TheWanderingCrow/CrOS
1
0
Fork 0
mirror of https://github.com/TheWanderingCrow/CrOS.git synced 2026-03-22 14:01:30 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
CrOS/modules/users/overseer/services/frigate.nix

152 lines
4.4 KiB
Nix
Raw Blame History

let
volumePath = "/overseer/services";
in
{
pkgs,
lib,
config,
...
}: let
frigateConfig = pkgs.writeText "config.yaml" (lib.generators.toYAML {} {
auth.reset_admin_password = true; # roll the admin password every restart, depend on user accounts for long-lived access
tls.enabled = false; # off because we're doing ssl through nginx
mqtt = {
# TODO: add mqtt broker
enabled = false;
};
###################
# go2rtc restream #
###################
# go2rtc = {
# streams = {
# wce-0001 = [
# "rtsp://thingino:thingino@192.168.0.173:554/ch0"
# ];
# wce-0001_sub = [
# "rtsp://thingino:thingino@192.168.0.173:554/ch1"
# ];
# wce-0002 = [
# "rtsp://thingino:thingino@192.168.0.26:554/ch0"
# ];
# wce-0002_sub = [
# "rtsp://thingino:thingino@192.168.0.26:554/ch1"
# ];
# };
# };
#############
# Detectors #
#############
detectors = {
ov_0 = {
type = "openvino";
device = "CPU";
};
};
model = {
path = "/openvino-model/ssdlite_mobilenet_v2.xml";
};
#################
# Camera config #
#################
cameras = {
# wce-0001 = {
# ffmpeg = {
# inputs = [
# {
# path = "rtsp://127.0.0.1:8554/wce-0001";
# roles = ["record"];
# }
# {
# path = "rtsp://127.0.0.1:8554/wce-0001_sub";
# roles = ["detect"];
# }
# ];
# };
# motion = {
# mask = [
# "0,0,0,0.04,0.201,0.043,0.199,0.005"
# "0.864,0,0.865,0.043,1,0.043,1,0"
# ];
# };
# live.stream_name = "wce-0001_sub";
# detect.enabled = false;
# };
# wce-0002 = {
# ffmpeg = {
# inputs = [
# {
# path = "rtsp://127.0.0.1:8554/wce-0002";
# roles = ["record"];
# }
# {
# path = "rtsp://127.0.0.1:8554/wce-0002_sub";
# roles = ["detect"];
# }
# ];
# };
# motion = {
# mask = [
# "0,0,0,0.04,0.201,0.043,0.199,0.005"
# "0.864,0,0.865,0.043,1,0.043,1,0"
# ];
# };
# live.stream_name = "wce-0002_sub";
# detect.enabled = false;
# };
};
});
in
lib.mkIf config.user.overseer.enable {
sops = {
templates."frigate_env".content = ''
FRIGATE_JWT_SECRET=${config.sops.placeholder."frigate/jwt"}
'';
secrets = {
"frigate/jwt" = {};
};
};
systemd.tmpfiles.rules = [
"d ${volumePath}/frigate"
"d ${volumePath}/frigate/media/frigate"
"d ${volumePath}/frigate/db"
"f ${volumePath}/frigate/db/frigate.db"
];
###########
# Service #
###########
virtualisation.oci-containers = {
backend = "podman";
containers = {
"frigate" = {
image = "ghcr.io/blakeblackshear/frigate:stable";
environmentFiles = [config.sops.templates."frigate_env".path];
volumes = [
"/etc/localtime:/etc/localtime:ro"
"${volumePath}/frigate/media/frigate:/media/frigate"
"${frigateConfig}:/config/config.yaml:ro"
"${volumePath}/frigate/db/frigate.db:/config/frigate.db"
];
extraOptions = [
"--shm-size=612m"
"--ip=10.88.0.10"
];
};
};
};
services.nginx = {
enable = true;
recommendedProxySettings = true;
virtualHosts = {
"frigate.wanderingcrow.net" = {
forceSSL = true;
useACMEHost = "frigate.wanderingcrow.net";
locations."/" = {
proxyPass = "http://10.88.0.10:8971";
proxyWebsockets = true;
};
};
};
};
}
Reference in a new issue View git blame Copy permalink