From cb7ca70d1633779c28e812ca76cd25a869159dc9 Mon Sep 17 00:00:00 2001 From: Timo Makinen Date: Sun, 4 Feb 2024 17:03:29 +0000 Subject: [PATCH] frigate: Initial version of role --- roles/frigate/defaults/main.yml | 2 + roles/frigate/handlers/main.yml | 6 ++ roles/frigate/meta/main.yml | 4 + roles/frigate/tasks/main.yml | 88 +++++++++++++++++++ .../templates/frigate-container.service.j2 | 19 ++++ roles/frigate/templates/frigate.yml.j2 | 20 +++++ 6 files changed, 139 insertions(+) create mode 100644 roles/frigate/defaults/main.yml create mode 100644 roles/frigate/handlers/main.yml create mode 100644 roles/frigate/meta/main.yml create mode 100644 roles/frigate/tasks/main.yml create mode 100644 roles/frigate/templates/frigate-container.service.j2 create mode 100644 roles/frigate/templates/frigate.yml.j2 diff --git a/roles/frigate/defaults/main.yml b/roles/frigate/defaults/main.yml new file mode 100644 index 0000000..3266cf2 --- /dev/null +++ b/roles/frigate/defaults/main.yml @@ -0,0 +1,2 @@ +--- +frigate_version: stable diff --git a/roles/frigate/handlers/main.yml b/roles/frigate/handlers/main.yml new file mode 100644 index 0000000..57e67ec --- /dev/null +++ b/roles/frigate/handlers/main.yml @@ -0,0 +1,6 @@ +--- +- name: Restart frigate + ansible.builtin.systemd_service: + name: frigate-container + state: restarted + daemon_reload: true diff --git a/roles/frigate/meta/main.yml b/roles/frigate/meta/main.yml new file mode 100644 index 0000000..19b52d0 --- /dev/null +++ b/roles/frigate/meta/main.yml @@ -0,0 +1,4 @@ +--- +dependencies: + - {role: apache} + - {role: podman} diff --git a/roles/frigate/tasks/main.yml b/roles/frigate/tasks/main.yml new file mode 100644 index 0000000..5a13994 --- /dev/null +++ b/roles/frigate/tasks/main.yml @@ -0,0 +1,88 @@ +--- +- name: Create group + ansible.builtin.group: + name: frigate + +- name: Create user + ansible.builtin.user: + name: frigate + comment: Podman Frigate + group: frigate + shell: /sbin/nologin + +- name: Create config + ansible.builtin.template: + dest: /etc/frigate.yml + src: frigate.yml.j2 + mode: "0750" + owner: root + group: frigate + notify: Restart frigate + +- name: Fix SELinux contexts from data directory + community.general.sefcontext: + path: /export/frigate(/.*)? + setype: container_file_t + when: ansible_selinux_python_present + +- name: Create data directories + ansible.builtin.file: + path: "{{ item }}" + state: directory + mode: "0770" + owner: root + group: frigate + setype: _default + with_items: + - /export/frigate + - /export/frigate/config + - /export/frigate/media + +- name: Link data directory + ansible.builtin.file: + dest: /srv/frigate + src: /export/frigate + state: link + owner: root + group: "{{ ansible_wheel }}" + follow: false + +- name: Create service file + ansible.builtin.template: + dest: /etc/systemd/system/frigate-container.service + src: frigate-container.service.j2 + mode: "0644" + owner: root + group: "{{ ansible_wheel }}" + notify: Restart frigate + +- name: Enable service + ansible.builtin.service: + name: frigate-container + state: started + enabled: true + +- name: Copy apache config + ansible.builtin.copy: + dest: /etc/httpd/conf.local.d/frigate-container.conf + content: | + ProxyPass /frigate/ http://127.0.0.1:8007/ + ProxyPassReverse /frigate/ http://127.0.0.1:8007/ + + ProxyPass /frigate/ws ws://127.0.0.1:8007/ws + ProxyPassReverse /frigate/ws ws://127.0.0.1:8007/ws + + ProxyPass /frigate/live ws://127.0.0.1:8007/live + ProxyPassReverse /frigate/live ws://127.0.0.1:8007/live + + + RewriteEngine on + RewriteCond %{HTTP:Upgrade} =websocket [NC] + RewriteRule /(.*) ws://127.0.0.1:8007/$1 [P,L] + RewriteCond %{HTTP:Upgrade} !=websocket [NC] + RewriteRule /(.*) http://127.0.0.1:8007/$1 [P,L] + mode: "0644" + owner: root + group: "{{ ansible_wheel }}" + notify: Restart apache + diff --git a/roles/frigate/templates/frigate-container.service.j2 b/roles/frigate/templates/frigate-container.service.j2 new file mode 100644 index 0000000..186d955 --- /dev/null +++ b/roles/frigate/templates/frigate-container.service.j2 @@ -0,0 +1,19 @@ +[Unit] +Description=Frigate Container +Wants=network-online.target +After=network-online.target + +[Service] +User=frigate +ExecStart=/usr/bin/podman run \ + --rm -p 127.0.0.1:8007:5000 \ + --name frigate \ + --volume /srv/frigate/config:/config:rw \ + --volume /etc/frigate.yml:/config/config.yml:ro \ + --volume /srv/frigate/media:/media/frigate:rw \ + ghcr.io/blakeblackshear/frigate:{{ frigate_version }} +ExecStop=/usr/bin/podman stop --ignore frigate +ExecStopPost=/usr/bin/podman rm -f --ignore frigate + +[Install] +WantedBy=multi-user.target diff --git a/roles/frigate/templates/frigate.yml.j2 b/roles/frigate/templates/frigate.yml.j2 new file mode 100644 index 0000000..aa283f6 --- /dev/null +++ b/roles/frigate/templates/frigate.yml.j2 @@ -0,0 +1,20 @@ +--- +mqtt: + enabled: false + +cameras: +{% for camera in cctv_cameras %} + {{ camera.name }}: + enabled: true + ffmpeg: + inputs: + - path: "rtsp://viewer:{{ camera.pass }}@{{ camera.addr}}/h264Preview_01_sub" + input_args: preset-rtsp-restream + roles: + - detect + - rtmp + - path: "rtsp://viewer:{{ camera.pass }}@{{ camera.addr}}/h264Preview_01_main" + input_args: preset-rtsp-restream + roles: + - record +{% endfor %}