From 997760968ecb5b405c2f69144b09b42a11b48e10 Mon Sep 17 00:00:00 2001 From: "Dustin C. Hatch" Date: Sat, 21 Aug 2021 17:16:58 -0500 Subject: [PATCH] r/frigate: Add role to deploy Frigate Frigate is an NVR that uses machine learning to detect objects on camera in real time. It integrates with Home Assistant to expose sensors which can be used for automation, etc. The only official way to deploy Frigate is with a container, so we use Podman and systemd to manage it. --- frigate.yml | 4 + hosts | 2 + roles/frigate/defaults/main.yml | 7 ++ roles/frigate/handlers/main.yml | 8 ++ roles/frigate/tasks/main.yml | 115 +++++++++++++++++++++ roles/frigate/templates/frigate.service.j2 | 31 ++++++ roles/frigate/vars/aarch64.yml | 1 + roles/frigate/vars/main.yml | 6 ++ roles/frigate/vars/x86_64.yml | 1 + 9 files changed, 175 insertions(+) create mode 100644 frigate.yml create mode 100644 roles/frigate/defaults/main.yml create mode 100644 roles/frigate/handlers/main.yml create mode 100644 roles/frigate/tasks/main.yml create mode 100644 roles/frigate/templates/frigate.service.j2 create mode 100644 roles/frigate/vars/aarch64.yml create mode 100644 roles/frigate/vars/main.yml create mode 100644 roles/frigate/vars/x86_64.yml diff --git a/frigate.yml b/frigate.yml new file mode 100644 index 0000000..0112a7b --- /dev/null +++ b/frigate.yml @@ -0,0 +1,4 @@ +- hosts: frigate + roles: + - role: frigate + tags: frigate diff --git a/hosts b/hosts index 9fc1a19..2810bc2 100644 --- a/hosts +++ b/hosts @@ -41,6 +41,8 @@ bitwarden_rs [file-servers] file0.pyrocufflink.blue +[frigate] + [gitea] git0.pyrocufflink.blue diff --git a/roles/frigate/defaults/main.yml b/roles/frigate/defaults/main.yml new file mode 100644 index 0000000..c448bae --- /dev/null +++ b/roles/frigate/defaults/main.yml @@ -0,0 +1,7 @@ +frigate_image_tag: '{{ frigate_default_image_tag }}' +frigate_mqtt: + host: localhost +frigate_detectors: + cpu: + type: cpu +frigate_cameras: {} diff --git a/roles/frigate/handlers/main.yml b/roles/frigate/handlers/main.yml new file mode 100644 index 0000000..50c35b0 --- /dev/null +++ b/roles/frigate/handlers/main.yml @@ -0,0 +1,8 @@ +- name: save firewalld configuration + command: firewall-cmd --runtime-to-permanent +- name: reload systemd + command: systemctl daemon-reload +- name: restart frigate + service: + name: frigate + state: restarted diff --git a/roles/frigate/tasks/main.yml b/roles/frigate/tasks/main.yml new file mode 100644 index 0000000..cf60223 --- /dev/null +++ b/roles/frigate/tasks/main.yml @@ -0,0 +1,115 @@ +- name: load architecture-specific values + include_vars: '{{ item }}' + with_first_found: + - '{{ ansible_architecture }}.yml' + - defaults.yml + tags: + - always + +- name: ensure podman is installed + package: + name: '{{ frigate_podman_packages }}' + state: present + tags: + - install + +- name: ensure frigate user exists + user: + name: frigate + system: true + home: /var/lib/frigate + createhome: false + register: frigate_user + tags: + - user + +- name: ensure frigate home directory exists + file: + path: /var/lib/frigate + owner: frigate + group: frigate + mode: '0755' + state: directory + tags: + - datadir +- name: ensure frigate tmp directory exists + file: + path: /var/lib/frigate/tmp + owner: frigate + group: frigate + mode: '0700' + state: directory + tags: + - datadir + +- name: ensure frigate container image is available + podman_image: + name: docker.io/blakeblackshear/frigate:{{ frigate_image_tag }} + tag: stable + state: present + force: '{{ frigate_update|d|bool }}' + notify: + - restart frigate + tags: + - container-image + - container + +- name: ensure frigate systemd unit is installed + template: + src: frigate.service.j2 + dest: /etc/systemd/system/frigate.service + mode: '0644' + notify: + - reload systemd + - restart frigate + tags: + - systemd +- name: ensure frigate starts at boot + service: + name: frigate + enabled: true + tags: + - service + +- name: ensure frigate configuration directory exists + file: + path: /etc/frigate + mode: '0750' + owner: root + group: frigate + state: directory + tags: + - config +- name: ensure frigate is configured + copy: + dest: /etc/frigate/frigate.yml + content: >- + {{ frigate_config|to_nice_yaml(indent=2) }} + mode: '0640' + owner: root + group: frigate + notify: + - restart frigate + tags: + - config + +- meta: flush_handlers +- name: ensure frigate is running + service: + name: frigate + state: started + tags: + - service + +- name: ensure firewall is configured for frigate + firewalld: + port: '{{ item }}/tcp' + immediate: true + permanent: false + state: enabled + loop: + - 5000 # Frigate web UI/API + - 1935 # RTMP + notify: save firewalld configuration + tags: + - firewall diff --git a/roles/frigate/templates/frigate.service.j2 b/roles/frigate/templates/frigate.service.j2 new file mode 100644 index 0000000..da3ad8c --- /dev/null +++ b/roles/frigate/templates/frigate.service.j2 @@ -0,0 +1,31 @@ +[Unit] +Description=Frigate + +[Service] +Type=notify +NotifyAccess=all +ExecStartPre=-/usr/bin/podman container rm --ignore -f frigate +ExecStart=/usr/bin/podman run \ + --pull never \ + --sdnotify=conmon --cgroups=no-conmon \ + --rm \ + --network=host \ + --name frigate \ + -v /etc/frigate/frigate.yml:/config/config.yml:ro \ + -v /var/lib/frigate/tmp:/tmp:Z \ + -v /var/lib/frigate:/media/frigate:Z \ + --uidmap 0:{{ frigate_user.uid }}:1 \ + --gidmap 0:{{ frigate_user.group }}:1 \ + --uidmap 1:6000001:1024 \ + --gidmap 1:6000001:1024 \ + --uidmap 65534:6001025:1 \ + --gidmap 65534:6001025:1 \ +{% if frigate_shm_size|d %} + --shm-size {{ frigate_shm_size }}m \ +{% endif %} + docker.io/blakeblackshear/frigate:{{ frigate_image_tag }} +ProtectSystem=full +UMask=0077 + +[Install] +WantedBy=multi-user.target diff --git a/roles/frigate/vars/aarch64.yml b/roles/frigate/vars/aarch64.yml new file mode 100644 index 0000000..5ac6d2f --- /dev/null +++ b/roles/frigate/vars/aarch64.yml @@ -0,0 +1 @@ +frigate_default_image_tag: stable-aarch64 diff --git a/roles/frigate/vars/main.yml b/roles/frigate/vars/main.yml new file mode 100644 index 0000000..294fd1f --- /dev/null +++ b/roles/frigate/vars/main.yml @@ -0,0 +1,6 @@ +frigate_podman_packages: +- podman +frigate_config: + mqtt: '{{ frigate_mqtt }}' + detectors: '{{ frigate_detectors }}' + cameras: '{{ frigate_cameras }}' diff --git a/roles/frigate/vars/x86_64.yml b/roles/frigate/vars/x86_64.yml new file mode 100644 index 0000000..7b9881c --- /dev/null +++ b/roles/frigate/vars/x86_64.yml @@ -0,0 +1 @@ +frigate_default_image_tag: stable-amd64