diff --git a/deploy/nvr2.sh b/deploy/nvr2.sh
new file mode 100644
index 0000000..3e4f35e
--- /dev/null
+++ b/deploy/nvr2.sh
@@ -0,0 +1,25 @@
+#!/bin/sh
+# vim: set sw=4 ts=4 sts=4 noet :
+
+ansible-playbook \
+	-l nvr2.pyrocufflink.blue \
+	wait-for-host.yml \
+	|| exit
+
+printf 'Waiting for SSH host certificate to be signed ... '
+until ssh-keyscan -c nvr2.pyrocufflink.blue 2>/dev/null | grep -q cert; do
+	sleep 1
+done
+echo done
+ansible-playbook \
+	-l nvr2.pyrocufflink.blue \
+	useproxy.yml \
+	datavol.yml \
+	bootstrap.yml \
+	pyrocufflink.yml \
+	frigate.yml \
+	collectd.yml \
+	promtail.yml \
+	-u root \
+	-e @join.creds \
+	|| exit
diff --git a/group_vars/frigate-prod.yml b/group_vars/frigate-prod.yml
new file mode 100644
index 0000000..e54c0bc
--- /dev/null
+++ b/group_vars/frigate-prod.yml
@@ -0,0 +1,193 @@
+frigate_enable_gpu: true
+frigate_enable_tpu: true
+frigate_config:
+  ffmpeg:
+    hwaccel_args: preset-vaapi
+  cameras:
+    front_porch:
+      detect:
+        height: 1080
+        width: 1920
+      ffmpeg:
+        inputs:
+          - path: rtsp://127.0.0.1:8554/front_porch
+            input_args: preset-rtsp-restream
+            roles:
+              - detect
+          - path: rtsp://frigate:{FRIGATE_AMCREST_RTSP_PASSWORD}@172.30.0.213/cam/realmonitor?channel=1&subtype=0
+            roles:
+              - record
+      objects:
+        track:
+          - person
+          - cat
+          - dog
+          - bird
+        filters:
+          dog:
+            threshold: 0.8
+          bird:
+            threshold: 0.8
+      record:
+        enabled: true
+        events:
+          retain:
+            default: 365
+        retain:
+          days: 30
+      rtmp:
+        enabled: false
+      snapshots:
+        enabled: true
+        retain:
+          default: 365
+      zones:
+        front_door:
+          coordinates: 1920,1080,1920,0,1770,0,1366,657,1533,1080
+        front_porch_window:
+          coordinates: 1168,337,1026,75,1040,0,1300,0,1257,231
+        front_steps:
+          coordinates: 0,1080,1533,1080,1366,595,925,672,531,529,216,587
+      motion:
+        mask:
+          - 189,0,0,0,0,175
+    driveway:
+      detect:
+        height: 1080
+        width: 1920
+      ffmpeg:
+        inputs:
+          - path: rtsp://127.0.0.1:8554/driveway
+            input_args: preset-rtsp-restream
+            roles:
+              - detect
+          - path: rtsp://frigate:{FRIGATE_AMCREST_RTSP_PASSWORD}@172.30.0.212/cam/realmonitor?channel=1&subtype=0
+            roles:
+              - record
+      objects:
+        track:
+          - person
+          - cat
+          - dog
+          - car
+        filters:
+          person:
+            threshold: 0.8
+          dog:
+            threshold: 0.8
+          bird:
+            threshold: 0.8
+      record:
+        enabled: true
+        events:
+          retain:
+            default: 365
+          required_zones:
+            - driveway_entry_zone
+            - garage_pad_zone
+        retain:
+          days: 30
+      rtmp:
+        enabled: false
+      snapshots:
+        enabled: true
+        retain:
+          default: 365
+        required_zones:
+          - driveway_entry_zone
+          - garage_pad_zone
+      zones:
+        neighbor_zone:
+          coordinates: 1920,0,1920,317,1644,179,1382,89,1030,0
+          objects: []
+        driveway_entry_zone:
+          coordinates: 624,0,148,0,0,107,0,251,111,328
+        garage_pad_zone:
+          coordinates: 0,507,0,431,616,23,834,51,1180,119,1545,243,1475,583,1285,1080,404,1080,239,843
+      motion:
+        mask:
+          - 157,0,0,0,0,119
+          - 1419,89,1058,0,1920,0,1920,324,1823,267
+    back_yard:
+      detect:
+        height: 1080
+        width: 1920
+      ffmpeg:
+        inputs:
+          - path: rtsp://127.0.0.1:8554/back_yard
+            input_args: preset-rtsp-restream
+            roles:
+              - detect
+          - path: rtsp://frigate:{FRIGATE_AMCREST_RTSP_PASSWORD}@172.30.0.215/cam/realmonitor?channel=1&subtype=0
+            roles:
+              - record
+      objects:
+        track:
+          - person
+          - cat
+          - dog
+      record:
+        enabled: true
+        events:
+          retain:
+            default: 365
+        retain:
+          days: 30
+      rtmp:
+        enabled: false
+      snapshots:
+        enabled: true
+        retain:
+          default: 365
+      zones:
+        pool_zone:
+          coordinates: 532,78,1063,21,1117,31,979,208,931,301,515,307,406,375,231,373,204,291
+  go2rtc:
+    streams:
+      front_porch:
+        - rtsp://frigate:{FRIGATE_AMCREST_RTSP_PASSWORD}@172.30.0.213/cam/realmonitor?channel=1&subtype=0
+      driveway:
+        - rtsp://frigate:{FRIGATE_AMCREST_RTSP_PASSWORD}@172.30.0.212/cam/realmonitor?channel=1&subtype=0
+      back_yard:
+        - rtsp://frigate:{FRIGATE_AMCREST_RTSP_PASSWORD}@172.30.0.215/cam/realmonitor?channel=1&subtype=0
+  detectors:
+    coral:
+      device: pci:0
+      type: edgetpu
+  birdseye:
+    restream: true
+  mqtt:
+    host: mqtt.pyrocufflink.blue
+    password: '{FRIGATE_MQTT_PASSWORD}'
+    port: 8883
+    tls_ca_certs: /etc/ssl/certs/ca-certificates.crt
+    user: frigate
+
+frigate_env:
+  FRIGATE_AMCREST_RTSP_PASSWORD: !vault |
+    $ANSIBLE_VAULT;1.1;AES256
+    64353062663837623164386433333966303233313064343665313434643434663131346664666333
+    3862333434616235306432336534653036633837613931310a343630373832343465656231646665
+    63303964306334316330653966373836623966363836303331613631346235643061613463376232
+    3538303063633930370a303861663161366335346465633262336537336164373431326330383733
+    30656437343837623432356532636461663666636163663634373837353734313163
+  FRIGATE_MQTT_PASSWORD: !vault |
+    $ANSIBLE_VAULT;1.1;AES256
+    30613633316564303239363734633761666164643062636137383232313961363665666539373162
+    3235623565386663323234326365303133643732663462320a666136623939316634616265326532
+    39373933353261633264633532393838333632346464303837623836303630636438366532663765
+    6563616533333338320a333933643734666631343932613561303930366238653632346530653438
+    39646635313162646463613263643665363936356361353933653334336533346136323932363936
+    64363061653233363962623333303337303863623736323232366535633263656332363964373163
+    333339396137363862663037313861643066
+  LIBVA_DRIVER_NAME: radeonsi
+  PLUS_API_KEY: !vault |
+    $ANSIBLE_VAULT;1.1;AES256
+    32373139306134646230393961623365643938393430626362353130616661326161613630353533
+    6463326333373638636463353366343531396237326637350a323465373561656236633935393639
+    38343239643333363235386139393936373337333138336161663736366131336336396237356630
+    3532373537303237350a633530373461393630383262366562343638353062653764356135306461
+    31336137353464376332613738386439613161663065333533653465346661663964626332336232
+    64326434346638366262326463336639393037316361323039623265626163663539343063636164
+    31333862333831353461376435303565633163663364383732626639383032313234363030353965
+    65303430356237383965
diff --git a/host_vars/nvr2.pyrocufflink.blue.yml b/host_vars/nvr2.pyrocufflink.blue.yml
new file mode 100644
index 0000000..49dc958
--- /dev/null
+++ b/host_vars/nvr2.pyrocufflink.blue.yml
@@ -0,0 +1,5 @@
+data_volumes:
+- dev: /dev/md/frigate
+  fstype: btrfs
+  mountpoint: /var/lib/frigate
+  mountopts: x-systemd.mount-timeout=3m
diff --git a/hosts b/hosts
index b70015b..3b3eb71 100644
--- a/hosts
+++ b/hosts
@@ -47,6 +47,15 @@ bitwarden_rs
 [file-servers]
 file0.pyrocufflink.blue
 
+[frigate:children]
+frigate-prod
+frigate-test
+
+[frigate-prod]
+nvr2.pyrocufflink.blue
+
+[frigate-test]
+
 [gitea]
 git0.pyrocufflink.blue
 
@@ -82,6 +91,7 @@ burp-server
 k8s-node
 
 [needproxy]
+nvr2.pyrocufflink.blue
 
 [nextcloud]
 cloud0.pyrocufflink.blue
@@ -111,6 +121,7 @@ file0.pyrocufflink.blue
 git0.pyrocufflink.blue
 k8s-ctrl0.pyrocufflink.blue
 matrix0.pyrocufflink.blue
+nvr2.pyrocufflink.blue
 pxe0.pyrocufflink.blue
 smtp1.pyrocufflink.blue
 web0.pyrocufflink.blue