_id)
+    if not room:
+        raise HTTPException(status_code=404, detail="Room not found")
+
+    if user_id != room.user_id and user_id != meeting.user_id:
+        raise HTTPException(
+            status_code=403, detail="Only the room owner can deactivate meetings"
+        )
+
+    await meetings_controller.update_meeting(meeting_id, is_active=False)
+
+    return {"status": "success", "meeting_id": meeting_id}

server/reflector/views/rooms.py

@@ -1,34 +1,31 @@
 import logging
-import sqlite3
 from datetime import datetime, timedelta, timezone
-from typing import Annotated, Literal, Optional
+from enum import Enum
+from typing import Annotated, Any, Literal, Optional
 
-import asyncpg.exceptions
 from fastapi import APIRouter, Depends, HTTPException
 from fastapi_pagination import Page
 from fastapi_pagination.ext.databases import apaginate
 from pydantic import BaseModel
+from redis.exceptions import LockError
 
 import reflector.auth as auth
 from reflector.db import get_database
+from reflector.db.calendar_events import calendar_events_controller
 from reflector.db.meetings import meetings_controller
 from reflector.db.rooms import rooms_controller
+from reflector.redis_cache import RedisAsyncLock
+from reflector.services.ics_sync import ics_sync_service
 from reflector.settings import settings
-from reflector.whereby import create_meeting, upload_logo
+from reflector.video_platforms.base import Platform
+from reflector.video_platforms.factory import (
+    create_platform_client,
+    get_platform_for_room,
+)
 from reflector.worker.webhook import test_webhook
 
 logger = logging.getLogger(__name__)
 
-router = APIRouter()
-
-
-def parse_datetime_with_timezone(iso_string: str) -> datetime:
-    """Parse ISO datetime string and ensure timezone awareness (defaults to UTC if naive)."""
-    dt = datetime.fromisoformat(iso_string)
-    if dt.tzinfo is None:
-        dt = dt.replace(tzinfo=timezone.utc)
-    return dt
-
 
 class Room(BaseModel):
     id: str
@@ -43,6 +40,12 @@ class Room(BaseModel):
     recording_type: str
     recording_trigger: str
     is_shared: bool
+    ics_url: Optional[str] = None
+    ics_fetch_interval: int = 300
+    ics_enabled: bool = False
+    ics_last_sync: Optional[datetime] = None
+    ics_last_etag: Optional[str] = None
+    platform: Platform = "whereby"
 
 
 class RoomDetails(Room):
@@ -54,10 +57,23 @@ class Meeting(BaseModel):
     id: str
     room_name: str
     room_url: str
+    # TODO it's not always present, | None
     host_room_url: str
     start_date: datetime
     end_date: datetime
+    user_id: str | None = None
+    room_id: str | None = None
+    is_locked: bool = False
+    room_mode: Literal["normal", "group"] = "normal"
     recording_type: Literal["none", "local", "cloud"] = "cloud"
+    recording_trigger: Literal[
+        "none", "prompt", "automatic", "automatic-2nd-participant"
+    ] = "automatic-2nd-participant"
+    num_clients: int = 0
+    is_active: bool = True
+    calendar_event_id: str | None = None
+    calendar_metadata: dict[str, Any] | None = None
+    platform: Platform = "whereby"
 
 
 class CreateRoom(BaseModel):
@@ -72,20 +88,32 @@ class CreateRoom(BaseModel):
     is_shared: bool
     webhook_url: str
     webhook_secret: str
+    ics_url: Optional[str] = None
+    ics_fetch_interval: int = 300
+    ics_enabled: bool = False
+    platform: Optional[Platform] = None
 
 
 class UpdateRoom(BaseModel):
-    name: str
-    zulip_auto_post: bool
-    zulip_stream: str
-    zulip_topic: str
-    is_locked: bool
-    room_mode: str
-    recording_type: str
-    recording_trigger: str
-    is_shared: bool
-    webhook_url: str
-    webhook_secret: str
+    name: Optional[str] = None
+    zulip_auto_post: Optional[bool] = None
+    zulip_stream: Optional[str] = None
+    zulip_topic: Optional[str] = None
+    is_locked: Optional[bool] = None
+    room_mode: Optional[str] = None
+    recording_type: Optional[str] = None
+    recording_trigger: Optional[str] = None
+    is_shared: Optional[bool] = None
+    webhook_url: Optional[str] = None
+    webhook_secret: Optional[str] = None
+    ics_url: Optional[str] = None
+    ics_fetch_interval: Optional[int] = None
+    ics_enabled: Optional[bool] = None
+    platform: Optional[Platform] = None
+
+
+class CreateRoomMeeting(BaseModel):
+    allow_duplicated: Optional[bool] = False
 
 
 class DeletionStatus(BaseModel):
@@ -100,6 +128,59 @@ class WebhookTestResult(BaseModel):
     response_preview: str | None = None
 
 
+class ICSStatus(BaseModel):
+    status: Literal["enabled", "disabled"]
+    last_sync: Optional[datetime] = None
+    next_sync: Optional[datetime] = None
+    last_etag: Optional[str] = None
+    events_count: int = 0
+
+
+class SyncStatus(str, Enum):
+    success = "success"
+    unchanged = "unchanged"
+    error = "error"
+    skipped = "skipped"
+
+
+class ICSSyncResult(BaseModel):
+    status: SyncStatus
+    hash: Optional[str] = None
+    events_found: int = 0
+    total_events: int = 0
+    events_created: int = 0
+    events_updated: int = 0
+    events_deleted: int = 0
+    error: Optional[str] = None
+    reason: Optional[str] = None
+
+
+class CalendarEventResponse(BaseModel):
+    id: str
+    room_id: str
+    ics_uid: str
+    title: Optional[str] = None
+    description: Optional[str] = None
+    start_time: datetime
+    end_time: datetime
+    attendees: Optional[list[dict]] = None
+    location: Optional[str] = None
+    last_synced: datetime
+    created_at: datetime
+    updated_at: datetime
+
+
+router = APIRouter()
+
+
+def parse_datetime_with_timezone(iso_string: str) -> datetime:
+    """Parse ISO datetime string and ensure timezone awareness (defaults to UTC if naive)."""
+    dt = datetime.fromisoformat(iso_string)
+    if dt.tzinfo is None:
+        dt = dt.replace(tzinfo=timezone.utc)
+    return dt
+
+
 @router.get("/rooms", response_model=Page[RoomDetails])
 async def rooms_list(
     user: Annotated[Optional[auth.UserInfo], Depends(auth.current_user_optional)],
@@ -109,13 +190,18 @@ async def rooms_list(
 
     user_id = user["sub"] if user else None
 
-    return await apaginate(
+    paginated = await apaginate(
         get_database(),
         await rooms_controller.get_all(
             user_id=user_id, order_by="-created_at", return_query=True
         ),
     )
 
+    for room in paginated.items:
+        room.platform = get_platform_for_room(room.id, room.platform)
+
+    return paginated
+
 
 @router.get("/rooms/{room_id}", response_model=RoomDetails)
 async def rooms_get(
@@ -126,15 +212,41 @@ async def rooms_get(
     room = await rooms_controller.get_by_id_for_http(room_id, user_id=user_id)
     if not room:
         raise HTTPException(status_code=404, detail="Room not found")
+    if not room.is_shared and (user_id is None or room.user_id != user_id):
+        raise HTTPException(status_code=403, detail="Room access denied")
+    room.platform = get_platform_for_room(room.id, room.platform)
     return room
 
 
+@router.get("/rooms/name/{room_name}", response_model=RoomDetails)
+async def rooms_get_by_name(
+    room_name: str,
+    user: Annotated[Optional[auth.UserInfo], Depends(auth.current_user_optional)],
+):
+    user_id = user["sub"] if user else None
+    room = await rooms_controller.get_by_name(room_name)
+    if not room:
+        raise HTTPException(status_code=404, detail="Room not found")
+
+    room_dict = room.__dict__.copy()
+    if user_id == room.user_id:
+        room_dict["webhook_url"] = getattr(room, "webhook_url", None)
+        room_dict["webhook_secret"] = getattr(room, "webhook_secret", None)
+    else:
+        room_dict["webhook_url"] = None
+        room_dict["webhook_secret"] = None
+
+    room_dict["platform"] = get_platform_for_room(room.id, room.platform)
+
+    return RoomDetails(**room_dict)
+
+
 @router.post("/rooms", response_model=Room)
 async def rooms_create(
     room: CreateRoom,
-    user: Annotated[Optional[auth.UserInfo], Depends(auth.current_user_optional)],
+    user: Annotated[auth.UserInfo, Depends(auth.current_user)],
 ):
-    user_id = user["sub"] if user else None
+    user_id = user["sub"]
 
     return await rooms_controller.add(
         name=room.name,
@@ -149,6 +261,10 @@ async def rooms_create(
         is_shared=room.is_shared,
         webhook_url=room.webhook_url,
         webhook_secret=room.webhook_secret,
+        ics_url=room.ics_url,
+        ics_fetch_interval=room.ics_fetch_interval,
+        ics_enabled=room.ics_enabled,
+        platform=room.platform,
     )
 
 
@@ -156,26 +272,31 @@ async def rooms_create(
 async def rooms_update(
     room_id: str,
     info: UpdateRoom,
-    user: Annotated[Optional[auth.UserInfo], Depends(auth.current_user_optional)],
+    user: Annotated[auth.UserInfo, Depends(auth.current_user)],
 ):
-    user_id = user["sub"] if user else None
+    user_id = user["sub"]
     room = await rooms_controller.get_by_id_for_http(room_id, user_id=user_id)
     if not room:
         raise HTTPException(status_code=404, detail="Room not found")
+    if room.user_id != user_id:
+        raise HTTPException(status_code=403, detail="Not authorized")
     values = info.dict(exclude_unset=True)
     await rooms_controller.update(room, values)
+    room.platform = get_platform_for_room(room.id, room.platform)
     return room
 
 
 @router.delete("/rooms/{room_id}", response_model=DeletionStatus)
 async def rooms_delete(
     room_id: str,
-    user: Annotated[Optional[auth.UserInfo], Depends(auth.current_user_optional)],
+    user: Annotated[auth.UserInfo, Depends(auth.current_user)],
 ):
-    user_id = user["sub"] if user else None
-    room = await rooms_controller.get_by_id(room_id, user_id=user_id)
+    user_id = user["sub"]
+    room = await rooms_controller.get_by_id(room_id)
     if not room:
         raise HTTPException(status_code=404, detail="Room not found")
+    if room.user_id != user_id:
+        raise HTTPException(status_code=403, detail="Not authorized")
     await rooms_controller.remove_by_id(room.id, user_id=user_id)
     return DeletionStatus(status="ok")
 
@@ -183,6 +304,7 @@ async def rooms_delete(
 @router.post("/rooms/{room_name}/meeting", response_model=Meeting)
 async def rooms_create_meeting(
     room_name: str,
+    info: CreateRoomMeeting,
     user: Annotated[Optional[auth.UserInfo], Depends(auth.current_user_optional)],
 ):
     user_id = user["sub"] if user else None
@@ -190,52 +312,63 @@ async def rooms_create_meeting(
     if not room:
         raise HTTPException(status_code=404, detail="Room not found")
 
-    current_time = datetime.now(timezone.utc)
-    meeting = await meetings_controller.get_active(room=room, current_time=current_time)
+    try:
+        async with RedisAsyncLock(
+            f"create_meeting:{room_name}",
+            timeout=30,
+            extend_interval=10,
+            blocking_timeout=5.0,
+        ) as lock:
+            current_time = datetime.now(timezone.utc)
 
-    if meeting is None:
-        end_date = current_time + timedelta(hours=8)
+            meeting = None
+            if not info.allow_duplicated:
+                meeting = await meetings_controller.get_active(
+                    room=room, current_time=current_time
+                )
 
-        whereby_meeting = await create_meeting("", end_date=end_date, room=room)
-        await upload_logo(whereby_meeting["roomName"], "./images/logo.png")
-
-        # Now try to save to database
-        try:
-            meeting = await meetings_controller.create(
-                id=whereby_meeting["meetingId"],
-                room_name=whereby_meeting["roomName"],
-                room_url=whereby_meeting["roomUrl"],
-                host_room_url=whereby_meeting["hostRoomUrl"],
-                start_date=parse_datetime_with_timezone(whereby_meeting["startDate"]),
-                end_date=parse_datetime_with_timezone(whereby_meeting["endDate"]),
-                user_id=user_id,
-                room=room,
-            )
-        except (asyncpg.exceptions.UniqueViolationError, sqlite3.IntegrityError):
-            # Another request already created a meeting for this room
-            # Log this race condition occurrence
-            logger.info(
-                "Race condition detected for room %s - fetching existing meeting",
-                room.name,
-            )
-            logger.warning(
-                "Whereby meeting %s was created but not used (resource leak) for room %s",
-                whereby_meeting["meetingId"],
-                room.name,
-            )
-
-            # Fetch the meeting that was created by the other request
-            meeting = await meetings_controller.get_active(
-                room=room, current_time=current_time
-            )
             if meeting is None:
-                # Edge case: meeting was created but expired/deleted between checks
-                logger.error(
-                    "Meeting disappeared after race condition for room %s", room.name
+                end_date = current_time + timedelta(hours=8)
+
+                # Determine which platform to use
+                platform = get_platform_for_room(room.id, room.platform)
+                client = create_platform_client(platform)
+
+                # Create meeting via platform abstraction
+                meeting_data = await client.create_meeting(
+                    room.name, end_date=end_date, room=room
                 )
-                raise HTTPException(
-                    status_code=503, detail="Unable to join meeting - please try again"
+
+                # Upload logo if supported by platform
+                await client.upload_logo(meeting_data.room_name, "./images/logo.png")
+
+                meeting = await meetings_controller.create(
+                    id=meeting_data.meeting_id,
+                    room_name=meeting_data.room_name,
+                    room_url=meeting_data.room_url,
+                    host_room_url=meeting_data.host_room_url,
+                    start_date=current_time,
+                    end_date=end_date,
+                    room=room,
+                    platform=platform,
                 )
+    except LockError:
+        logger.warning("Failed to acquire lock for room %s within timeout", room_name)
+        raise HTTPException(
+            status_code=503, detail="Meeting creation in progress, please try again"
+        )
+
+    meeting.platform = get_platform_for_room(room.id, room.platform)
+
+    if meeting.platform == "daily" and room.recording_trigger != "none":
+        client = create_platform_client(meeting.platform)
+        token = await client.create_meeting_token(
+            meeting.room_name, enable_recording=True
+        )
+        meeting = meeting.model_copy()
+        meeting.room_url += f"?t={token}"
+        if meeting.host_room_url:
+            meeting.host_room_url += f"?t={token}"
 
     if user_id != room.user_id:
         meeting.host_room_url = ""
@@ -246,19 +379,224 @@ async def rooms_create_meeting(
 @router.post("/rooms/{room_id}/webhook/test", response_model=WebhookTestResult)
 async def rooms_test_webhook(
     room_id: str,
-    user: Annotated[Optional[auth.UserInfo], Depends(auth.current_user_optional)],
+    user: Annotated[auth.UserInfo, Depends(auth.current_user)],
 ):
     """Test webhook configuration by sending a sample payload."""
-    user_id = user["sub"] if user else None
+    user_id = user["sub"]
 
     room = await rooms_controller.get_by_id(room_id)
     if not room:
         raise HTTPException(status_code=404, detail="Room not found")
 
-    if user_id and room.user_id != user_id:
+    if room.user_id != user_id:
         raise HTTPException(
             status_code=403, detail="Not authorized to test this room's webhook"
         )
 
     result = await test_webhook(room_id)
     return WebhookTestResult(**result)
+
+
+@router.post("/rooms/{room_name}/ics/sync", response_model=ICSSyncResult)
+async def rooms_sync_ics(
+    room_name: str,
+    user: Annotated[Optional[auth.UserInfo], Depends(auth.current_user_optional)],
+):
+    user_id = user["sub"] if user else None
+    room = await rooms_controller.get_by_name(room_name)
+
+    if not room:
+        raise HTTPException(status_code=404, detail="Room not found")
+
+    if user_id != room.user_id:
+        raise HTTPException(
+            status_code=403, detail="Only room owner can trigger ICS sync"
+        )
+
+    if not room.ics_enabled or not room.ics_url:
+        raise HTTPException(status_code=400, detail="ICS not configured for this room")
+
+    result = await ics_sync_service.sync_room_calendar(room)
+
+    if result["status"] == "error":
+        raise HTTPException(
+            status_code=500, detail=result.get("error", "Unknown error")
+        )
+
+    return ICSSyncResult(**result)
+
+
+@router.get("/rooms/{room_name}/ics/status", response_model=ICSStatus)
+async def rooms_ics_status(
+    room_name: str,
+    user: Annotated[Optional[auth.UserInfo], Depends(auth.current_user_optional)],
+):
+    user_id = user["sub"] if user else None
+    room = await rooms_controller.get_by_name(room_name)
+
+    if not room:
+        raise HTTPException(status_code=404, detail="Room not found")
+
+    if user_id != room.user_id:
+        raise HTTPException(
+            status_code=403, detail="Only room owner can view ICS status"
+        )
+
+    next_sync = None
+    if room.ics_enabled and room.ics_last_sync:
+        next_sync = room.ics_last_sync + timedelta(seconds=room.ics_fetch_interval)
+
+    events = await calendar_events_controller.get_by_room(
+        room.id, include_deleted=False
+    )
+
+    return ICSStatus(
+        status="enabled" if room.ics_enabled else "disabled",
+        last_sync=room.ics_last_sync,
+        next_sync=next_sync,
+        last_etag=room.ics_last_etag,
+        events_count=len(events),
+    )
+
+
+@router.get("/rooms/{room_name}/meetings", response_model=list[CalendarEventResponse])
+async def rooms_list_meetings(
+    room_name: str,
+    user: Annotated[Optional[auth.UserInfo], Depends(auth.current_user_optional)],
+):
+    user_id = user["sub"] if user else None
+    room = await rooms_controller.get_by_name(room_name)
+
+    if not room:
+        raise HTTPException(status_code=404, detail="Room not found")
+
+    events = await calendar_events_controller.get_by_room(
+        room.id, include_deleted=False
+    )
+
+    if user_id != room.user_id:
+        for event in events:
+            event.description = None
+            event.attendees = None
+
+    return events
+
+
+@router.get(
+    "/rooms/{room_name}/meetings/upcoming", response_model=list[CalendarEventResponse]
+)
+async def rooms_list_upcoming_meetings(
+    room_name: str,
+    user: Annotated[Optional[auth.UserInfo], Depends(auth.current_user_optional)],
+    minutes_ahead: int = 120,
+):
+    user_id = user["sub"] if user else None
+    room = await rooms_controller.get_by_name(room_name)
+
+    if not room:
+        raise HTTPException(status_code=404, detail="Room not found")
+
+    events = await calendar_events_controller.get_upcoming(
+        room.id, minutes_ahead=minutes_ahead
+    )
+
+    if user_id != room.user_id:
+        for event in events:
+            event.description = None
+            event.attendees = None
+
+    return events
+
+
+@router.get("/rooms/{room_name}/meetings/active", response_model=list[Meeting])
+async def rooms_list_active_meetings(
+    room_name: str,
+    user: Annotated[Optional[auth.UserInfo], Depends(auth.current_user_optional)],
+):
+    user_id = user["sub"] if user else None
+    room = await rooms_controller.get_by_name(room_name)
+
+    if not room:
+        raise HTTPException(status_code=404, detail="Room not found")
+
+    current_time = datetime.now(timezone.utc)
+    meetings = await meetings_controller.get_all_active_for_room(
+        room=room, current_time=current_time
+    )
+
+    effective_platform = get_platform_for_room(room.id, room.platform)
+    for meeting in meetings:
+        meeting.platform = effective_platform
+
+    if user_id != room.user_id:
+        for meeting in meetings:
+            meeting.host_room_url = ""
+
+    return meetings
+
+
+@router.get("/rooms/{room_name}/meetings/{meeting_id}", response_model=Meeting)
+async def rooms_get_meeting(
+    room_name: str,
+    meeting_id: str,
+    user: Annotated[Optional[auth.UserInfo], Depends(auth.current_user_optional)],
+):
+    """Get a single meeting by ID within a specific room."""
+    user_id = user["sub"] if user else None
+
+    room = await rooms_controller.get_by_name(room_name)
+    if not room:
+        raise HTTPException(status_code=404, detail="Room not found")
+
+    meeting = await meetings_controller.get_by_id(meeting_id)
+    if not meeting:
+        raise HTTPException(status_code=404, detail="Meeting not found")
+
+    if meeting.room_id != room.id:
+        raise HTTPException(
+            status_code=403, detail="Meeting does not belong to this room"
+        )
+
+    meeting.platform = get_platform_for_room(room.id, room.platform)
+
+    if user_id != room.user_id and not room.is_shared:
+        meeting.host_room_url = ""
+
+    return meeting
+
+
+@router.post("/rooms/{room_name}/meetings/{meeting_id}/join", response_model=Meeting)
+async def rooms_join_meeting(
+    room_name: str,
+    meeting_id: str,
+    user: Annotated[Optional[auth.UserInfo], Depends(auth.current_user_optional)],
+):
+    user_id = user["sub"] if user else None
+    room = await rooms_controller.get_by_name(room_name)
+
+    if not room:
+        raise HTTPException(status_code=404, detail="Room not found")
+
+    meeting = await meetings_controller.get_by_id(meeting_id)
+
+    if not meeting:
+        raise HTTPException(status_code=404, detail="Meeting not found")
+
+    if meeting.room_id != room.id:
+        raise HTTPException(
+            status_code=403, detail="Meeting does not belong to this room"
+        )
+
+    if not meeting.is_active:
+        raise HTTPException(status_code=400, detail="Meeting is not active")
+
+    current_time = datetime.now(timezone.utc)
+    if meeting.end_date <= current_time:
+        raise HTTPException(status_code=400, detail="Meeting has ended")
+
+    meeting.platform = get_platform_for_room(room.id, room.platform)
+
+    if user_id != room.user_id:
+        meeting.host_room_url = ""
+
+    return meeting

server/reflector/views/transcripts.py

@@ -5,12 +5,10 @@ from fastapi import APIRouter, Depends, HTTPException, Query
 from fastapi_pagination import Page
 from fastapi_pagination.ext.databases import apaginate
 from jose import jwt
-from pydantic import BaseModel, Field, field_serializer
+from pydantic import BaseModel, Field, constr, field_serializer
 
 import reflector.auth as auth
 from reflector.db import get_database
-from reflector.db.meetings import meetings_controller
-from reflector.db.rooms import rooms_controller
 from reflector.db.search import (
     DEFAULT_SEARCH_LIMIT,
     SearchLimit,
@@ -19,20 +17,22 @@ from reflector.db.search import (
     SearchOffsetBase,
     SearchParameters,
     SearchQuery,
-    SearchQueryBase,
     SearchResult,
     SearchTotal,
     search_controller,
+    search_query_adapter,
 )
 from reflector.db.transcripts import (
     SourceKind,
     TranscriptParticipant,
+    TranscriptStatus,
     TranscriptTopic,
     transcripts_controller,
 )
 from reflector.processors.types import Transcript as ProcessorTranscript
 from reflector.processors.types import Word
 from reflector.settings import settings
+from reflector.ws_manager import get_ws_manager
 from reflector.zulip import (
     InvalidMessageError,
     get_zulip_message,
@@ -63,7 +63,7 @@ class GetTranscriptMinimal(BaseModel):
     id: str
     user_id: str | None
     name: str
-    status: str
+    status: TranscriptStatus
     locked: bool
     duration: float
     title: str | None
@@ -96,6 +96,7 @@ class CreateTranscript(BaseModel):
     name: str
     source_language: str = Field("en")
     target_language: str = Field("en")
+    source_kind: SourceKind | None = None
 
 
 class UpdateTranscript(BaseModel):
@@ -114,7 +115,19 @@ class DeletionStatus(BaseModel):
     status: str
 
 
-SearchQueryParam = Annotated[SearchQueryBase, Query(description="Search query text")]
+SearchQueryParamBase = constr(min_length=0, strip_whitespace=True)
+SearchQueryParam = Annotated[
+    SearchQueryParamBase, Query(description="Search query text")
+]
+
+
+# http and api standards accept "q="; we would like to handle it as the absence of query, not as "empty string query"
+def parse_search_query_param(q: SearchQueryParam) -> SearchQuery | None:
+    if q == "":
+        return None
+    return search_query_adapter.validate_python(q)
+
+
 SearchLimitParam = Annotated[SearchLimitBase, Query(description="Results per page")]
 SearchOffsetParam = Annotated[
     SearchOffsetBase, Query(description="Number of results to skip")
@@ -124,7 +137,7 @@ SearchOffsetParam = Annotated[
 class SearchResponse(BaseModel):
     results: list[SearchResult]
     total: SearchTotal
-    query: SearchQuery
+    query: SearchQuery | None = None
     limit: SearchLimit
     offset: SearchOffset
 
@@ -174,7 +187,7 @@ async def transcripts_search(
     user_id = user["sub"] if user else None
 
     search_params = SearchParameters(
-        query_text=q,
+        query_text=parse_search_query_param(q),
         limit=limit,
         offset=offset,
         user_id=user_id,
@@ -199,14 +212,22 @@ async def transcripts_create(
     user: Annotated[Optional[auth.UserInfo], Depends(auth.current_user_optional)],
 ):
     user_id = user["sub"] if user else None
-    return await transcripts_controller.add(
+    transcript = await transcripts_controller.add(
         info.name,
-        source_kind=SourceKind.LIVE,
+        source_kind=info.source_kind or SourceKind.LIVE,
         source_language=info.source_language,
         target_language=info.target_language,
         user_id=user_id,
     )
 
+    if user_id:
+        await get_ws_manager().send_json(
+            room_id=f"user:{user_id}",
+            message={"event": "TRANSCRIPT_CREATED", "data": {"id": transcript.id}},
+        )
+
+    return transcript
+
 
 # ==============================================================
 # Single transcript
@@ -330,14 +351,14 @@ async def transcript_get(
 async def transcript_update(
     transcript_id: str,
     info: UpdateTranscript,
-    user: Annotated[Optional[auth.UserInfo], Depends(auth.current_user_optional)],
+    user: Annotated[auth.UserInfo, Depends(auth.current_user)],
 ):
-    user_id = user["sub"] if user else None
+    user_id = user["sub"]
     transcript = await transcripts_controller.get_by_id_for_http(
         transcript_id, user_id=user_id
     )
-    if not transcript:
-        raise HTTPException(status_code=404, detail="Transcript not found")
+    if not transcripts_controller.user_can_mutate(transcript, user_id):
+        raise HTTPException(status_code=403, detail="Not authorized")
     values = info.dict(exclude_unset=True)
     updated_transcript = await transcripts_controller.update(transcript, values)
     return updated_transcript
@@ -346,20 +367,20 @@ async def transcript_update(
 @router.delete("/transcripts/{transcript_id}", response_model=DeletionStatus)
 async def transcript_delete(
     transcript_id: str,
-    user: Annotated[Optional[auth.UserInfo], Depends(auth.current_user_optional)],
+    user: Annotated[auth.UserInfo, Depends(auth.current_user)],
 ):
-    user_id = user["sub"] if user else None
+    user_id = user["sub"]
     transcript = await transcripts_controller.get_by_id(transcript_id)
     if not transcript:
         raise HTTPException(status_code=404, detail="Transcript not found")
-
-    if transcript.meeting_id:
-        meeting = await meetings_controller.get_by_id(transcript.meeting_id)
-        room = await rooms_controller.get_by_id(meeting.room_id)
-        if room.is_shared:
-            user_id = None
+    if not transcripts_controller.user_can_mutate(transcript, user_id):
+        raise HTTPException(status_code=403, detail="Not authorized")
 
     await transcripts_controller.remove_by_id(transcript.id, user_id=user_id)
+    await get_ws_manager().send_json(
+        room_id=f"user:{user_id}",
+        message={"event": "TRANSCRIPT_DELETED", "data": {"id": transcript.id}},
+    )
     return DeletionStatus(status="ok")
 
 
@@ -431,15 +452,16 @@ async def transcript_post_to_zulip(
     stream: str,
     topic: str,
     include_topics: bool,
-    user: Annotated[Optional[auth.UserInfo], Depends(auth.current_user_optional)],
+    user: Annotated[auth.UserInfo, Depends(auth.current_user)],
 ):
-    user_id = user["sub"] if user else None
+    user_id = user["sub"]
     transcript = await transcripts_controller.get_by_id_for_http(
         transcript_id, user_id=user_id
     )
     if not transcript:
         raise HTTPException(status_code=404, detail="Transcript not found")
-
+    if not transcripts_controller.user_can_mutate(transcript, user_id):
+        raise HTTPException(status_code=403, detail="Not authorized")
     content = get_zulip_message(transcript, include_topics)
 
     message_updated = False

server/reflector/views/transcripts_participants.py

@@ -56,12 +56,14 @@ async def transcript_get_participants(
 async def transcript_add_participant(
     transcript_id: str,
     participant: CreateParticipant,
-    user: Annotated[Optional[auth.UserInfo], Depends(auth.current_user_optional)],
+    user: Annotated[auth.UserInfo, Depends(auth.current_user)],
 ) -> Participant:
-    user_id = user["sub"] if user else None
+    user_id = user["sub"]
     transcript = await transcripts_controller.get_by_id_for_http(
         transcript_id, user_id=user_id
     )
+    if transcript.user_id is not None and transcript.user_id != user_id:
+        raise HTTPException(status_code=403, detail="Not authorized")
 
     # ensure the speaker is unique
     if participant.speaker is not None and transcript.participants is not None:
@@ -101,12 +103,14 @@ async def transcript_update_participant(
     transcript_id: str,
     participant_id: str,
     participant: UpdateParticipant,
-    user: Annotated[Optional[auth.UserInfo], Depends(auth.current_user_optional)],
+    user: Annotated[auth.UserInfo, Depends(auth.current_user)],
 ) -> Participant:
-    user_id = user["sub"] if user else None
+    user_id = user["sub"]
     transcript = await transcripts_controller.get_by_id_for_http(
         transcript_id, user_id=user_id
     )
+    if transcript.user_id is not None and transcript.user_id != user_id:
+        raise HTTPException(status_code=403, detail="Not authorized")
 
     # ensure the speaker is unique
     for p in transcript.participants:
@@ -138,11 +142,13 @@ async def transcript_update_participant(
 async def transcript_delete_participant(
     transcript_id: str,
     participant_id: str,
-    user: Annotated[Optional[auth.UserInfo], Depends(auth.current_user_optional)],
+    user: Annotated[auth.UserInfo, Depends(auth.current_user)],
 ) -> DeletionStatus:
-    user_id = user["sub"] if user else None
+    user_id = user["sub"]
     transcript = await transcripts_controller.get_by_id_for_http(
         transcript_id, user_id=user_id
     )
+    if transcript.user_id is not None and transcript.user_id != user_id:
+        raise HTTPException(status_code=403, detail="Not authorized")
     await transcripts_controller.delete_participant(transcript, participant_id)
     return DeletionStatus(status="ok")

server/reflector/views/transcripts_process.py

@@ -34,7 +34,7 @@ async def transcript_process(
         )
 
     if task_is_scheduled_or_active(
-        "reflector.pipelines.main_live_pipeline.task_pipeline_process",
+        "reflector.pipelines.main_file_pipeline.task_pipeline_file_process",
         transcript_id=transcript_id,
     ):
         return ProcessStatus(status="already running")

server/reflector/views/transcripts_speaker.py

@@ -35,12 +35,14 @@ class SpeakerMerge(BaseModel):
 async def transcript_assign_speaker(
     transcript_id: str,
     assignment: SpeakerAssignment,
-    user: Annotated[Optional[auth.UserInfo], Depends(auth.current_user_optional)],
+    user: Annotated[auth.UserInfo, Depends(auth.current_user)],
 ) -> SpeakerAssignmentStatus:
-    user_id = user["sub"] if user else None
+    user_id = user["sub"]
     transcript = await transcripts_controller.get_by_id_for_http(
         transcript_id, user_id=user_id
     )
+    if transcript.user_id is not None and transcript.user_id != user_id:
+        raise HTTPException(status_code=403, detail="Not authorized")
 
     if not transcript:
         raise HTTPException(status_code=404, detail="Transcript not found")
@@ -113,12 +115,14 @@ async def transcript_assign_speaker(
 async def transcript_merge_speaker(
     transcript_id: str,
     merge: SpeakerMerge,
-    user: Annotated[Optional[auth.UserInfo], Depends(auth.current_user_optional)],
+    user: Annotated[auth.UserInfo, Depends(auth.current_user)],
 ) -> SpeakerAssignmentStatus:
-    user_id = user["sub"] if user else None
+    user_id = user["sub"]
     transcript = await transcripts_controller.get_by_id_for_http(
         transcript_id, user_id=user_id
     )
+    if transcript.user_id is not None and transcript.user_id != user_id:
+        raise HTTPException(status_code=403, detail="Not authorized")
 
     if not transcript:
         raise HTTPException(status_code=404, detail="Transcript not found")

server/reflector/views/transcripts_websocket.py

@@ -4,8 +4,11 @@ Transcripts websocket API
 
 """
 
-from fastapi import APIRouter, HTTPException, WebSocket, WebSocketDisconnect
+from typing import Optional
 
+from fastapi import APIRouter, Depends, HTTPException, WebSocket, WebSocketDisconnect
+
+import reflector.auth as auth
 from reflector.db.transcripts import transcripts_controller
 from reflector.ws_manager import get_ws_manager
 
@@ -21,10 +24,12 @@ async def transcript_get_websocket_events(transcript_id: str):
 async def transcript_events_websocket(
     transcript_id: str,
     websocket: WebSocket,
-    # user: Annotated[Optional[auth.UserInfo], Depends(auth.current_user_optional)],
+    user: Optional[auth.UserInfo] = Depends(auth.current_user_optional),
 ):
-    # user_id = user["sub"] if user else None
-    transcript = await transcripts_controller.get_by_id(transcript_id)
+    user_id = user["sub"] if user else None
+    transcript = await transcripts_controller.get_by_id_for_http(
+        transcript_id, user_id=user_id
+    )
     if not transcript:
         raise HTTPException(status_code=404, detail="Transcript not found")
 

server/reflector/views/user_websocket.py

@@ -0,0 +1,53 @@
+from typing import Optional
+
+from fastapi import APIRouter, WebSocket
+
+from reflector.auth.auth_jwt import JWTAuth  # type: ignore
+from reflector.ws_manager import get_ws_manager
+
+router = APIRouter()
+
+# Close code for unauthorized WebSocket connections
+UNAUTHORISED = 4401
+
+
+@router.websocket("/events")
+async def user_events_websocket(websocket: WebSocket):
+    # Browser can't send Authorization header for WS; use subprotocol: ["bearer", token]
+    raw_subprotocol = websocket.headers.get("sec-websocket-protocol") or ""
+    parts = [p.strip() for p in raw_subprotocol.split(",") if p.strip()]
+    token: Optional[str] = None
+    negotiated_subprotocol: Optional[str] = None
+    if len(parts) >= 2 and parts[0].lower() == "bearer":
+        negotiated_subprotocol = "bearer"
+        token = parts[1]
+
+    user_id: Optional[str] = None
+    if not token:
+        await websocket.close(code=UNAUTHORISED)
+        return
+
+    try:
+        payload = JWTAuth().verify_token(token)
+        user_id = payload.get("sub")
+    except Exception:
+        await websocket.close(code=UNAUTHORISED)
+        return
+
+    if not user_id:
+        await websocket.close(code=UNAUTHORISED)
+        return
+
+    room_id = f"user:{user_id}"
+    ws_manager = get_ws_manager()
+
+    await ws_manager.add_user_to_room(
+        room_id, websocket, subprotocol=negotiated_subprotocol
+    )
+
+    try:
+        while True:
+            await websocket.receive()
+    finally:
+        if room_id:
+            await ws_manager.remove_user_from_room(room_id, websocket)

server/reflector/views/whereby.py

@@ -68,8 +68,7 @@ async def whereby_webhook(event: WherebyWebhookEvent, request: Request):
         raise HTTPException(status_code=404, detail="Meeting not found")
 
     if event.type in ["room.client.joined", "room.client.left"]:
-        await meetings_controller.update_meeting(
-            meeting.id, num_clients=event.data["numClients"]
-        )
+        update_data = {"num_clients": event.data["numClients"]}
+        await meetings_controller.update_meeting(meeting.id, **update_data)
 
     return {"status": "ok"}

server/reflector/whereby.py

@@ -1,18 +1,60 @@
+import logging
 from datetime import datetime
 
 import httpx
 
 from reflector.db.rooms import Room
 from reflector.settings import settings
+from reflector.utils.string import parse_non_empty_string
+
+logger = logging.getLogger(__name__)
+
+
+def _get_headers():
+    api_key = parse_non_empty_string(
+        settings.WHEREBY_API_KEY, "WHEREBY_API_KEY value is required."
+    )
+    return {
+        "Content-Type": "application/json; charset=utf-8",
+        "Authorization": f"Bearer {api_key}",
+    }
+
 
-HEADERS = {
-    "Content-Type": "application/json; charset=utf-8",
-    "Authorization": f"Bearer {settings.WHEREBY_API_KEY}",
-}
 TIMEOUT = 10  # seconds
 
 
+def _get_whereby_s3_auth():
+    errors = []
+    try:
+        bucket_name = parse_non_empty_string(
+            settings.RECORDING_STORAGE_AWS_BUCKET_NAME,
+            "RECORDING_STORAGE_AWS_BUCKET_NAME value is required.",
+        )
+    except Exception as e:
+        errors.append(e)
+    try:
+        key_id = parse_non_empty_string(
+            settings.AWS_WHEREBY_ACCESS_KEY_ID,
+            "AWS_WHEREBY_ACCESS_KEY_ID value is required.",
+        )
+    except Exception as e:
+        errors.append(e)
+    try:
+        key_secret = parse_non_empty_string(
+            settings.AWS_WHEREBY_ACCESS_KEY_SECRET,
+            "AWS_WHEREBY_ACCESS_KEY_SECRET value is required.",
+        )
+    except Exception as e:
+        errors.append(e)
+    if len(errors) > 0:
+        raise Exception(
+            f"Failed to get Whereby auth settings: {', '.join(str(e) for e in errors)}"
+        )
+    return bucket_name, key_id, key_secret
+
+
 async def create_meeting(room_name_prefix: str, end_date: datetime, room: Room):
+    s3_bucket_name, s3_key_id, s3_key_secret = _get_whereby_s3_auth()
     data = {
         "isLocked": room.is_locked,
         "roomNamePrefix": room_name_prefix,
@@ -23,23 +65,26 @@ async def create_meeting(room_name_prefix: str, end_date: datetime, room: Room):
             "type": room.recording_type,
             "destination": {
                 "provider": "s3",
-                "bucket": settings.RECORDING_STORAGE_AWS_BUCKET_NAME,
-                "accessKeyId": settings.AWS_WHEREBY_ACCESS_KEY_ID,
-                "accessKeySecret": settings.AWS_WHEREBY_ACCESS_KEY_SECRET,
+                "bucket": s3_bucket_name,
+                "accessKeyId": s3_key_id,
+                "accessKeySecret": s3_key_secret,
                 "fileFormat": "mp4",
             },
             "startTrigger": room.recording_trigger,
         },
         "fields": ["hostRoomUrl"],
     }
-
     async with httpx.AsyncClient() as client:
         response = await client.post(
             f"{settings.WHEREBY_API_URL}/meetings",
-            headers=HEADERS,
+            headers=_get_headers(),
             json=data,
             timeout=TIMEOUT,
         )
+        if response.status_code == 403:
+            logger.warning(
+                f"Failed to create meeting: access denied on Whereby: {response.text}"
+            )
         response.raise_for_status()
         return response.json()
 
@@ -48,7 +93,7 @@ async def get_room_sessions(room_name: str):
     async with httpx.AsyncClient() as client:
         response = await client.get(
             f"{settings.WHEREBY_API_URL}/insights/room-sessions?roomName={room_name}",
-            headers=HEADERS,
+            headers=_get_headers(),
             timeout=TIMEOUT,
         )
         response.raise_for_status()

server/reflector/worker/app.py

@@ -20,6 +20,7 @@ else:
             "reflector.worker.healthcheck",
             "reflector.worker.process",
             "reflector.worker.cleanup",
+            "reflector.worker.ics_sync",
         ]
     )
 
@@ -37,6 +38,14 @@ else:
             "task": "reflector.worker.process.reprocess_failed_recordings",
             "schedule": crontab(hour=5, minute=0),  # Midnight EST
         },
+        "sync_all_ics_calendars": {
+            "task": "reflector.worker.ics_sync.sync_all_ics_calendars",
+            "schedule": 60.0,  # Run every minute to check which rooms need sync
+        },
+        "create_upcoming_meetings": {
+            "task": "reflector.worker.ics_sync.create_upcoming_meetings",
+            "schedule": 30.0,  # Run every 30 seconds to create upcoming meetings
+        },
     }
 
     if settings.PUBLIC_MODE:

server/reflector/worker/cleanup.py

@@ -5,7 +5,6 @@ Deletes old anonymous transcripts and their associated meetings/recordings.
 Transcripts are the main entry point - any associated data is also removed.
 """
 
-import asyncio
 from datetime import datetime, timedelta, timezone
 from typing import TypedDict
 
@@ -152,5 +151,5 @@ async def cleanup_old_public_data(
     retry_kwargs={"max_retries": 3, "countdown": 300},
 )
 @asynctask
-def cleanup_old_public_data_task(days: int | None = None):
-    asyncio.run(cleanup_old_public_data(days=days))
+async def cleanup_old_public_data_task(days: int | None = None):
+    await cleanup_old_public_data(days=days)

server/reflector/worker/daily_stub_data.py

@@ -0,0 +1,179 @@
+"""Stub data for Daily.co testing - Fish conversation"""
+
+import re
+from typing import Any
+
+from reflector.processors.types import Word
+from reflector.utils import generate_uuid4
+
+# Constants for stub data generation
+MIN_WORD_DURATION = 0.3  # Base duration per word in seconds
+WORD_LENGTH_MULTIPLIER = 0.05  # Additional duration per character
+NUM_STUB_TOPICS = 3  # Number of topics to generate
+
+# The fish argument text - 2 speakers arguing about eating fish
+FISH_TEXT = """Fish for dinner are nothing wrong with you? There's nothing wrong with me. Wrong with you? Would you shut up? There's nothing wrong with me. I'm just trying to. There's nothing wrong with me. I'm trying to eat a fish. Wrong with you trying to eat a fish and it falls off the plate. Would you shut up? You're bothering me. More than a fish is bothering me. Would you shut up and leave me alone? What's your problem? I'm just trying to eat a fish is wrong with you. I'm only trying to eat a fish. Would you shut up? Wrong with you. There's nothing wrong with me. There's nothing wrong with me. Wrong with you. There's nothing wrong with me. Wrong with you. There's nothing wrong with me. Would you shut up and let me eat my fish? Wrong with you. Shut up! What is wrong with you? Would you just shut up? What's your problem? Would you shut up with you? What is wrong with you? Wrong with me? I'm just trying to get my attention. Did you shut up? You're bothering me. Would you shut up? You're beginning to bug me. What's your problem? Just trying to eat my fish. Stay on the plate. Would you shut up? Just trying to eat my fish.
+
+I'm gonna hit you with my problem. You're worse than this fish. You're more of a problem than a fish. What's your problem? Would you shut up? Would you shut your mouth? I want to eat my fish. Shut up! I can't even think. What's your problem? Trying to eat my fish is wrong with you. I don't have a problem. What is wrong with you? I have a problem. What's your problem? I don't have a problem. Can't you hear me with you? Can't you hear me? I don't have a problem. I want to eat my fish. Your problem? Just want to eat. What is wrong with you? Shut up! What is wrong with you? You just shut up! What's your problem? What is wrong with you anyway? What is wrong with you? I won't stay on the plate. You shut up! What is wrong with you? Would you just shut up? Let me eat my fish. What's your problem? Shut up and leave me alone! I can't even think. Wrong with you. I don't have a problem. Problem? I don't have a problem. Wrong with you. I don't have a problem with you. That's your problem. Don't have a problem? I want to eat my fish.
+
+What is wrong with you? What's your problem? Problem? I just want to eat my fish. Wrong with you. What's wrong with you? I don't have a problem. You shut up! What's wrong with you? Just shut up! What's wrong with you? Shut up! What is wrong with you? I'm trying to eat a fish. I'm trying to eat a fish and it falls off the plate. Would you shut up? What is wrong with you? Would you shut up? Is wrong with you? Would you just shut up? What is wrong with you? Would you just shut? Is wrong with you? What's your problem? You just shut. What is wrong with you? Trying to eat my fish. Would you be quiet? What's your problem? Would you just shut up? Eat my fish. I can't even eat it. Don't stay on the plate. What's your problem? Would you shut up? What is wrong with you? What is wrong with you? Would you just shut up? What's your problem? What is wrong with you? I'm gonna hit you with my fish if you don't shut up. What's your problem? Would you shut up? What's wrong with you? What is wrong? Shut up! What's your problem?"""
+
+
+def parse_fish_text() -> list[Word]:
+    """Parse fish text into words with timestamps and speakers.
+
+    Returns list of Word objects with text, start/end timestamps, and speaker ID.
+
+    Speaker assignment heuristic:
+    - Speaker 0 (eating fish): "fish", "eat", "trying", "problem", "I"
+    - Speaker 1 (annoying): "wrong with you", "shut up", "What's your problem"
+    """
+
+    # Split into sentences (rough)
+    sentences = re.split(r"([.!?])", FISH_TEXT)
+
+    # Reconstruct sentences with punctuation
+    full_sentences = []
+    for i in range(0, len(sentences) - 1, 2):
+        if sentences[i].strip():
+            full_sentences.append(
+                sentences[i].strip()
+                + (sentences[i + 1] if i + 1 < len(sentences) else "")
+            )
+
+    words: list[Word] = []
+    current_time = 0.0
+
+    for sentence in full_sentences:
+        if not sentence.strip():
+            continue
+
+        # TODO: Delete this heuristic-based speaker detection when real diarization is implemented.
+        # This overly complex pattern matching is only for stub test data.
+        # Real implementation should use actual speaker diarization from audio processing.
+
+        # Determine speaker based on content
+        sentence_lower = sentence.lower()
+
+        # Speaker 1 patterns (annoying person)
+        if any(
+            p in sentence_lower
+            for p in [
+                "wrong with you",
+                "shut up",
+                "what's your problem",
+                "what is wrong",
+                "would you shut",
+                "you shut",
+            ]
+        ):
+            speaker = 1
+        # Speaker 0 patterns (trying to eat)
+        elif any(
+            p in sentence_lower
+            for p in [
+                "i'm trying",
+                "i'm just",
+                "i want to eat",
+                "eat my fish",
+                "trying to eat",
+                "nothing wrong with me",
+                "i don't have a problem",
+                "just trying",
+                "leave me alone",
+                "can't even",
+                "i'm gonna hit",
+            ]
+        ):
+            speaker = 0
+        # Default: alternate or use context
+        else:
+            # For short phrases, guess based on keywords
+            if "fish" in sentence_lower and "eat" in sentence_lower:
+                speaker = 0
+            elif "problem" in sentence_lower and "your" not in sentence_lower:
+                speaker = 0
+            else:
+                speaker = 1
+
+        # Split sentence into words
+        sentence_words = sentence.split()
+        for word in sentence_words:
+            word_duration = MIN_WORD_DURATION + (len(word) * WORD_LENGTH_MULTIPLIER)
+
+            words.append(
+                Word(
+                    text=word + " ",  # Add space
+                    start=current_time,
+                    end=current_time + word_duration,
+                    speaker=speaker,
+                )
+            )
+
+            current_time += word_duration
+
+    return words
+
+
+def generate_fake_topics(words: list[Word]) -> list[dict[str, Any]]:
+    """Generate fake topics from words.
+
+    Splits into equal topics based on word count.
+    Returns list of topic dicts for database storage.
+    """
+    if not words:
+        return []
+
+    chunk_size = len(words) // NUM_STUB_TOPICS
+    topics: list[dict[str, Any]] = []
+
+    for i in range(NUM_STUB_TOPICS):
+        start_idx = i * chunk_size
+        end_idx = (i + 1) * chunk_size if i < NUM_STUB_TOPICS - 1 else len(words)
+
+        if start_idx >= len(words):
+            break
+
+        chunk_words = words[start_idx:end_idx]
+
+        topic = {
+            "id": generate_uuid4(),
+            "title": f"Fish Argument Part {i+1}",
+            "summary": f"Argument about eating fish continues (part {i+1})",
+            "timestamp": chunk_words[0].start,
+            "duration": chunk_words[-1].end - chunk_words[0].start,
+            "transcript": "".join(w.text for w in chunk_words),
+            "words": [w.model_dump() for w in chunk_words],
+        }
+
+        topics.append(topic)
+
+    return topics
+
+
+def generate_fake_participants() -> list[dict[str, Any]]:
+    """Generate fake participants for stub transcript."""
+    return [
+        {"id": generate_uuid4(), "speaker": 0, "name": "Fish Eater"},
+        {"id": generate_uuid4(), "speaker": 1, "name": "Annoying Person"},
+    ]
+
+
+def get_stub_transcript_data() -> dict[str, Any]:
+    """Get complete stub transcript data for Daily.co testing.
+
+    Returns dict with topics, participants, title, summaries, duration.
+    All data is fake/predetermined for testing webhook flow without GPU processing.
+    """
+    words = parse_fish_text()
+    topics = generate_fake_topics(words)
+    participants = generate_fake_participants()
+
+    return {
+        "topics": topics,
+        "participants": participants,
+        "title": "The Great Fish Eating Argument",
+        "short_summary": "Two people argue about eating fish",
+        "long_summary": "An extended argument between someone trying to eat fish and another person who won't stop asking what's wrong. The fish keeps falling off the plate.",
+        "duration": words[-1].end if words else 0.0,
+    }

server/reflector/worker/ics_sync.py

@@ -0,0 +1,180 @@
+from datetime import datetime, timedelta, timezone
+
+import structlog
+from celery import shared_task
+from celery.utils.log import get_task_logger
+
+from reflector.asynctask import asynctask
+from reflector.db.calendar_events import calendar_events_controller
+from reflector.db.meetings import meetings_controller
+from reflector.db.rooms import rooms_controller
+from reflector.redis_cache import RedisAsyncLock
+from reflector.services.ics_sync import SyncStatus, ics_sync_service
+from reflector.video_platforms.factory import create_platform_client
+
+logger = structlog.wrap_logger(get_task_logger(__name__))
+
+
+@shared_task
+@asynctask
+async def sync_room_ics(room_id: str):
+    try:
+        room = await rooms_controller.get_by_id(room_id)
+        if not room:
+            logger.warning("Room not found for ICS sync", room_id=room_id)
+            return
+
+        if not room.ics_enabled or not room.ics_url:
+            logger.debug("ICS not enabled for room", room_id=room_id)
+            return
+
+        logger.info("Starting ICS sync for room", room_id=room_id, room_name=room.name)
+        result = await ics_sync_service.sync_room_calendar(room)
+
+        if result["status"] == SyncStatus.SUCCESS:
+            logger.info(
+                "ICS sync completed successfully",
+                room_id=room_id,
+                events_found=result.get("events_found", 0),
+                events_created=result.get("events_created", 0),
+                events_updated=result.get("events_updated", 0),
+                events_deleted=result.get("events_deleted", 0),
+            )
+        elif result["status"] == SyncStatus.UNCHANGED:
+            logger.debug("ICS content unchanged", room_id=room_id)
+        elif result["status"] == SyncStatus.ERROR:
+            logger.error("ICS sync failed", room_id=room_id, error=result.get("error"))
+        else:
+            logger.debug(
+                "ICS sync skipped", room_id=room_id, reason=result.get("reason")
+            )
+
+    except Exception as e:
+        logger.error("Unexpected error during ICS sync", room_id=room_id, error=str(e))
+
+
+@shared_task
+@asynctask
+async def sync_all_ics_calendars():
+    try:
+        logger.info("Starting sync for all ICS-enabled rooms")
+
+        ics_enabled_rooms = await rooms_controller.get_ics_enabled()
+        logger.info(f"Found {len(ics_enabled_rooms)} rooms with ICS enabled")
+
+        for room in ics_enabled_rooms:
+            if not _should_sync(room):
+                logger.debug("Skipping room, not time to sync yet", room_id=room.id)
+                continue
+
+            sync_room_ics.delay(room.id)
+
+        logger.info("Queued sync tasks for all eligible rooms")
+
+    except Exception as e:
+        logger.error("Error in sync_all_ics_calendars", error=str(e))
+
+
+def _should_sync(room) -> bool:
+    if not room.ics_last_sync:
+        return True
+
+    time_since_sync = datetime.now(timezone.utc) - room.ics_last_sync
+    return time_since_sync.total_seconds() >= room.ics_fetch_interval
+
+
+MEETING_DEFAULT_DURATION = timedelta(hours=1)
+
+
+async def create_upcoming_meetings_for_event(event, create_window, room_id, room):
+    if event.start_time <= create_window:
+        return
+    existing_meeting = await meetings_controller.get_by_calendar_event(event.id)
+
+    if existing_meeting:
+        return
+
+    logger.info(
+        "Pre-creating meeting for calendar event",
+        room_id=room_id,
+        event_id=event.id,
+        event_title=event.title,
+    )
+
+    try:
+        end_date = event.end_time or (event.start_time + MEETING_DEFAULT_DURATION)
+
+        # Use platform abstraction to create meeting
+        platform = room.platform
+        client = create_platform_client(platform)
+
+        meeting_data = await client.create_meeting(
+            "",
+            end_date=end_date,
+            room=room,
+        )
+        await client.upload_logo(meeting_data.room_name, "./images/logo.png")
+
+        meeting = await meetings_controller.create(
+            id=meeting_data.meeting_id,
+            room_name=meeting_data.room_name,
+            room_url=meeting_data.room_url,
+            host_room_url=meeting_data.host_room_url,
+            start_date=event.start_time,
+            end_date=end_date,
+            room=room,
+            calendar_event_id=event.id,
+            calendar_metadata={
+                "title": event.title,
+                "description": event.description,
+                "attendees": event.attendees,
+            },
+            platform=platform,
+        )
+
+        logger.info(
+            "Meeting pre-created successfully",
+            meeting_id=meeting.id,
+            event_id=event.id,
+        )
+
+    except Exception as e:
+        logger.error(
+            "Failed to pre-create meeting",
+            room_id=room_id,
+            event_id=event.id,
+            error=str(e),
+        )
+
+
+@shared_task
+@asynctask
+async def create_upcoming_meetings():
+    async with RedisAsyncLock("create_upcoming_meetings", skip_if_locked=True) as lock:
+        if not lock.acquired:
+            logger.warning(
+                "Another worker is already creating upcoming meetings, skipping"
+            )
+            return
+
+        try:
+            logger.info("Starting creation of upcoming meetings")
+
+            ics_enabled_rooms = await rooms_controller.get_ics_enabled()
+            now = datetime.now(timezone.utc)
+            create_window = now - timedelta(minutes=6)
+
+            for room in ics_enabled_rooms:
+                events = await calendar_events_controller.get_upcoming(
+                    room.id,
+                    minutes_ahead=7,
+                )
+
+                for event in events:
+                    await create_upcoming_meetings_for_event(
+                        event, create_window, room.id, room
+                    )
+            logger.info("Completed pre-creation check for upcoming meetings")
+
+        except Exception as e:
+            logger.error("Error in create_upcoming_meetings", error=str(e))

server/reflector/worker/process.py

@@ -1,5 +1,6 @@
 import json
 import os
+import re
 from datetime import datetime, timezone
 from urllib.parse import unquote
 
@@ -9,6 +10,7 @@ import structlog
 from celery import shared_task
 from celery.utils.log import get_task_logger
 from pydantic import ValidationError
+from redis.exceptions import LockError
 
 from reflector.db.meetings import meetings_controller
 from reflector.db.recordings import Recording, recordings_controller
@@ -16,8 +18,13 @@ from reflector.db.rooms import rooms_controller
 from reflector.db.transcripts import SourceKind, transcripts_controller
 from reflector.pipelines.main_file_pipeline import task_pipeline_file_process
 from reflector.pipelines.main_live_pipeline import asynctask
+from reflector.pipelines.main_multitrack_pipeline import (
+    task_pipeline_multitrack_process,
+)
+from reflector.redis_cache import get_redis_client
 from reflector.settings import settings
 from reflector.whereby import get_room_sessions
+from reflector.worker.daily_stub_data import get_stub_transcript_data
 
 logger = structlog.wrap_logger(get_task_logger(__name__))
 
@@ -144,27 +151,419 @@ async def process_recording(bucket_name: str, object_key: str):
     task_pipeline_file_process.delay(transcript_id=transcript.id)
 
 
+@shared_task
+@asynctask
+async def process_multitrack_recording(
+    bucket_name: str,
+    room_name: str,
+    recording_id: str,
+    track_keys: list[str],
+):
+    logger.info(
+        "Processing multitrack recording",
+        bucket=bucket_name,
+        room_name=room_name,
+        recording_id=recording_id,
+        provided_keys=len(track_keys),
+    )
+
+    if not track_keys:
+        logger.warning("No audio track keys provided")
+        return
+
+    recorded_at = datetime.now(timezone.utc)
+    try:
+        if track_keys:
+            folder = os.path.basename(os.path.dirname(track_keys[0]))
+            ts_match = re.search(r"(\d{14})$", folder)
+            if ts_match:
+                ts = ts_match.group(1)
+                recorded_at = datetime.strptime(ts, "%Y%m%d%H%M%S").replace(
+                    tzinfo=timezone.utc
+                )
+    except Exception:
+        logger.warning("Could not parse recorded_at from keys, using now()")
+
+    room_name = room_name.split("-", 1)[0]
+    room = await rooms_controller.get_by_name(room_name)
+    if not room:
+        raise Exception(f"Room not found: {room_name}")
+
+    meeting = await meetings_controller.create(
+        id=recording_id,
+        room_name=room_name,
+        room_url=room.name,
+        host_room_url=room.name,
+        start_date=recorded_at,
+        end_date=recorded_at,
+        room=room,
+        platform=room.platform,
+    )
+
+    recording = await recordings_controller.get_by_id(recording_id)
+    if not recording:
+        object_key_dir = os.path.dirname(track_keys[0]) if track_keys else ""
+        recording = await recordings_controller.create(
+            Recording(
+                id=recording_id,
+                bucket_name=bucket_name,
+                object_key=object_key_dir,
+                recorded_at=recorded_at,
+                meeting_id=meeting.id,
+            )
+        )
+
+    transcript = await transcripts_controller.get_by_recording_id(recording.id)
+    if transcript:
+        await transcripts_controller.update(
+            transcript,
+            {
+                "topics": [],
+            },
+        )
+    else:
+        transcript = await transcripts_controller.add(
+            "",
+            source_kind=SourceKind.ROOM,
+            source_language="en",
+            target_language="en",
+            user_id=room.user_id,
+            recording_id=recording.id,
+            share_mode="public",
+            meeting_id=meeting.id,
+            room_id=room.id,
+        )
+
+    task_pipeline_multitrack_process.delay(
+        transcript_id=transcript.id,
+        bucket_name=bucket_name,
+        track_keys=track_keys,
+    )
+
+
 @shared_task
 @asynctask
 async def process_meetings():
+    """
+    Checks which meetings are still active and deactivates those that have ended.
+
+    Deactivation logic:
+    - Active sessions: Keep meeting active regardless of scheduled time
+    - No active sessions:
+      * Calendar meetings:
+        - If previously used (had sessions): Deactivate immediately
+        - If never used: Keep active until scheduled end time, then deactivate
+      * On-the-fly meetings: Deactivate immediately (created when someone joins,
+        so no sessions means everyone left)
+
+    Uses distributed locking to prevent race conditions when multiple workers
+    process the same meeting simultaneously.
+    """
     logger.info("Processing meetings")
     meetings = await meetings_controller.get_all_active()
+    current_time = datetime.now(timezone.utc)
+    redis_client = get_redis_client()
+    processed_count = 0
+    skipped_count = 0
+
     for meeting in meetings:
-        is_active = False
-        end_date = meeting.end_date
-        if end_date.tzinfo is None:
-            end_date = end_date.replace(tzinfo=timezone.utc)
-        if end_date > datetime.now(timezone.utc):
+        logger_ = logger.bind(meeting_id=meeting.id, room_name=meeting.room_name)
+        lock_key = f"meeting_process_lock:{meeting.id}"
+        lock = redis_client.lock(lock_key, timeout=120)
+
+        try:
+            if not lock.acquire(blocking=False):
+                logger_.debug("Meeting is being processed by another worker, skipping")
+                skipped_count += 1
+                continue
+
+            # Process the meeting
+            should_deactivate = False
+            end_date = meeting.end_date
+            if end_date.tzinfo is None:
+                end_date = end_date.replace(tzinfo=timezone.utc)
+
+            # This API call could be slow, extend lock if needed
             response = await get_room_sessions(meeting.room_name)
+
+            try:
+                # Extend lock after slow operation to ensure we still hold it
+                lock.extend(120, replace_ttl=True)
+            except LockError:
+                logger_.warning("Lost lock for meeting, skipping")
+                continue
+
             room_sessions = response.get("results", [])
-            is_active = not room_sessions or any(
+            has_active_sessions = room_sessions and any(
                 rs["endedAt"] is None for rs in room_sessions
             )
-        if not is_active:
-            await meetings_controller.update_meeting(meeting.id, is_active=False)
-            logger.info("Meeting %s is deactivated", meeting.id)
+            has_had_sessions = bool(room_sessions)
 
-    logger.info("Processed meetings")
+            if has_active_sessions:
+                logger_.debug("Meeting still has active sessions, keep it")
+            elif has_had_sessions:
+                should_deactivate = True
+                logger_.info("Meeting ended - all participants left")
+            elif current_time > end_date:
+                should_deactivate = True
+                logger_.info(
+                    "Meeting deactivated - scheduled time ended with no participants",
+                )
+            else:
+                logger_.debug("Meeting not yet started, keep it")
+
+            if should_deactivate:
+                await meetings_controller.update_meeting(meeting.id, is_active=False)
+                logger_.info("Meeting is deactivated")
+
+            processed_count += 1
+
+        except Exception:
+            logger_.error("Error processing meeting", exc_info=True)
+        finally:
+            try:
+                lock.release()
+            except LockError:
+                pass  # Lock already released or expired
+
+    logger.info(
+        "Processed meetings finished",
+        processed_count=processed_count,
+        skipped_count=skipped_count,
+    )
+
+
+async def convert_audio_and_waveform(transcript) -> None:
+    """Convert WebM to MP3 and generate waveform for Daily.co recordings.
+
+    This bypasses the full file pipeline which would overwrite stub data.
+    """
+    try:
+        logger.info(
+            "Converting audio to MP3 and generating waveform",
+            transcript_id=transcript.id,
+        )
+
+        # Import processors we need
+        from reflector.processors import AudioFileWriterProcessor
+        from reflector.processors.audio_waveform_processor import AudioWaveformProcessor
+
+        upload_path = transcript.data_path / "upload.webm"
+        mp3_path = transcript.audio_mp3_filename
+
+        # Convert WebM to MP3
+        mp3_writer = AudioFileWriterProcessor(path=mp3_path)
+
+        container = av.open(str(upload_path))
+        for frame in container.decode(audio=0):
+            await mp3_writer.push(frame)
+        await mp3_writer.flush()
+        container.close()
+
+        logger.info(
+            "Converted WebM to MP3",
+            transcript_id=transcript.id,
+            mp3_size=mp3_path.stat().st_size,
+        )
+
+        # Generate waveform
+        waveform_processor = AudioWaveformProcessor(
+            audio_path=mp3_path,
+            waveform_path=transcript.audio_waveform_filename,
+        )
+
+        # Create minimal pipeline object for processor (matching EmptyPipeline from main_file_pipeline.py)
+        class MinimalPipeline:
+            def __init__(self, logger_instance):
+                self.logger = logger_instance
+
+            def get_pref(self, k, d=None):
+                return d
+
+        waveform_processor.set_pipeline(MinimalPipeline(logger))
+        await waveform_processor.flush()
+
+        logger.info(
+            "Generated waveform",
+            transcript_id=transcript.id,
+            waveform_path=transcript.audio_waveform_filename,
+        )
+
+        # Update transcript status to ended (successful)
+        await transcripts_controller.update(transcript, {"status": "ended"})
+
+    except Exception as e:
+        logger.error(
+            "Failed to convert audio or generate waveform",
+            transcript_id=transcript.id,
+            error=str(e),
+        )
+        # Keep status as uploaded even if conversion fails
+        pass
+
+
+@shared_task
+@asynctask
+async def process_daily_recording(
+    meeting_id: str, recording_id: str, tracks: list[dict]
+) -> None:
+    """Stub processor for Daily.co recordings - writes fake transcription/diarization.
+
+    Handles webhook retries by checking if recording already exists.
+    Validates track structure before processing.
+
+    Args:
+        meeting_id: Meeting ID
+        recording_id: Recording ID from Daily.co webhook
+        tracks: List of track dicts from Daily.co webhook
+                [{type: 'audio'|'video', s3Key: str, size: int}, ...]
+    """
+    logger.info(
+        "Processing Daily.co recording (STUB)",
+        meeting_id=meeting_id,
+        recording_id=recording_id,
+        num_tracks=len(tracks),
+    )
+
+    # Check if recording already exists (webhook retry case)
+    existing_recording = await recordings_controller.get_by_id(recording_id)
+    if existing_recording:
+        logger.warning(
+            "Recording already exists, skipping processing (likely webhook retry)",
+            recording_id=recording_id,
+        )
+        return
+
+    meeting = await meetings_controller.get_by_id(meeting_id)
+    if not meeting:
+        raise Exception(f"Meeting {meeting_id} not found")
+
+    room = await rooms_controller.get_by_id(meeting.room_id)
+
+    # Validate bucket configuration
+    if not settings.AWS_DAILY_S3_BUCKET:
+        raise ValueError("AWS_DAILY_S3_BUCKET not configured for Daily.co processing")
+
+    # Validate and parse tracks
+    # Import at runtime to avoid circular dependency (daily.py imports from process.py)
+    from reflector.views.daily import DailyTrack  # noqa: PLC0415
+
+    try:
+        validated_tracks = [DailyTrack(**t) for t in tracks]
+    except Exception as e:
+        logger.error(
+            "Invalid track structure from Daily.co webhook",
+            error=str(e),
+            tracks=tracks,
+        )
+        raise ValueError(f"Invalid track structure: {e}")
+
+    # Find first audio track for Recording entity
+    audio_track = next((t for t in validated_tracks if t.type == "audio"), None)
+    if not audio_track:
+        raise Exception(f"No audio tracks found in {len(tracks)} tracks")
+
+    # Create Recording entry
+    recording = await recordings_controller.create(
+        Recording(
+            id=recording_id,
+            bucket_name=settings.AWS_DAILY_S3_BUCKET,
+            object_key=audio_track.s3Key,
+            recorded_at=datetime.now(timezone.utc),
+            meeting_id=meeting.id,
+            status="completed",
+        )
+    )
+
+    logger.info(
+        "Created recording",
+        recording_id=recording.id,
+        s3_key=audio_track.s3Key,
+    )
+
+    # Create Transcript entry
+    transcript = await transcripts_controller.add(
+        "",
+        source_kind=SourceKind.ROOM,
+        source_language="en",
+        target_language="en",
+        user_id=room.user_id,
+        recording_id=recording.id,
+        share_mode="public",
+        meeting_id=meeting.id,
+        room_id=room.id,
+    )
+
+    logger.info("Created transcript", transcript_id=transcript.id)
+
+    # Download audio file from Daily.co S3 for playback
+    upload_filename = transcript.data_path / "upload.webm"
+    upload_filename.parent.mkdir(parents=True, exist_ok=True)
+
+    s3 = boto3.client(
+        "s3",
+        region_name=settings.TRANSCRIPT_STORAGE_AWS_REGION,
+        aws_access_key_id=settings.TRANSCRIPT_STORAGE_AWS_ACCESS_KEY_ID,
+        aws_secret_access_key=settings.TRANSCRIPT_STORAGE_AWS_SECRET_ACCESS_KEY,
+    )
+
+    try:
+        logger.info(
+            "Downloading audio from Daily.co S3",
+            bucket=settings.AWS_DAILY_S3_BUCKET,
+            key=audio_track.s3Key,
+        )
+        with open(upload_filename, "wb") as f:
+            s3.download_fileobj(settings.AWS_DAILY_S3_BUCKET, audio_track.s3Key, f)
+
+        # Validate audio file
+        container = av.open(upload_filename.as_posix())
+        try:
+            if not len(container.streams.audio):
+                raise Exception("File has no audio stream")
+        finally:
+            container.close()
+
+        logger.info("Audio file downloaded and validated", file=str(upload_filename))
+    except Exception as e:
+        logger.error(
+            "Failed to download or validate audio file",
+            error=str(e),
+            bucket=settings.AWS_DAILY_S3_BUCKET,
+            key=audio_track.s3Key,
+        )
+        # Continue with stub data even if audio download fails
+        pass
+
+    # Generate fake data
+    stub_data = get_stub_transcript_data()
+
+    # Update transcript with fake data
+    await transcripts_controller.update(
+        transcript,
+        {
+            "topics": stub_data["topics"],
+            "participants": stub_data["participants"],
+            "title": stub_data["title"],
+            "short_summary": stub_data["short_summary"],
+            "long_summary": stub_data["long_summary"],
+            "duration": stub_data["duration"],
+            "status": "uploaded" if upload_filename.exists() else "ended",
+        },
+    )
+
+    logger.info(
+        "Daily.co recording processed (STUB)",
+        transcript_id=transcript.id,
+        duration=stub_data["duration"],
+        num_topics=len(stub_data["topics"]),
+        has_audio=upload_filename.exists(),
+    )
+
+    # Convert WebM to MP3 and generate waveform without full pipeline
+    # (full pipeline would overwrite our stub transcription data)
+    if upload_filename.exists():
+        await convert_audio_and_waveform(transcript)
 
 
 @shared_task

server/reflector/worker/webhook.py

@@ -11,6 +11,8 @@ import structlog
 from celery import shared_task
 from celery.utils.log import get_task_logger
 
+from reflector.db.calendar_events import calendar_events_controller
+from reflector.db.meetings import meetings_controller
 from reflector.db.rooms import rooms_controller
 from reflector.db.transcripts import transcripts_controller
 from reflector.pipelines.main_live_pipeline import asynctask
@@ -84,6 +86,18 @@ async def send_transcript_webhook(
                     }
                 )
 
+        # Fetch meeting and calendar event if they exist
+        calendar_event = None
+        try:
+            if transcript.meeting_id:
+                meeting = await meetings_controller.get_by_id(transcript.meeting_id)
+                if meeting and meeting.calendar_event_id:
+                    calendar_event = await calendar_events_controller.get_by_id(
+                        meeting.calendar_event_id
+                    )
+        except Exception as e:
+            logger.error("Error fetching meeting or calendar event", error=str(e))
+
         # Build webhook payload
         frontend_url = f"{settings.UI_BASE_URL}/transcripts/{transcript.id}"
         participants = [
@@ -116,6 +130,33 @@ async def send_transcript_webhook(
             },
         }
 
+        # Always include calendar_event field, even if no event is present
+        payload_data["calendar_event"] = {}
+
+        # Add calendar event data if present
+        if calendar_event:
+            calendar_data = {
+                "id": calendar_event.id,
+                "ics_uid": calendar_event.ics_uid,
+                "title": calendar_event.title,
+                "start_time": calendar_event.start_time.isoformat()
+                if calendar_event.start_time
+                else None,
+                "end_time": calendar_event.end_time.isoformat()
+                if calendar_event.end_time
+                else None,
+            }
+
+            # Add optional fields only if they exist
+            if calendar_event.description:
+                calendar_data["description"] = calendar_event.description
+            if calendar_event.location:
+                calendar_data["location"] = calendar_event.location
+            if calendar_event.attendees:
+                calendar_data["attendees"] = calendar_event.attendees
+
+            payload_data["calendar_event"] = calendar_data
+
         # Convert to JSON
         payload_json = json.dumps(payload_data, separators=(",", ":"))
         payload_bytes = payload_json.encode("utf-8")

server/reflector/ws_manager.py

@@ -65,8 +65,13 @@ class WebsocketManager:
         self.tasks: dict = {}
         self.pubsub_client = pubsub_client
 
-    async def add_user_to_room(self, room_id: str, websocket: WebSocket) -> None:
-        await websocket.accept()
+    async def add_user_to_room(
+        self, room_id: str, websocket: WebSocket, subprotocol: str | None = None
+    ) -> None:
+        if subprotocol:
+            await websocket.accept(subprotocol=subprotocol)
+        else:
+            await websocket.accept()
 
         if room_id in self.rooms:
             self.rooms[room_id].append(websocket)