Dustin
14a7d39e11
Frigate uses the Github API to check for new releases. It then populates the `update.frigate_server` entity in Home Assistant via MQTT with the information it retrieved. If it is unable to access the Github API, the Home Assistant entity will be marked as "unavailable," which triggers an alert notification from Home Assistant. Thus, we need to allow Frigate to access Github if we want to use that entity as an indicator of whether or not Frigate is connected to the MQTT broker. I don't want to allow access to the Github API to everything on the Frigate server, just Frigate itself. To do that, I've assigned a unique username and password for Frigate. Only requests with the proper `Proxy-Authorization` header will be allowed access. By providing the credentials only the Frigate container, we can ensure no other process has access. I think I did this mostly as an exercise; there's no particular reason to disallow access to the Github API, since it's mostly read-only and can't really be used to exfiltrate any data (probably?). |
||
|---|---|---|
| .. | ||
| collectd.yml | ||
| main.yml | ||
| squid.yml | ||