diff --git a/data.nix b/data.nix index 2338eed..80e9210 100644 --- a/data.nix +++ b/data.nix @@ -24,6 +24,7 @@ rec { immich-server = 3002; immich-machine-learning = 3003; # as of writing, hardcoded in the immich module + frigate = 5000; soju = 6697; soju-ws = 6698; matrix-synapse = 8008; diff --git a/hosts/fwminex/configuration.nix b/hosts/fwminex/configuration.nix index cefaee1..2391155 100644 --- a/hosts/fwminex/configuration.nix +++ b/hosts/fwminex/configuration.nix @@ -112,16 +112,6 @@ in }; }; - frigate = { - preStart = "ln -sf $CREDENTIALS_DIRECTORY/secrets.env /run/frigate/secrets.env"; - serviceConfig = { - EnvironmentFile = [ "-/run/frigate/secrets.env" ]; - Environment = [ "PYTHONPERFSUPPORT=1" ]; - RuntimeDirectory = "frigate"; - LoadCredential = [ "secrets.env:${config.age.secrets.frigate.path}" ]; - }; - }; - nginx = let r1 = config.mj.services.nsd-acme.zones."r1.jakstys.lt"; @@ -382,77 +372,6 @@ in }; }; - frigate = { - enable = true; - hostname = "r1.jakstys.lt"; - settings = { - detect = { - enabled = true; - }; - detectors = { - coral = { - type = "edgetpu"; - device = "usb"; - enabled = true; - }; - }; - record = { - enabled = true; - retain = { - days = 7; - mode = "all"; - }; - }; - cameras = { - vno4-dome-panorama = { - enabled = true; - ffmpeg = { - hwaccel_args = "preset-vaapi"; - output_args = { - record = "preset-record-generic-audio-copy"; - }; - inputs = [ - { - path = "rtsp://frigate:{FRIGATE_RTSP_PASSWORD}@192.168.188.10/cam/realmonitor?channel=1&subtype=0"; - roles = [ - "audio" - "record" - #"detect" - ]; - } - { - path = "rtsp://frigate:{FRIGATE_RTSP_PASSWORD}@192.168.188.10/cam/realmonitor?channel=1&subtype=1"; - roles = [ "detect" ]; - } - ]; - }; - }; - vno4-dome-ptz = { - enabled = true; - ffmpeg = { - output_args = { - record = "preset-record-generic-audio-copy"; - }; - inputs = [ - { - path = "rtsp://frigate:{FRIGATE_RTSP_PASSWORD}@192.168.188.10/cam/realmonitor?channel=2&subtype=0"; - roles = [ - "audio" - "record" - #"detect" - ]; - } - { - path = "rtsp://frigate:{FRIGATE_RTSP_PASSWORD}@192.168.188.10/cam/realmonitor?channel=2&subtype=1"; - roles = [ "detect" ]; - } - ]; - }; - }; - }; - }; - }; - nsd = { enable = true; interfaces = [ @@ -573,6 +492,11 @@ in extraSubnets = [ myData.subnets.vno1.cidr ]; }; + frigate = { + enable = true; + secretsEnv = config.age.secrets.frigate.path; + }; + immich = { enable = true; bindPaths = { @@ -775,8 +699,8 @@ in tcp = with myData.ports; [ 80 443 - 5000 # todo move to frigate soju + frigate soju-ws prometheus ]; diff --git a/modules/services/default.nix b/modules/services/default.nix index 9edaa30..af7d8cf 100644 --- a/modules/services/default.nix +++ b/modules/services/default.nix @@ -6,6 +6,7 @@ ./btrfssnapshot ./deployerbot ./friendlyport + ./frigate ./gitea ./grafana ./hass diff --git a/modules/services/frigate/default.nix b/modules/services/frigate/default.nix new file mode 100644 index 0000000..3fb7e80 --- /dev/null +++ b/modules/services/frigate/default.nix @@ -0,0 +1,98 @@ +{ + lib, + config, + ... +}: +let + cfg = config.mj.services.frigate; +in +{ + options.mj.services.frigate = with lib.types; { + enable = lib.mkEnableOption "enable frigate"; + secretsEnv = lib.mkOption { type = path; }; + }; + + config = lib.mkIf cfg.enable { + systemd.services.frigate = { + preStart = "ln -sf $CREDENTIALS_DIRECTORY/secrets.env /run/frigate/secrets.env"; + serviceConfig = { + EnvironmentFile = [ "-/run/frigate/secrets.env" ]; + Environment = [ "PYTHONPERFSUPPORT=1" ]; + RuntimeDirectory = "frigate"; + LoadCredential = [ "secrets.env:${cfg.secretsEnv}" ]; + }; + }; + + services.frigate = { + enable = true; + hostname = "r1.jakstys.lt"; + settings = { + detect = { + enabled = true; + }; + detectors = { + coral = { + type = "edgetpu"; + device = "usb"; + enabled = true; + }; + }; + record = { + enabled = true; + retain = { + days = 7; + mode = "all"; + }; + }; + cameras = { + vno4-dome-panorama = { + enabled = true; + ffmpeg = { + hwaccel_args = "preset-vaapi"; + output_args = { + record = "preset-record-generic-audio-copy"; + }; + inputs = [ + { + path = "rtsp://frigate:{FRIGATE_RTSP_PASSWORD}@192.168.188.10/cam/realmonitor?channel=1&subtype=0"; + roles = [ + "audio" + "record" + #"detect" + ]; + } + { + path = "rtsp://frigate:{FRIGATE_RTSP_PASSWORD}@192.168.188.10/cam/realmonitor?channel=1&subtype=1"; + roles = [ "detect" ]; + } + ]; + }; + }; + vno4-dome-ptz = { + enabled = true; + ffmpeg = { + output_args = { + record = "preset-record-generic-audio-copy"; + }; + inputs = [ + { + path = "rtsp://frigate:{FRIGATE_RTSP_PASSWORD}@192.168.188.10/cam/realmonitor?channel=2&subtype=0"; + roles = [ + "audio" + "record" + #"detect" + ]; + } + { + path = "rtsp://frigate:{FRIGATE_RTSP_PASSWORD}@192.168.188.10/cam/realmonitor?channel=2&subtype=1"; + roles = [ "detect" ]; + } + ]; + }; + }; + }; + }; + }; + + }; +}