Migrated from multi repos to monorepo architecture.

2026-05-02 12:52:08 +02:00
parent 72668492f5
commit 73adb395c0
218 changed files with 9639 additions and 57 deletions
@@ -0,0 +1,83 @@
+{ config, pkgs, lib, ... }:
+
+with lib;
+
+let
+  # Container config
+  name = "frigate";
+  # Version tagging
+  frigateVersion = "0.16.4";
+  # Helper
+  helper = import ../service-helper.nix { inherit config pkgs lib; };
+  cfg = config.numbus-server.services.frigate;
+in
+
+helper.mkPodmanService {
+  inherit name;
+  pod = "home-assistant";
+  description = "Frigate, your fully-local NVR (Network Video Recorder)";
+  defaultPort = "8971";
+  scheme = "https";
+  dependencies = [
+    "sops-install-secrets.service"
+    "traefik.service"
+    "authelia.service"
+    "home-assistant.service"
+    "${config.numbus-server.services.dns}.service"
+  ];
+  middlewares = [
+    "secureHeaders"
+  ];
+  dirPermissions = [
+    "1000:100 ${cfg.configDir}"
+    "1000:100 ${cfg.dataDir}"
+  ];
+
+  composeText = ''
+    services:
+      frigate:
+        image: ghcr.io/blakeblackshear/frigate:${frigateVersion}
+        container_name: frigate
+        hostname: frigate
+        shm_size: "256mb"
+        networks:
+          home-assistant:
+            ipv4_address: 10.89.230.253
+        ports:
+          - "${cfg.port}:8971/tcp"
+        volumes:
+          - ${cfg.configDir}:/config
+          - ${cfg.dataDir}:/media/frigate
+          - /etc/localtime:/etc/localtime:ro
+          - type: tmpfs
+            target: /tmp/cache
+            tmpfs:
+              size: 1000000000
+        environment:
+          - FRIGATE_MQTT_USER=${config.sops.placeholder."home-assistant/mqtt_username"}
+          - FRIGATE_MQTT_PASSWORD=${config.sops.placeholder."home-assistant/mqtt_password"}
+    ${lib.optionalString (cfg.devices != []) ''
+          devices:
+    ${lib.concatStringsSep "\n" (map (d: "            - \"${d}\"") cfg.devices)}
+    ''}
+        security_opt:
+          - no-new-privileges:true
+        cap_drop:
+          - NET_RAW
+        stop_grace_period: 30s
+        restart: unless-stopped
+
+    networks:
+      home-assistant:
+        external: true
+  '';
+
+  extraOptions = {
+    devices = mkOption {
+      type = types.listOf types.str;
+      default = [];
+      example = [ "/dev/dri:/dev/dri" "/dev/bus/usb:/dev/bus/usb" "/dev/apex_0:/dev/apex_0" ];
+      description = "List of devices to map into the container. /dev/dri is used for graphics acceleration, /dev/bus/usb for USB Coral TPUs, and /dev/apex_0 for PCI coral TPUs";
+    };
+  };
+}