{ config, pkgs, lib, ... }: with lib; let # Version tagging frigateVersion = "0.16.4"; # Helper helper = import ./lib.nix { inherit config pkgs lib; }; cfg = config.numbus.services.frigate; # Container config name = "frigate"; in helper.mkPodmanService { inherit name; description = "Frigate, your fully-local NVR (Network Video Recorder)"; pod = "home-assistant"; defaultPort = "8971"; scheme = "https"; envFile = "/var/lib/numbus-server/home-assistant/.env"; dependencies = [ "traefik.service" "${config.numbus.services.dns}.service" "home-assistant.service" ]; middlewares = [ "secureHeaders" ]; dirPermissions = [ "1000:100 ${cfg.configDir}" "1000:100 ${cfg.dataDir}" ]; extraOptions = { devices = mkOption { type = types.listOf types.str; default = []; example = [ "/dev/dri:/dev/dri" "/dev/bus/usb:/dev/bus/usb" "/dev/apex_0:/dev/apex_0" ]; description = "List of devices to map into the container. /dev/dri is used for graphics acceleration, /dev/bus/usb for USB Coral TPUs, and /dev/apex_0 for PCI coral TPUs"; }; }; composeText = '' services: frigate: image: ghcr.io/blakeblackshear/frigate:${frigateVersion} container_name: frigate hostname: frigate shm_size: "256mb" networks: home-assistant: ports: - "${cfg.port}:8971/tcp" volumes: - ${cfg.configDir}:/config - ${cfg.dataDir}:/media/frigate - /etc/localtime:/etc/localtime:ro - type: tmpfs target: /tmp/cache tmpfs: size: 1000000000 environment: - FRIGATE_MQTT_USER=$HOME_ASSISTANT_MQTT_USER - FRIGATE_MQTT_PASSWORD=$HOME_ASSISTANT_MQTT_PASSWORD ${lib.optionalString (cfg.devices != []) '' devices: ${lib.concatStringsSep "\n" (map (d: " - \"${d}\"") cfg.devices)} ''} security_opt: - no-new-privileges:true cap_drop: - NET_RAW stop_grace_period: 30s restart: unless-stopped networks: home-assistant: external: true ''; }