fix: Missing link to go2rtc' logging doc (#16606)

Updated the link to go2rtc docs for logging configuration.

.cspell/frigate-dictionary.txt

@@ -1,168 +1,316 @@
-rtmp
-edgetpu
-labelmap
-rockchip
-jetson
-rocm
-vaapi
-CUDA
-hwaccel
-RTSP
-Hikvision
-Dahua
-Amcrest
-Reolink
-Loryta
-Beelink
-Celeron
-vaapi
-blakeblackshear
-workdir
-onvif
-autotracking
-openvino
-tflite
-deepstack
-codeproject
-udev
-tailscale
-restream
-restreaming
-webrtc
-ssdlite
-mobilenet
-mosquitto
-datasheet
-Jellyfin
-Radeon
-libva
-Ubiquiti
-Unifi
-Tapo
-Annke
-autotracker
-autotracked
-variations
-ONVIF
-traefik
-devcontainer
-rootfs
-ffprobe
-autotrack
-logpipe
-imread
-imwrite
-imencode
-imutils
-thresholded
-timelapse
-ultrafast
-sleeptime
-radeontop
-vainfo
-tmpfs
-homography
-websockets
-LIBAVFORMAT
-NTSC
-onnxruntime
-fourcc
-radeonsi
-paho
-imagestream
-jsonify
-cgroups
-sysconf
-memlimit
-gpuload
-nvml
-setproctitle
-psutil
-Kalman
-frontdoor
-namedtuples
-zeep
-fflags
-probesize
-wallclock
-rknn
-socs
-pydantic
-shms
-imdecode
-colormap
-webui
-mse
-jsmpeg
-unreviewed
-Chromecast
-Swipeable
-flac
-scroller
-cmdline
-toggleable
-bottombar
-opencv
-apexcharts
-buildx
-mqtt
-rawvideo
-defragment
-Norfair
-subclassing
-yolo
-tensorrt
-blackshear
-stylelint
-HACS
-homeassistant
-hass
-castable
-mobiledet
-framebuffer
-mjpeg
-substream
-codeowner
-noninteractive
-restreamed
-mountpoint
-fstype
-OWASP
-iotop
-letsencrypt
-fullchain
-lsusb
-iostat
-usermod
-balena
-passwordless
-debconf
-dpkg
-poweroff
-surveillance
-qnap
-homekit
-colorspace
-quantisation
-skylake
-Cuvid
-foscam
-onnx
-numpy
-protobuf
 aarch
+absdiff
+airockchip
+Alloc
+alpr
+Amcrest
 amdgpu
-chipset
-referer
-mpegts
-webp
+analyzeduration
+Annke
+apexcharts
+arange
+argmax
+argmin
+argpartition
+ascontiguousarray
+astype
 authelia
 authentik
-unichip
-rebranded
-udevadm
+autodetected
 automations
-unraid
-hideable
+autotrack
+autotracked
+autotracker
+autotracking
+balena
+Beelink
+BGRA
+BHWC
+blackshear
+blakeblackshear
+bottombar
+buildx
+castable
+cdist
+Celeron
+cgroups
+chipset
+chromadb
+Chromecast
+cmdline
+codeowner
+CODEOWNERS
+codeproject
+colormap
+colorspace
+comms
+coro
+ctypeslib
+CUDA
+Cuvid
+Dahua
+datasheet
+debconf
+deci
+deepstack
+defragment
+devcontainer
+DEVICEMAP
+discardcorrupt
+dpkg
+dsize
+dtype
+ECONNRESET
+edgetpu
+facenet
+fastapi
+faststart
+fflags
+ffprobe
+fillna
+flac
+foscam
+fourcc
+framebuffer
+fregate
+frégate
+fromarray
+frombuffer
+frontdoor
+fstype
+fullchain
+fullscreen
+genai
+generativeai
+genpts
+getpid
+gpuload
+HACS
+Hailo
+hass
+hconcat
 healthcheck
-keepalive
+hideable
+Hikvision
+homeassistant
+homekit
+homography
+hsize
+hstack
+httpx
+hwaccel
+hwdownload
+hwmap
+hwupload
+iloc
+imagestream
+imdecode
+imencode
+imread
+imutils
+imwrite
+interp
+iostat
+iotop
+itemsize
+Jellyfin
+jetson
+jetsons
+jina
+jinaai
+joserfc
+jsmpeg
+jsonify
+Kalman
+keepalive
+keepdims
+labelmap
+letsencrypt
+levelname
+LIBAVFORMAT
+libedgetpu
+libnvinfer
+libva
+libwebp
+libx
+libyolo
+linalg
+localzone
+logpipe
+Loryta
+lstsq
+lsusb
+markupsafe
+maxsplit
+MEMHOSTALLOC
+memlimit
+meshgrid
+metadatas
+migraphx
+minilm
+mjpeg
+mkfifo
+mobiledet
+mobilenet
+modelpath
+mosquitto
+mountpoint
+movflags
+mpegts
+mqtt
+mse
+msenc
+namedtuples
+nbytes
+nchw
+ndarray
+ndimage
+nethogs
+newaxis
+nhwc
+NOBLOCK
+nobuffer
+nokey
+NONBLOCK
+noninteractive
+noprint
+Norfair
+nptype
+NTSC
+numpy
+nvenc
+nvhost
+nvml
+nvmpi
+ollama
+onnx
+onnxruntime
+onvif
+ONVIF
+openai
+opencv
+openvino
+OWASP
+paddleocr
+paho
+passwordless
+popleft
+posthog
+postprocess
+poweroff
+preexec
+probesize
+protobuf
+pstate
+psutil
+pubkey
+putenv
+pycache
+pydantic
+pyobj
+pysqlite
+pytz
+pywebpush
+qnap
+quantisation
+Radeon
+radeonsi
+radeontop
+rawvideo
+rcond
+RDONLY
+rebranded
+referer
+reindex
+Reolink
+restream
+restreamed
+restreaming
+rkmpp
+rknn
+rkrga
+rockchip
+rocm
+rocminfo
+rootfs
+rtmp
+RTSP
+ruamel
+scroller
+setproctitle
+setpts
+shms
+SIGUSR
+skylake
+sleeptime
+SNDMORE
+socs
+sqliteq
+sqlitevecq
+ssdlite
+statm
+stimeout
+stylelint
+subclassing
+substream
+superfast
+surveillance
+svscan
+Swipeable
+sysconf
+tailscale
+Tapo
+tensorrt
+tflite
+thresholded
+timelapse
+tmpfs
+tobytes
+toggleable
+traefik
+tzlocal
+Ubiquiti
+udev
+udevadm
+ultrafast
+unichip
+unidecode
+Unifi
+unixepoch
+unraid
+unreviewed
+userdata
+usermod
+uvicorn
+vaapi
+vainfo
+variations
+vbios
+vconcat
+vitb
+vstream
+vsync
+wallclock
+webp
+webpush
+webrtc
+websockets
+webui
+werkzeug
+workdir
+WRONLY
+wsgirefserver
+wsgiutils
+wsize
+xaddr
+xmaxs
+xmins
+XPUB
+XSUB
+ymaxs
+ymins
+yolo
+yolonas
+yolox
+zeep
+zerolatency

.devcontainer/devcontainer.json

@@ -10,9 +10,9 @@
   "features": {
     "ghcr.io/devcontainers/features/common-utils:1": {}
   },
-  "forwardPorts": [8080, 5000, 5001, 5173, 8554, 8555],
+  "forwardPorts": [8971, 5000, 5001, 5173, 8554, 8555],
   "portsAttributes": {
-    "8080": {
+    "8971": {
       "label": "External NGINX",
       "onAutoForward": "silent"
     },
@@ -52,7 +52,8 @@
         "csstools.postcss",
         "blanu.vscode-styled-jsx",
         "bradlc.vscode-tailwindcss",
-        "charliermarsh.ruff"
+        "charliermarsh.ruff",
+        "eamodio.gitlens"
       ],
       "settings": {
         "remote.autoForwardPorts": false,

.devcontainer/post_create.sh

@@ -3,10 +3,12 @@
 set -euxo pipefail
 
 # Cleanup the old github host key
-sed -i -e '/AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31\/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi\/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==/d' ~/.ssh/known_hosts
-# Add new github host key
-curl -L https://api.github.com/meta | jq -r '.ssh_keys | .[]' | \
-  sed -e 's/^/github.com /' >> ~/.ssh/known_hosts
+if [[ -f ~/.ssh/known_hosts ]]; then
+  # Add new github host key
+  sed -i -e '/AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31\/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi\/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==/d' ~/.ssh/known_hosts
+  curl -L https://api.github.com/meta | jq -r '.ssh_keys | .[]' | \
+    sed -e 's/^/github.com /' >> ~/.ssh/known_hosts
+fi
 
 # Frigate normal container runs as root, so it have permission to create
 # the folders. But the devcontainer runs as the host user, so we need to
@@ -17,7 +19,7 @@ sudo chown -R "$(id -u):$(id -g)" /media/frigate
 # When started as a service, LIBAVFORMAT_VERSION_MAJOR is defined in the
 # s6 service file. For dev, where frigate is started from an interactive
 # shell, we define it in .bashrc instead.
-echo 'export LIBAVFORMAT_VERSION_MAJOR=$(ffmpeg -version | grep -Po "libavformat\W+\K\d+")' >> $HOME/.bashrc
+echo 'export LIBAVFORMAT_VERSION_MAJOR=$(/usr/lib/ffmpeg/7.0/bin/ffmpeg -version | grep -Po "libavformat\W+\K\d+")' >> $HOME/.bashrc
 
 make version
 

.github/DISCUSSION_TEMPLATE/camera-support.yml

@@ -1,6 +1,16 @@
 title: "[Camera Support]: "
 labels: ["support", "triage"]
 body:
+  - type: markdown
+    attributes:
+      value: |
+        Use this form for support or questions for an issue with your cameras.
+
+        Before submitting your support request, please [search the discussions][discussions], read the [official Frigate documentation][docs], and read the [Frigate FAQ][faq] pinned at the Discussion page to see if your question has already been answered by the community.
+
+        [discussions]: https://www.github.com/blakeblackshear/frigate/discussions
+        [docs]: https://docs.frigate.video
+        [faq]: https://github.com/blakeblackshear/frigate/discussions/12724
   - type: textarea
     id: description
     attributes:
@@ -11,9 +21,15 @@ body:
     id: version
     attributes:
       label: Version
-      description: Visible on the System page in the Web UI
+      description: Visible on the System page in the Web UI. Please include the full version including the build identifier (eg. 0.14.0-ea36ds1)
     validations:
       required: true
+  - type: input
+    attributes:
+      label: What browser(s) are you using?
+      placeholder: Google Chrome 88.0.4324.150
+      description: >
+        Provide the full name and don't forget to add the version!
   - type: textarea
     id: config
     attributes:
@@ -23,10 +39,18 @@ body:
     validations:
       required: true
   - type: textarea
-    id: logs
+    id: frigatelogs
     attributes:
-      label: Relevant log output
-      description: Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks.
+      label: Relevant Frigate log output
+      description: Please copy and paste any relevant Frigate log output. Include logs before and after your exact error when possible. This will be automatically formatted into code, so no need for backticks.
+      render: shell
+    validations:
+      required: true
+  - type: textarea
+    id: go2rtclogs
+    attributes:
+      label: Relevant go2rtc log output
+      description: Please copy and paste any relevant go2rtc log output. Include logs before and after your exact error when possible. Logs can be viewed via the Frigate UI, Docker, or the go2rtc dashboard. This will be automatically formatted into code, so no need for backticks.
       render: shell
     validations:
       required: true
@@ -34,7 +58,7 @@ body:
     id: ffprobe
     attributes:
       label: FFprobe output from your camera
-      description: Run `ffprobe <camera_url>` and provide output below
+      description: Run `ffprobe <camera_url>` from within the Frigate container if possible, and provide output below
       render: shell
     validations:
       required: true
@@ -66,17 +90,20 @@ body:
         - HassOS Addon
         - Docker Compose
         - Docker CLI
+        - Proxmox via Docker
+        - Proxmox via TTeck Script
+        - Windows WSL2
     validations:
       required: true
   - type: dropdown
-    id: coral
+    id: object-detector
     attributes:
-      label: Coral version
+      label: Object Detector
       options:
-        - USB
-        - PCIe
-        - M.2
-        - Dev Board
+        - Coral
+        - OpenVino
+        - TensorRT
+        - RKNN
         - Other
         - CPU (no coral)
     validations:
@@ -98,6 +125,13 @@ body:
       description: Dahua, hikvision, amcrest, reolink, etc and model number
     validations:
       required: true
+  - type: textarea
+    id: screenshots
+    attributes:
+      label: Screenshots of the Frigate UI's System metrics pages
+      description: Drag and drop for images is possible in this field. Please post screenshots of at least General and Cameras tabs.
+    validations:
+      required: true
   - type: textarea
     id: other
     attributes:

.github/DISCUSSION_TEMPLATE/config-support.yml

@@ -1,6 +1,16 @@
 title: "[Config Support]: "
 labels: ["support", "triage"]
 body:
+  - type: markdown
+    attributes:
+      value: |
+        Use this form for support or questions related to Frigate's configuration and config file.
+
+        Before submitting your support request, please [search the discussions][discussions], read the [official Frigate documentation][docs], and read the [Frigate FAQ][faq] pinned at the Discussion page to see if your question has already been answered by the community.
+
+        [discussions]: https://www.github.com/blakeblackshear/frigate/discussions
+        [docs]: https://docs.frigate.video
+        [faq]: https://github.com/blakeblackshear/frigate/discussions/12724
   - type: textarea
     id: description
     attributes:
@@ -11,7 +21,7 @@ body:
     id: version
     attributes:
       label: Version
-      description: Visible on the System page in the Web UI
+      description: Visible on the System page in the Web UI. Please include the full version including the build identifier (eg. 0.14.0-ea36ds1)
     validations:
       required: true
   - type: textarea
@@ -23,10 +33,18 @@ body:
     validations:
       required: true
   - type: textarea
-    id: logs
+    id: frigatelogs
     attributes:
-      label: Relevant log output
-      description: Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks.
+      label: Relevant Frigate log output
+      description: Please copy and paste any relevant Frigate log output. Include logs before and after your exact error when possible. This will be automatically formatted into code, so no need for backticks.
+      render: shell
+    validations:
+      required: true
+  - type: textarea
+    id: go2rtclogs
+    attributes:
+      label: Relevant go2rtc log output
+      description: Please copy and paste any relevant go2rtc log output. Include logs before and after your exact error when possible. This will be automatically formatted into code, so no need for backticks.
       render: shell
     validations:
       required: true
@@ -58,21 +76,37 @@ body:
         - HassOS Addon
         - Docker Compose
         - Docker CLI
+        - Proxmox via Docker
+        - Proxmox via TTeck Script
+        - Windows WSL2
+    validations:
+      required: true
+  - type: textarea
+    id: docker
+    attributes:
+      label: docker-compose file or Docker CLI command
+      description: This will be automatically formatted into code, so no need for backticks.
+      render: yaml
     validations:
       required: true
   - type: dropdown
-    id: coral
+    id: object-detector
     attributes:
-      label: Coral version
+      label: Object Detector
       options:
-        - USB
-        - PCIe
-        - M.2
-        - Dev Board
+        - Coral
+        - OpenVino
+        - TensorRT
+        - RKNN
         - Other
         - CPU (no coral)
     validations:
       required: true
+  - type: textarea
+    id: screenshots
+    attributes:
+      label: Screenshots of the Frigate UI's System metrics pages
+      description: Drag and drop or simple cut/paste is possible in this field
   - type: textarea
     id: other
     attributes:

.github/DISCUSSION_TEMPLATE/detector-support.yml

@@ -1,6 +1,16 @@
 title: "[Detector Support]: "
 labels: ["support", "triage"]
 body:
+  - type: markdown
+    attributes:
+      value: |
+        Use this form for support or questions related to Frigate's object detectors.
+
+        Before submitting your support request, please [search the discussions][discussions], read the [official Frigate documentation][docs], and read the [Frigate FAQ][faq] pinned at the Discussion page to see if your question has already been answered by the community.
+
+        [discussions]: https://www.github.com/blakeblackshear/frigate/discussions
+        [docs]: https://docs.frigate.video
+        [faq]: https://github.com/blakeblackshear/frigate/discussions/12724
   - type: textarea
     id: description
     attributes:
@@ -11,7 +21,7 @@ body:
     id: version
     attributes:
       label: Version
-      description: Visible on the System page in the Web UI
+      description: Visible on the System page in the Web UI. Please include the full version including the build identifier (eg. 0.14.0-ea36ds1)
     validations:
       required: true
   - type: textarea
@@ -31,27 +41,13 @@ body:
     validations:
       required: true
   - type: textarea
-    id: logs
+    id: frigatelogs
     attributes:
-      label: Relevant log output
-      description: Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks.
+      label: Relevant Frigate log output
+      description: Please copy and paste any relevant Frigate log output. Include logs before and after your exact error when possible. This will be automatically formatted into code, so no need for backticks.
       render: shell
     validations:
       required: true
-  - type: dropdown
-    id: os
-    attributes:
-      label: Operating system
-      options:
-        - HassOS
-        - Debian
-        - Other Linux
-        - Proxmox
-        - UNRAID
-        - Windows
-        - Other
-    validations:
-      required: true
   - type: dropdown
     id: install-method
     attributes:
@@ -60,21 +56,31 @@ body:
         - HassOS Addon
         - Docker Compose
         - Docker CLI
+        - Proxmox via Docker
+        - Proxmox via TTeck Script
+        - Windows WSL2
     validations:
       required: true
   - type: dropdown
-    id: coral
+    id: object-detector
     attributes:
-      label: Coral version
+      label: Object Detector
       options:
-        - USB
-        - PCIe
-        - M.2
-        - Dev Board
+        - Coral
+        - OpenVino
+        - TensorRT
+        - RKNN
         - Other
         - CPU (no coral)
     validations:
       required: true
+  - type: textarea
+    id: screenshots
+    attributes:
+      label: Screenshots of the Frigate UI's System metrics pages
+      description: Drag and drop for images is possible in this field. Please post screenshots of at least General and Cameras tabs.
+    validations:
+      required: true
   - type: textarea
     id: other
     attributes:

.github/DISCUSSION_TEMPLATE/general-support.yml

@@ -1,6 +1,16 @@
 title: "[Support]: "
 labels: ["support", "triage"]
 body:
+  - type: markdown
+    attributes:
+      value: |
+        Use this form for support for issues that don't fall into any specific category.
+
+        Before submitting your support request, please [search the discussions][discussions], read the [official Frigate documentation][docs], and read the [Frigate FAQ][faq] pinned at the Discussion page to see if your question has already been answered by the community.
+
+        [discussions]: https://www.github.com/blakeblackshear/frigate/discussions
+        [docs]: https://docs.frigate.video
+        [faq]: https://github.com/blakeblackshear/frigate/discussions/12724
   - type: textarea
     id: description
     attributes:
@@ -11,9 +21,15 @@ body:
     id: version
     attributes:
       label: Version
-      description: Visible on the System page in the Web UI
+      description: Visible on the System page in the Web UI. Please include the full version including the build identifier (eg. 0.14.0-ea36ds1)
     validations:
       required: true
+  - type: input
+    attributes:
+      label: What browser(s) are you using?
+      placeholder: Google Chrome 88.0.4324.150
+      description: >
+        Provide the full name and don't forget to add the version!
   - type: textarea
     id: config
     attributes:
@@ -23,10 +39,18 @@ body:
     validations:
       required: true
   - type: textarea
-    id: logs
+    id: frigatelogs
     attributes:
-      label: Relevant log output
-      description: Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks.
+      label: Relevant Frigate log output
+      description: Please copy and paste any relevant Frigate log output. Include logs before and after your exact error when possible. This will be automatically formatted into code, so no need for backticks.
+      render: shell
+    validations:
+      required: true
+  - type: textarea
+    id: go2rtclogs
+    attributes:
+      label: Relevant go2rtc log output
+      description: Please copy and paste any relevant go2rtc log output. Include logs before and after your exact error when possible. Logs can be viewed via the Frigate UI, Docker, or the go2rtc dashboard. This will be automatically formatted into code, so no need for backticks.
       render: shell
     validations:
       required: true
@@ -34,7 +58,7 @@ body:
     id: ffprobe
     attributes:
       label: FFprobe output from your camera
-      description: Run `ffprobe <camera_url>` and provide output below
+      description: Run `ffprobe <camera_url>` from within the Frigate container if possible, and provide output below
       render: shell
     validations:
       required: true
@@ -44,20 +68,6 @@ body:
       label: Frigate stats
       description: Output from frigate's /api/stats endpoint
       render: json
-  - type: dropdown
-    id: os
-    attributes:
-      label: Operating system
-      options:
-        - HassOS
-        - Debian
-        - Other Linux
-        - Proxmox
-        - UNRAID
-        - Windows
-        - Other
-    validations:
-      required: true
   - type: dropdown
     id: install-method
     attributes:
@@ -66,17 +76,28 @@ body:
         - HassOS Addon
         - Docker Compose
         - Docker CLI
+        - Proxmox via Docker
+        - Proxmox via TTeck Script
+        - Windows WSL2
+    validations:
+      required: true
+  - type: textarea
+    id: docker
+    attributes:
+      label: docker-compose file or Docker CLI command
+      description: This will be automatically formatted into code, so no need for backticks.
+      render: yaml
     validations:
       required: true
   - type: dropdown
-    id: coral
+    id: object-detector
     attributes:
-      label: Coral version
+      label: Object Detector
       options:
-        - USB
-        - PCIe
-        - M.2
-        - Dev Board
+        - Coral
+        - OpenVino
+        - TensorRT
+        - RKNN
         - Other
         - CPU (no coral)
     validations:
@@ -98,6 +119,11 @@ body:
       description: Dahua, hikvision, amcrest, reolink, etc and model number
     validations:
       required: true
+  - type: textarea
+    id: screenshots
+    attributes:
+      label: Screenshots of the Frigate UI's System metrics pages
+      description: Drag and drop for images is possible in this field
   - type: textarea
     id: other
     attributes:

.github/DISCUSSION_TEMPLATE/hardware-acceleration-support.yml

@@ -1,6 +1,16 @@
 title: "[HW Accel Support]: "
 labels: ["support", "triage"]
 body:
+  - type: markdown
+    attributes:
+      value: |
+        Use this form to submit a support request for hardware acceleration issues.
+
+        Before submitting your support request, please [search the discussions][discussions], read the [official Frigate documentation][docs], and read the [Frigate FAQ][faq] pinned at the Discussion page to see if your question has already been answered by the community.
+
+        [discussions]: https://www.github.com/blakeblackshear/frigate/discussions
+        [docs]: https://docs.frigate.video
+        [faq]: https://github.com/blakeblackshear/frigate/discussions/12724
   - type: textarea
     id: description
     attributes:
@@ -11,7 +21,7 @@ body:
     id: version
     attributes:
       label: Version
-      description: Visible on the System page in the Web UI
+      description: Visible on the System page in the Web UI. Please include the full version including the build identifier (eg. 0.14.0-ea36ds1)
     validations:
       required: true
   - type: textarea
@@ -31,10 +41,18 @@ body:
     validations:
       required: true
   - type: textarea
-    id: logs
+    id: frigatelogs
     attributes:
-      label: Relevant log output
-      description: Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks.
+      label: Relevant Frigate log output
+      description: Please copy and paste any relevant Frigate log output. Include logs before and after your exact error when possible. This will be automatically formatted into code, so no need for backticks.
+      render: shell
+    validations:
+      required: true
+  - type: textarea
+    id: go2rtclogs
+    attributes:
+      label: Relevant go2rtc log output
+      description: Please copy and paste any relevant go2rtc log output. Include logs before and after your exact error when possible. Logs can be viewed via the Frigate UI, Docker, or the go2rtc dashboard. This will be automatically formatted into code, so no need for backticks.
       render: shell
     validations:
       required: true
@@ -42,24 +60,10 @@ body:
     id: ffprobe
     attributes:
       label: FFprobe output from your camera
-      description: Run `ffprobe <camera_url>` and provide output below
+      description: Run `ffprobe <camera_url>` from within the Frigate container if possible, and provide output below
       render: shell
     validations:
       required: true
-  - type: dropdown
-    id: os
-    attributes:
-      label: Operating system
-      options:
-        - HassOS
-        - Debian
-        - Other Linux
-        - Proxmox
-        - UNRAID
-        - Windows
-        - Other
-    validations:
-      required: true
   - type: dropdown
     id: install-method
     attributes:
@@ -68,6 +72,22 @@ body:
         - HassOS Addon
         - Docker Compose
         - Docker CLI
+        - Proxmox via Docker
+        - Proxmox via TTeck Script
+        - Windows WSL2
+    validations:
+      required: true
+  - type: dropdown
+    id: object-detector
+    attributes:
+      label: Object Detector
+      options:
+        - Coral
+        - OpenVino
+        - TensorRT
+        - RKNN
+        - Other
+        - CPU (no coral)
     validations:
       required: true
   - type: dropdown
@@ -87,6 +107,13 @@ body:
       description: Dahua, hikvision, amcrest, reolink, etc and model number
     validations:
       required: true
+  - type: textarea
+    id: screenshots
+    attributes:
+      label: Screenshots of the Frigate UI's System metrics pages
+      description: Drag and drop for images is possible in this field. Please post screenshots of at least General and Cameras tabs.
+    validations:
+      required: true
   - type: textarea
     id: other
     attributes:

.github/DISCUSSION_TEMPLATE/question.yml

@@ -1,9 +1,21 @@
 title: "[Question]: "
 labels: ["question"]
 body:
+  - type: markdown
+    attributes:
+      value: |
+        Use this form for questions you have about Frigate.
+
+        Before submitting your question, please [search the discussions][discussions], read the [official Frigate documentation][docs], and read the [Frigate FAQ][faq] pinned at the Discussion page to see if your question has already been answered by the community.
+
+        **If you are looking for support, start a new discussion and use a support category.**
+
+        [discussions]: https://www.github.com/blakeblackshear/frigate/discussions
+        [docs]: https://docs.frigate.video
+        [faq]: https://github.com/blakeblackshear/frigate/discussions/12724
   - type: textarea
     id: description
     attributes:
-      label: "What is your question:"
+      label: "What is your question?"
     validations:
       required: true

.github/DISCUSSION_TEMPLATE/report-a-bug.yml

@@ -0,0 +1,146 @@
+title: "[Bug]: "
+labels: ["bug", "triage"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Use this form to submit a reproducible bug in Frigate or Frigate's UI.
+
+        Before submitting your bug report, please [search the discussions][discussions], look at recent open and closed [pull requests][prs], read the [official Frigate documentation][docs], and read the [Frigate FAQ][faq] pinned at the Discussion page to see if your bug has already been fixed by the developers or reported by the community.
+
+        **If you are unsure if your issue is actually a bug or not, please submit a support request first.**
+
+        [discussions]: https://www.github.com/blakeblackshear/frigate/discussions
+        [prs]: https://www.github.com/blakeblackshear/frigate/pulls
+        [docs]: https://docs.frigate.video
+        [faq]: https://github.com/blakeblackshear/frigate/discussions/12724
+  - type: checkboxes
+    attributes:
+      label: Checklist
+      description: Please verify that you've followed these steps
+      options:
+        - label: I have updated to the latest available Frigate version.
+          required: true
+        - label: I have cleared the cache of my browser.
+          required: true
+        - label: I have tried a different browser to see if it is related to my browser.
+          required: true
+        - label: I have tried reproducing the issue in [incognito mode](https://www.computerworld.com/article/1719851/how-to-go-incognito-in-chrome-firefox-safari-and-edge.html) to rule out problems with any third party extensions or plugins I have installed.
+  - type: textarea
+    id: description
+    attributes:
+      label: Describe the problem you are having
+      description: Provide a clear and concise description of what the bug is.
+    validations:
+      required: true
+  - type: textarea
+    id: steps
+    attributes:
+      label: Steps to reproduce
+      description: |
+        Please tell us exactly how to reproduce your issue.
+        Provide clear and concise step by step instructions and add code snippets if needed.
+      value: |
+        1.
+        2.
+        3.
+        ...
+    validations:
+      required: true
+  - type: input
+    id: version
+    attributes:
+      label: Version
+      description: Visible on the System page in the Web UI. Please include the full version including the build identifier (eg. 0.14.0-ea36ds1)
+    validations:
+      required: true
+  - type: input
+    attributes:
+      label: In which browser(s) are you experiencing the issue with?
+      placeholder: Google Chrome 88.0.4324.150
+      description: >
+        Provide the full name and don't forget to add the version!
+  - type: textarea
+    id: config
+    attributes:
+      label: Frigate config file
+      description: This will be automatically formatted into code, so no need for backticks.
+      render: yaml
+    validations:
+      required: true
+  - type: textarea
+    id: docker
+    attributes:
+      label: docker-compose file or Docker CLI command
+      description: This will be automatically formatted into code, so no need for backticks.
+      render: yaml
+    validations:
+      required: true
+  - type: textarea
+    id: frigatelogs
+    attributes:
+      label: Relevant Frigate log output
+      description: Please copy and paste any relevant Frigate log output. Include logs before and after your exact error when possible. This will be automatically formatted into code, so no need for backticks.
+      render: shell
+    validations:
+      required: true
+  - type: textarea
+    id: go2rtclogs
+    attributes:
+      label: Relevant go2rtc log output
+      description: Please copy and paste any relevant go2rtc log output. Include logs before and after your exact error when possible. Logs can be viewed via the Frigate UI, Docker, or the go2rtc dashboard. This will be automatically formatted into code, so no need for backticks.
+      render: shell
+    validations:
+      required: true
+  - type: dropdown
+    id: os
+    attributes:
+      label: Operating system
+      options:
+        - HassOS
+        - Debian
+        - Other Linux
+        - Proxmox
+        - UNRAID
+        - Windows
+        - Other
+    validations:
+      required: true
+  - type: dropdown
+    id: install-method
+    attributes:
+      label: Install method
+      options:
+        - HassOS Addon
+        - Docker Compose
+        - Docker CLI
+    validations:
+      required: true
+  - type: dropdown
+    id: network
+    attributes:
+      label: Network connection
+      options:
+        - Wired
+        - Wireless
+        - Mixed
+    validations:
+      required: true
+  - type: input
+    id: camera
+    attributes:
+      label: Camera make and model
+      description: Dahua, hikvision, amcrest, reolink, etc and model number
+    validations:
+      required: true
+  - type: textarea
+    id: screenshots
+    attributes:
+      label: Screenshots of the Frigate UI's System metrics pages
+      description: Drag and drop for images is possible in this field. Please post screenshots of all tabs.
+    validations:
+      required: true
+  - type: textarea
+    id: other
+    attributes:
+      label: Any other information that may be helpful

.github/FUNDING.yml

@@ -1,3 +1,4 @@
 github:
   - blakeblackshear
   - NickM-27
+  - hawkeye217

.github/ISSUE_TEMPLATE/config.yml

@@ -2,4 +2,7 @@ blank_issues_enabled: false
 contact_links:
   - name: Frigate Support
     url: https://github.com/blakeblackshear/frigate/discussions/new/choose
-    about: Get support for setting up or troubelshooting Frigate.
+    about: Get support for setting up or troubleshooting Frigate.
+  - name: Frigate Bug Report
+    url: https://github.com/blakeblackshear/frigate/discussions/new/choose
+    about: Report a specific UI or backend bug.

.github/actions/setup/action.yml

@@ -5,7 +5,7 @@ inputs:
     required: true
 outputs:
   image-name:
-    value: ghcr.io/${{ steps.lowercaseRepo.outputs.lowercase }}:${{ github.ref_name }}-${{ steps.create-short-sha.outputs.SHORT_SHA }}
+    value: ghcr.io/${{ steps.lowercaseRepo.outputs.lowercase }}:${{ steps.create-short-sha.outputs.SHORT_SHA }}
   cache-name:
     value: ghcr.io/${{ steps.lowercaseRepo.outputs.lowercase }}:cache
 runs:
@@ -33,9 +33,9 @@ runs:
       with:
         string: ${{ github.repository }}
     - name: Set up QEMU
-      uses: docker/setup-qemu-action@v2
+      uses: docker/setup-qemu-action@v3
     - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v2
+      uses: docker/setup-buildx-action@v3
     - name: Log in to the Container registry
       uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc
       with:

.github/pull_request_template.md

@@ -0,0 +1,32 @@
+## Proposed change
+<!--
+  Describe what this pull request does and how it will benefit users of Frigate.
+  Please describe in detail any considerations, breaking changes, etc. that are 
+  made in this pull request.
+-->
+
+
+## Type of change
+
+- [ ] Dependency upgrade
+- [ ] Bugfix (non-breaking change which fixes an issue)
+- [ ] New feature
+- [ ] Breaking change (fix/feature causing existing functionality to break)
+- [ ] Code quality improvements to existing code
+- [ ] Documentation Update
+
+## Additional information
+
+- This PR fixes or closes issue: fixes #
+- This PR is related to issue: 
+
+## Checklist
+
+<!--
+  Put an `x` in the boxes that apply.
+-->
+
+- [ ] The code change is tested and works locally.
+- [ ] Local tests pass. **Your PR cannot be merged unless tests pass**
+- [ ] There is no commented out code in this PR.
+- [ ] The code has been formatted using Ruff (`ruff format frigate`)

.github/workflows/ci.yml

@@ -6,6 +6,8 @@ on:
     branches:
       - dev
       - master
+    paths-ignore:
+      - "docs/**"
 
 # only run the latest commit to avoid cache overwrites
 concurrency:
@@ -17,11 +19,13 @@ env:
 
 jobs:
   amd64_build:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     name: AMD64 Build
     steps:
       - name: Check out code
         uses: actions/checkout@v4
+        with:
+          persist-credentials: false
       - name: Set up QEMU and Buildx
         id: setup
         uses: ./.github/actions/setup
@@ -38,11 +42,13 @@ jobs:
           tags: ${{ steps.setup.outputs.image-name }}-amd64
           cache-from: type=registry,ref=${{ steps.setup.outputs.cache-name }}-amd64
   arm64_build:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     name: ARM Build
     steps:
       - name: Check out code
         uses: actions/checkout@v4
+        with:
+          persist-credentials: false
       - name: Set up QEMU and Buildx
         id: setup
         uses: ./.github/actions/setup
@@ -60,8 +66,9 @@ jobs:
             ${{ steps.setup.outputs.image-name }}-standard-arm64
           cache-from: type=registry,ref=${{ steps.setup.outputs.cache-name }}-arm64
       - name: Build and push RPi build
-        uses: docker/bake-action@v4
+        uses: docker/bake-action@v6
         with:
+          source: .
           push: true
           targets: rpi
           files: docker/rpi/rpi.hcl
@@ -69,21 +76,15 @@ jobs:
             rpi.tags=${{ steps.setup.outputs.image-name }}-rpi
             *.cache-from=type=registry,ref=${{ steps.setup.outputs.cache-name }}-arm64
             *.cache-to=type=registry,ref=${{ steps.setup.outputs.cache-name }}-arm64,mode=max
-      - name: Build and push Rockchip build
-        uses: docker/bake-action@v3
-        with:
-          push: true
-          targets: rk
-          files: docker/rockchip/rk.hcl
-          set: |
-            rk.tags=${{ steps.setup.outputs.image-name }}-rk
-            *.cache-from=type=gha
   jetson_jp4_build:
-    runs-on: ubuntu-latest
+    if: false
+    runs-on: ubuntu-22.04
     name: Jetson Jetpack 4
     steps:
       - name: Check out code
         uses: actions/checkout@v4
+        with:
+          persist-credentials: false
       - name: Set up QEMU and Buildx
         id: setup
         uses: ./.github/actions/setup
@@ -95,8 +96,9 @@ jobs:
           BASE_IMAGE: timongentzsch/l4t-ubuntu20-opencv:latest
           SLIM_BASE: timongentzsch/l4t-ubuntu20-opencv:latest
           TRT_BASE: timongentzsch/l4t-ubuntu20-opencv:latest
-        uses: docker/bake-action@v4
+        uses: docker/bake-action@v6
         with:
+          source: .
           push: true
           targets: tensorrt
           files: docker/tensorrt/trt.hcl
@@ -105,11 +107,14 @@ jobs:
             *.cache-from=type=registry,ref=${{ steps.setup.outputs.cache-name }}-jp4
             *.cache-to=type=registry,ref=${{ steps.setup.outputs.cache-name }}-jp4,mode=max
   jetson_jp5_build:
-    runs-on: ubuntu-latest
+    if: false
+    runs-on: ubuntu-22.04
     name: Jetson Jetpack 5
     steps:
       - name: Check out code
         uses: actions/checkout@v4
+        with:
+          persist-credentials: false
       - name: Set up QEMU and Buildx
         id: setup
         uses: ./.github/actions/setup
@@ -121,8 +126,9 @@ jobs:
           BASE_IMAGE: nvcr.io/nvidia/l4t-tensorrt:r8.5.2-runtime
           SLIM_BASE: nvcr.io/nvidia/l4t-tensorrt:r8.5.2-runtime
           TRT_BASE: nvcr.io/nvidia/l4t-tensorrt:r8.5.2-runtime
-        uses: docker/bake-action@v4
+        uses: docker/bake-action@v6
         with:
+          source: .
           push: true
           targets: tensorrt
           files: docker/tensorrt/trt.hcl
@@ -131,13 +137,15 @@ jobs:
             *.cache-from=type=registry,ref=${{ steps.setup.outputs.cache-name }}-jp5
             *.cache-to=type=registry,ref=${{ steps.setup.outputs.cache-name }}-jp5,mode=max
   amd64_extra_builds:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     name: AMD64 Extra Build
     needs:
       - amd64_build
     steps:
       - name: Check out code
         uses: actions/checkout@v4
+        with:
+          persist-credentials: false
       - name: Set up QEMU and Buildx
         id: setup
         uses: ./.github/actions/setup
@@ -146,8 +154,9 @@ jobs:
       - name: Build and push TensorRT (x86 GPU)
         env:
           COMPUTE_LEVEL: "50 60 70 80 90"
-        uses: docker/bake-action@v4
+        uses: docker/bake-action@v6
         with:
+          source: .
           push: true
           targets: tensorrt
           files: docker/tensorrt/trt.hcl
@@ -155,61 +164,48 @@ jobs:
             tensorrt.tags=${{ steps.setup.outputs.image-name }}-tensorrt
             *.cache-from=type=registry,ref=${{ steps.setup.outputs.cache-name }}-amd64
             *.cache-to=type=registry,ref=${{ steps.setup.outputs.cache-name }}-amd64,mode=max
-      #- name: AMD/ROCm general build
-      #  env:
-      #    AMDGPU: gfx
-      #    HSA_OVERRIDE: 0
-      #  uses: docker/bake-action@v3
-      #  with:
-      #    push: true
-      #    targets: rocm
-      #    files: docker/rocm/rocm.hcl
-      #    set: |
-      #      rocm.tags=${{ steps.setup.outputs.image-name }}-rocm
-      #      *.cache-from=type=gha
-      #- name: AMD/ROCm gfx900
-      #  env:
-      #    AMDGPU: gfx900
-      #    HSA_OVERRIDE: 1
-      #    HSA_OVERRIDE_GFX_VERSION: 9.0.0
-      #  uses: docker/bake-action@v3
-      #  with:
-      #    push: true
-      #    targets: rocm
-      #    files: docker/rocm/rocm.hcl
-      #    set: |
-      #      rocm.tags=${{ steps.setup.outputs.image-name }}-rocm-gfx900
-      #      *.cache-from=type=gha
-      #- name: AMD/ROCm gfx1030
-      #  env:
-      #    AMDGPU: gfx1030
-      #    HSA_OVERRIDE: 1
-      #    HSA_OVERRIDE_GFX_VERSION: 10.3.0
-      #  uses: docker/bake-action@v3
-      #  with:
-      #    push: true
-      #    targets: rocm
-      #    files: docker/rocm/rocm.hcl
-      #    set: |
-      #      rocm.tags=${{ steps.setup.outputs.image-name }}-rocm-gfx1030
-      #      *.cache-from=type=gha
-      #- name: AMD/ROCm gfx1100
-      #  env:
-      #    AMDGPU: gfx1100
-      #    HSA_OVERRIDE: 1
-      #    HSA_OVERRIDE_GFX_VERSION: 11.0.0
-      #  uses: docker/bake-action@v3
-      #  with:
-      #    push: true
-      #    targets: rocm
-      #    files: docker/rocm/rocm.hcl
-      #    set: |
-      #      rocm.tags=${{ steps.setup.outputs.image-name }}-rocm-gfx1100
-      #      *.cache-from=type=gha
+      - name: AMD/ROCm general build
+        env:
+          AMDGPU: gfx
+          HSA_OVERRIDE: 0
+        uses: docker/bake-action@v6
+        with:
+          source: .
+          push: true
+          targets: rocm
+          files: docker/rocm/rocm.hcl
+          set: |
+            rocm.tags=${{ steps.setup.outputs.image-name }}-rocm
+            *.cache-from=type=gha
+  arm64_extra_builds:
+    runs-on: ubuntu-22.04
+    name: ARM Extra Build
+    needs:
+      - arm64_build
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+        with:
+          persist-credentials: false
+      - name: Set up QEMU and Buildx
+        id: setup
+        uses: ./.github/actions/setup
+        with:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Build and push Rockchip build
+        uses: docker/bake-action@v6
+        with:
+          source: .
+          push: true
+          targets: rk
+          files: docker/rockchip/rk.hcl
+          set: |
+            rk.tags=${{ steps.setup.outputs.image-name }}-rk
+            *.cache-from=type=gha
   # The majority of users running arm64 are rpi users, so the rpi
   # build should be the primary arm64 image
   assemble_default_build:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     name: Assemble and push default build
     needs:
       - amd64_build
@@ -220,7 +216,7 @@ jobs:
         with:
           string: ${{ github.repository }}
       - name: Log in to the Container registry
-        uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446
+        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
@@ -229,7 +225,7 @@ jobs:
         run: echo "SHORT_SHA=${GITHUB_SHA::7}" >> $GITHUB_ENV
       - uses: int128/docker-manifest-create-action@v2
         with:
-          tags: ghcr.io/${{ steps.lowercaseRepo.outputs.lowercase }}:${{ github.ref_name }}-${{ env.SHORT_SHA }}
+          tags: ghcr.io/${{ steps.lowercaseRepo.outputs.lowercase }}:${{ env.SHORT_SHA }}
           sources: |
-            ghcr.io/${{ steps.lowercaseRepo.outputs.lowercase }}:${{ github.ref_name }}-${{ env.SHORT_SHA }}-amd64
-            ghcr.io/${{ steps.lowercaseRepo.outputs.lowercase }}:${{ github.ref_name }}-${{ env.SHORT_SHA }}-rpi
+            ghcr.io/${{ steps.lowercaseRepo.outputs.lowercase }}:${{ env.SHORT_SHA }}-amd64
+            ghcr.io/${{ steps.lowercaseRepo.outputs.lowercase }}:${{ env.SHORT_SHA }}-rpi

.github/workflows/dependabot-auto-merge.yaml

@@ -1,24 +0,0 @@
-name: dependabot-auto-merge
-on: pull_request
-
-permissions:
-  contents: write
-
-jobs:
-  dependabot-auto-merge:
-    runs-on: ubuntu-latest
-    if: github.actor == 'dependabot[bot]'
-    steps:
-      - name: Get Dependabot metadata
-        id: metadata
-        uses: dependabot/fetch-metadata@v2
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-      - name: Enable auto-merge for Dependabot PRs
-        if: steps.metadata.outputs.dependency-type == 'direct:development' && (steps.metadata.outputs.update-type == 'version-update:semver-minor' || steps.metadata.outputs.update-type == 'version-update:semver-patch')
-        run: |
-          gh pr review --approve "$PR_URL"
-          gh pr merge --auto --squash "$PR_URL"
-        env:
-          PR_URL: ${{ github.event.pull_request.html_url }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/pull_request.yml

@@ -1,9 +1,12 @@
 name: On pull request
 
-on: pull_request
+on:
+  pull_request:
+    paths-ignore:
+      - "docs/**"
 
 env:
-  DEFAULT_PYTHON: 3.9
+  DEFAULT_PYTHON: 3.11
 
 jobs:
   build_devcontainer:
@@ -16,6 +19,8 @@ jobs:
       DOCKER_BUILDKIT: "1"
     steps:
       - uses: actions/checkout@v4
+        with:
+          persist-credentials: false
       - uses: actions/setup-node@master
         with:
           node-version: 16.x
@@ -35,6 +40,8 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
+        with:
+          persist-credentials: false
       - uses: actions/setup-node@master
         with:
           node-version: 16.x
@@ -49,6 +56,8 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
+        with:
+          persist-credentials: false
       - uses: actions/setup-node@master
         with:
           node-version: 20.x
@@ -64,8 +73,10 @@ jobs:
     steps:
       - name: Check out the repository
         uses: actions/checkout@v4
+        with:
+          persist-credentials: false
       - name: Set up Python ${{ env.DEFAULT_PYTHON }}
-        uses: actions/setup-python@v5.1.0
+        uses: actions/setup-python@v5.3.0
         with:
           python-version: ${{ env.DEFAULT_PYTHON }}
       - name: Install requirements
@@ -85,6 +96,8 @@ jobs:
     steps:
       - name: Check out code
         uses: actions/checkout@v4
+        with:
+          persist-credentials: false
       - uses: actions/setup-node@master
         with:
           node-version: 16.x

.github/workflows/release.yml

@@ -11,22 +11,27 @@ jobs:
 
     steps:
       - uses: actions/checkout@v4
+        with:
+          persist-credentials: false
       - id: lowercaseRepo
         uses: ASzc/change-string-case-action@v6
         with:
           string: ${{ github.repository }}
       - name: Log in to the Container registry
-        uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446
+        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
       - name: Create tag variables
+        env:
+          TAG: ${{ github.ref_name }}
+          LOWERCASE_REPO: ${{ steps.lowercaseRepo.outputs.lowercase }}
         run: |
-          BRANCH=$([[ "${{ github.ref_name }}" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]] && echo "master" || echo "dev")
-          echo "BRANCH=${BRANCH}" >> $GITHUB_ENV
-          echo "BASE=ghcr.io/${{ steps.lowercaseRepo.outputs.lowercase }}" >> $GITHUB_ENV
-          echo "BUILD_TAG=${BRANCH}-${GITHUB_SHA::7}" >> $GITHUB_ENV
+          BUILD_TYPE=$([[ "${TAG}" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]] && echo "stable" || echo "beta")
+          echo "BUILD_TYPE=${BUILD_TYPE}" >> $GITHUB_ENV
+          echo "BASE=ghcr.io/${LOWERCASE_REPO}" >> $GITHUB_ENV
+          echo "BUILD_TAG=${GITHUB_SHA::7}" >> $GITHUB_ENV
           echo "CLEAN_VERSION=$(echo ${GITHUB_REF##*/} | tr '[:upper:]' '[:lower:]' | sed 's/^[v]//')" >> $GITHUB_ENV
       - name: Tag and push the main image
         run: |
@@ -34,14 +39,14 @@ jobs:
           STABLE_TAG=${BASE}:stable
           PULL_TAG=${BASE}:${BUILD_TAG}
           docker run --rm -v $HOME/.docker/config.json:/config.json quay.io/skopeo/stable:latest copy --authfile /config.json --multi-arch all docker://${PULL_TAG} docker://${VERSION_TAG}
-          for variant in standard-arm64 tensorrt tensorrt-jp4 tensorrt-jp5 rk; do
+          for variant in standard-arm64 tensorrt tensorrt-jp4 tensorrt-jp5 rk h8l rocm; do
             docker run --rm -v $HOME/.docker/config.json:/config.json quay.io/skopeo/stable:latest copy --authfile /config.json --multi-arch all docker://${PULL_TAG}-${variant} docker://${VERSION_TAG}-${variant}
           done
 
           # stable tag
-          if [[ "${BRANCH}" == "master" ]]; then
+          if [[ "${BUILD_TYPE}" == "stable" ]]; then
             docker run --rm -v $HOME/.docker/config.json:/config.json quay.io/skopeo/stable:latest copy --authfile /config.json --multi-arch all docker://${PULL_TAG} docker://${STABLE_TAG}
-            for variant in standard-arm64 tensorrt tensorrt-jp4 tensorrt-jp5 rk; do
+            for variant in standard-arm64 tensorrt tensorrt-jp4 tensorrt-jp5 rk h8l rocm; do
               docker run --rm -v $HOME/.docker/config.json:/config.json quay.io/skopeo/stable:latest copy --authfile /config.json --multi-arch all docker://${PULL_TAG}-${variant} docker://${STABLE_TAG}-${variant}
             done
           fi

.github/workflows/stale.yml

@@ -23,19 +23,20 @@ jobs:
           exempt-pr-labels: "pinned,security,dependencies"
           operations-per-run: 120
       - name: Print outputs
-        run: echo ${{ join(steps.stale.outputs.*, ',') }}
-
-  clean_ghcr:
-    name: Delete outdated dev container images
-    runs-on: ubuntu-latest
-    steps:
-      - name: Delete old images
-        uses: snok/container-retention-policy@v2
-        with:
-          image-names: dev-*
-          cut-off: 60 days ago UTC
-          keep-at-least: 5
-          account-type: personal
-          token: ${{ secrets.GITHUB_TOKEN }}
-          token-type: github-token
+        env:
+          STALE_OUTPUT: ${{ join(steps.stale.outputs.*, ',') }}
+        run: echo "$STALE_OUTPUT"
 
+  # clean_ghcr:
+  #   name: Delete outdated dev container images
+  #   runs-on: ubuntu-latest
+  #   steps:
+  #     - name: Delete old images
+  #       uses: snok/container-retention-policy@v2
+  #       with:
+  #         image-names: dev-*
+  #         cut-off: 60 days ago UTC
+  #         keep-at-least: 5
+  #         account-type: personal
+  #         token: ${{ secrets.GITHUB_TOKEN }}
+  #         token-type: github-token

.gitignore

@@ -1,5 +1,6 @@
 .DS_Store
-*.pyc
+__pycache__
+.mypy_cache
 *.swp
 debug
 .vscode/*

.vscode/launch.json

@@ -3,10 +3,9 @@
   "configurations": [
     {
       "name": "Python: Launch Frigate",
-      "type": "python",
+      "type": "debugpy",
       "request": "launch",
-      "module": "frigate",
-      "justMyCode": true
+      "module": "frigate"
     }
   ]
 }

CODEOWNERS

@@ -4,3 +4,4 @@
 /docker/tensorrt/*jetson* @madsciencetist
 /docker/rockchip/ @MarcA711
 /docker/rocm/ @harakas
+/docker/hailo8l/ @spanner3003

Makefile

@@ -1,11 +1,9 @@
 default_target: local
 
 COMMIT_HASH := $(shell git log -1 --pretty=format:"%h"|tail -1)
-VERSION = 0.14.0
+VERSION = 0.16.0
 IMAGE_REPO ?= ghcr.io/blakeblackshear/frigate
 GITHUB_REF_NAME ?= $(shell git rev-parse --abbrev-ref HEAD)
-CURRENT_UID := $(shell id -u)
-CURRENT_GID := $(shell id -g)
 BOARDS= #Initialized empty
 
 include docker/*/*.mk
@@ -18,25 +16,38 @@ version:
 	echo 'VERSION = "$(VERSION)-$(COMMIT_HASH)"' > frigate/version.py
 
 local: version
-	docker buildx build --target=frigate --tag frigate:latest --load --file docker/main/Dockerfile .
+	docker buildx build --target=frigate --file docker/main/Dockerfile . \
+		--tag frigate:latest \
+		--load
 
 amd64:
-	docker buildx build --platform linux/amd64 --target=frigate --tag $(IMAGE_REPO):$(VERSION)-$(COMMIT_HASH) --file docker/main/Dockerfile .
+	docker buildx build --target=frigate --file docker/main/Dockerfile . \
+		--tag $(IMAGE_REPO):$(VERSION)-$(COMMIT_HASH) \
+		--platform linux/amd64
 
 arm64:
-	docker buildx build --platform linux/arm64 --target=frigate --tag $(IMAGE_REPO):$(VERSION)-$(COMMIT_HASH) --file docker/main/Dockerfile .
+	docker buildx build --target=frigate --file docker/main/Dockerfile . \
+		--tag $(IMAGE_REPO):$(VERSION)-$(COMMIT_HASH) \
+		--platform linux/arm64
 
 build: version amd64 arm64
-	docker buildx build --platform linux/arm64/v8,linux/amd64 --target=frigate --tag $(IMAGE_REPO):$(VERSION)-$(COMMIT_HASH) --file docker/main/Dockerfile .
+	docker buildx build --target=frigate --file docker/main/Dockerfile . \
+		--tag $(IMAGE_REPO):$(VERSION)-$(COMMIT_HASH) \
+		--platform linux/arm64/v8,linux/amd64
 
 push: push-boards
-	docker buildx build --push --platform linux/arm64/v8,linux/amd64 --target=frigate --tag $(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH) --file docker/main/Dockerfile .
+	docker buildx build --target=frigate --file docker/main/Dockerfile . \
+		--tag $(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH) \
+		--platform linux/arm64/v8,linux/amd64 \
+		--push
 
 run: local
 	docker run --rm --publish=5000:5000 --volume=${PWD}/config:/config frigate:latest
 
 run_tests: local
-	docker run --rm --workdir=/opt/frigate --entrypoint= frigate:latest python3 -u -m unittest
-	docker run --rm --workdir=/opt/frigate --entrypoint= frigate:latest python3 -u -m mypy --config-file frigate/mypy.ini frigate
+	docker run --rm --workdir=/opt/frigate --entrypoint= frigate:latest \
+		python3 -u -m unittest
+	docker run --rm --workdir=/opt/frigate --entrypoint= frigate:latest \
+		python3 -u -m mypy --config-file frigate/mypy.ini frigate
 
 .PHONY: run_tests

README.md

@@ -29,18 +29,22 @@ If you would like to make a donation to support development, please use [Github
 
 ## Screenshots
 
-Integration into Home Assistant
-
+### Live dashboard
 <div>
-<a href="docs/static/img/media_browser.png"><img src="docs/static/img/media_browser.png" height=400></a>
-<a href="docs/static/img/notification.png"><img src="docs/static/img/notification.png" height=400></a>
+<img width="800" alt="Live dashboard" src="https://github.com/blakeblackshear/frigate/assets/569905/5e713cb9-9db5-41dc-947a-6937c3bc376e">
 </div>
 
-Also comes with a builtin UI:
-
+### Streamlined review workflow
 <div>
-<a href="docs/static/img/home-ui.png"><img src="docs/static/img/home-ui.png" height=400></a>
-<a href="docs/static/img/camera-ui.png"><img src="docs/static/img/camera-ui.png" height=400></a>
+<img width="800" alt="Streamlined review workflow" src="https://github.com/blakeblackshear/frigate/assets/569905/6fed96e8-3b18-40e5-9ddc-31e6f3c9f2ff">
 </div>
 
-![Events](docs/static/img/events-ui.png)
+### Multi-camera scrubbing
+<div>
+<img width="800" alt="Multi-camera scrubbing" src="https://github.com/blakeblackshear/frigate/assets/569905/d6788a15-0eeb-4427-a8d4-80b93cae3d74">
+</div>
+
+### Built-in mask and zone editor
+<div>
+<img width="800" alt="Multi-camera scrubbing" src="https://github.com/blakeblackshear/frigate/assets/569905/d7885fc3-bfe6-452f-b7d0-d957cb3e31f5">
+</div>

benchmark.py

@@ -4,6 +4,7 @@ from statistics import mean
 
 import numpy as np
 
+import frigate.util as util
 from frigate.config import DetectorTypeEnum
 from frigate.object_detection import (
     ObjectDetectProcess,
@@ -60,7 +61,7 @@ def start(id, num_detections, detection_queue, event):
     object_detector.cleanup()
     print(f"{id} - Processed for {duration:.2f} seconds.")
     print(f"{id} - FPS: {object_detector.fps.eps():.2f}")
-    print(f"{id} - Average frame processing time: {mean(frame_times)*1000:.2f}ms")
+    print(f"{id} - Average frame processing time: {mean(frame_times) * 1000:.2f}ms")
 
 
 ######
@@ -90,7 +91,7 @@ edgetpu_process_2 = ObjectDetectProcess(
 )
 
 for x in range(0, 10):
-    camera_process = mp.Process(
+    camera_process = util.Process(
         target=start, args=(x, 300, detection_queue, events[str(x)])
     )
     camera_process.daemon = True

cspell.json

@@ -7,7 +7,8 @@
     "*.db",
     "node_modules",
     "__pycache__",
-    "dist"
+    "dist",
+    "/audio-labelmap.txt"
   ],
   "language": "en",
   "dictionaryDefinitions": [

docker-compose.yml

@@ -23,7 +23,7 @@ services:
     #                     count: 1
     #                     capabilities: [gpu]
     environment:
-      YOLO_MODELS: yolov7-320
+      YOLO_MODELS: ""
     devices:
       - /dev/bus/usb:/dev/bus/usb
       # - /dev/dri:/dev/dri # for intel hwaccel, needs to be updated for your hardware

docker/hailo8l/user_installation.sh

@@ -0,0 +1,49 @@
+#!/bin/bash
+
+# Update package list and install dependencies
+sudo apt-get update
+sudo apt-get install -y build-essential cmake git wget
+
+hailo_version="4.20.0"
+arch=$(uname -m)
+
+if [[ $arch == "x86_64" ]]; then
+    sudo apt install -y linux-headers-$(uname -r);
+else
+    sudo apt install -y linux-modules-extra-$(uname -r);
+fi
+
+# Clone the HailoRT driver repository
+git clone --depth 1 --branch v${hailo_version} https://github.com/hailo-ai/hailort-drivers.git
+
+# Build and install the HailoRT driver
+cd hailort-drivers/linux/pcie
+sudo make all
+sudo make install
+
+# Load the Hailo PCI driver
+sudo modprobe hailo_pci
+
+if [ $? -ne 0 ]; then
+  echo "Unable to load hailo_pci module, common reasons for this are:"
+  echo "- Key was rejected by service: Secure Boot is enabling disallowing install."
+  echo "- Permissions are not setup correctly."
+  exit 1
+fi
+
+# Download and install the firmware
+cd ../../
+./download_firmware.sh
+
+# verify the firmware folder is present
+if [ ! -d /lib/firmware/hailo ]; then
+  sudo mkdir /lib/firmware/hailo
+fi
+sudo mv hailo8_fw.*.bin /lib/firmware/hailo/hailo8_fw.bin
+
+# Install udev rules
+sudo cp ./linux/pcie/51-hailo-udev.rules /etc/udev/rules.d/
+sudo udevadm control --reload-rules && sudo udevadm trigger
+
+echo "HailoRT driver installation complete."
+echo "reboot your system to load the firmware!"

docker/main/Dockerfile

@@ -3,12 +3,12 @@
 # https://askubuntu.com/questions/972516/debian-frontend-environment-variable
 ARG DEBIAN_FRONTEND=noninteractive
 
-ARG BASE_IMAGE=debian:11
-ARG SLIM_BASE=debian:11-slim
+ARG BASE_IMAGE=debian:12
+ARG SLIM_BASE=debian:12-slim
 
 FROM ${BASE_IMAGE} AS base
 
-FROM --platform=${BUILDPLATFORM} debian:11 AS base_host
+FROM --platform=${BUILDPLATFORM} debian:12 AS base_host
 
 FROM ${SLIM_BASE} AS slim-base
 
@@ -30,11 +30,25 @@ RUN --mount=type=tmpfs,target=/tmp --mount=type=tmpfs,target=/var/cache/apt \
     --mount=type=cache,target=/root/.ccache \
     /deps/build_nginx.sh
 
+FROM wget AS sqlite-vec
+ARG DEBIAN_FRONTEND
+
+# Build sqlite_vec from source
+COPY docker/main/build_sqlite_vec.sh /deps/build_sqlite_vec.sh
+RUN --mount=type=tmpfs,target=/tmp --mount=type=tmpfs,target=/var/cache/apt \
+    --mount=type=bind,source=docker/main/build_sqlite_vec.sh,target=/deps/build_sqlite_vec.sh \
+    --mount=type=cache,target=/root/.ccache \
+    /deps/build_sqlite_vec.sh
+
 FROM scratch AS go2rtc
 ARG TARGETARCH
 WORKDIR /rootfs/usr/local/go2rtc/bin
 ADD --link --chmod=755 "https://github.com/AlexxIT/go2rtc/releases/download/v1.9.2/go2rtc_linux_${TARGETARCH}" go2rtc
 
+FROM wget AS tempio
+ARG TARGETARCH
+RUN --mount=type=bind,source=docker/main/install_tempio.sh,target=/deps/install_tempio.sh \
+    /deps/install_tempio.sh
 
 ####
 #
@@ -52,8 +66,8 @@ COPY docker/main/requirements-ov.txt /requirements-ov.txt
 RUN apt-get -qq update \
     && apt-get -qq install -y wget python3 python3-dev python3-distutils gcc pkg-config libhdf5-dev \
     && wget -q https://bootstrap.pypa.io/get-pip.py -O get-pip.py \
-    && python3 get-pip.py "pip" \
-    && pip install -r /requirements-ov.txt
+    && python3 get-pip.py "pip" --break-system-packages \
+    && pip install --break-system-packages -r /requirements-ov.txt
 
 # Get OpenVino Model
 RUN --mount=type=bind,source=docker/main/build_ov_model.py,target=/build_ov_model.py \
@@ -62,6 +76,40 @@ RUN --mount=type=bind,source=docker/main/build_ov_model.py,target=/build_ov_mode
     && tar -xvf ssdlite_mobilenet_v2_coco_2018_05_09.tar.gz \
     && python3 /build_ov_model.py
 
+####
+#
+# Coral Compatibility
+#
+# Builds libusb without udev. Needed for synology and other devices with USB coral
+####
+# libUSB - No Udev
+FROM wget as libusb-build
+ARG TARGETARCH
+ARG DEBIAN_FRONTEND
+ENV CCACHE_DIR /root/.ccache
+ENV CCACHE_MAXSIZE 2G
+
+# Build libUSB without udev.  Needed for Openvino NCS2 support
+WORKDIR /opt
+RUN apt-get update && apt-get install -y unzip build-essential automake libtool ccache pkg-config
+RUN --mount=type=cache,target=/root/.ccache wget -q https://github.com/libusb/libusb/archive/v1.0.26.zip -O v1.0.26.zip && \
+    unzip v1.0.26.zip && cd libusb-1.0.26 && \
+    ./bootstrap.sh && \
+    ./configure CC='ccache gcc' CCX='ccache g++' --disable-udev --enable-shared && \
+    make -j $(nproc --all)
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends libusb-1.0-0-dev && \
+    rm -rf /var/lib/apt/lists/*
+WORKDIR /opt/libusb-1.0.26/libusb
+RUN /bin/mkdir -p '/usr/local/lib' && \
+    /bin/bash ../libtool  --mode=install /usr/bin/install -c libusb-1.0.la '/usr/local/lib' && \
+    /bin/mkdir -p '/usr/local/include/libusb-1.0' && \
+    /usr/bin/install -c -m 644 libusb.h '/usr/local/include/libusb-1.0' && \
+    /bin/mkdir -p '/usr/local/lib/pkgconfig' && \
+    cd  /opt/libusb-1.0.26/ && \
+    /usr/bin/install -c -m 644 libusb-1.0.pc '/usr/local/lib/pkgconfig' && \
+    ldconfig
+
 FROM wget AS models
 
 # Get model and labels
@@ -74,7 +122,7 @@ COPY --from=ov-converter /models/ssdlite_mobilenet_v2.bin openvino-model/
 RUN wget -q https://github.com/openvinotoolkit/open_model_zoo/raw/master/data/dataset_classes/coco_91cl_bkgr.txt -O openvino-model/coco_91cl_bkgr.txt && \
     sed -i 's/truck/car/g' openvino-model/coco_91cl_bkgr.txt
 # Get Audio Model and labels
-RUN wget -qO cpu_audio_model.tflite https://tfhub.dev/google/lite-model/yamnet/classification/tflite/1?lite-format=tflite
+RUN wget -qO - https://www.kaggle.com/api/v1/models/google/yamnet/tfLite/classification-tflite/1/download | tar xvz && mv 1.tflite cpu_audio_model.tflite
 COPY audio-labelmap.txt .
 
 
@@ -91,48 +139,51 @@ ARG TARGETARCH
 # Use a separate container to build wheels to prevent build dependencies in final image
 RUN apt-get -qq update \
     && apt-get -qq install -y \
-    apt-transport-https \
-    gnupg \
-    wget \
-    # the key fingerprint can be obtained from https://ftp-master.debian.org/keys.html
-    && wget -qO- "https://keyserver.ubuntu.com/pks/lookup?op=get&search=0xA4285295FC7B1A81600062A9605C66F00D6C9793" | \
-    gpg --dearmor > /usr/share/keyrings/debian-archive-bullseye-stable.gpg \
-    && echo "deb [signed-by=/usr/share/keyrings/debian-archive-bullseye-stable.gpg] http://deb.debian.org/debian bullseye main contrib non-free" | \
-    tee /etc/apt/sources.list.d/debian-bullseye-nonfree.list \
+    apt-transport-https wget \
     && apt-get -qq update \
     && apt-get -qq install -y \
-    python3.9 \
-    python3.9-dev \
+    python3 \
+    python3-dev \
     # opencv dependencies
     build-essential cmake git pkg-config libgtk-3-dev \
     libavcodec-dev libavformat-dev libswscale-dev libv4l-dev \
     libxvidcore-dev libx264-dev libjpeg-dev libpng-dev libtiff-dev \
     gfortran openexr libatlas-base-dev libssl-dev\
-    libtbb2 libtbb-dev libdc1394-22-dev libopenexr-dev \
+    libtbbmalloc2 libtbb-dev libdc1394-dev libopenexr-dev \
     libgstreamer-plugins-base1.0-dev libgstreamer1.0-dev \
+    # sqlite3 dependencies
+    tclsh \
     # scipy dependencies
     gcc gfortran libopenblas-dev liblapack-dev && \
     rm -rf /var/lib/apt/lists/*
 
-# Ensure python3 defaults to python3.9
-RUN update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.9 1
-
 RUN wget -q https://bootstrap.pypa.io/get-pip.py -O get-pip.py \
-    && python3 get-pip.py "pip"
+    && python3 get-pip.py "pip" --break-system-packages
 
 COPY docker/main/requirements.txt /requirements.txt
-RUN pip3 install -r /requirements.txt
+RUN pip3 install -r /requirements.txt --break-system-packages
+
+# Build pysqlite3 from source
+COPY docker/main/build_pysqlite3.sh /build_pysqlite3.sh
+RUN /build_pysqlite3.sh
 
 COPY docker/main/requirements-wheels.txt /requirements-wheels.txt
 RUN pip3 wheel --wheel-dir=/wheels -r /requirements-wheels.txt
 
+# Install HailoRT & Wheels
+RUN --mount=type=bind,source=docker/main/install_hailort.sh,target=/deps/install_hailort.sh \
+    /deps/install_hailort.sh
 
 # Collect deps in a single layer
 FROM scratch AS deps-rootfs
 COPY --from=nginx /usr/local/nginx/ /usr/local/nginx/
+COPY --from=sqlite-vec /usr/local/lib/ /usr/local/lib/
 COPY --from=go2rtc /rootfs/ /
+COPY --from=libusb-build /usr/local/lib /usr/local/lib
+COPY --from=tempio /rootfs/ /
 COPY --from=s6-overlay /rootfs/ /
 COPY --from=models /rootfs/ /
+COPY --from=wheels /rootfs/ /
 COPY docker/main/rootfs/ /
 
 
@@ -148,18 +199,29 @@ ARG APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=DontWarn
 ENV NVIDIA_VISIBLE_DEVICES=all
 ENV NVIDIA_DRIVER_CAPABILITIES="compute,video,utility"
 
-ENV PATH="/usr/lib/btbn-ffmpeg/bin:/usr/local/go2rtc/bin:/usr/local/nginx/sbin:${PATH}"
+# Disable tokenizer parallelism warning
+# https://stackoverflow.com/questions/62691279/how-to-disable-tokenizers-parallelism-true-false-warning/72926996#72926996
+ENV TOKENIZERS_PARALLELISM=true
+# https://github.com/huggingface/transformers/issues/27214
+ENV TRANSFORMERS_NO_ADVISORY_WARNINGS=1
+
+# Set OpenCV ffmpeg loglevel to fatal: https://ffmpeg.org/doxygen/trunk/log_8h.html
+ENV OPENCV_FFMPEG_LOGLEVEL=8
+
+ENV PATH="/usr/local/go2rtc/bin:/usr/local/tempio/bin:/usr/local/nginx/sbin:${PATH}"
 
 # Install dependencies
 RUN --mount=type=bind,source=docker/main/install_deps.sh,target=/deps/install_deps.sh \
     /deps/install_deps.sh
 
 RUN --mount=type=bind,from=wheels,source=/wheels,target=/deps/wheels \
-    python3 -m pip install --upgrade pip && \
-    pip3 install -U /deps/wheels/*.whl
+    python3 -m pip install --upgrade pip --break-system-packages && \
+    pip3 install -U /deps/wheels/*.whl --break-system-packages
 
 COPY --from=deps-rootfs / /
 
+RUN ldconfig
+
 EXPOSE 5000
 EXPOSE 8554
 EXPOSE 8555/tcp 8555/udp
@@ -172,7 +234,7 @@ ENV S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0
 ENTRYPOINT ["/init"]
 CMD []
 
-HEALTHCHECK --start-period=120s --start-interval=5s --interval=15s --timeout=5s --retries=3 \
+HEALTHCHECK --start-period=300s --start-interval=5s --interval=15s --timeout=5s --retries=3 \
     CMD curl --fail --silent --show-error http://127.0.0.1:5000/api/version || exit 1
 
 # Frigate deps with Node.js and NPM for devcontainer
@@ -201,7 +263,7 @@ RUN apt-get update \
     && rm -rf /var/lib/apt/lists/*
 
 RUN --mount=type=bind,source=./docker/main/requirements-dev.txt,target=/workspace/frigate/requirements-dev.txt \
-    pip3 install -r requirements-dev.txt
+    pip3 install -r requirements-dev.txt --break-system-packages
 
 HEALTHCHECK NONE
 

docker/main/build_nginx.sh

@@ -8,10 +8,16 @@ SECURE_TOKEN_MODULE_VERSION="1.5"
 SET_MISC_MODULE_VERSION="v0.33"
 NGX_DEVEL_KIT_VERSION="v0.3.3"
 
-cp /etc/apt/sources.list /etc/apt/sources.list.d/sources-src.list
-sed -i 's|deb http|deb-src http|g' /etc/apt/sources.list.d/sources-src.list
-apt-get update
+source /etc/os-release
 
+if [[ "$VERSION_ID" == "12" ]]; then
+    sed -i '/^Types:/s/deb/& deb-src/' /etc/apt/sources.list.d/debian.sources
+else
+    cp /etc/apt/sources.list /etc/apt/sources.list.d/sources-src.list
+    sed -i 's|deb http|deb-src http|g' /etc/apt/sources.list.d/sources-src.list
+fi
+
+apt-get update
 apt-get -yqq build-dep nginx
 
 apt-get -yqq install --no-install-recommends ca-certificates wget

docker/main/build_ov_model.py

@@ -4,7 +4,7 @@ from openvino.tools import mo
 ov_model = mo.convert_model(
     "/models/ssdlite_mobilenet_v2_coco_2018_05_09/frozen_inference_graph.pb",
     compress_to_fp16=True,
-    transformations_config="/usr/local/lib/python3.9/dist-packages/openvino/tools/mo/front/tf/ssd_v2_support.json",
+    transformations_config="/usr/local/lib/python3.11/dist-packages/openvino/tools/mo/front/tf/ssd_v2_support.json",
     tensorflow_object_detection_api_pipeline_config="/models/ssdlite_mobilenet_v2_coco_2018_05_09/pipeline.config",
     reverse_input_channels=True,
 )

docker/main/build_pysqlite3.sh

@@ -0,0 +1,35 @@
+#!/bin/bash
+
+set -euxo pipefail
+
+SQLITE3_VERSION="96c92aba00c8375bc32fafcdf12429c58bd8aabfcadab6683e35bbb9cdebf19e" # 3.46.0
+PYSQLITE3_VERSION="0.5.3"
+
+# Fetch the source code for the latest release of Sqlite.
+if [[ ! -d "sqlite" ]]; then
+  wget https://www.sqlite.org/src/tarball/sqlite.tar.gz?r=${SQLITE3_VERSION} -O sqlite.tar.gz
+  tar xzf sqlite.tar.gz
+  cd sqlite/
+  LIBS="-lm" ./configure --disable-tcl --enable-tempstore=always
+  make sqlite3.c
+  cd ../
+  rm sqlite.tar.gz
+fi
+
+# Grab the pysqlite3 source code.
+if [[ ! -d "./pysqlite3" ]]; then
+  git clone https://github.com/coleifer/pysqlite3.git
+fi
+
+cd pysqlite3/
+git checkout ${PYSQLITE3_VERSION}
+
+# Copy the sqlite3 source amalgamation into the pysqlite3 directory so we can
+# create a self-contained extension module.
+cp "../sqlite/sqlite3.c" ./
+cp "../sqlite/sqlite3.h" ./
+
+# Create the wheel and put it in the /wheels dir.
+sed -i "s|name='pysqlite3-binary'|name=PACKAGE_NAME|g" setup.py
+python3 setup.py build_static
+pip3 wheel . -w /wheels

docker/main/build_sqlite_vec.sh

@@ -0,0 +1,38 @@
+#!/bin/bash
+
+set -euxo pipefail
+
+SQLITE_VEC_VERSION="0.1.3"
+
+source /etc/os-release
+
+if [[ "$VERSION_ID" == "12" ]]; then
+    sed -i '/^Types:/s/deb/& deb-src/' /etc/apt/sources.list.d/debian.sources
+else
+    cp /etc/apt/sources.list /etc/apt/sources.list.d/sources-src.list
+    sed -i 's|deb http|deb-src http|g' /etc/apt/sources.list.d/sources-src.list
+fi
+
+apt-get update
+apt-get -yqq build-dep sqlite3 gettext git
+
+mkdir /tmp/sqlite_vec
+# Grab the sqlite_vec source code.
+wget -nv https://github.com/asg017/sqlite-vec/archive/refs/tags/v${SQLITE_VEC_VERSION}.tar.gz
+tar -zxf v${SQLITE_VEC_VERSION}.tar.gz -C /tmp/sqlite_vec
+
+cd /tmp/sqlite_vec/sqlite-vec-${SQLITE_VEC_VERSION}
+
+mkdir -p vendor
+wget -O sqlite-amalgamation.zip https://www.sqlite.org/2024/sqlite-amalgamation-3450300.zip
+unzip sqlite-amalgamation.zip
+mv sqlite-amalgamation-3450300/* vendor/
+rmdir sqlite-amalgamation-3450300
+rm sqlite-amalgamation.zip
+
+# build loadable module
+make loadable
+
+# install it
+cp dist/vec0.* /usr/local/lib
+

docker/main/install_deps.sh

@@ -8,70 +8,94 @@ apt-get -qq install --no-install-recommends -y \
     apt-transport-https \
     gnupg \
     wget \
+    lbzip2 \
     procps vainfo \
     unzip locales tzdata libxml2 xz-utils \
-    python3.9 \
+    python3 \
     python3-pip \
     curl \
+    lsof \
     jq \
-    nethogs
-
-# ensure python3 defaults to python3.9
-update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.9 1
+    nethogs \
+    libgl1 \
+    libglib2.0-0 \
+    libusb-1.0.0
 
 mkdir -p -m 600 /root/.gnupg
 
-# add coral repo
-curl -fsSLo - https://packages.cloud.google.com/apt/doc/apt-key.gpg | \
-    gpg --dearmor -o /etc/apt/trusted.gpg.d/google-cloud-packages-archive-keyring.gpg
-echo "deb https://packages.cloud.google.com/apt coral-edgetpu-stable main" | tee /etc/apt/sources.list.d/coral-edgetpu.list
-echo "libedgetpu1-max libedgetpu/accepted-eula select true" | debconf-set-selections
+# install coral runtime
+wget -q -O /tmp/libedgetpu1-max.deb "https://github.com/feranick/libedgetpu/releases/download/16.0TF2.17.0-1/libedgetpu1-max_16.0tf2.17.0-1.bookworm_${TARGETARCH}.deb"
+unset DEBIAN_FRONTEND
+yes | dpkg -i /tmp/libedgetpu1-max.deb && export DEBIAN_FRONTEND=noninteractive
+rm /tmp/libedgetpu1-max.deb
 
-# enable non-free repo in Debian
-if grep -q "Debian" /etc/issue; then
-    sed -i -e's/ main/ main contrib non-free/g' /etc/apt/sources.list
+# install python3 & tflite runtime
+if [[ "${TARGETARCH}" == "amd64" ]]; then
+    pip3 install --break-system-packages https://github.com/feranick/TFlite-builds/releases/download/v2.17.0/tflite_runtime-2.17.0-cp311-cp311-linux_x86_64.whl
+    pip3 install --break-system-packages https://github.com/feranick/pycoral/releases/download/2.0.2TF2.17.0/pycoral-2.0.2-cp311-cp311-linux_x86_64.whl
 fi
 
-# coral drivers
-apt-get -qq update
-apt-get -qq install --no-install-recommends --no-install-suggests -y \
-    libedgetpu1-max python3-tflite-runtime python3-pycoral
+if [[ "${TARGETARCH}" == "arm64" ]]; then
+    pip3 install --break-system-packages https://github.com/feranick/TFlite-builds/releases/download/v2.17.0/tflite_runtime-2.17.0-cp311-cp311-linux_aarch64.whl
+    pip3 install --break-system-packages https://github.com/feranick/pycoral/releases/download/2.0.2TF2.17.0/pycoral-2.0.2-cp311-cp311-linux_aarch64.whl
+fi
 
 # btbn-ffmpeg -> amd64
 if [[ "${TARGETARCH}" == "amd64" ]]; then
-    mkdir -p /usr/lib/btbn-ffmpeg
-    wget -qO btbn-ffmpeg.tar.xz "https://github.com/BtbN/FFmpeg-Builds/releases/download/autobuild-2022-07-31-12-37/ffmpeg-n5.1-2-g915ef932a3-linux64-gpl-5.1.tar.xz"
-    tar -xf btbn-ffmpeg.tar.xz -C /usr/lib/btbn-ffmpeg --strip-components 1
-    rm -rf btbn-ffmpeg.tar.xz /usr/lib/btbn-ffmpeg/doc /usr/lib/btbn-ffmpeg/bin/ffplay
+    mkdir -p /usr/lib/ffmpeg/5.0
+    mkdir -p /usr/lib/ffmpeg/7.0
+    wget -qO btbn-ffmpeg.tar.xz "https://github.com/NickM-27/FFmpeg-Builds/releases/download/autobuild-2022-07-31-12-37/ffmpeg-n5.1-2-g915ef932a3-linux64-gpl-5.1.tar.xz"
+    tar -xf btbn-ffmpeg.tar.xz -C /usr/lib/ffmpeg/5.0 --strip-components 1
+    rm -rf btbn-ffmpeg.tar.xz /usr/lib/ffmpeg/5.0/doc /usr/lib/ffmpeg/5.0/bin/ffplay
+    wget -qO btbn-ffmpeg.tar.xz "https://github.com/NickM-27/FFmpeg-Builds/releases/download/autobuild-2024-09-19-12-51/ffmpeg-n7.0.2-18-g3e6cec1286-linux64-gpl-7.0.tar.xz"
+    tar -xf btbn-ffmpeg.tar.xz -C /usr/lib/ffmpeg/7.0 --strip-components 1
+    rm -rf btbn-ffmpeg.tar.xz /usr/lib/ffmpeg/7.0/doc /usr/lib/ffmpeg/7.0/bin/ffplay
 fi
 
 # ffmpeg -> arm64
 if [[ "${TARGETARCH}" == "arm64" ]]; then
-    mkdir -p /usr/lib/btbn-ffmpeg
-    wget -qO btbn-ffmpeg.tar.xz "https://github.com/BtbN/FFmpeg-Builds/releases/download/autobuild-2022-07-31-12-37/ffmpeg-n5.1-2-g915ef932a3-linuxarm64-gpl-5.1.tar.xz"
-    tar -xf btbn-ffmpeg.tar.xz -C /usr/lib/btbn-ffmpeg --strip-components 1
-    rm -rf btbn-ffmpeg.tar.xz /usr/lib/btbn-ffmpeg/doc /usr/lib/btbn-ffmpeg/bin/ffplay
+    mkdir -p /usr/lib/ffmpeg/5.0
+    mkdir -p /usr/lib/ffmpeg/7.0
+    wget -qO btbn-ffmpeg.tar.xz "https://github.com/NickM-27/FFmpeg-Builds/releases/download/autobuild-2022-07-31-12-37/ffmpeg-n5.1-2-g915ef932a3-linuxarm64-gpl-5.1.tar.xz"
+    tar -xf btbn-ffmpeg.tar.xz -C /usr/lib/ffmpeg/5.0 --strip-components 1
+    rm -rf btbn-ffmpeg.tar.xz /usr/lib/ffmpeg/5.0/doc /usr/lib/ffmpeg/5.0/bin/ffplay
+    wget -qO btbn-ffmpeg.tar.xz "https://github.com/NickM-27/FFmpeg-Builds/releases/download/autobuild-2024-09-19-12-51/ffmpeg-n7.0.2-18-g3e6cec1286-linuxarm64-gpl-7.0.tar.xz"
+    tar -xf btbn-ffmpeg.tar.xz -C /usr/lib/ffmpeg/7.0 --strip-components 1
+    rm -rf btbn-ffmpeg.tar.xz /usr/lib/ffmpeg/7.0/doc /usr/lib/ffmpeg/7.0/bin/ffplay
 fi
 
 # arch specific packages
 if [[ "${TARGETARCH}" == "amd64" ]]; then
-    # use debian bookworm for hwaccel packages
-    echo 'deb https://deb.debian.org/debian bookworm main contrib non-free' >/etc/apt/sources.list.d/debian-bookworm.list
+    # install amd / intel-i965 driver packages
+    apt-get -qq install --no-install-recommends --no-install-suggests -y \
+        i965-va-driver intel-gpu-tools onevpl-tools \
+        libva-drm2 \
+        mesa-va-drivers radeontop
+
+    # intel packages use zst compression so we need to update dpkg
+    apt-get install -y dpkg
+
+    # use intel apt intel packages
+    wget -qO - https://repositories.intel.com/gpu/intel-graphics.key | gpg --yes --dearmor --output /usr/share/keyrings/intel-graphics.gpg
+    echo "deb [arch=amd64 signed-by=/usr/share/keyrings/intel-graphics.gpg] https://repositories.intel.com/gpu/ubuntu jammy client" | tee /etc/apt/sources.list.d/intel-gpu-jammy.list
     apt-get -qq update
     apt-get -qq install --no-install-recommends --no-install-suggests -y \
-        intel-opencl-icd \
-        mesa-va-drivers radeontop libva-drm2 intel-media-va-driver-non-free i965-va-driver libmfx1 intel-gpu-tools
-    # something about this dependency requires it to be installed in a separate call rather than in the line above
-    apt-get -qq install --no-install-recommends --no-install-suggests -y \
-        i965-va-driver-shaders
-    rm -f /etc/apt/sources.list.d/debian-bookworm.list
+        intel-opencl-icd=24.35.30872.31-996~22.04 intel-level-zero-gpu=1.3.29735.27-914~22.04 intel-media-va-driver-non-free=24.3.3-996~22.04 \
+        libmfx1=23.2.2-880~22.04 libmfxgen1=24.2.4-914~22.04 libvpl2=1:2.13.0.0-996~22.04
+
+    rm -f /usr/share/keyrings/intel-graphics.gpg
+    rm -f /etc/apt/sources.list.d/intel-gpu-jammy.list
 fi
 
 if [[ "${TARGETARCH}" == "arm64" ]]; then
     apt-get -qq install --no-install-recommends --no-install-suggests -y \
-        libva-drm2 mesa-va-drivers
+        libva-drm2 mesa-va-drivers radeontop
 fi
 
+# install vulkan
+apt-get -qq install --no-install-recommends --no-install-suggests -y \
+    libvulkan1 mesa-vulkan-drivers
+
 apt-get purge gnupg apt-transport-https xz-utils -y
 apt-get clean autoclean -y
 apt-get autoremove --purge -y

docker/main/install_hailort.sh

@@ -0,0 +1,14 @@
+#!/bin/bash
+
+set -euxo pipefail
+
+hailo_version="4.20.0"
+
+if [[ "${TARGETARCH}" == "amd64" ]]; then
+    arch="x86_64"
+elif [[ "${TARGETARCH}" == "arm64" ]]; then
+    arch="aarch64"
+fi
+
+wget -qO- "https://github.com/frigate-nvr/hailort/releases/download/v${hailo_version}/hailort-${TARGETARCH}.tar.gz" | tar -C / -xzf -
+wget -P /wheels/ "https://github.com/frigate-nvr/hailort/releases/download/v${hailo_version}/hailort-${hailo_version}-cp311-cp311-linux_${arch}.whl"

docker/main/install_tempio.sh

@@ -0,0 +1,16 @@
+#!/bin/bash
+
+set -euxo pipefail
+
+tempio_version="2021.09.0"
+
+if [[ "${TARGETARCH}" == "amd64" ]]; then
+    arch="amd64"
+elif [[ "${TARGETARCH}" == "arm64" ]]; then
+    arch="aarch64"
+fi
+
+mkdir -p /rootfs/usr/local/tempio/bin
+
+wget -q -O /rootfs/usr/local/tempio/bin/tempio "https://github.com/home-assistant/tempio/releases/download/${tempio_version}/tempio_${arch}"
+chmod 755 /rootfs/usr/local/tempio/bin/tempio

docker/main/requirements-wheels.txt

@@ -1,33 +1,70 @@
+aiofiles == 24.1.*
 click == 8.1.*
-Flask == 3.0.*
-Flask_Limiter == 3.7.*
+# FastAPI
+aiohttp == 3.11.2
+starlette == 0.41.2
+starlette-context == 0.3.6
+fastapi == 0.115.*
+uvicorn == 0.30.*
+slowapi == 0.1.*
 imutils == 0.5.*
-joserfc == 0.10.*
+joserfc == 1.0.*
+pathvalidate == 3.2.*
 markupsafe == 2.1.*
-matplotlib == 3.8.*
+python-multipart == 0.0.12
+# General
 mypy == 1.6.1
-numpy == 1.26.*
-onvif_zeep == 0.2.12
-opencv-python-headless == 4.9.0.*
+onvif-zeep-async == 3.1.*
 paho-mqtt == 2.1.*
 pandas == 2.2.*
 peewee == 3.17.*
-peewee_migrate == 1.12.*
-psutil == 5.9.*
-pydantic == 2.7.*
+peewee_migrate == 1.13.*
+psutil == 6.1.*
+pydantic == 2.8.*
 git+https://github.com/fbcotter/py3nvml#egg=py3nvml
-PyYAML == 6.0.*
-pytz == 2024.1
-pyzmq == 26.0.*
+pytz == 2024.*
+pyzmq == 26.2.*
 ruamel.yaml == 0.18.*
 tzlocal == 5.2
-types-PyYAML == 6.0.*
 requests == 2.32.*
 types-requests == 2.32.*
-scipy == 1.13.*
 norfair == 2.2.*
 setproctitle == 1.3.*
 ws4py == 0.5.*
 unidecode == 1.3.*
-onnxruntime == 1.16.*
-openvino == 2024.1.*
+# Image Manipulation
+numpy == 1.26.*
+opencv-python-headless == 4.10.0.*
+opencv-contrib-python == 4.9.0.*
+scipy == 1.14.*
+# OpenVino & ONNX
+openvino == 2024.4.*
+onnxruntime-openvino == 1.20.* ; platform_machine == 'x86_64'
+onnxruntime == 1.20.* ; platform_machine == 'aarch64'
+# Embeddings
+transformers == 4.45.*
+# Generative AI
+google-generativeai == 0.8.*
+ollama == 0.3.*
+openai == 1.51.*
+# push notifications
+py-vapid == 1.9.*
+pywebpush == 2.0.*
+# alpr
+pyclipper == 1.3.*
+shapely == 2.0.*
+Levenshtein==0.26.*
+prometheus-client == 0.21.*
+# HailoRT Wheels
+appdirs==1.4.*
+argcomplete==2.0.*
+contextlib2==0.6.*
+distlib==0.3.*
+filelock==3.8.*
+future==0.18.*
+importlib-metadata==5.1.*
+importlib-resources==5.1.*
+netaddr==0.8.*
+netifaces==0.10.*
+verboselogs==1.7.*
+virtualenv==20.17.*

docker/main/requirements.txt

@@ -1,2 +1,2 @@
-scikit-build == 0.17.*
+scikit-build == 0.18.*
 nvidia-pyindex

docker/main/rootfs/etc/s6-overlay/s6-rc.d/certsync/run

@@ -10,16 +10,21 @@ echo "[INFO] Starting certsync..."
 
 lefile="/etc/letsencrypt/live/frigate/fullchain.pem"
 
+tls_enabled=`python3 /usr/local/nginx/get_tls_settings.py | jq -r .enabled`
 
 while true
 do
+    if [[ "$tls_enabled" == 'false' ]]; then
+        sleep 9999
+        continue
+    fi
 
     if [ ! -e $lefile ]
     then
         echo "[ERROR] TLS certificate does not exist: $lefile"
     fi
 
-    leprint=`openssl x509 -in $lefile -fingerprint -noout || echo 'failed'`
+    leprint=`openssl x509 -in $lefile -fingerprint -noout 2>&1 || echo 'failed'`
 
     case "$leprint" in
         *Fingerprint*)
@@ -29,7 +34,7 @@ do
             ;;
     esac
 
-    liveprint=`echo | openssl s_client -showcerts -connect 127.0.0.1:443 2>&1 | openssl x509 -fingerprint | grep -i fingerprint  || echo 'failed'`
+    liveprint=`echo | openssl s_client -showcerts -connect 127.0.0.1:8971 2>&1 | openssl x509 -fingerprint 2>&1 | grep -i fingerprint  || echo 'failed'`
 
     case "$liveprint" in
         *Fingerprint*)

docker/main/rootfs/etc/s6-overlay/s6-rc.d/frigate/run

@@ -16,8 +16,8 @@ function migrate_db_path() {
     if [[ -f "${config_file_yaml}" ]]; then
         config_file="${config_file_yaml}"
     elif [[ ! -f "${config_file}" ]]; then
-        echo "[ERROR] Frigate config file not found"
-        return 1
+        # Frigate will create the config file on startup
+        return 0
     fi
     unset config_file_yaml
 
@@ -42,10 +42,14 @@ function migrate_db_path() {
     fi
 }
 
+function set_libva_version() {
+    local ffmpeg_path=$(python3 /usr/local/ffmpeg/get_ffmpeg_path.py)
+    export LIBAVFORMAT_VERSION_MAJOR=$($ffmpeg_path -version | grep -Po "libavformat\W+\K\d+")
+}
+
 echo "[INFO] Preparing Frigate..."
 migrate_db_path
-export LIBAVFORMAT_VERSION_MAJOR=$(ffmpeg -version | grep -Po 'libavformat\W+\K\d+')
-
+set_libva_version
 echo "[INFO] Starting Frigate..."
 
 cd /opt/frigate || echo "[ERROR] Failed to change working directory to /opt/frigate"

docker/main/rootfs/etc/s6-overlay/s6-rc.d/go2rtc/run

@@ -43,7 +43,10 @@ function get_ip_and_port_from_supervisor() {
     export FRIGATE_GO2RTC_WEBRTC_CANDIDATE_INTERNAL="${ip_address}:${webrtc_port}"
 }
 
-export LIBAVFORMAT_VERSION_MAJOR=$(ffmpeg -version | grep -Po 'libavformat\W+\K\d+')
+function set_libva_version() {
+    local ffmpeg_path=$(python3 /usr/local/ffmpeg/get_ffmpeg_path.py)
+    export LIBAVFORMAT_VERSION_MAJOR=$($ffmpeg_path -version | grep -Po "libavformat\W+\K\d+")
+}
 
 if [[ -f "/dev/shm/go2rtc.yaml" ]]; then
     echo "[INFO] Removing stale config from last run..."
@@ -63,6 +66,8 @@ else
     echo "[WARNING] Unable to remove existing go2rtc config. Changes made to your frigate config file may not be recognized. Please remove the /dev/shm/go2rtc.yaml from your docker host manually."
 fi
 
+set_libva_version
+
 readonly config_path="/config"
 
 if [[ -x "${config_path}/go2rtc" ]]; then

docker/main/rootfs/etc/s6-overlay/s6-rc.d/nginx/run

@@ -8,16 +8,59 @@ set -o errexit -o nounset -o pipefail
 
 echo "[INFO] Starting NGINX..."
 
+# Taken from https://github.com/felipecrs/cgroup-scripts/commits/master/get_cpus.sh
+function get_cpus() {
+    local quota=""
+    local period=""
+
+    if [ -f /sys/fs/cgroup/cgroup.controllers ]; then
+        if [ -f /sys/fs/cgroup/cpu.max ]; then
+            read -r quota period </sys/fs/cgroup/cpu.max
+            if [ "$quota" = "max" ]; then
+                quota=""
+                period=""
+            fi
+        else
+            echo "[WARN] /sys/fs/cgroup/cpu.max not found. Falling back to /proc/cpuinfo." >&2
+        fi
+    else
+        if [ -f /sys/fs/cgroup/cpu/cpu.cfs_quota_us ] && [ -f /sys/fs/cgroup/cpu/cpu.cfs_period_us ]; then
+            quota=$(cat /sys/fs/cgroup/cpu/cpu.cfs_quota_us)
+            period=$(cat /sys/fs/cgroup/cpu/cpu.cfs_period_us)
+
+            if [ "$quota" = "-1" ]; then
+                quota=""
+                period=""
+            fi
+        else
+            echo "[WARN] /sys/fs/cgroup/cpu/cpu.cfs_quota_us or /sys/fs/cgroup/cpu/cpu.cfs_period_us not found. Falling back to /proc/cpuinfo." >&2
+        fi
+    fi
+
+    local cpus
+    if [ "${period}" != "0" ] && [ -n "${quota}" ] && [ -n "${period}" ]; then
+        cpus=$((quota / period))
+        if [ "$cpus" -eq 0 ]; then
+            cpus=1
+        fi
+    else
+        cpus=$(grep -c ^processor /proc/cpuinfo)
+    fi
+
+    printf '%s' "$cpus"
+}
+
 function set_worker_processes() {
     # Capture number of assigned CPUs to calculate worker processes
-    local proc_count
+    local cpus
 
-    if proc_count=$(nproc --all) && [[ $proc_count -gt 4 ]]; then
-        proc_count=4;
+    cpus=$(get_cpus)
+    if [[ "${cpus}" -gt 4 ]]; then
+        cpus=4
     fi
 
     # we need to catch any errors because sed will fail if user has bind mounted a custom nginx file
-    sed -i "s/worker_processes auto;/worker_processes ${proc_count};/" /usr/local/nginx/conf/nginx.conf || true
+    sed -i "s/worker_processes auto;/worker_processes ${cpus};/" /usr/local/nginx/conf/nginx.conf || true
 }
 
 set_worker_processes
@@ -33,9 +76,14 @@ if [ ! \( -f "$letsencrypt_path/privkey.pem" -a -f "$letsencrypt_path/fullchain.
     echo "[INFO] No TLS certificate found. Generating a self signed certificate..."
     openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 \
         -subj "/O=FRIGATE DEFAULT CERT/CN=*" \
-        -keyout "$letsencrypt_path/privkey.pem" -out "$letsencrypt_path/fullchain.pem"
+        -keyout "$letsencrypt_path/privkey.pem" -out "$letsencrypt_path/fullchain.pem" 2>/dev/null
 fi
 
+# build templates for optional TLS support
+python3 /usr/local/nginx/get_tls_settings.py | \
+    tempio  -template /usr/local/nginx/templates/listen.gotmpl \
+            -out /usr/local/nginx/conf/listen.conf
+
 # Replace the bash process with the NGINX process, redirecting stderr to stdout
 exec 2>&1
 exec \

docker/main/rootfs/labelmap/coco-80.txt

@@ -0,0 +1,80 @@
+0  person
+1  bicycle
+2  car
+3  motorcycle
+4  airplane
+5  car
+6  train
+7  car
+8  boat
+9  traffic light
+10  fire hydrant
+11  stop sign
+12  parking meter
+13  bench
+14  bird
+15  cat
+16  dog
+17  horse
+18  sheep
+19  cow
+20  elephant
+21  bear
+22  zebra
+23  giraffe
+24  backpack
+25  umbrella
+26  handbag
+27  tie
+28  suitcase
+29  frisbee
+30  skis
+31  snowboard
+32  sports ball
+33  kite
+34  baseball bat
+35  baseball glove
+36  skateboard
+37  surfboard
+38  tennis racket
+39  bottle
+40  wine glass
+41  cup
+42  fork
+43  knife
+44  spoon
+45  bowl
+46  banana
+47  apple
+48  sandwich
+49  orange
+50  broccoli
+51  carrot
+52  hot dog
+53  pizza
+54  donut
+55  cake
+56  chair
+57  couch
+58  potted plant
+59  bed
+60  dining table
+61  toilet
+62  tv
+63  laptop
+64  mouse
+65  remote
+66  keyboard
+67  cell phone
+68  microwave
+69  oven
+70  toaster
+71  sink
+72  refrigerator
+73  book
+74  clock
+75  vase
+76  scissors
+77  teddy bear
+78  hair drier
+79  toothbrush

docker/main/rootfs/labelmap/coco.txt

@@ -0,0 +1,91 @@
+0  person
+1  bicycle
+2  car
+3  motorcycle
+4  airplane
+5  bus
+6  train
+7  car
+8  boat
+9  traffic light
+10  fire hydrant
+11  street sign
+12  stop sign
+13  parking meter
+14  bench
+15  bird
+16  cat
+17  dog
+18  horse
+19  sheep
+20  cow
+21  elephant
+22  bear
+23  zebra
+24  giraffe
+25  hat
+26  backpack
+27  umbrella
+28  shoe
+29  eye glasses
+30  handbag
+31  tie
+32  suitcase
+33  frisbee
+34  skis
+35  snowboard
+36  sports ball
+37  kite
+38  baseball bat
+39  baseball glove
+40  skateboard
+41  surfboard
+42  tennis racket
+43  bottle
+44  plate
+45  wine glass
+46  cup
+47  fork
+48  knife
+49  spoon
+50  bowl
+51  banana
+52  apple
+53  sandwich
+54  orange
+55  broccoli
+56  carrot
+57  hot dog
+58  pizza
+59  donut
+60  cake
+61  chair
+62  couch
+63  potted plant
+64  bed
+65  mirror
+66  dining table
+67  window
+68  desk
+69  toilet
+70  door
+71  tv
+72  laptop
+73  mouse
+74  remote
+75  keyboard
+76  cell phone
+77  microwave
+78  oven
+79  toaster
+80  sink
+81  refrigerator
+82  blender
+83  book
+84  clock
+85  vase
+86  scissors
+87  teddy bear
+88  hair drier
+89  toothbrush
+90  hair brush

docker/main/rootfs/usr/local/ffmpeg/get_ffmpeg_path.py

@@ -0,0 +1,45 @@
+import json
+import os
+import shutil
+import sys
+
+from ruamel.yaml import YAML
+
+sys.path.insert(0, "/opt/frigate")
+from frigate.const import (
+    DEFAULT_FFMPEG_VERSION,
+    INCLUDED_FFMPEG_VERSIONS,
+)
+
+sys.path.remove("/opt/frigate")
+
+yaml = YAML()
+
+config_file = os.environ.get("CONFIG_FILE", "/config/config.yml")
+
+# Check if we can use .yaml instead of .yml
+config_file_yaml = config_file.replace(".yml", ".yaml")
+if os.path.isfile(config_file_yaml):
+    config_file = config_file_yaml
+
+try:
+    with open(config_file) as f:
+        raw_config = f.read()
+
+    if config_file.endswith((".yaml", ".yml")):
+        config: dict[str, any] = yaml.load(raw_config)
+    elif config_file.endswith(".json"):
+        config: dict[str, any] = json.loads(raw_config)
+except FileNotFoundError:
+    config: dict[str, any] = {}
+
+path = config.get("ffmpeg", {}).get("path", "default")
+if path == "default":
+    if shutil.which("ffmpeg") is None:
+        print(f"/usr/lib/ffmpeg/{DEFAULT_FFMPEG_VERSION}/bin/ffmpeg")
+    else:
+        print("ffmpeg")
+elif path in INCLUDED_FFMPEG_VERSIONS:
+    print(f"/usr/lib/ffmpeg/{path}/bin/ffmpeg")
+else:
+    print(f"{path}/bin/ffmpeg")

docker/main/rootfs/usr/local/go2rtc/create_config.py

@@ -2,28 +2,32 @@
 
 import json
 import os
+import shutil
 import sys
 from pathlib import Path
 
-import yaml
+from ruamel.yaml import YAML
 
 sys.path.insert(0, "/opt/frigate")
-from frigate.const import BIRDSEYE_PIPE  # noqa: E402
-from frigate.ffmpeg_presets import (  # noqa: E402
-    parse_preset_hardware_acceleration_encode,
+from frigate.const import (
+    BIRDSEYE_PIPE,
+    DEFAULT_FFMPEG_VERSION,
+    INCLUDED_FFMPEG_VERSIONS,
 )
+from frigate.ffmpeg_presets import parse_preset_hardware_acceleration_encode
 
 sys.path.remove("/opt/frigate")
 
+yaml = YAML()
 
 FRIGATE_ENV_VARS = {k: v for k, v in os.environ.items() if k.startswith("FRIGATE_")}
 # read docker secret files as env vars too
 if os.path.isdir("/run/secrets"):
     for secret_file in os.listdir("/run/secrets"):
         if secret_file.startswith("FRIGATE_"):
-            FRIGATE_ENV_VARS[secret_file] = Path(
-                os.path.join("/run/secrets", secret_file)
-            ).read_text()
+            FRIGATE_ENV_VARS[secret_file] = (
+                Path(os.path.join("/run/secrets", secret_file)).read_text().strip()
+            )
 
 config_file = os.environ.get("CONFIG_FILE", "/config/config.yml")
 
@@ -37,7 +41,7 @@ try:
         raw_config = f.read()
 
     if config_file.endswith((".yaml", ".yml")):
-        config: dict[str, any] = yaml.safe_load(raw_config)
+        config: dict[str, any] = yaml.load(raw_config)
     elif config_file.endswith(".json"):
         config: dict[str, any] = json.loads(raw_config)
 except FileNotFoundError:
@@ -105,16 +109,32 @@ else:
             **FRIGATE_ENV_VARS
         )
 
+# ensure ffmpeg path is set correctly
+path = config.get("ffmpeg", {}).get("path", "default")
+if path == "default":
+    if shutil.which("ffmpeg") is None:
+        ffmpeg_path = f"/usr/lib/ffmpeg/{DEFAULT_FFMPEG_VERSION}/bin/ffmpeg"
+    else:
+        ffmpeg_path = "ffmpeg"
+elif path in INCLUDED_FFMPEG_VERSIONS:
+    ffmpeg_path = f"/usr/lib/ffmpeg/{path}/bin/ffmpeg"
+else:
+    ffmpeg_path = f"{path}/bin/ffmpeg"
+
+if go2rtc_config.get("ffmpeg") is None:
+    go2rtc_config["ffmpeg"] = {"bin": ffmpeg_path}
+elif go2rtc_config["ffmpeg"].get("bin") is None:
+    go2rtc_config["ffmpeg"]["bin"] = ffmpeg_path
+
 # need to replace ffmpeg command when using ffmpeg4
-if int(os.environ["LIBAVFORMAT_VERSION_MAJOR"]) < 59:
-    if go2rtc_config.get("ffmpeg") is None:
-        go2rtc_config["ffmpeg"] = {
-            "rtsp": "-fflags nobuffer -flags low_delay -stimeout 5000000 -user_agent go2rtc/ffmpeg -rtsp_transport tcp -i {input}"
-        }
-    elif go2rtc_config["ffmpeg"].get("rtsp") is None:
+if int(os.environ.get("LIBAVFORMAT_VERSION_MAJOR", "59") or "59") < 59:
+    if go2rtc_config["ffmpeg"].get("rtsp") is None:
         go2rtc_config["ffmpeg"]["rtsp"] = (
             "-fflags nobuffer -flags low_delay -stimeout 5000000 -user_agent go2rtc/ffmpeg -rtsp_transport tcp -i {input}"
         )
+else:
+    if go2rtc_config.get("ffmpeg") is None:
+        go2rtc_config["ffmpeg"] = {"path": ""}
 
 for name in go2rtc_config.get("streams", {}):
     stream = go2rtc_config["streams"][name]
@@ -145,7 +165,7 @@ if config.get("birdseye", {}).get("restream", False):
     birdseye: dict[str, any] = config.get("birdseye")
 
     input = f"-f rawvideo -pix_fmt yuv420p -video_size {birdseye.get('width', 1280)}x{birdseye.get('height', 720)} -r 10 -i {BIRDSEYE_PIPE}"
-    ffmpeg_cmd = f"exec:{parse_preset_hardware_acceleration_encode(config.get('ffmpeg', {}).get('hwaccel_args'), input, '-rtsp_transport tcp -f rtsp {output}')}"
+    ffmpeg_cmd = f"exec:{parse_preset_hardware_acceleration_encode(ffmpeg_path, config.get('ffmpeg', {}).get('hwaccel_args', ''), input, '-rtsp_transport tcp -f rtsp {output}')}"
 
     if go2rtc_config.get("streams"):
         go2rtc_config["streams"]["birdseye"] = ffmpeg_cmd

docker/main/rootfs/usr/local/nginx/conf/nginx.conf

@@ -59,20 +59,7 @@ http {
     include go2rtc_upstream.conf;
 
     server {
-        listen [::]:80 ipv6only=off default_server;
-
-        location / {
-            return 301 https://$host$request_uri;
-        }
-    }
-
-    server {
-        # intended for external traffic, protected by auth
-        listen [::]:8080 ipv6only=off;
-        # intended for internal traffic, not protected by auth
-        listen [::]:5000 ipv6only=off;
-
-        include tls.conf;
+        include listen.conf;
 
         # vod settings
         vod_base_url '';
@@ -94,6 +81,9 @@ http {
         open_file_cache_errors on;
         aio on;
 
+        # file upload size
+        client_max_body_size 10M;
+
         # https://github.com/kaltura/nginx-vod-module#vod_open_file_thread_pool
         vod_open_file_thread_pool default;
 
@@ -117,6 +107,16 @@ http {
 
             add_header Cache-Control "no-store";
             expires off;
+
+            keepalive_disable safari;
+
+            # vod module returns 502 for non-existent media
+            # https://github.com/kaltura/nginx-vod-module/issues/468
+            error_page 502 =404 /vod-not-found;
+        }
+
+        location = /vod-not-found {
+            return 404;
         }
 
         location /stream/ {
@@ -141,6 +141,8 @@ http {
                 image/jpeg jpg;
             }
 
+            expires 7d;
+            add_header Cache-Control "public";
             autoindex on;
             root /media/frigate;
         }
@@ -235,7 +237,7 @@ http {
 
         location ~* /api/.*\.(jpg|jpeg|png|webp|gif)$ {
             include auth_request.conf;
-            rewrite ^/api/(.*)$ $1 break;
+            rewrite ^/api/(.*)$ /$1 break;
             proxy_pass http://frigate_api;
             include proxy.conf;
         }

docker/main/rootfs/usr/local/nginx/conf/proxy_trusted_headers.conf

@@ -1,3 +1,6 @@
+# Header used to validate reverse proxy trust
+proxy_set_header X-Proxy-Secret $http_x_proxy_secret;
+
 # these headers will be copied to the /auth request and are available
 # to be mapped in the config to Frigate's remote-user header
 
@@ -19,4 +22,4 @@ proxy_set_header X-authentik-username $http_x_authentik_username;
 proxy_set_header X-authentik-groups $http_x_authentik_groups;
 proxy_set_header X-authentik-email $http_x_authentik_email;
 proxy_set_header X-authentik-name $http_x_authentik_name;
-proxy_set_header X-authentik-uid $http_x_authentik_uid;
+proxy_set_header X-authentik-uid $http_x_authentik_uid;

docker/main/rootfs/usr/local/nginx/get_tls_settings.py

@@ -0,0 +1,30 @@
+"""Prints the tls config as json to stdout."""
+
+import json
+import os
+
+from ruamel.yaml import YAML
+
+yaml = YAML()
+
+config_file = os.environ.get("CONFIG_FILE", "/config/config.yml")
+
+# Check if we can use .yaml instead of .yml
+config_file_yaml = config_file.replace(".yml", ".yaml")
+if os.path.isfile(config_file_yaml):
+    config_file = config_file_yaml
+
+try:
+    with open(config_file) as f:
+        raw_config = f.read()
+
+    if config_file.endswith((".yaml", ".yml")):
+        config: dict[str, any] = yaml.load(raw_config)
+    elif config_file.endswith(".json"):
+        config: dict[str, any] = json.loads(raw_config)
+except FileNotFoundError:
+    config: dict[str, any] = {}
+
+tls_config: dict[str, any] = config.get("tls", {"enabled": True})
+
+print(json.dumps(tls_config))

docker/main/rootfs/usr/local/nginx/templates/listen.gotmpl

@@ -1,5 +1,12 @@
-keepalive_timeout   70;
-listen [::]:443 ipv6only=off default_server ssl;
+# intended for internal traffic, not protected by auth
+listen 5000;
+
+{{ if not .enabled }}
+# intended for external traffic, protected by auth
+listen 8971;
+{{ else }}
+# intended for external traffic, protected by auth
+listen 8971 ssl;
 
 ssl_certificate /etc/letsencrypt/live/frigate/fullchain.pem;
 ssl_certificate_key /etc/letsencrypt/live/frigate/privkey.pem;
@@ -22,3 +29,5 @@ location /.well-known/acme-challenge/ {
     default_type "text/plain";
     root /etc/letsencrypt/www;
 }
+{{ end }}
+

docker/rockchip/COCO/coco_subset_20.txt

@@ -0,0 +1,20 @@
+./subset/000000005001.jpg
+./subset/000000038829.jpg
+./subset/000000052891.jpg
+./subset/000000075612.jpg
+./subset/000000098261.jpg
+./subset/000000181542.jpg
+./subset/000000215245.jpg
+./subset/000000277005.jpg
+./subset/000000288685.jpg
+./subset/000000301421.jpg
+./subset/000000334371.jpg
+./subset/000000348481.jpg
+./subset/000000373353.jpg
+./subset/000000397681.jpg
+./subset/000000414673.jpg
+./subset/000000419312.jpg
+./subset/000000465822.jpg
+./subset/000000475732.jpg
+./subset/000000559707.jpg
+./subset/000000574315.jpg

docker/rockchip/Dockerfile

@@ -7,20 +7,26 @@ FROM wheels as rk-wheels
 COPY docker/main/requirements-wheels.txt /requirements-wheels.txt
 COPY docker/rockchip/requirements-wheels-rk.txt /requirements-wheels-rk.txt
 RUN sed -i "/https:\/\//d" /requirements-wheels.txt
+RUN sed -i "/onnxruntime/d" /requirements-wheels.txt
+RUN python3 -m pip config set global.break-system-packages true
 RUN pip3 wheel --wheel-dir=/rk-wheels -c /requirements-wheels.txt -r /requirements-wheels-rk.txt
+RUN rm -rf /rk-wheels/opencv_python-*
 
 FROM deps AS rk-frigate
 ARG TARGETARCH
 
 RUN --mount=type=bind,from=rk-wheels,source=/rk-wheels,target=/deps/rk-wheels \
-    pip3 install -U /deps/rk-wheels/*.whl
+    pip3 install --no-deps -U /deps/rk-wheels/*.whl --break-system-packages
 
 WORKDIR /opt/frigate/
 COPY --from=rootfs / /
+COPY docker/rockchip/COCO /COCO
+COPY docker/rockchip/conv2rknn.py /opt/conv2rknn.py
 
-ADD https://github.com/MarcA711/rknn-toolkit2/releases/download/v2.0.0/librknnrt.so /usr/lib/
+ADD https://github.com/MarcA711/rknn-toolkit2/releases/download/v2.3.0/librknnrt.so /usr/lib/
 
 RUN rm -rf /usr/lib/btbn-ffmpeg/bin/ffmpeg
 RUN rm -rf /usr/lib/btbn-ffmpeg/bin/ffprobe
-ADD --chmod=111 https://github.com/MarcA711/Rockchip-FFmpeg-Builds/releases/download/6.1-3/ffmpeg /usr/lib/btbn-ffmpeg/bin/
-ADD --chmod=111 https://github.com/MarcA711/Rockchip-FFmpeg-Builds/releases/download/6.1-3/ffprobe /usr/lib/btbn-ffmpeg/bin/
+ADD --chmod=111 https://github.com/MarcA711/Rockchip-FFmpeg-Builds/releases/download/6.1-7/ffmpeg /usr/lib/ffmpeg/6.0/bin/
+ADD --chmod=111 https://github.com/MarcA711/Rockchip-FFmpeg-Builds/releases/download/6.1-7/ffprobe /usr/lib/ffmpeg/6.0/bin/
+ENV PATH="/usr/lib/ffmpeg/6.0/bin/:${PATH}"

docker/rockchip/conv2rknn.py

@@ -0,0 +1,82 @@
+import os
+
+import rknn
+import yaml
+from rknn.api import RKNN
+
+try:
+    with open(rknn.__path__[0] + "/VERSION") as file:
+        tk_version = file.read().strip()
+except FileNotFoundError:
+    pass
+
+try:
+    with open("/config/conv2rknn.yaml", "r") as config_file:
+        configuration = yaml.safe_load(config_file)
+except FileNotFoundError:
+    raise Exception("Please place a config.yaml file in /config/conv2rknn.yaml")
+
+if configuration["config"] != None:
+    rknn_config = configuration["config"]
+else:
+    rknn_config = {}
+
+if not os.path.isdir("/config/model_cache/rknn_cache/onnx"):
+    raise Exception(
+        "Place the onnx models you want to convert to rknn format in /config/model_cache/rknn_cache/onnx"
+    )
+
+if "soc" not in configuration:
+    try:
+        with open("/proc/device-tree/compatible") as file:
+            soc = file.read().split(",")[-1].strip("\x00")
+    except FileNotFoundError:
+        raise Exception("Make sure to run docker in privileged mode.")
+
+    configuration["soc"] = [
+        soc,
+    ]
+
+if "quantization" not in configuration:
+    configuration["quantization"] = False
+
+if "output_name" not in configuration:
+    configuration["output_name"] = "{{input_basename}}"
+
+for input_filename in os.listdir("/config/model_cache/rknn_cache/onnx"):
+    for soc in configuration["soc"]:
+        quant = "i8" if configuration["quantization"] else "fp16"
+
+        input_path = "/config/model_cache/rknn_cache/onnx/" + input_filename
+        input_basename = input_filename[: input_filename.rfind(".")]
+
+        output_filename = (
+            configuration["output_name"].format(
+                quant=quant,
+                input_basename=input_basename,
+                soc=soc,
+                tk_version=tk_version,
+            )
+            + ".rknn"
+        )
+        output_path = "/config/model_cache/rknn_cache/" + output_filename
+
+        rknn_config["target_platform"] = soc
+
+        rknn = RKNN(verbose=True)
+        rknn.config(**rknn_config)
+
+        if rknn.load_onnx(model=input_path) != 0:
+            raise Exception("Error loading model.")
+
+        if (
+            rknn.build(
+                do_quantization=configuration["quantization"],
+                dataset="/COCO/coco_subset_20.txt",
+            )
+            != 0
+        ):
+            raise Exception("Error building model.")
+
+        if rknn.export_rknn(output_path) != 0:
+            raise Exception("Error exporting rknn model.")

docker/rockchip/requirements-wheels-rk.txt

@@ -1 +1,2 @@
-rknn-toolkit-lite2 @ https://github.com/MarcA711/rknn-toolkit2/releases/download/v2.0.0/rknn_toolkit_lite2-2.0.0b0-cp39-cp39-linux_aarch64.whl
+rknn-toolkit2 == 2.3.0
+rknn-toolkit-lite2 == 2.3.0

docker/rockchip/rk.mk

@@ -1,10 +1,15 @@
 BOARDS += rk
 
 local-rk: version
-	docker buildx bake --load --file=docker/rockchip/rk.hcl --set rk.tags=frigate:latest-rk rk
+	docker buildx bake --file=docker/rockchip/rk.hcl rk \
+		--set rk.tags=frigate:latest-rk \
+		--load
 
 build-rk: version
-	docker buildx bake --file=docker/rockchip/rk.hcl --set rk.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rk rk
+	docker buildx bake --file=docker/rockchip/rk.hcl rk \
+		--set rk.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rk
 
 push-rk: build-rk
-	docker buildx bake --push --file=docker/rockchip/rk.hcl --set rk.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rk rk
+	docker buildx bake --file=docker/rockchip/rk.hcl rk \
+		--set rk.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rk \
+		--push

docker/rocm/Dockerfile

@@ -23,18 +23,18 @@ COPY docker/rocm/rocm-pin-600 /etc/apt/preferences.d/
 
 RUN apt-get update
 
-RUN apt-get -y install --no-install-recommends migraphx
+RUN apt-get -y install --no-install-recommends migraphx hipfft roctracer
 RUN apt-get -y install --no-install-recommends migraphx-dev
 
 RUN mkdir -p /opt/rocm-dist/opt/rocm-$ROCM/lib
-RUN cd /opt/rocm-$ROCM/lib && cp -dpr libMIOpen*.so* libamd*.so* libhip*.so* libhsa*.so* libmigraphx*.so* librocm*.so* librocblas*.so* /opt/rocm-dist/opt/rocm-$ROCM/lib/
+RUN cd /opt/rocm-$ROCM/lib && cp -dpr libMIOpen*.so* libamd*.so* libhip*.so* libhsa*.so* libmigraphx*.so* librocm*.so* librocblas*.so* libroctracer*.so* librocfft*.so* /opt/rocm-dist/opt/rocm-$ROCM/lib/
 RUN cd /opt/rocm-dist/opt/ && ln -s rocm-$ROCM rocm
 
 RUN mkdir -p /opt/rocm-dist/etc/ld.so.conf.d/
 RUN echo /opt/rocm/lib|tee /opt/rocm-dist/etc/ld.so.conf.d/rocm.conf
 
 #######################################################################
-FROM --platform=linux/amd64 debian:11 as debian-base
+FROM --platform=linux/amd64 debian:12 as debian-base
 
 RUN apt-get update && apt-get -y upgrade
 RUN apt-get -y install --no-install-recommends libelf1 libdrm2 libdrm-amdgpu1 libnuma1 kmod
@@ -51,7 +51,7 @@ COPY --from=rocm /opt/rocm-$ROCM /opt/rocm-$ROCM
 RUN ln -s /opt/rocm-$ROCM /opt/rocm
 
 RUN apt-get -y install g++ cmake
-RUN apt-get -y install python3-pybind11 python3.9-distutils python3-dev
+RUN apt-get -y install python3-pybind11 python3-distutils python3-dev
 
 WORKDIR /opt/build
 
@@ -69,7 +69,12 @@ RUN apt-get -y install libnuma1
 
 WORKDIR /opt/frigate/
 COPY --from=rootfs / /
-COPY docker/rocm/rootfs/ /
+
+# Temporarily disabled to see if a new wheel can be built to support py3.11
+#COPY docker/rocm/requirements-wheels-rocm.txt /requirements.txt
+#RUN python3 -m pip install --upgrade pip \
+#    && pip3 uninstall -y onnxruntime-openvino \
+#    && pip3 install -r /requirements.txt
 
 #######################################################################
 FROM scratch AS rocm-dist
@@ -79,14 +84,15 @@ ARG AMDGPU
 
 COPY --from=rocm /opt/rocm-$ROCM/bin/rocminfo /opt/rocm-$ROCM/bin/migraphx-driver /opt/rocm-$ROCM/bin/
 COPY --from=rocm /opt/rocm-$ROCM/share/miopen/db/*$AMDGPU* /opt/rocm-$ROCM/share/miopen/db/
+COPY --from=rocm /opt/rocm-$ROCM/share/miopen/db/*gfx908* /opt/rocm-$ROCM/share/miopen/db/
 COPY --from=rocm /opt/rocm-$ROCM/lib/rocblas/library/*$AMDGPU* /opt/rocm-$ROCM/lib/rocblas/library/
 COPY --from=rocm /opt/rocm-dist/ /
-COPY --from=debian-build /opt/rocm/lib/migraphx.cpython-39-x86_64-linux-gnu.so /opt/rocm-$ROCM/lib/
+COPY --from=debian-build /opt/rocm/lib/migraphx.cpython-311-x86_64-linux-gnu.so /opt/rocm-$ROCM/lib/
 
 #######################################################################
 FROM deps-prelim AS rocm-prelim-hsa-override0
-
-ENV HSA_ENABLE_SDMA=0
+\
+    ENV HSA_ENABLE_SDMA=0
 
 COPY --from=rocm-dist / /
 
@@ -101,6 +107,3 @@ ENV HSA_OVERRIDE_GFX_VERSION=$HSA_OVERRIDE_GFX_VERSION
 #######################################################################
 FROM rocm-prelim-hsa-override$HSA_OVERRIDE as rocm-deps
 
-# Request yolov8 download at startup
-ENV DOWNLOAD_YOLOV8=1
-

docker/rocm/requirements-wheels-rocm.txt

@@ -0,0 +1 @@
+onnxruntime-rocm @ https://github.com/NickM-27/frigate-onnxruntime-rocm/releases/download/v1.0.0/onnxruntime_rocm-1.17.3-cp39-cp39-linux_x86_64.whl

docker/rocm/rocm.mk

@@ -4,14 +4,50 @@ BOARDS += rocm
 ROCM_CHIPSETS:=gfx900:9.0.0 gfx1030:10.3.0 gfx1100:11.0.0
 
 local-rocm: version
-	$(foreach chipset,$(ROCM_CHIPSETS),AMDGPU=$(word 1,$(subst :, ,$(chipset))) HSA_OVERRIDE_GFX_VERSION=$(word 2,$(subst :, ,$(chipset))) HSA_OVERRIDE=1 docker buildx bake --load --file=docker/rocm/rocm.hcl --set rocm.tags=frigate:latest-rocm-$(word 1,$(subst :, ,$(chipset))) rocm;)
-	unset HSA_OVERRIDE_GFX_VERSION && HSA_OVERRIDE=0 AMDGPU=gfx docker buildx bake --load --file=docker/rocm/rocm.hcl --set rocm.tags=frigate:latest-rocm rocm
+	$(foreach chipset,$(ROCM_CHIPSETS), \
+		AMDGPU=$(word 1,$(subst :, ,$(chipset))) \
+		HSA_OVERRIDE_GFX_VERSION=$(word 2,$(subst :, ,$(chipset))) \
+		HSA_OVERRIDE=1 \
+		docker buildx bake --file=docker/rocm/rocm.hcl rocm \
+			--set rocm.tags=frigate:latest-rocm-$(word 1,$(subst :, ,$(chipset))) \
+			--load \
+	&&) true
+	
+	unset HSA_OVERRIDE_GFX_VERSION && \
+	HSA_OVERRIDE=0 \
+	AMDGPU=gfx \
+	docker buildx bake --file=docker/rocm/rocm.hcl rocm \
+		--set rocm.tags=frigate:latest-rocm \
+		--load
 
 build-rocm: version
-	$(foreach chipset,$(ROCM_CHIPSETS),AMDGPU=$(word 1,$(subst :, ,$(chipset))) HSA_OVERRIDE_GFX_VERSION=$(word 2,$(subst :, ,$(chipset))) HSA_OVERRIDE=1 docker buildx bake --file=docker/rocm/rocm.hcl --set rocm.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rocm-$(chipset) rocm;)
-	unset HSA_OVERRIDE_GFX_VERSION && HSA_OVERRIDE=0 AMDGPU=gfx docker buildx bake --file=docker/rocm/rocm.hcl --set rocm.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rocm rocm
+	$(foreach chipset,$(ROCM_CHIPSETS), \
+		AMDGPU=$(word 1,$(subst :, ,$(chipset))) \
+		HSA_OVERRIDE_GFX_VERSION=$(word 2,$(subst :, ,$(chipset))) \
+		HSA_OVERRIDE=1 \
+		docker buildx bake --file=docker/rocm/rocm.hcl rocm \
+			--set rocm.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rocm-$(chipset) \
+	&&) true
+
+	unset HSA_OVERRIDE_GFX_VERSION && \
+	HSA_OVERRIDE=0 \
+	AMDGPU=gfx \
+	docker buildx bake --file=docker/rocm/rocm.hcl rocm \
+		--set rocm.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rocm
 
 push-rocm: build-rocm
-	$(foreach chipset,$(ROCM_CHIPSETS),AMDGPU=$(word 1,$(subst :, ,$(chipset))) HSA_OVERRIDE_GFX_VERSION=$(word 2,$(subst :, ,$(chipset))) HSA_OVERRIDE=1 docker buildx bake --push --file=docker/rocm/rocm.hcl --set rocm.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rocm-$(chipset) rocm;)
-	unset HSA_OVERRIDE_GFX_VERSION && HSA_OVERRIDE=0 AMDGPU=gfx docker buildx bake --push --file=docker/rocm/rocm.hcl --set rocm.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rocm rocm
+	$(foreach chipset,$(ROCM_CHIPSETS), \
+		AMDGPU=$(word 1,$(subst :, ,$(chipset))) \
+		HSA_OVERRIDE_GFX_VERSION=$(word 2,$(subst :, ,$(chipset))) \
+		HSA_OVERRIDE=1 \
+		docker buildx bake --file=docker/rocm/rocm.hcl rocm \
+			--set rocm.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rocm-$(chipset) \
+			--push \
+	&&) true
 
+	unset HSA_OVERRIDE_GFX_VERSION && \
+	HSA_OVERRIDE=0 \
+	AMDGPU=gfx \
+	docker buildx bake --file=docker/rocm/rocm.hcl rocm \
+		--set rocm.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rocm \
+		--push

docker/rocm/rootfs/etc/s6-overlay/s6-rc.d/compile-rocm-models/run

@@ -1,20 +0,0 @@
-#!/command/with-contenv bash
-# shellcheck shell=bash
-# Compile YoloV8 ONNX files into ROCm MIGraphX files
-
-OVERRIDE=$(cd /opt/frigate && python3 -c 'import frigate.detectors.plugins.rocm as rocm; print(rocm.auto_override_gfx_version())')
-
-if ! test -z "$OVERRIDE"; then
-  echo "Using HSA_OVERRIDE_GFX_VERSION=${OVERRIDE}"
-  export HSA_OVERRIDE_GFX_VERSION=$OVERRIDE
-fi
-
-for onnx in /config/model_cache/yolov8/*.onnx
-do
-  mxr="${onnx%.onnx}.mxr"
-  if ! test -f $mxr; then
-    echo "processing $onnx into $mxr"
-    /opt/rocm/bin/migraphx-driver compile $onnx --optimize --gpu --enable-offload-copy --binary -o $mxr
-  fi
-done
-

docker/rocm/rootfs/etc/s6-overlay/s6-rc.d/compile-rocm-models/type

@@ -1 +0,0 @@
-oneshot

docker/rocm/rootfs/etc/s6-overlay/s6-rc.d/compile-rocm-models/up

@@ -1 +0,0 @@
-/etc/s6-overlay/s6-rc.d/compile-rocm-models/run

docker/rpi/install_deps.sh

@@ -18,13 +18,14 @@ apt-get -qq install --no-install-recommends -y \
 mkdir -p -m 600 /root/.gnupg
 
 # enable non-free repo
-sed -i -e's/ main/ main contrib non-free/g' /etc/apt/sources.list
+echo "deb http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware" | tee -a /etc/apt/sources.list
+apt update
 
 # ffmpeg -> arm64
 if [[ "${TARGETARCH}" == "arm64" ]]; then
     # add raspberry pi repo
     gpg --no-default-keyring --keyring /usr/share/keyrings/raspbian.gpg --keyserver keyserver.ubuntu.com --recv-keys 82B129927FA3303E
-    echo "deb [signed-by=/usr/share/keyrings/raspbian.gpg] https://archive.raspberrypi.org/debian/ bullseye main" | tee /etc/apt/sources.list.d/raspi.list
+    echo "deb [signed-by=/usr/share/keyrings/raspbian.gpg] https://archive.raspberrypi.org/debian/ bookworm main" | tee /etc/apt/sources.list.d/raspi.list
     apt-get -qq update
     apt-get -qq install --no-install-recommends --no-install-suggests -y ffmpeg
 fi

docker/rpi/rpi.mk

@@ -1,10 +1,15 @@
 BOARDS += rpi
 
 local-rpi: version
-	docker buildx bake --load --file=docker/rpi/rpi.hcl --set rpi.tags=frigate:latest-rpi rpi
+	docker buildx bake --file=docker/rpi/rpi.hcl rpi \
+		--set rpi.tags=frigate:latest-rpi \
+		--load
 
 build-rpi: version
-	docker buildx bake --file=docker/rpi/rpi.hcl --set rpi.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rpi rpi
+	docker buildx bake --file=docker/rpi/rpi.hcl rpi \
+		--set rpi.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rpi
 
 push-rpi: build-rpi
-	docker buildx bake --push --file=docker/rpi/rpi.hcl --set rpi.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rpi rpi
+	docker buildx bake --file=docker/rpi/rpi.hcl rpi \
+		--set rpi.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rpi \
+		--push

docker/tensorrt/Dockerfile.amd64

@@ -7,15 +7,17 @@ ARG DEBIAN_FRONTEND=noninteractive
 FROM wheels as trt-wheels
 ARG DEBIAN_FRONTEND
 ARG TARGETARCH
+RUN python3 -m pip config set global.break-system-packages true
 
 # Add TensorRT wheels to another folder
 COPY docker/tensorrt/requirements-amd64.txt /requirements-tensorrt.txt
 RUN mkdir -p /trt-wheels && pip3 wheel --wheel-dir=/trt-wheels -r /requirements-tensorrt.txt
 
 FROM tensorrt-base AS frigate-tensorrt
-ENV TRT_VER=8.5.3
+ENV TRT_VER=8.6.1
+RUN python3 -m pip config set global.break-system-packages true
 RUN --mount=type=bind,from=trt-wheels,source=/trt-wheels,target=/deps/trt-wheels \
-    pip3 install -U /deps/trt-wheels/*.whl && \
+    pip3 install -U /deps/trt-wheels/*.whl --break-system-packages && \
     ldconfig
 
 WORKDIR /opt/frigate/
@@ -26,7 +28,8 @@ FROM devcontainer AS devcontainer-trt
 
 COPY --from=trt-deps /usr/local/lib/libyolo_layer.so /usr/local/lib/libyolo_layer.so
 COPY --from=trt-deps /usr/local/src/tensorrt_demos /usr/local/src/tensorrt_demos
+COPY --from=trt-deps /usr/local/cuda-12.1 /usr/local/cuda
 COPY docker/tensorrt/detector/rootfs/ /
 COPY --from=trt-deps /usr/local/lib/libyolo_layer.so /usr/local/lib/libyolo_layer.so
 RUN --mount=type=bind,from=trt-wheels,source=/trt-wheels,target=/deps/trt-wheels \
-    pip3 install -U /deps/trt-wheels/*.whl
+    pip3 install -U /deps/trt-wheels/*.whl --break-system-packages

docker/tensorrt/Dockerfile.arm64

@@ -10,8 +10,8 @@ ARG DEBIAN_FRONTEND
 # Use a separate container to build wheels to prevent build dependencies in final image
 RUN apt-get -qq update \
     && apt-get -qq install -y --no-install-recommends \
-       python3.9 python3.9-dev \
-       wget build-essential cmake git \
+    python3.9 python3.9-dev \
+    wget build-essential cmake git \
     && rm -rf /var/lib/apt/lists/*
 
 # Ensure python3 defaults to python3.9
@@ -41,7 +41,11 @@ RUN --mount=type=bind,source=docker/tensorrt/detector/build_python_tensorrt.sh,t
     && TENSORRT_VER=$(cat /etc/TENSORRT_VER) /deps/build_python_tensorrt.sh
 
 COPY docker/tensorrt/requirements-arm64.txt /requirements-tensorrt.txt
-RUN pip3 wheel --wheel-dir=/trt-wheels -r /requirements-tensorrt.txt
+ADD https://nvidia.box.com/shared/static/psl23iw3bh7hlgku0mjo1xekxpego3e3.whl /tmp/onnxruntime_gpu-1.15.1-cp311-cp311-linux_aarch64.whl
+
+RUN pip3 uninstall -y onnxruntime-openvino \
+    && pip3 wheel --wheel-dir=/trt-wheels -r /requirements-tensorrt.txt \
+    && pip3 install --no-deps /tmp/onnxruntime_gpu-1.15.1-cp311-cp311-linux_aarch64.whl
 
 FROM build-wheels AS trt-model-wheels
 ARG DEBIAN_FRONTEND

docker/tensorrt/Dockerfile.base

@@ -3,7 +3,7 @@
 # https://askubuntu.com/questions/972516/debian-frontend-environment-variable
 ARG DEBIAN_FRONTEND=noninteractive
 
-ARG TRT_BASE=nvcr.io/nvidia/tensorrt:23.03-py3
+ARG TRT_BASE=nvcr.io/nvidia/tensorrt:23.12-py3
 
 # Build TensorRT-specific library
 FROM ${TRT_BASE} AS trt-deps
@@ -24,8 +24,9 @@ ENV S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0
 
 COPY --from=trt-deps /usr/local/lib/libyolo_layer.so /usr/local/lib/libyolo_layer.so
 COPY --from=trt-deps /usr/local/src/tensorrt_demos /usr/local/src/tensorrt_demos
+COPY --from=trt-deps /usr/local/cuda-12.* /usr/local/cuda
 COPY docker/tensorrt/detector/rootfs/ /
-ENV YOLO_MODELS="yolov7-320"
+ENV YOLO_MODELS=""
 
 HEALTHCHECK --start-period=600s --start-interval=5s --interval=15s --timeout=5s --retries=3 \
     CMD curl --fail --silent --show-error http://127.0.0.1:5000/api/version || exit 1

docker/tensorrt/detector/rootfs/etc/ld.so.conf.d/cuda_tensorrt.conf

@@ -1,6 +1,8 @@
 /usr/local/lib
-/usr/local/lib/python3.9/dist-packages/nvidia/cudnn/lib
-/usr/local/lib/python3.9/dist-packages/nvidia/cuda_runtime/lib
-/usr/local/lib/python3.9/dist-packages/nvidia/cublas/lib
-/usr/local/lib/python3.9/dist-packages/nvidia/cuda_nvrtc/lib
-/usr/local/lib/python3.9/dist-packages/tensorrt
+/usr/local/cuda/lib64
+/usr/local/lib/python3.11/dist-packages/nvidia/cudnn/lib
+/usr/local/lib/python3.11/dist-packages/nvidia/cuda_runtime/lib
+/usr/local/lib/python3.11/dist-packages/nvidia/cublas/lib
+/usr/local/lib/python3.11/dist-packages/nvidia/cuda_nvrtc/lib
+/usr/local/lib/python3.11/dist-packages/tensorrt
+/usr/local/lib/python3.11/dist-packages/nvidia/cufft/lib

docker/tensorrt/detector/rootfs/etc/s6-overlay/s6-rc.d/trt-model-prepare/run

@@ -11,6 +11,7 @@ set -o errexit -o nounset -o pipefail
 MODEL_CACHE_DIR=${MODEL_CACHE_DIR:-"/config/model_cache/tensorrt"}
 TRT_VER=${TRT_VER:-$(cat /etc/TENSORRT_VER)}
 OUTPUT_FOLDER="${MODEL_CACHE_DIR}/${TRT_VER}"
+YOLO_MODELS=${YOLO_MODELS:-""}
 
 # Create output folder
 mkdir -p ${OUTPUT_FOLDER}
@@ -19,6 +20,11 @@ FIRST_MODEL=true
 MODEL_DOWNLOAD=""
 MODEL_CONVERT=""
 
+if [ -z "$YOLO_MODELS"]; then
+    echo "tensorrt model preparation disabled"
+    exit 0
+fi
+
 for model in ${YOLO_MODELS//,/ }
 do
     # Remove old link in case path/version changed

docker/tensorrt/requirements-amd64.txt

@@ -1,12 +1,14 @@
 # NVidia TensorRT Support (amd64 only)
 --extra-index-url 'https://pypi.nvidia.com'
 numpy < 1.24; platform_machine == 'x86_64'
-tensorrt == 8.5.3.*; platform_machine == 'x86_64'
-cuda-python == 11.8; platform_machine == 'x86_64'
-cython == 0.29.*; platform_machine == 'x86_64'
+tensorrt == 8.6.1.*; platform_machine == 'x86_64'
+cuda-python == 11.8.*; platform_machine == 'x86_64'
+cython == 3.0.*; platform_machine == 'x86_64'
 nvidia-cuda-runtime-cu12 == 12.1.*; platform_machine == 'x86_64'
 nvidia-cuda-runtime-cu11 == 11.8.*; platform_machine == 'x86_64'
 nvidia-cublas-cu11 == 11.11.3.6; platform_machine == 'x86_64'
-nvidia-cudnn-cu11 == 8.6.0.*; platform_machine == 'x86_64'
-onnx==1.14.0; platform_machine == 'x86_64'
-protobuf==3.20.3; platform_machine == 'x86_64'
+nvidia-cudnn-cu12 == 9.5.0.*; platform_machine == 'x86_64'
+nvidia-cufft-cu11==10.*; platform_machine == 'x86_64'
+onnx==1.16.*; platform_machine == 'x86_64'
+onnxruntime-gpu==1.20.*; platform_machine == 'x86_64'
+protobuf==3.20.3; platform_machine == 'x86_64'

docker/tensorrt/requirements-arm64.txt

@@ -1 +1 @@
-cuda-python == 11.7; platform_machine == 'aarch64'
+cuda-python == 11.7; platform_machine == 'aarch64'

docker/tensorrt/trt.mk

@@ -7,20 +7,35 @@ JETPACK4_ARGS := ARCH=arm64 BASE_IMAGE=$(JETPACK4_BASE) SLIM_BASE=$(JETPACK4_BAS
 JETPACK5_ARGS := ARCH=arm64 BASE_IMAGE=$(JETPACK5_BASE) SLIM_BASE=$(JETPACK5_BASE) TRT_BASE=$(JETPACK5_BASE)
 
 local-trt: version
-	$(X86_DGPU_ARGS) docker buildx bake --load --file=docker/tensorrt/trt.hcl --set tensorrt.tags=frigate:latest-tensorrt tensorrt
+	$(X86_DGPU_ARGS) docker buildx bake --file=docker/tensorrt/trt.hcl tensorrt \
+		--set tensorrt.tags=frigate:latest-tensorrt \
+		--load
 
 local-trt-jp4: version
-	$(JETPACK4_ARGS) docker buildx bake --load --file=docker/tensorrt/trt.hcl --set tensorrt.tags=frigate:latest-tensorrt-jp4 tensorrt
+	$(JETPACK4_ARGS) docker buildx bake --file=docker/tensorrt/trt.hcl tensorrt \
+		--set tensorrt.tags=frigate:latest-tensorrt-jp4 \
+		--load
 
 local-trt-jp5: version
-	$(JETPACK5_ARGS) docker buildx bake --load --file=docker/tensorrt/trt.hcl --set tensorrt.tags=frigate:latest-tensorrt-jp5 tensorrt
+	$(JETPACK5_ARGS) docker buildx bake --file=docker/tensorrt/trt.hcl tensorrt \
+		--set tensorrt.tags=frigate:latest-tensorrt-jp5 \
+		--load
 
 build-trt:
-	$(X86_DGPU_ARGS) docker buildx bake --file=docker/tensorrt/trt.hcl --set tensorrt.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-tensorrt tensorrt
-	$(JETPACK4_ARGS) docker buildx bake --file=docker/tensorrt/trt.hcl --set tensorrt.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-tensorrt-jp4 tensorrt
-	$(JETPACK5_ARGS) docker buildx bake --file=docker/tensorrt/trt.hcl --set tensorrt.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-tensorrt-jp5 tensorrt
+	$(X86_DGPU_ARGS) docker buildx bake --file=docker/tensorrt/trt.hcl tensorrt \
+		--set tensorrt.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-tensorrt
+	$(JETPACK4_ARGS) docker buildx bake --file=docker/tensorrt/trt.hcl tensorrt \
+		--set tensorrt.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-tensorrt-jp4
+	$(JETPACK5_ARGS) docker buildx bake --file=docker/tensorrt/trt.hcl tensorrt \
+		--set tensorrt.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-tensorrt-jp5
 
 push-trt: build-trt
-	$(X86_DGPU_ARGS) docker buildx bake --push --file=docker/tensorrt/trt.hcl --set tensorrt.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-tensorrt tensorrt
-	$(JETPACK4_ARGS) docker buildx bake --push --file=docker/tensorrt/trt.hcl --set tensorrt.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-tensorrt-jp4 tensorrt
-	$(JETPACK5_ARGS) docker buildx bake --push --file=docker/tensorrt/trt.hcl --set tensorrt.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-tensorrt-jp5 tensorrt
+	$(X86_DGPU_ARGS) docker buildx bake --file=docker/tensorrt/trt.hcl tensorrt \
+		--set tensorrt.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-tensorrt \
+		--push
+	$(JETPACK4_ARGS) docker buildx bake --file=docker/tensorrt/trt.hcl tensorrt \
+		--set tensorrt.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-tensorrt-jp4 \
+		--push
+	$(JETPACK5_ARGS) docker buildx bake --file=docker/tensorrt/trt.hcl tensorrt \
+		--set tensorrt.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-tensorrt-jp5 \
+		--push

docs/README.md

@@ -1,5 +1,10 @@
 # Website
 
-This website is built using [Docusaurus 2](https://v2.docusaurus.io/), a modern static website generator.
+This website is built using [Docusaurus 3.5](https://docusaurus.io/docs), a modern static website generator.
 
 For installation and contributing instructions, please follow the [Contributing Docs](https://docs.frigate.video/development/contributing).
+
+# Development
+
+1. Run `npm i` to install dependencies
+2. Run `npm run start` to start the website

docs/docs/configuration/advanced.md

@@ -4,7 +4,9 @@ title: Advanced Options
 sidebar_label: Advanced Options
 ---
 
-### `logger`
+### Logging
+
+#### Frigate `logger`
 
 Change the default log level for troubleshooting purposes.
 
@@ -28,6 +30,18 @@ Examples of available modules are:
 - `watchdog.<camera_name>`
 - `ffmpeg.<camera_name>.<sorted_roles>` NOTE: All FFmpeg logs are sent as `error` level.
 
+#### Go2RTC Logging
+
+See [the go2rtc docs](https://github.com/AlexxIT/go2rtc?tab=readme-ov-file#module-log) for logging configuration
+
+```yaml
+go2rtc:
+  streams:
+    ...
+  log:
+    exec: trace
+```
+
 ### `environment_vars`
 
 This section can be used to set environment variables for those unable to modify the environment of the container (ie. within HassOS)
@@ -41,7 +55,7 @@ environment_vars:
 
 ### `database`
 
-Event and recording information is managed in a sqlite database at `/config/frigate.db`. If that database is deleted, recordings will be orphaned and will need to be cleaned up manually. They also won't show up in the Media Browser within Home Assistant.
+Tracked object and recording information is managed in a sqlite database at `/config/frigate.db`. If that database is deleted, recordings will be orphaned and will need to be cleaned up manually. They also won't show up in the Media Browser within Home Assistant.
 
 If you are storing your database on a network share (SMB, NFS, etc), you may get a `database is locked` error message on startup. You can customize the location of the database in the config if necessary.
 
@@ -80,6 +94,14 @@ model:
   input_pixel_format: "bgr"
 ```
 
+#### `labelmap`
+
+:::warning
+
+If the labelmap is customized then the labels used for alerts will need to be adjusted as well. See [alert labels](../configuration/review.md#restricting-alerts-to-specific-labels) for more info.
+
+:::
+
 The labelmap can be customized to your needs. A common reason to do this is to combine multiple object types that are easily confused when you don't need to be as granular such as car/truck. By default, truck is renamed to car because they are often confused. You cannot add new object types, but you can change the names of existing objects in the model.
 
 ```yaml
@@ -106,19 +128,65 @@ Some labels have special handling and modifications can disable functionality.
 
 :::
 
-## Custom ffmpeg build
+## Network Configuration
 
-Included with Frigate is a build of ffmpeg that works for the vast majority of users. However, there exists some hardware setups which have incompatibilities with the included build. In this case, a docker volume mapping can be used to overwrite the included ffmpeg build with an ffmpeg build that works for your specific hardware setup.
+Changes to Frigate's internal network configuration can be made by bind mounting nginx.conf into the container. For example:
+
+```yaml
+services:
+  frigate:
+    container_name: frigate
+    ...
+    volumes:
+      ...
+      - /path/to/your/nginx.conf:/usr/local/nginx/conf/nginx.conf
+```
+
+### Enabling IPv6
+
+IPv6 is disabled by default, to enable IPv6 listen.gotmpl needs to be bind mounted with IPv6 enabled. For example:
+
+```
+{{ if not .enabled }}
+# intended for external traffic, protected by auth
+listen 8971;
+{{ else }}
+# intended for external traffic, protected by auth
+listen 8971 ssl;
+
+# intended for internal traffic, not protected by auth
+listen 5000;
+```
+
+becomes
+
+```
+{{ if not .enabled }}
+# intended for external traffic, protected by auth
+listen [::]:8971 ipv6only=off;
+{{ else }}
+# intended for external traffic, protected by auth
+listen [::]:8971 ipv6only=off ssl;
+
+# intended for internal traffic, not protected by auth
+listen [::]:5000 ipv6only=off;
+```
+
+## Custom Dependencies
+
+### Custom ffmpeg build
+
+Included with Frigate is a build of ffmpeg that works for the vast majority of users. However, there exists some hardware setups which have incompatibilities with the included build. In this case, statically built ffmpeg binary can be downloaded to /config and used.
 
 To do this:
 
-1. Download your ffmpeg build and uncompress to a folder on the host (let's use `/home/appdata/frigate/custom-ffmpeg` for this example).
+1. Download your ffmpeg build and uncompress to the Frigate config folder.
 2. Update your docker-compose or docker CLI to include `'/home/appdata/frigate/custom-ffmpeg':'/usr/lib/btbn-ffmpeg':'ro'` in the volume mappings.
 3. Restart Frigate and the custom version will be used if the mapping was done correctly.
 
-NOTE: The folder that is mapped from the host needs to be the folder that contains `/bin`. So if the full structure is `/home/appdata/frigate/custom-ffmpeg/bin/ffmpeg` then `/home/appdata/frigate/custom-ffmpeg` needs to be mapped to `/usr/lib/btbn-ffmpeg`.
+NOTE: The folder that is set for the config needs to be the folder that contains `/bin`. So if the full structure is `/home/appdata/frigate/custom-ffmpeg/bin/ffmpeg` then the `ffmpeg -> path` field should be `/config/custom-ffmpeg/bin`.
 
-## Custom go2rtc version
+### Custom go2rtc version
 
 Frigate currently includes go2rtc v1.9.2, there may be certain cases where you want to run a different version of go2rtc.
 
@@ -129,22 +197,22 @@ To do this:
 3. Give `go2rtc` execute permission.
 4. Restart Frigate and the custom version will be used, you can verify by checking go2rtc logs.
 
-## Validating your config.yaml file updates
+## Validating your config.yml file updates
 
 When frigate starts up, it checks whether your config file is valid, and if it is not, the process exits. To minimize interruptions when updating your config, you have three options -- you can edit the config via the WebUI which has built in validation, use the config API, or you can validate on the command line using the frigate docker container.
 
 ### Via API
 
-Frigate can accept a new configuration file as JSON at the `/config/save` endpoint. When updating the config this way, Frigate will validate the config before saving it, and return a `400` if the config is not valid.
+Frigate can accept a new configuration file as JSON at the `/api/config/save` endpoint. When updating the config this way, Frigate will validate the config before saving it, and return a `400` if the config is not valid.
 
 ```bash
-curl -X POST http://frigate_host:5000/config/save -d @config.json
+curl -X POST http://frigate_host:5000/api/config/save -d @config.json
 ```
 
 if you'd like you can use your yaml config directly by using [`yq`](https://github.com/mikefarah/yq) to convert it to json:
 
 ```bash
-yq r -j config.yml | curl -X POST http://frigate_host:5000/config/save -d @-
+yq r -j config.yml | curl -X POST http://frigate_host:5000/api/config/save -d @-
 ```
 
 ### Via Command Line
@@ -157,5 +225,5 @@ docker run                                \
   --entrypoint python3                    \
   ghcr.io/blakeblackshear/frigate:stable  \
   -u -m frigate                           \
-  --validate_config
+  --validate-config
 ```

docs/docs/configuration/authentication.md

@@ -5,32 +5,33 @@ title: Authentication
 
 # Authentication
 
-## Modes
-
-Frigate supports two modes for authentication
-
-| Mode     | Description                                                                                                                                                                     |
-| -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| `native` | (default) Use this mode if you don't implement authentication with a proxy in front of Frigate.                                                                                 |
-| `proxy`  | Use this mode if you have an existing proxy for authentication. Supports passing authenticated user downstream to Frigate for role-based authorization (future implementation). |
-
-### Native mode
-
 Frigate stores user information in its database. Password hashes are generated using industry standard PBKDF2-SHA256 with 600,000 iterations. Upon successful login, a JWT token is issued with an expiration date and set as a cookie. The cookie is refreshed as needed automatically. This JWT token can also be passed in the Authorization header as a bearer token.
 
 Users are managed in the UI under Settings > Users.
 
-#### Onboarding
+The following ports are available to access the Frigate web UI.
+
+| Port   | Description                                                                                                                                                                                                  |
+| ------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
+| `8971` | Authenticated UI and API. Reverse proxies should use this port.                                                                                                                                              |
+| `5000` | Internal unauthenticated UI and API access. Access to this port should be limited. Intended to be used within the docker network for services that integrate with Frigate and do not support authentication. |
+
+## Onboarding
 
 On startup, an admin user and password are generated and printed in the logs. It is recommended to set a new password for the admin account after logging in for the first time under Settings > Users.
 
-#### Resetting admin password
+## Resetting admin password
 
 In the event that you are locked out of your instance, you can tell Frigate to reset the admin password and print it in the logs on next startup using the `reset_admin_password` setting in your config file.
 
-#### Login failure rate limiting
+```yaml
+auth:
+  reset_admin_password: true
+```
 
-In order to limit the risk of brute force attacks, rate limiting is available for login failures. This is implemented with Flask-Limiter, and the string notation for valid values is available in [the documentation](https://flask-limiter.readthedocs.io/en/stable/configuration.html#rate-limit-string-notation).
+## Login failure rate limiting
+
+In order to limit the risk of brute force attacks, rate limiting is available for login failures. This is implemented with SlowApi, and the string notation for valid values is available in [the documentation](https://limits.readthedocs.io/en/stable/quickstart.html#examples).
 
 For example, `1/second;5/minute;20/hour` will rate limit the login endpoint when failures occur more than:
 
@@ -46,13 +47,12 @@ If you are running a reverse proxy in the same docker compose file as Frigate, h
 
 ```yaml
 auth:
-  mode: native
   failed_login_rate_limit: "1/second;5/minute;20/hour"
   trusted_proxies:
     - 172.18.0.0/16 # <---- this is the subnet for the internal docker compose network
 ```
 
-#### JWT Token Secret
+## JWT Token Secret
 
 The JWT token secret needs to be kept secure. Anyone with this secret can generate valid JWT tokens to authenticate with Frigate. This should be a cryptographically random string of at least 64 characters.
 
@@ -73,16 +73,34 @@ If no secret is found on startup, Frigate generates one and stores it in a `.jwt
 
 Changing the secret will invalidate current tokens.
 
-### Proxy mode
+## Proxy configuration
 
-Proxy mode is designed to complement common upstream authentication proxies such as Authelia, Authentik, oauth2_proxy, or traefik-forward-auth.
+Frigate can be configured to leverage features of common upstream authentication proxies such as Authelia, Authentik, oauth2_proxy, or traefik-forward-auth.
 
-#### Header mapping
+If you are leveraging the authentication of an upstream proxy, you likely want to disable Frigate's authentication. Optionally, if communication between the reverse proxy and Frigate is over an untrusted network, you should set an `auth_secret` in the `proxy` config and configure the proxy to send the secret value as a header named `X-Proxy-Secret`. Assuming this is an untrusted network, you will also want to [configure a real TLS certificate](tls.md) to ensure the traffic can't simply be sniffed to steal the secret.
 
-If your proxy supports passing a header with the authenticated username, you can use the `header_map` config to specify the header name so it is passed to Frigate. For example, the following will map the `X-Forwarded-User` value. Header names are not case sensitive.
+Here is an example of how to disable Frigate's authentication and also ensure the requests come only from your known proxy.
 
 ```yaml
 auth:
+  enabled: False
+
+proxy:
+  auth_secret: <some random long string>
+```
+
+You can use the following code to generate a random secret.
+
+```shell
+python3 -c 'import secrets; print(secrets.token_hex(64))'
+```
+
+### Header mapping
+
+If you have disabled Frigate's authentication and your proxy supports passing a header with the authenticated username, you can use the `header_map` config to specify the header name so it is passed to Frigate. For example, the following will map the `X-Forwarded-User` value. Header names are not case sensitive.
+
+```yaml
+proxy:
   ...
   header_map:
     user: x-forwarded-user
@@ -110,10 +128,10 @@ If you would like to add more options, you can overwrite the default file with a
 
 Future versions of Frigate may leverage group and role headers for authorization in Frigate as well.
 
-#### Login page redirection
+### Login page redirection
 
 Frigate gracefully performs login page redirection that should work with most authentication proxies. If your reverse proxy returns a `Location` header on `401`, `302`, or `307` unauthorized responses, Frigate's frontend will automatically detect it and redirect to that URL.
 
-#### Custom logout url
+### Custom logout url
 
 If your reverse proxy has a dedicated logout url, you can specify using the `logout_url` config option. This will update the link for the `Logout` link in the UI.

docs/docs/configuration/autotracking.md

@@ -41,6 +41,7 @@ cameras:
     ...
     onvif:
       # Required: host of the camera being connected to.
+      # NOTE: HTTP is assumed by default; HTTPS is supported if you specify the scheme, ex: "https://0.0.0.0".
       host: 0.0.0.0
       # Optional: ONVIF port for device (default: shown below).
       port: 8000
@@ -49,6 +50,8 @@ cameras:
       user: admin
       # Optional: password for login.
       password: admin
+      # Optional: Skip TLS verification from the ONVIF server (default: shown below)
+      tls_insecure: False
       # Optional: PTZ camera object autotracking. Keeps a moving object in
       # the center of the frame by automatically moving the PTZ camera.
       autotracking:
@@ -164,3 +167,7 @@ To maintain object tracking during PTZ moves, Frigate tracks the motion of your
 ### Calibration seems to have completed, but the camera is not actually moving to track my object. Why?
 
 Some cameras have firmware that reports that FOV RelativeMove, the ONVIF command that Frigate uses for autotracking, is supported. However, if the camera does not pan or tilt when an object comes into the required zone, your camera's firmware does not actually support FOV RelativeMove. One such camera is the Uniview IPC672LR-AX4DUPK. It actually moves its zoom motor instead of panning and tilting and does not follow the ONVIF standard whatsoever.
+
+### Frigate reports an error saying that calibration has failed. Why?
+
+Calibration measures the amount of time it takes for Frigate to make a series of movements with your PTZ. This error message is recorded in the log if these values are too high for Frigate to support calibrated autotracking. This is often the case when your camera's motor or network connection is too slow or your camera's firmware doesn't report the motor status in a timely manner. You can try running without calibration (just remove the `movement_weights` line from your config and restart), but if calibration fails, this often means that autotracking will behave unpredictably.

docs/docs/configuration/camera_specific.md

@@ -9,6 +9,12 @@ This page makes use of presets of FFmpeg args. For more information on presets,
 
 :::
 
+:::note
+
+Many cameras support encoding options which greatly affect the live view experience, see the [Live view](/configuration/live) page for more info.
+
+:::
+
 ## MJPEG Cameras
 
 Note that mjpeg cameras require encoding the video into h264 for recording, and restream roles. This will use significantly more CPU than if the cameras supported h264 feeds directly. It is recommended to use the restream role to create an h264 restream and then use that as the source for ffmpeg.
@@ -16,7 +22,7 @@ Note that mjpeg cameras require encoding the video into h264 for recording, and
 ```yaml
 go2rtc:
   streams:
-    mjpeg_cam: "ffmpeg:{your_mjpeg_stream_url}#video=h264#hardware" # <- use hardware acceleration to create an h264 stream usable for other components.
+    mjpeg_cam: "ffmpeg:http://your_mjpeg_stream_url#video=h264#hardware" # <- use hardware acceleration to create an h264 stream usable for other components.
 
 cameras:
   ...
@@ -59,19 +65,32 @@ ffmpeg:
 
 ## Model/vendor specific setup
 
+### Amcrest & Dahua
+
+Amcrest & Dahua cameras should be connected to via RTSP using the following format:
+
+```
+rtsp://USERNAME:PASSWORD@CAMERA-IP/cam/realmonitor?channel=1&subtype=0 # this is the main stream
+rtsp://USERNAME:PASSWORD@CAMERA-IP/cam/realmonitor?channel=1&subtype=1 # this is the sub stream, typically supporting low resolutions only
+rtsp://USERNAME:PASSWORD@CAMERA-IP/cam/realmonitor?channel=1&subtype=2 # higher end cameras support a third stream with a mid resolution (1280x720, 1920x1080)
+rtsp://USERNAME:PASSWORD@CAMERA-IP/cam/realmonitor?channel=1&subtype=3 # new higher end cameras support a fourth stream with another mid resolution (1280x720, 1920x1080)
+
+```
+
 ### Annke C800
 
-This camera is H.265 only. To be able to play clips on some devices (like MacOs or iPhone) the H.265 stream has to be repackaged and the audio stream has to be converted to aac. Unfortunately direct playback of in the browser is not working (yet), but the downloaded clip can be played locally.
+This camera is H.265 only. To be able to play clips on some devices (like MacOs or iPhone) the H.265 stream has to be adjusted using the `apple_compatibility` config.
 
 ```yaml
 cameras:
   annkec800: # <------ Name the camera
     ffmpeg:
+      apple_compatibility: true # <- Adds compatibility with MacOS and iPhone
       output_args:
-        record: -f segment -segment_time 10 -segment_format mp4 -reset_timestamps 1 -strftime 1 -c:v copy -tag:v hvc1 -bsf:v hevc_mp4toannexb -c:a aac
+        record: preset-record-generic-audio-aac
 
       inputs:
-        - path: rtsp://user:password@camera-ip:554/H264/ch1/main/av_stream # <----- Update for your camera
+        - path: rtsp://USERNAME:PASSWORD@CAMERA-IP/H264/ch1/main/av_stream # <----- Update for your camera
           roles:
             - detect
             - record
@@ -89,6 +108,29 @@ ffmpeg:
   input_args: preset-rtsp-blue-iris
 ```
 
+### Hikvision Cameras
+
+Hikvision cameras should be connected to via RTSP using the following format:
+
+```
+rtsp://USERNAME:PASSWORD@CAMERA-IP/streaming/channels/101 # this is the main stream
+rtsp://USERNAME:PASSWORD@CAMERA-IP/streaming/channels/102 # this is the sub stream, typically supporting low resolutions only
+rtsp://USERNAME:PASSWORD@CAMERA-IP/streaming/channels/103 # higher end cameras support a third stream with a mid resolution (1280x720, 1920x1080)
+```
+
+:::note
+
+[Some users have reported](https://www.reddit.com/r/frigate_nvr/comments/1hg4ze7/hikvision_security_settings) that newer Hikvision cameras require adjustments to the security settings:
+
+```
+RTSP Authentication - digest/basic
+RTSP Digest Algorithm - MD5
+WEB Authentication - digest/basic
+WEB Digest Algorithm  - MD5
+```
+
+:::
+
 ### Reolink Cameras
 
 Reolink has older cameras (ex: 410 & 520) as well as newer camera (ex: 520a & 511wa) which support different subsets of options. In both cases using the http stream is recommended.
@@ -150,7 +192,9 @@ cameras:
 
 #### Reolink Doorbell
 
-The reolink doorbell supports 2-way audio via go2rtc and other applications. It is important that the http-flv stream is still used for stability, a secondary rtsp stream can be added that will be using for the two way audio only.
+The reolink doorbell supports two way audio via go2rtc and other applications. It is important that the http-flv stream is still used for stability, a secondary rtsp stream can be added that will be using for the two way audio only.
+
+Ensure HTTP is enabled in the camera's advanced network settings. To use two way talk with Frigate, see the [Live view documentation](/configuration/live#two-way-talk).
 
 ```yaml
 go2rtc:
@@ -187,4 +231,4 @@ ffmpeg:
 
 ### TP-Link VIGI Cameras
 
-TP-Link VIGI cameras need some adjustments to the main stream settings on the camera itself to avoid issues. The stream needs to be configured as `H264` with `Smart Coding` set to `off`. Without these settings you may have problems when trying to watch recorded events. For example Firefox will stop playback after a few seconds and show the following error message: `The media playback was aborted due to a corruption problem or because the media used features your browser did not support.`.
+TP-Link VIGI cameras need some adjustments to the main stream settings on the camera itself to avoid issues. The stream needs to be configured as `H264` with `Smart Coding` set to `off`. Without these settings you may have problems when trying to watch recorded footage. For example Firefox will stop playback after a few seconds and show the following error message: `The media playback was aborted due to a corruption problem or because the media used features your browser did not support.`.

docs/docs/configuration/cameras.md

@@ -7,7 +7,7 @@ title: Camera Configuration
 
 Several inputs can be configured for each camera and the role of each input can be mixed and matched based on your needs. This allows you to use a lower resolution stream for object detection, but create recordings from a higher resolution stream, or vice versa.
 
-A camera is enabled by default but can be temporarily disabled by using `enabled: False`. Existing events and recordings can still be accessed. Live streams, recording and detecting are not working. Camera specific configurations will be used.
+A camera is enabled by default but can be temporarily disabled by using `enabled: False`. Existing tracked objects and recordings can still be accessed. Live streams, recording and detecting are not working. Camera specific configurations will be used.
 
 Each role can only be assigned to one input per camera. The options for roles are as follows:
 
@@ -46,6 +46,14 @@ cameras:
   side: ...
 ```
 
+:::note
+
+If you only define one stream in your `inputs` and do not assign a `detect` role to it, Frigate will automatically assign it the `detect` role. Frigate will always decode a stream to support motion detection, Birdseye, the API image endpoints, and other features, even if you have disabled object detection with `enabled: False` in your config's `detect` section.
+
+If you plan to use Frigate for recording only, it is still recommended to define a `detect` role for a low resolution stream to minimize resource usage from the required stream decoding.
+
+:::
+
 For camera model specific settings check the [camera specific](camera_specific.md) infos.
 
 ## Setting up camera PTZ controls
@@ -71,33 +79,41 @@ cameras:
 
 If the ONVIF connection is successful, PTZ controls will be available in the camera's WebUI.
 
+:::tip
+
+If your ONVIF camera does not require authentication credentials, you may still need to specify an empty string for `user` and `password`, eg: `user: ""` and `password: ""`.
+
+:::
+
 An ONVIF-capable camera that supports relative movement within the field of view (FOV) can also be configured to automatically track moving objects and keep them in the center of the frame. For autotracking setup, see the [autotracking](autotracking.md) docs.
 
 ## ONVIF PTZ camera recommendations
 
 This list of working and non-working PTZ cameras is based on user feedback.
 
-| Brand or specific camera | PTZ Controls | Autotracking | Notes                                                                                                                                           |
-| ------------------------ | :----------: | :----------: | ----------------------------------------------------------------------------------------------------------------------------------------------- |
-| Amcrest                  |      ✅      |      ✅      | ⛔️ Generally, Amcrest should work, but some older models (like the common IP2M-841) don't support auto tracking                                  |
-| Amcrest ASH21            |      ❌      |      ❌      | No ONVIF support                                                                                                                                |
-| Ctronics PTZ             |      ✅      |      ❌      |                                                                                                                                                 |
-| Dahua                    |      ✅      |      ✅      |                                                                                                                                                 |
-| Foscam R5                |      ✅      |      ❌      |                                                                                                                                                 |
-| Hanwha XNP-6550RH        |      ✅      |      ❌      |                                                                                                                                                 |
-| Hikvision                |      ✅      |      ❌      | Incomplete ONVIF support (MoveStatus won't update even on latest firmware) - reported with HWP-N4215IH-DE and DS-2DE3304W-DE, but likely others |
-| Reolink 511WA            |      ✅      |      ❌      | Zoom only                                                                                                                                       |
-| Reolink E1 Pro           |      ✅      |      ❌      |                                                                                                                                                 |
-| Reolink E1 Zoom          |      ✅      |      ❌      |                                                                                                                                                 |
-| Reolink RLC-823A 16x     |      ✅      |      ❌      |                                                                                                                                                 |
-| Sunba 405-D20X           |      ✅      |      ❌      |                                                                                                                                                 |
-| Tapo C200                |      ✅      |      ❌      | Incomplete ONVIF support                                                                                                                        |
-| Tapo C210                |      ✅      |      ❌      | Incomplete ONVIF support, ONVIF Service Port: 2020                                                                                              |
-| Tapo C220                |      ✅      |      ❌      | Incomplete ONVIF support, ONVIF Service Port: 2020                                                                                              |
-| Tapo C225                |      ✅      |      ❌      | Incomplete ONVIF support, ONVIF Service Port: 2020                                                                                              |
-| Tapo C520WS              |      ✅      |      ❌      | Incomplete ONVIF support, ONVIF Service Port: 2020                                                                                              |
-| Uniview IPC672LR-AX4DUPK |      ✅      |      ❌      | Firmware says FOV relative movement is supported, but camera doesn't actually move when sending ONVIF commands                                  |
-| Vikylin PTZ-2804X-I2     |      ❌      |      ❌      | Incomplete ONVIF support                                                                                                                        |
+| Brand or specific camera     | PTZ Controls | Autotracking | Notes                                                                                                                                           |
+| ---------------------------- | :----------: | :----------: | ----------------------------------------------------------------------------------------------------------------------------------------------- |
+| Amcrest                      |      ✅      |      ✅      | ⛔️ Generally, Amcrest should work, but some older models (like the common IP2M-841) don't support autotracking                                 |
+| Amcrest ASH21                |      ✅      |      ❌      | ONVIF service port: 80                                                                                                                          |
+| Amcrest IP4M-S2112EW-AI      |      ✅      |      ❌      | FOV relative movement not supported.                                                                                                            |
+| Amcrest IP5M-1190EW          |      ✅      |      ❌      | ONVIF Port: 80. FOV relative movement not supported.                                                                                            |
+| Ctronics PTZ                 |      ✅      |      ❌      |                                                                                                                                                 |
+| Dahua                        |      ✅      |      ✅      |                                                                                                                                                 |
+| Dahua DH-SD2A500HB           |      ✅      |      ❌      |                                                                                                                                                 |
+| Foscam R5                    |      ✅      |      ❌      |                                                                                                                                                 |
+| Hanwha XNP-6550RH            |      ✅      |      ❌      |                                                                                                                                                 |
+| Hikvision                    |      ✅      |      ❌      | Incomplete ONVIF support (MoveStatus won't update even on latest firmware) - reported with HWP-N4215IH-DE and DS-2DE3304W-DE, but likely others |
+| Hikvision DS-2DE3A404IWG-E/W |      ✅      |      ✅      |                                                                                                                                                 |
+| Reolink 511WA                |      ✅      |      ❌      | Zoom only                                                                                                                                       |
+| Reolink E1 Pro               |      ✅      |      ❌      |                                                                                                                                                 |
+| Reolink E1 Zoom              |      ✅      |      ❌      |                                                                                                                                                 |
+| Reolink RLC-823A 16x         |      ✅      |      ❌      |                                                                                                                                                 |
+| Speco O8P32X                 |      ✅      |      ❌      |                                                                                                                                                 |
+| Sunba 405-D20X               |      ✅      |      ❌      | Incomplete ONVIF support reported on original, and 4k models. All models are suspected incompatable.                                            |
+| Tapo                         |      ✅      |      ❌      | Many models supported, ONVIF Service Port: 2020                                                                                                 |
+| Uniview IPC672LR-AX4DUPK     |      ✅      |      ❌      | Firmware says FOV relative movement is supported, but camera doesn't actually move when sending ONVIF commands                                  |
+| Uniview IPC6612SR-X33-VG     |      ✅      |      ✅      | Leave `calibrate_on_startup` as `False`. A user has reported that zooming with `absolute` is working.                                           |
+| Vikylin PTZ-2804X-I2         |      ❌      |      ❌      | Incomplete ONVIF support                                                                                                                        |
 
 ## Setting up camera groups
 
@@ -115,6 +131,6 @@ camera_groups:
     cameras:
       - driveway_cam
       - garage_cam
-    icon: car
+    icon: LuCar
     order: 0
 ```

docs/docs/configuration/face_recognition.md

@@ -0,0 +1,59 @@
+---
+id: face_recognition
+title: Face Recognition
+---
+
+Face recognition allows people to be assigned names and when their face is recognized Frigate will assign the person's name as a sub label. This information is included in the UI, filters, as well as in notifications.
+
+Frigate has support for FaceNet to create face embeddings, which runs locally. Embeddings are then saved to Frigate's database.
+
+## Minimum System Requirements
+
+Face recognition works by running a large AI model locally on your system. Systems without a GPU will not run Face Recognition reliably or at all.
+
+## Configuration
+
+Face recognition is disabled by default and requires semantic search to be enabled, face recognition must be enabled in your config file before it can be used. Semantic Search and face recognition are global configuration settings.
+
+```yaml
+face_recognition:
+  enabled: true
+```
+
+## Dataset
+
+The number of images needed for a sufficient training set for face recognition varies depending on several factors:
+
+- Diversity of the dataset: A dataset with diverse images, including variations in lighting, pose, and facial expressions, will require fewer images per person than a less diverse dataset.
+- Desired accuracy: The higher the desired accuracy, the more images are typically needed.
+
+However, here are some general guidelines:
+
+- Minimum: For basic face recognition tasks, a minimum of 10-20 images per person is often recommended.
+- Recommended: For more robust and accurate systems, 30-50 images per person is a good starting point.
+- Ideal: For optimal performance, especially in challenging conditions, 100 or more images per person can be beneficial.
+
+## Creating a Robust Training Set
+
+The accuracy of face recognition is heavily dependent on the quality of data given to it for training. It is recommended to build the face training library in phases.
+
+:::tip
+
+When choosing images to include in the face training set it is recommended to always follow these recommendations:
+- If it is difficult to make out details in a persons face it will not be helpful in training.
+- Avoid images with under/over-exposure.
+- Avoid blurry / pixelated images.
+- Be careful when uploading images of people when they are wearing clothing that covers a lot of their face as this may confuse the training.
+- Do not upload too many images at the same time, it is recommended to train 4-6 images for each person each day so it is easier to know if the previously added images helped or hurt performance.
+
+:::
+
+### Step 1 - Building a Strong Foundation
+
+When first enabling face recognition it is important to build a foundation of strong images. It is recommended to start by uploading 1-2 photos taken by a smartphone for each person. It is important that the person's face in the photo is straight-on and not turned which will ensure a good starting point.
+
+Then it is recommended to use the `Face Library` tab in Frigate to select and train images for each person as they are detected. When building a strong foundation it is strongly recommended to only train on images that are straight-on. Ignore images from cameras that recognize faces from an angle. Once a person starts to be consistently recognized correctly on images that are straight-on, it is time to move on to the next step.
+
+### Step 2 - Expanding The Dataset
+
+Once straight-on images are performing well, start choosing slightly off-angle images to include for training. It is important to still choose images where enough face detail is visible to recognize someone.

docs/docs/configuration/genai.md

@@ -0,0 +1,211 @@
+---
+id: genai
+title: Generative AI
+---
+
+Generative AI can be used to automatically generate descriptive text based on the thumbnails of your tracked objects. This helps with [Semantic Search](/configuration/semantic_search) in Frigate to provide more context about your tracked objects. Descriptions are accessed via the _Explore_ view in the Frigate UI by clicking on a tracked object's thumbnail.
+
+Requests for a description are sent off automatically to your AI provider at the end of the tracked object's lifecycle. Descriptions can also be regenerated manually via the Frigate UI.
+
+:::info
+
+Semantic Search must be enabled to use Generative AI.
+
+:::
+
+## Configuration
+
+Generative AI can be enabled for all cameras or only for specific cameras. There are currently 3 native providers available to integrate with Frigate. Other providers that support the OpenAI standard API can also be used. See the OpenAI section below.
+
+To use Generative AI, you must define a single provider at the global level of your Frigate configuration. If the provider you choose requires an API key, you may either directly paste it in your configuration, or store it in an environment variable prefixed with `FRIGATE_`.
+
+```yaml
+genai:
+  enabled: True
+  provider: gemini
+  api_key: "{FRIGATE_GEMINI_API_KEY}"
+  model: gemini-1.5-flash
+
+cameras:
+  front_camera: ...
+  indoor_camera:
+    genai: # <- disable GenAI for your indoor camera
+      enabled: False
+```
+
+## Ollama
+
+:::warning
+
+Using Ollama on CPU is not recommended, high inference times make using Generative AI impractical.
+
+:::
+
+[Ollama](https://ollama.com/) allows you to self-host large language models and keep everything running locally. It provides a nice API over [llama.cpp](https://github.com/ggerganov/llama.cpp). It is highly recommended to host this server on a machine with an Nvidia graphics card, or on a Apple silicon Mac for best performance.
+
+Most of the 7b parameter 4-bit vision models will fit inside 8GB of VRAM. There is also a [Docker container](https://hub.docker.com/r/ollama/ollama) available.
+
+Parallel requests also come with some caveats. You will need to set `OLLAMA_NUM_PARALLEL=1` and choose a `OLLAMA_MAX_QUEUE` and `OLLAMA_MAX_LOADED_MODELS` values that are appropriate for your hardware and preferences. See the [Ollama documentation](https://github.com/ollama/ollama/blob/main/docs/faq.md#how-does-ollama-handle-concurrent-requests).
+
+### Supported Models
+
+You must use a vision capable model with Frigate. Current model variants can be found [in their model library](https://ollama.com/library). At the time of writing, this includes `llava`, `llava-llama3`, `llava-phi3`, and `moondream`. Note that Frigate will not automatically download the model you specify in your config, you must download the model to your local instance of Ollama first i.e. by running `ollama pull llava:7b` on your Ollama server/Docker container. Note that the model specified in Frigate's config must match the downloaded model tag.
+
+:::note
+
+You should have at least 8 GB of RAM available (or VRAM if running on GPU) to run the 7B models, 16 GB to run the 13B models, and 32 GB to run the 33B models.
+
+:::
+
+### Configuration
+
+```yaml
+genai:
+  enabled: True
+  provider: ollama
+  base_url: http://localhost:11434
+  model: llava:7b
+```
+
+## Google Gemini
+
+Google Gemini has a free tier allowing [15 queries per minute](https://ai.google.dev/pricing) to the API, which is more than sufficient for standard Frigate usage.
+
+### Supported Models
+
+You must use a vision capable model with Frigate. Current model variants can be found [in their documentation](https://ai.google.dev/gemini-api/docs/models/gemini). At the time of writing, this includes `gemini-1.5-pro` and `gemini-1.5-flash`.
+
+### Get API Key
+
+To start using Gemini, you must first get an API key from [Google AI Studio](https://aistudio.google.com).
+
+1. Accept the Terms of Service
+2. Click "Get API Key" from the right hand navigation
+3. Click "Create API key in new project"
+4. Copy the API key for use in your config
+
+### Configuration
+
+```yaml
+genai:
+  enabled: True
+  provider: gemini
+  api_key: "{FRIGATE_GEMINI_API_KEY}"
+  model: gemini-1.5-flash
+```
+
+## OpenAI
+
+OpenAI does not have a free tier for their API. With the release of gpt-4o, pricing has been reduced and each generation should cost fractions of a cent if you choose to go this route.
+
+### Supported Models
+
+You must use a vision capable model with Frigate. Current model variants can be found [in their documentation](https://platform.openai.com/docs/models). At the time of writing, this includes `gpt-4o` and `gpt-4-turbo`.
+
+### Get API Key
+
+To start using OpenAI, you must first [create an API key](https://platform.openai.com/api-keys) and [configure billing](https://platform.openai.com/settings/organization/billing/overview).
+
+### Configuration
+
+```yaml
+genai:
+  enabled: True
+  provider: openai
+  api_key: "{FRIGATE_OPENAI_API_KEY}"
+  model: gpt-4o
+```
+
+:::note
+
+To use a different OpenAI-compatible API endpoint, set the `OPENAI_BASE_URL` environment variable to your provider's API URL.
+
+:::
+
+## Azure OpenAI
+
+Microsoft offers several vision models through Azure OpenAI. A subscription is required.
+
+### Supported Models
+
+You must use a vision capable model with Frigate. Current model variants can be found [in their documentation](https://learn.microsoft.com/en-us/azure/ai-services/openai/concepts/models). At the time of writing, this includes `gpt-4o` and `gpt-4-turbo`.
+
+### Create Resource and Get API Key
+
+To start using Azure OpenAI, you must first [create a resource](https://learn.microsoft.com/azure/cognitive-services/openai/how-to/create-resource?pivots=web-portal#create-a-resource). You'll need your API key and resource URL, which must include the `api-version` parameter (see the example below). The model field is not required in your configuration as the model is part of the deployment name you chose when deploying the resource.
+
+### Configuration
+
+```yaml
+genai:
+  enabled: True
+  provider: azure_openai
+  base_url: https://example-endpoint.openai.azure.com/openai/deployments/gpt-4o/chat/completions?api-version=2023-03-15-preview
+  api_key: "{FRIGATE_OPENAI_API_KEY}"
+```
+
+## Usage and Best Practices
+
+Frigate's thumbnail search excels at identifying specific details about tracked objects – for example, using an "image caption" approach to find a "person wearing a yellow vest," "a white dog running across the lawn," or "a red car on a residential street." To enhance this further, Frigate’s default prompts are designed to ask your AI provider about the intent behind the object's actions, rather than just describing its appearance.
+
+While generating simple descriptions of detected objects is useful, understanding intent provides a deeper layer of insight. Instead of just recognizing "what" is in a scene, Frigate’s default prompts aim to infer "why" it might be there or "what" it could do next. Descriptions tell you what’s happening, but intent gives context. For instance, a person walking toward a door might seem like a visitor, but if they’re moving quickly after hours, you can infer a potential break-in attempt. Detecting a person loitering near a door at night can trigger an alert sooner than simply noting "a person standing by the door," helping you respond based on the situation’s context.
+
+### Using GenAI for notifications
+
+Frigate provides an [MQTT topic](/integrations/mqtt), `frigate/tracked_object_update`, that is updated with a JSON payload containing `event_id` and `description` when your AI provider returns a description for a tracked object. This description could be used directly in notifications, such as sending alerts to your phone or making audio announcements. If additional details from the tracked object are needed, you can query the [HTTP API](/integrations/api/event-events-event-id-get) using the `event_id`, eg: `http://frigate_ip:5000/api/events/<event_id>`.
+
+## Custom Prompts
+
+Frigate sends multiple frames from the tracked object along with a prompt to your Generative AI provider asking it to generate a description. The default prompt is as follows:
+
+```
+Analyze the sequence of images containing the {label}. Focus on the likely intent or behavior of the {label} based on its actions and movement, rather than describing its appearance or the surroundings. Consider what the {label} is doing, why, and what it might do next.
+```
+
+:::tip
+
+Prompts can use variable replacements like `{label}`, `{sub_label}`, and `{camera}` to substitute information from the tracked object as part of the prompt.
+
+:::
+
+You are also able to define custom prompts in your configuration.
+
+```yaml
+genai:
+  enabled: True
+  provider: ollama
+  base_url: http://localhost:11434
+  model: llava
+  prompt: "Analyze the {label} in these images from the {camera} security camera. Focus on the actions, behavior, and potential intent of the {label}, rather than just describing its appearance."
+  object_prompts:
+    person: "Examine the main person in these images. What are they doing and what might their actions suggest about their intent (e.g., approaching a door, leaving an area, standing still)? Do not describe the surroundings or static details."
+    car: "Observe the primary vehicle in these images. Focus on its movement, direction, or purpose (e.g., parking, approaching, circling). If it's a delivery vehicle, mention the company."
+```
+
+Prompts can also be overriden at the camera level to provide a more detailed prompt to the model about your specific camera, if you desire. By default, descriptions will be generated for all tracked objects and all zones. But you can also optionally specify `objects` and `required_zones` to only generate descriptions for certain tracked objects or zones.
+
+Optionally, you can generate the description using a snapshot (if enabled) by setting `use_snapshot` to `True`. By default, this is set to `False`, which sends the uncompressed images from the `detect` stream collected over the object's lifetime to the model. Once the object lifecycle ends, only a single compressed and cropped thumbnail is saved with the tracked object. Using a snapshot might be useful when you want to _regenerate_ a tracked object's description as it will provide the AI with a higher-quality image (typically downscaled by the AI itself) than the cropped/compressed thumbnail. Using a snapshot otherwise has a trade-off in that only a single image is sent to your provider, which will limit the model's ability to determine object movement or direction.
+
+```yaml
+cameras:
+  front_door:
+    genai:
+      use_snapshot: True
+      prompt: "Analyze the {label} in these images from the {camera} security camera at the front door. Focus on the actions and potential intent of the {label}."
+      object_prompts:
+        person: "Examine the person in these images. What are they doing, and how might their actions suggest their purpose (e.g., delivering something, approaching, leaving)? If they are carrying or interacting with a package, include details about its source or destination."
+        cat: "Observe the cat in these images. Focus on its movement and intent (e.g., wandering, hunting, interacting with objects). If the cat is near the flower pots or engaging in any specific actions, mention it."
+      objects:
+        - person
+        - cat
+      required_zones:
+        - steps
+```
+
+### Experiment with prompts
+
+Many providers also have a public facing chat interface for their models. Download a couple of different thumbnails or snapshots from Frigate and try new things in the playground to get descriptions to your liking before updating the prompt in Frigate.
+
+- OpenAI - [ChatGPT](https://chatgpt.com)
+- Gemini - [Google AI Studio](https://aistudio.google.com)
+- Ollama - [Open WebUI](https://docs.openwebui.com/)

docs/docs/configuration/hardware_acceleration.md

@@ -13,7 +13,7 @@ Depending on your system, these parameters may not be compatible. More informati
 
 ## Raspberry Pi 3/4
 
-Ensure you increase the allocated RAM for your GPU to at least 128 (`raspi-config` > Performance Options > GPU Memory).  
+Ensure you increase the allocated RAM for your GPU to at least 128 (`raspi-config` > Performance Options > GPU Memory).
 If you are using the HA addon, you may need to use the full access variant and turn off `Protection mode` for hardware acceleration.
 
 ```yaml
@@ -65,24 +65,37 @@ Or map in all the `/dev/video*` devices.
 
 ## Intel-based CPUs
 
+:::info
+
+**Recommended hwaccel Preset**
+
+| CPU Generation | Intel Driver | Recommended Preset | Notes                               |
+| -------------- | ------------ | ------------------ | ----------------------------------- |
+| gen1 - gen7    | i965         | preset-vaapi       | qsv is not supported                |
+| gen8 - gen12   | iHD          | preset-vaapi       | preset-intel-qsv-* can also be used |
+| gen13+         | iHD / Xe     | preset-intel-qsv-* |                                     |
+| Intel Arc GPU  | iHD / Xe     | preset-intel-qsv-* |                                     |
+
+:::
+
+:::note
+
+The default driver is `iHD`. You may need to change the driver to `i965` by adding the following environment variable `LIBVA_DRIVER_NAME=i965` to your docker-compose file or [in the `frigate.yaml` for HA OS users](advanced.md#environment_vars).
+
+See [The Intel Docs](https://www.intel.com/content/www/us/en/support/articles/000005505/processors.html) to figure out what generation your CPU is.
+
+:::
+
 ### Via VAAPI
 
-VAAPI supports automatic profile selection so it will work automatically with both H.264 and H.265 streams. VAAPI is recommended for all generations of Intel-based CPUs if QSV does not work.
+VAAPI supports automatic profile selection so it will work automatically with both H.264 and H.265 streams.
 
 ```yaml
 ffmpeg:
   hwaccel_args: preset-vaapi
 ```
 
-:::note
-
-With some of the processors, like the J4125, the default driver `iHD` doesn't seem to work correctly for hardware acceleration. You may need to change the driver to `i965` by adding the following environment variable `LIBVA_DRIVER_NAME=i965` to your docker-compose file or [in the `frigate.yaml` for HA OS users](advanced.md#environment_vars).
-
-:::
-
-### Via Quicksync (>=10th Generation only)
-
-QSV must be set specifically based on the video encoding of the stream.
+### Via Quicksync
 
 #### H.264 streams
 
@@ -162,6 +175,16 @@ For more information on the various values across different distributions, see h
 
 Depending on your OS and kernel configuration, you may need to change the `/proc/sys/kernel/perf_event_paranoid` kernel tunable. You can test the change by running `sudo sh -c 'echo 2 >/proc/sys/kernel/perf_event_paranoid'` which will persist until a reboot. Make it permanent by running `sudo sh -c 'echo kernel.perf_event_paranoid=2 >> /etc/sysctl.d/local.conf'`
 
+#### Stats for SR-IOV devices
+
+When using virtualized GPUs via SR-IOV, additional args are needed for GPU stats to function. This can be enabled with the following config:
+
+```yaml
+telemetry:
+  stats:
+    sriov: True
+```
+
 ## AMD/ATI GPUs (Radeon HD 2000 and newer GPUs) via libva-mesa-driver
 
 VAAPI supports automatic profile selection so it will work automatically with both H.264 and H.265 streams.
@@ -218,28 +241,11 @@ docker run -d \
 
 ### Setup Decoder
 
-The decoder you need to pass in the `hwaccel_args` will depend on the input video.
-
-A list of supported codecs (you can use `ffmpeg -decoders | grep cuvid` in the container to get the ones your card supports)
-
-```
- V..... h263_cuvid           Nvidia CUVID H263 decoder (codec h263)
- V..... h264_cuvid           Nvidia CUVID H264 decoder (codec h264)
- V..... hevc_cuvid           Nvidia CUVID HEVC decoder (codec hevc)
- V..... mjpeg_cuvid          Nvidia CUVID MJPEG decoder (codec mjpeg)
- V..... mpeg1_cuvid          Nvidia CUVID MPEG1VIDEO decoder (codec mpeg1video)
- V..... mpeg2_cuvid          Nvidia CUVID MPEG2VIDEO decoder (codec mpeg2video)
- V..... mpeg4_cuvid          Nvidia CUVID MPEG4 decoder (codec mpeg4)
- V..... vc1_cuvid            Nvidia CUVID VC1 decoder (codec vc1)
- V..... vp8_cuvid            Nvidia CUVID VP8 decoder (codec vp8)
- V..... vp9_cuvid            Nvidia CUVID VP9 decoder (codec vp9)
-```
-
-For example, for H264 video, you'll select `preset-nvidia-h264`.
+Using `preset-nvidia` ffmpeg will automatically select the necessary profile for the incoming video, and will log an error if the profile is not supported by your GPU.
 
 ```yaml
 ffmpeg:
-  hwaccel_args: preset-nvidia-h264
+  hwaccel_args: preset-nvidia
 ```
 
 If everything is working correctly, you should see a significant improvement in performance.
@@ -370,7 +376,7 @@ Make sure to follow the [Rockchip specific installation instructions](/frigate/i
 
 ### Configuration
 
-Add one of the following FFmpeg presets to your `config.yaml` to enable hardware video processing:
+Add one of the following FFmpeg presets to your `config.yml` to enable hardware video processing:
 
 ```yaml
 # if you try to decode a h264 encoded stream