Consolidate onvif camera recommendations in docs (#11972)

* split out proxy from auth

* update documentation

* fixup auth mode check

.cspell/frigate-dictionary.txt

@@ -0,0 +1,168 @@
+rtmp
+edgetpu
+labelmap
+rockchip
+jetson
+rocm
+vaapi
+CUDA
+hwaccel
+RTSP
+Hikvision
+Dahua
+Amcrest
+Reolink
+Loryta
+Beelink
+Celeron
+vaapi
+blakeblackshear
+workdir
+onvif
+autotracking
+openvino
+tflite
+deepstack
+codeproject
+udev
+tailscale
+restream
+restreaming
+webrtc
+ssdlite
+mobilenet
+mosquitto
+datasheet
+Jellyfin
+Radeon
+libva
+Ubiquiti
+Unifi
+Tapo
+Annke
+autotracker
+autotracked
+variations
+ONVIF
+traefik
+devcontainer
+rootfs
+ffprobe
+autotrack
+logpipe
+imread
+imwrite
+imencode
+imutils
+thresholded
+timelapse
+ultrafast
+sleeptime
+radeontop
+vainfo
+tmpfs
+homography
+websockets
+LIBAVFORMAT
+NTSC
+onnxruntime
+fourcc
+radeonsi
+paho
+imagestream
+jsonify
+cgroups
+sysconf
+memlimit
+gpuload
+nvml
+setproctitle
+psutil
+Kalman
+frontdoor
+namedtuples
+zeep
+fflags
+probesize
+wallclock
+rknn
+socs
+pydantic
+shms
+imdecode
+colormap
+webui
+mse
+jsmpeg
+unreviewed
+Chromecast
+Swipeable
+flac
+scroller
+cmdline
+toggleable
+bottombar
+opencv
+apexcharts
+buildx
+mqtt
+rawvideo
+defragment
+Norfair
+subclassing
+yolo
+tensorrt
+blackshear
+stylelint
+HACS
+homeassistant
+hass
+castable
+mobiledet
+framebuffer
+mjpeg
+substream
+codeowner
+noninteractive
+restreamed
+mountpoint
+fstype
+OWASP
+iotop
+letsencrypt
+fullchain
+lsusb
+iostat
+usermod
+balena
+passwordless
+debconf
+dpkg
+poweroff
+surveillance
+qnap
+homekit
+colorspace
+quantisation
+skylake
+Cuvid
+foscam
+onnx
+numpy
+protobuf
+aarch
+amdgpu
+chipset
+referer
+mpegts
+webp
+authelia
+authentik
+unichip
+rebranded
+udevadm
+automations
+unraid
+hideable
+healthcheck
+keepalive

.devcontainer/devcontainer.json

@@ -10,10 +10,14 @@
   "features": {
     "ghcr.io/devcontainers/features/common-utils:1": {}
   },
-  "forwardPorts": [5000, 5001, 5173, 1935, 8554, 8555],
+  "forwardPorts": [8080, 5000, 5001, 5173, 8554, 8555],
   "portsAttributes": {
+    "8080": {
+      "label": "External NGINX",
+      "onAutoForward": "silent"
+    },
     "5000": {
-      "label": "NGINX",
+      "label": "Internal NGINX",
       "onAutoForward": "silent"
     },
     "5001": {
@@ -24,10 +28,6 @@
       "label": "Vite Server",
       "onAutoForward": "silent"
     },
-    "1935": {
-      "label": "RTMP",
-      "onAutoForward": "silent"
-    },
     "8554": {
       "label": "gortc RTSP",
       "onAutoForward": "silent"
@@ -42,7 +42,6 @@
       "extensions": [
         "ms-python.python",
         "ms-python.vscode-pylance",
-        "ms-python.black-formatter",
         "visualstudioexptteam.vscodeintellicode",
         "mhutchie.git-graph",
         "ms-azuretools.vscode-docker",
@@ -53,13 +52,10 @@
         "csstools.postcss",
         "blanu.vscode-styled-jsx",
         "bradlc.vscode-tailwindcss",
-        "ms-python.isort",
         "charliermarsh.ruff"
       ],
       "settings": {
         "remote.autoForwardPorts": false,
-        "python.linting.pylintEnabled": true,
-        "python.linting.enabled": true,
         "python.formatting.provider": "none",
         "python.languageServer": "Pylance",
         "editor.formatOnPaste": false,
@@ -72,7 +68,7 @@
         "eslint.workingDirectories": ["./web"],
         "isort.args": ["--settings-path=./pyproject.toml"],
         "[python]": {
-          "editor.defaultFormatter": "ms-python.black-formatter",
+          "editor.defaultFormatter": "charliermarsh.ruff",
           "editor.formatOnSave": true,
           "editor.codeActionsOnSave": {
             "source.fixAll": true,

.github/DISCUSSION_TEMPLATE/bug-report.yml

@@ -0,0 +1,83 @@
+title: "[Bug]: "
+labels: ["bug", "triage"]
+body:
+  - type: textarea
+    id: description
+    attributes:
+      label: Describe the problem you are having
+    validations:
+      required: true
+  - type: textarea
+    id: steps
+    attributes:
+      label: Steps to reproduce
+    validations:
+      required: true
+  - type: input
+    id: version
+    attributes:
+      label: Version
+      description: Visible on the System page in the Web UI
+    validations:
+      required: true
+  - type: textarea
+    id: config
+    attributes:
+      label: Frigate config file
+      description: This will be automatically formatted into code, so no need for backticks.
+      render: yaml
+    validations:
+      required: true
+  - type: textarea
+    id: logs
+    attributes:
+      label: Relevant log output
+      description: Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks.
+      render: shell
+    validations:
+      required: true
+  - type: dropdown
+    id: os
+    attributes:
+      label: Operating system
+      options:
+        - HassOS
+        - Debian
+        - Other Linux
+        - Proxmox
+        - UNRAID
+        - Windows
+        - Other
+    validations:
+      required: true
+  - type: dropdown
+    id: install-method
+    attributes:
+      label: Install method
+      options:
+        - HassOS Addon
+        - Docker Compose
+        - Docker CLI
+    validations:
+      required: true
+  - type: dropdown
+    id: network
+    attributes:
+      label: Network connection
+      options:
+        - Wired
+        - Wireless
+        - Mixed
+    validations:
+      required: true
+  - type: input
+    id: camera
+    attributes:
+      label: Camera make and model
+      description: Dahua, hikvision, amcrest, reolink, etc and model number
+    validations:
+      required: true
+  - type: textarea
+    id: other
+    attributes:
+      label: Any other information that may be helpful

.github/DISCUSSION_TEMPLATE/camera-support.yml

@@ -1,8 +1,5 @@
-name: Camera Support Request
-description: Support for setting up cameras in Frigate
 title: "[Camera Support]: "
 labels: ["support", "triage"]
-assignees: []
 body:
   - type: textarea
     id: description
@@ -14,7 +11,7 @@ body:
     id: version
     attributes:
       label: Version
-      description: Visible on the Debug page in the Web UI
+      description: Visible on the System page in the Web UI
     validations:
       required: true
   - type: textarea

.github/DISCUSSION_TEMPLATE/config-support.yml

@@ -1,8 +1,5 @@
-name: Config Support Request
-description: Support for Frigate configuration
 title: "[Config Support]: "
 labels: ["support", "triage"]
-assignees: []
 body:
   - type: textarea
     id: description
@@ -14,7 +11,7 @@ body:
     id: version
     attributes:
       label: Version
-      description: Visible on the Debug page in the Web UI
+      description: Visible on the System page in the Web UI
     validations:
       required: true
   - type: textarea

.github/DISCUSSION_TEMPLATE/detector-support.yml

@@ -1,8 +1,5 @@
-name: Detector Support Request
-description: Support for setting up object detector in Frigate (Coral, OpenVINO, TensorRT, etc.)
 title: "[Detector Support]: "
 labels: ["support", "triage"]
-assignees: []
 body:
   - type: textarea
     id: description
@@ -14,7 +11,7 @@ body:
     id: version
     attributes:
       label: Version
-      description: Visible on the Debug page in the Web UI
+      description: Visible on the System page in the Web UI
     validations:
       required: true
   - type: textarea

.github/DISCUSSION_TEMPLATE/general-support.yml

@@ -1,8 +1,5 @@
-name: General Support Request
-description: General support request for Frigate
 title: "[Support]: "
 labels: ["support", "triage"]
-assignees: []
 body:
   - type: textarea
     id: description
@@ -14,7 +11,7 @@ body:
     id: version
     attributes:
       label: Version
-      description: Visible on the Debug page in the Web UI
+      description: Visible on the System page in the Web UI
     validations:
       required: true
   - type: textarea

.github/DISCUSSION_TEMPLATE/hardware-acceleration-support.yml

@@ -1,8 +1,5 @@
-name: Hardware Acceleration Support Request
-description: Support for setting up GPU hardware acceleration in Frigate
 title: "[HW Accel Support]: "
 labels: ["support", "triage"]
-assignees: []
 body:
   - type: textarea
     id: description
@@ -14,7 +11,7 @@ body:
     id: version
     attributes:
       label: Version
-      description: Visible on the Debug page in the Web UI
+      description: Visible on the System page in the Web UI
     validations:
       required: true
   - type: textarea

.github/DISCUSSION_TEMPLATE/question.yml

@@ -0,0 +1,9 @@
+title: "[Question]: "
+labels: ["question"]
+body:
+  - type: textarea
+    id: description
+    attributes:
+      label: "What is your question:"
+    validations:
+      required: true

.github/FUNDING.yml

@@ -1,3 +1,4 @@
 github:
   - blakeblackshear
   - NickM-27
+  - hawkeye217

.github/ISSUE_TEMPLATE/config.yml

@@ -1 +1,8 @@
 blank_issues_enabled: false
+contact_links:
+  - name: Frigate Support
+    url: https://github.com/blakeblackshear/frigate/discussions/new/choose
+    about: Get support for setting up or troubleshooting Frigate.
+  - name: Frigate Bug Report
+    url: https://github.com/blakeblackshear/frigate/discussions/new/choose
+    about: Report a specific UI or backend bug.

.github/actions/setup/action.yml

@@ -11,11 +11,22 @@ outputs:
 runs:
   using: "composite"
   steps:
-    - name: Remove unnecessary files
-      run: |
-        sudo rm -rf /usr/share/dotnet
-        sudo rm -rf /usr/local/lib/android
-        sudo rm -rf /opt/ghc
+    # Stop docker so we can mount more space at /var/lib/docker
+    - name: Stop docker
+      run: sudo systemctl stop docker
+      shell: bash
+    # This creates a virtual volume at /var/lib/docker to maximize the size
+    # As of 2/14/2024, this results in 97G for docker images
+    - name: Maximize build space
+      uses: easimon/maximize-build-space@master
+      with:
+        remove-dotnet: 'true'
+        remove-android: 'true'
+        remove-haskell: 'true'
+        remove-codeql: 'true'
+        build-mount-path: '/var/lib/docker'
+    - name: Start docker
+      run: sudo systemctl start docker
       shell: bash
     - id: lowercaseRepo
       uses: ASzc/change-string-case-action@v5

.github/dependabot.yml

@@ -18,6 +18,12 @@ updates:
       interval: daily
     open-pull-requests-limit: 10
     target-branch: dev
+  - package-ecosystem: "pip"
+    directory: "/docker/tensorrt"
+    schedule:
+      interval: daily
+    open-pull-requests-limit: 10
+    target-branch: dev
   - package-ecosystem: "npm"
     directory: "/web"
     schedule:
@@ -28,5 +34,7 @@ updates:
     directory: "/docs"
     schedule:
       interval: daily
+    allow:
+      - dependency-name: "@docusaurus/*"
     open-pull-requests-limit: 10
     target-branch: dev

.github/workflows/ci.yml

@@ -28,7 +28,7 @@ jobs:
         with:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       - name: Build and push amd64 standard build
-        uses: docker/build-push-action@v4
+        uses: docker/build-push-action@v5
         with:
           context: .
           file: docker/main/Dockerfile
@@ -37,16 +37,6 @@ jobs:
           target: frigate
           tags: ${{ steps.setup.outputs.image-name }}-amd64
           cache-from: type=registry,ref=${{ steps.setup.outputs.cache-name }}-amd64
-      - name: Build and push TensorRT (x86 GPU)
-        uses: docker/bake-action@v3
-        with:
-          push: true
-          targets: tensorrt
-          files: docker/tensorrt/trt.hcl
-          set: |
-            tensorrt.tags=${{ steps.setup.outputs.image-name }}-tensorrt
-            *.cache-from=type=registry,ref=${{ steps.setup.outputs.cache-name }}-amd64
-            *.cache-to=type=registry,ref=${{ steps.setup.outputs.cache-name }}-amd64,mode=max
   arm64_build:
     runs-on: ubuntu-latest
     name: ARM Build
@@ -59,7 +49,7 @@ jobs:
         with:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       - name: Build and push arm64 standard build
-        uses: docker/build-push-action@v4
+        uses: docker/build-push-action@v5
         with:
           context: .
           file: docker/main/Dockerfile
@@ -70,7 +60,7 @@ jobs:
             ${{ steps.setup.outputs.image-name }}-standard-arm64
           cache-from: type=registry,ref=${{ steps.setup.outputs.cache-name }}-arm64
       - name: Build and push RPi build
-        uses: docker/bake-action@v3
+        uses: docker/bake-action@v4
         with:
           push: true
           targets: rpi
@@ -79,6 +69,15 @@ jobs:
             rpi.tags=${{ steps.setup.outputs.image-name }}-rpi
             *.cache-from=type=registry,ref=${{ steps.setup.outputs.cache-name }}-arm64
             *.cache-to=type=registry,ref=${{ steps.setup.outputs.cache-name }}-arm64,mode=max
+      - name: Build and push Rockchip build
+        uses: docker/bake-action@v3
+        with:
+          push: true
+          targets: rk
+          files: docker/rockchip/rk.hcl
+          set: |
+            rk.tags=${{ steps.setup.outputs.image-name }}-rk
+            *.cache-from=type=gha
   jetson_jp4_build:
     runs-on: ubuntu-latest
     name: Jetson Jetpack 4
@@ -96,7 +95,7 @@ jobs:
           BASE_IMAGE: timongentzsch/l4t-ubuntu20-opencv:latest
           SLIM_BASE: timongentzsch/l4t-ubuntu20-opencv:latest
           TRT_BASE: timongentzsch/l4t-ubuntu20-opencv:latest
-        uses: docker/bake-action@v3
+        uses: docker/bake-action@v4
         with:
           push: true
           targets: tensorrt
@@ -122,7 +121,7 @@ jobs:
           BASE_IMAGE: nvcr.io/nvidia/l4t-tensorrt:r8.5.2-runtime
           SLIM_BASE: nvcr.io/nvidia/l4t-tensorrt:r8.5.2-runtime
           TRT_BASE: nvcr.io/nvidia/l4t-tensorrt:r8.5.2-runtime
-        uses: docker/bake-action@v3
+        uses: docker/bake-action@v4
         with:
           push: true
           targets: tensorrt
@@ -131,6 +130,82 @@ jobs:
             tensorrt.tags=${{ steps.setup.outputs.image-name }}-tensorrt-jp5
             *.cache-from=type=registry,ref=${{ steps.setup.outputs.cache-name }}-jp5
             *.cache-to=type=registry,ref=${{ steps.setup.outputs.cache-name }}-jp5,mode=max
+  amd64_extra_builds:
+    runs-on: ubuntu-latest
+    name: AMD64 Extra Build
+    needs:
+      - amd64_build
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+      - name: Set up QEMU and Buildx
+        id: setup
+        uses: ./.github/actions/setup
+        with:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Build and push TensorRT (x86 GPU)
+        env:
+          COMPUTE_LEVEL: "50 60 70 80 90"
+        uses: docker/bake-action@v4
+        with:
+          push: true
+          targets: tensorrt
+          files: docker/tensorrt/trt.hcl
+          set: |
+            tensorrt.tags=${{ steps.setup.outputs.image-name }}-tensorrt
+            *.cache-from=type=registry,ref=${{ steps.setup.outputs.cache-name }}-amd64
+            *.cache-to=type=registry,ref=${{ steps.setup.outputs.cache-name }}-amd64,mode=max
+      #- name: AMD/ROCm general build
+      #  env:
+      #    AMDGPU: gfx
+      #    HSA_OVERRIDE: 0
+      #  uses: docker/bake-action@v3
+      #  with:
+      #    push: true
+      #    targets: rocm
+      #    files: docker/rocm/rocm.hcl
+      #    set: |
+      #      rocm.tags=${{ steps.setup.outputs.image-name }}-rocm
+      #      *.cache-from=type=gha
+      #- name: AMD/ROCm gfx900
+      #  env:
+      #    AMDGPU: gfx900
+      #    HSA_OVERRIDE: 1
+      #    HSA_OVERRIDE_GFX_VERSION: 9.0.0
+      #  uses: docker/bake-action@v3
+      #  with:
+      #    push: true
+      #    targets: rocm
+      #    files: docker/rocm/rocm.hcl
+      #    set: |
+      #      rocm.tags=${{ steps.setup.outputs.image-name }}-rocm-gfx900
+      #      *.cache-from=type=gha
+      #- name: AMD/ROCm gfx1030
+      #  env:
+      #    AMDGPU: gfx1030
+      #    HSA_OVERRIDE: 1
+      #    HSA_OVERRIDE_GFX_VERSION: 10.3.0
+      #  uses: docker/bake-action@v3
+      #  with:
+      #    push: true
+      #    targets: rocm
+      #    files: docker/rocm/rocm.hcl
+      #    set: |
+      #      rocm.tags=${{ steps.setup.outputs.image-name }}-rocm-gfx1030
+      #      *.cache-from=type=gha
+      #- name: AMD/ROCm gfx1100
+      #  env:
+      #    AMDGPU: gfx1100
+      #    HSA_OVERRIDE: 1
+      #    HSA_OVERRIDE_GFX_VERSION: 11.0.0
+      #  uses: docker/bake-action@v3
+      #  with:
+      #    push: true
+      #    targets: rocm
+      #    files: docker/rocm/rocm.hcl
+      #    set: |
+      #      rocm.tags=${{ steps.setup.outputs.image-name }}-rocm-gfx1100
+      #      *.cache-from=type=gha
   # The majority of users running arm64 are rpi users, so the rpi
   # build should be the primary arm64 image
   assemble_default_build:
@@ -141,20 +216,20 @@ jobs:
       - arm64_build
     steps:
       - id: lowercaseRepo
-        uses: ASzc/change-string-case-action@v5
+        uses: ASzc/change-string-case-action@v6
         with:
           string: ${{ github.repository }}
       - name: Log in to the Container registry
-        uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc
+        uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
       - name: Create short sha
         run: echo "SHORT_SHA=${GITHUB_SHA::7}" >> $GITHUB_ENV
-      - uses: int128/docker-manifest-create-action@v1
+      - uses: int128/docker-manifest-create-action@v2
         with:
           tags: ghcr.io/${{ steps.lowercaseRepo.outputs.lowercase }}:${{ github.ref_name }}-${{ env.SHORT_SHA }}
-          suffixes: |
-            -amd64
-            -rpi
+          sources: |
+            ghcr.io/${{ steps.lowercaseRepo.outputs.lowercase }}:${{ github.ref_name }}-${{ env.SHORT_SHA }}-amd64
+            ghcr.io/${{ steps.lowercaseRepo.outputs.lowercase }}:${{ github.ref_name }}-${{ env.SHORT_SHA }}-rpi

.github/workflows/dependabot-auto-merge.yaml

@@ -11,7 +11,7 @@ jobs:
     steps:
       - name: Get Dependabot metadata
         id: metadata
-        uses: dependabot/fetch-metadata@v1
+        uses: dependabot/fetch-metadata@v2
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
       - name: Enable auto-merge for Dependabot PRs

.github/workflows/pull_request.yml

@@ -51,12 +51,12 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@master
         with:
-          node-version: 16.x
+          node-version: 20.x
       - run: npm install
         working-directory: ./web
-      - name: Test
-        run: npm run test
-        working-directory: ./web
+      # - name: Test
+      #   run: npm run test
+      #   working-directory: ./web
 
   python_checks:
     runs-on: ubuntu-latest
@@ -65,20 +65,17 @@ jobs:
       - name: Check out the repository
         uses: actions/checkout@v4
       - name: Set up Python ${{ env.DEFAULT_PYTHON }}
-        uses: actions/setup-python@v4.7.0
+        uses: actions/setup-python@v5.1.0
         with:
           python-version: ${{ env.DEFAULT_PYTHON }}
       - name: Install requirements
         run: |
           python3 -m pip install -U pip
           python3 -m pip install -r docker/main/requirements-dev.txt
-      - name: Check black
+      - name: Check formatting
         run: |
-          black --check --diff frigate migrations docker *.py
-      - name: Check isort
-        run: |
-          isort --check --diff frigate migrations docker *.py
-      - name: Check ruff
+          ruff format --check --diff frigate migrations docker *.py
+      - name: Check lint
         run: |
           ruff check frigate migrations docker *.py
 
@@ -97,9 +94,9 @@ jobs:
         run: npm run build
         working-directory: ./web
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
+        uses: docker/setup-qemu-action@v3
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
       - name: Build
         run: make
       - name: Run mypy

.github/workflows/release.yml

@@ -0,0 +1,47 @@
+name: On release
+
+on:
+  workflow_dispatch:
+  release:
+    types: [published]
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+      - id: lowercaseRepo
+        uses: ASzc/change-string-case-action@v6
+        with:
+          string: ${{ github.repository }}
+      - name: Log in to the Container registry
+        uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Create tag variables
+        run: |
+          BRANCH=$([[ "${{ github.ref_name }}" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]] && echo "master" || echo "dev")
+          echo "BRANCH=${BRANCH}" >> $GITHUB_ENV
+          echo "BASE=ghcr.io/${{ steps.lowercaseRepo.outputs.lowercase }}" >> $GITHUB_ENV
+          echo "BUILD_TAG=${BRANCH}-${GITHUB_SHA::7}" >> $GITHUB_ENV
+          echo "CLEAN_VERSION=$(echo ${GITHUB_REF##*/} | tr '[:upper:]' '[:lower:]' | sed 's/^[v]//')" >> $GITHUB_ENV
+      - name: Tag and push the main image
+        run: |
+          VERSION_TAG=${BASE}:${CLEAN_VERSION}
+          STABLE_TAG=${BASE}:stable
+          PULL_TAG=${BASE}:${BUILD_TAG}
+          docker run --rm -v $HOME/.docker/config.json:/config.json quay.io/skopeo/stable:latest copy --authfile /config.json --multi-arch all docker://${PULL_TAG} docker://${VERSION_TAG}
+          for variant in standard-arm64 tensorrt tensorrt-jp4 tensorrt-jp5 rk; do
+            docker run --rm -v $HOME/.docker/config.json:/config.json quay.io/skopeo/stable:latest copy --authfile /config.json --multi-arch all docker://${PULL_TAG}-${variant} docker://${VERSION_TAG}-${variant}
+          done
+
+          # stable tag
+          if [[ "${BRANCH}" == "master" ]]; then
+            docker run --rm -v $HOME/.docker/config.json:/config.json quay.io/skopeo/stable:latest copy --authfile /config.json --multi-arch all docker://${PULL_TAG} docker://${STABLE_TAG}
+            for variant in standard-arm64 tensorrt tensorrt-jp4 tensorrt-jp5 rk; do
+              docker run --rm -v $HOME/.docker/config.json:/config.json quay.io/skopeo/stable:latest copy --authfile /config.json --multi-arch all docker://${PULL_TAG}-${variant} docker://${STABLE_TAG}-${variant}
+            done
+          fi

.github/workflows/stale.yml

@@ -24,3 +24,18 @@ jobs:
           operations-per-run: 120
       - name: Print outputs
         run: echo ${{ join(steps.stale.outputs.*, ',') }}
+
+  clean_ghcr:
+    name: Delete outdated dev container images
+    runs-on: ubuntu-latest
+    steps:
+      - name: Delete old images
+        uses: snok/container-retention-policy@v2
+        with:
+          image-names: dev-*
+          cut-off: 60 days ago UTC
+          keep-at-least: 5
+          account-type: personal
+          token: ${{ secrets.GITHUB_TOKEN }}
+          token-type: github-token
+

.gitignore

@@ -8,7 +8,6 @@ config/*
 !config/*.example
 models
 *.mp4
-*.ts
 *.db
 *.csv
 frigate/version.py
@@ -17,4 +16,5 @@ web/node_modules
 web/coverage
 core
 !/web/**/*.ts
-.idea/*
+.idea/*
+.ipynb_checkpoints

CODEOWNERS

@@ -2,3 +2,5 @@
 /docker/tensorrt/ @madsciencetist @NateMeyer
 /docker/tensorrt/*arm64* @madsciencetist
 /docker/tensorrt/*jetson* @madsciencetist
+/docker/rockchip/ @MarcA711
+/docker/rocm/ @harakas

Makefile

@@ -1,7 +1,7 @@
 default_target: local
 
 COMMIT_HASH := $(shell git log -1 --pretty=format:"%h"|tail -1)
-VERSION = 0.13.0
+VERSION = 0.14.0
 IMAGE_REPO ?= ghcr.io/blakeblackshear/frigate
 GITHUB_REF_NAME ?= $(shell git rev-parse --abbrev-ref HEAD)
 CURRENT_UID := $(shell id -u)

README.md

@@ -29,18 +29,22 @@ If you would like to make a donation to support development, please use [Github
 
 ## Screenshots
 
-Integration into Home Assistant
-
+### Live dashboard
 <div>
-<a href="docs/static/img/media_browser.png"><img src="docs/static/img/media_browser.png" height=400></a>
-<a href="docs/static/img/notification.png"><img src="docs/static/img/notification.png" height=400></a>
+<img width="800" alt="Live dashboard" src="https://github.com/blakeblackshear/frigate/assets/569905/5e713cb9-9db5-41dc-947a-6937c3bc376e">
 </div>
 
-Also comes with a builtin UI:
-
+### Streamlined review workflow
 <div>
-<a href="docs/static/img/home-ui.png"><img src="docs/static/img/home-ui.png" height=400></a>
-<a href="docs/static/img/camera-ui.png"><img src="docs/static/img/camera-ui.png" height=400></a>
+<img width="800" alt="Streamlined review workflow" src="https://github.com/blakeblackshear/frigate/assets/569905/6fed96e8-3b18-40e5-9ddc-31e6f3c9f2ff">
 </div>
 
-![Events](docs/static/img/events-ui.png)
+### Multi-camera scrubbing
+<div>
+<img width="800" alt="Multi-camera scrubbing" src="https://github.com/blakeblackshear/frigate/assets/569905/d6788a15-0eeb-4427-a8d4-80b93cae3d74">
+</div>
+
+### Built-in mask and zone editor
+<div>
+<img width="800" alt="Multi-camera scrubbing" src="https://github.com/blakeblackshear/frigate/assets/569905/d7885fc3-bfe6-452f-b7d0-d957cb3e31f5">
+</div>

cspell.json

@@ -0,0 +1,21 @@
+{
+  "version": "0.2",
+  "ignorePaths": [
+    "Dockerfile",
+    "Dockerfile.*",
+    "CMakeLists.txt",
+    "*.db",
+    "node_modules",
+    "__pycache__",
+    "dist"
+  ],
+  "language": "en",
+  "dictionaryDefinitions": [
+    {
+      "name": "frigate-dictionary",
+      "path": "./.cspell/frigate-dictionary.txt",
+      "addWords": true
+    }
+  ],
+  "dictionaries": ["frigate-dictionary"]
+}

docker-compose.yml

@@ -14,13 +14,14 @@ services:
       dockerfile: docker/main/Dockerfile
       # Use target devcontainer-trt for TensorRT dev
       target: devcontainer
-    deploy:
-          resources:
-              reservations:
-                  devices:
-                      - driver: nvidia
-                        count: 1
-                        capabilities: [gpu]
+    ## Uncomment this block for nvidia gpu support
+    # deploy:
+    #       resources:
+    #           reservations:
+    #               devices:
+    #                   - driver: nvidia
+    #                     count: 1
+    #                     capabilities: [gpu]
     environment:
       YOLO_MODELS: yolov7-320
     devices:

docker/main/Dockerfile

@@ -1,4 +1,4 @@
-# syntax=docker/dockerfile:1.4
+# syntax=docker/dockerfile:1.6
 
 # https://askubuntu.com/questions/972516/debian-frontend-environment-variable
 ARG DEBIAN_FRONTEND=noninteractive
@@ -33,15 +33,18 @@ RUN --mount=type=tmpfs,target=/tmp --mount=type=tmpfs,target=/var/cache/apt \
 FROM scratch AS go2rtc
 ARG TARGETARCH
 WORKDIR /rootfs/usr/local/go2rtc/bin
-ADD --link --chmod=755 "https://github.com/AlexxIT/go2rtc/releases/download/v1.6.2/go2rtc_linux_${TARGETARCH}" go2rtc
+ADD --link --chmod=755 "https://github.com/AlexxIT/go2rtc/releases/download/v1.9.2/go2rtc_linux_${TARGETARCH}" go2rtc
 
+FROM wget AS tempio
+ARG TARGETARCH
+RUN --mount=type=bind,source=docker/main/install_tempio.sh,target=/deps/install_tempio.sh \
+    /deps/install_tempio.sh
 
 ####
 #
 # OpenVino Support
 #
 # 1. Download and convert a model from Intel's Public Open Model Zoo
-# 2. Build libUSB without udev to handle NCS2 enumeration
 #
 ####
 # Download and Convert OpenVino model
@@ -51,44 +54,17 @@ ARG DEBIAN_FRONTEND
 # Install OpenVino Runtime and Dev library
 COPY docker/main/requirements-ov.txt /requirements-ov.txt
 RUN apt-get -qq update \
-    && apt-get -qq install -y wget python3 python3-distutils \
+    && apt-get -qq install -y wget python3 python3-dev python3-distutils gcc pkg-config libhdf5-dev \
     && wget -q https://bootstrap.pypa.io/get-pip.py -O get-pip.py \
     && python3 get-pip.py "pip" \
     && pip install -r /requirements-ov.txt
 
 # Get OpenVino Model
-RUN mkdir /models \
-    && cd /models && omz_downloader --name ssdlite_mobilenet_v2 \
-    && cd /models && omz_converter --name ssdlite_mobilenet_v2 --precision FP16
-
-
-# libUSB - No Udev
-FROM wget as libusb-build
-ARG TARGETARCH
-ARG DEBIAN_FRONTEND
-ENV CCACHE_DIR /root/.ccache
-ENV CCACHE_MAXSIZE 2G
-
-# Build libUSB without udev.  Needed for Openvino NCS2 support
-WORKDIR /opt
-RUN apt-get update && apt-get install -y unzip build-essential automake libtool ccache pkg-config
-RUN --mount=type=cache,target=/root/.ccache wget -q https://github.com/libusb/libusb/archive/v1.0.26.zip -O v1.0.26.zip && \
-    unzip v1.0.26.zip && cd libusb-1.0.26 && \
-    ./bootstrap.sh && \
-    ./configure CC='ccache gcc' CCX='ccache g++' --disable-udev --enable-shared && \
-    make -j $(nproc --all)
-RUN apt-get update && \
-    apt-get install -y --no-install-recommends libusb-1.0-0-dev && \
-    rm -rf /var/lib/apt/lists/*
-WORKDIR /opt/libusb-1.0.26/libusb
-RUN /bin/mkdir -p '/usr/local/lib' && \
-    /bin/bash ../libtool  --mode=install /usr/bin/install -c libusb-1.0.la '/usr/local/lib' && \
-    /bin/mkdir -p '/usr/local/include/libusb-1.0' && \
-    /usr/bin/install -c -m 644 libusb.h '/usr/local/include/libusb-1.0' && \
-    /bin/mkdir -p '/usr/local/lib/pkgconfig' && \
-    cd  /opt/libusb-1.0.26/ && \
-    /usr/bin/install -c -m 644 libusb-1.0.pc '/usr/local/lib/pkgconfig' && \
-    ldconfig
+RUN --mount=type=bind,source=docker/main/build_ov_model.py,target=/build_ov_model.py \
+    mkdir /models && cd /models \
+    && wget http://download.tensorflow.org/models/object_detection/ssdlite_mobilenet_v2_coco_2018_05_09.tar.gz \
+    && tar -xvf ssdlite_mobilenet_v2_coco_2018_05_09.tar.gz \
+    && python3 /build_ov_model.py
 
 FROM wget AS models
 
@@ -97,7 +73,8 @@ RUN wget -qO edgetpu_model.tflite https://github.com/google-coral/test_data/raw/
 RUN wget -qO cpu_model.tflite https://github.com/google-coral/test_data/raw/release-frogfish/ssdlite_mobiledet_coco_qat_postprocess.tflite
 COPY labelmap.txt .
 # Copy OpenVino model
-COPY --from=ov-converter /models/public/ssdlite_mobilenet_v2/FP16 openvino-model
+COPY --from=ov-converter /models/ssdlite_mobilenet_v2.xml openvino-model/
+COPY --from=ov-converter /models/ssdlite_mobilenet_v2.bin openvino-model/
 RUN wget -q https://github.com/openvinotoolkit/open_model_zoo/raw/master/data/dataset_classes/coco_91cl_bkgr.txt -O openvino-model/coco_91cl_bkgr.txt && \
     sed -i 's/truck/car/g' openvino-model/coco_91cl_bkgr.txt
 # Get Audio Model and labels
@@ -121,13 +98,15 @@ RUN apt-get -qq update \
     apt-transport-https \
     gnupg \
     wget \
-    && apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 648ACFD622F3D138 \
-    && echo "deb http://deb.debian.org/debian bullseye main contrib non-free" | tee /etc/apt/sources.list.d/raspi.list \
+    # the key fingerprint can be obtained from https://ftp-master.debian.org/keys.html
+    && wget -qO- "https://keyserver.ubuntu.com/pks/lookup?op=get&search=0xA4285295FC7B1A81600062A9605C66F00D6C9793" | \
+    gpg --dearmor > /usr/share/keyrings/debian-archive-bullseye-stable.gpg \
+    && echo "deb [signed-by=/usr/share/keyrings/debian-archive-bullseye-stable.gpg] http://deb.debian.org/debian bullseye main contrib non-free" | \
+    tee /etc/apt/sources.list.d/debian-bullseye-nonfree.list \
     && apt-get -qq update \
     && apt-get -qq install -y \
     python3.9 \
     python3.9-dev \
-    wget \
     # opencv dependencies
     build-essential cmake git pkg-config libgtk-3-dev \
     libavcodec-dev libavformat-dev libswscale-dev libv4l-dev \
@@ -156,7 +135,7 @@ RUN pip3 wheel --wheel-dir=/wheels -r /requirements-wheels.txt
 FROM scratch AS deps-rootfs
 COPY --from=nginx /usr/local/nginx/ /usr/local/nginx/
 COPY --from=go2rtc /rootfs/ /
-COPY --from=libusb-build /usr/local/lib /usr/local/lib
+COPY --from=tempio /rootfs/ /
 COPY --from=s6-overlay /rootfs/ /
 COPY --from=models /rootfs/ /
 COPY docker/main/rootfs/ /
@@ -174,7 +153,7 @@ ARG APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=DontWarn
 ENV NVIDIA_VISIBLE_DEVICES=all
 ENV NVIDIA_DRIVER_CAPABILITIES="compute,video,utility"
 
-ENV PATH="/usr/lib/btbn-ffmpeg/bin:/usr/local/go2rtc/bin:/usr/local/nginx/sbin:${PATH}"
+ENV PATH="/usr/lib/btbn-ffmpeg/bin:/usr/local/go2rtc/bin:/usr/local/tempio/bin:/usr/local/nginx/sbin:${PATH}"
 
 # Install dependencies
 RUN --mount=type=bind,source=docker/main/install_deps.sh,target=/deps/install_deps.sh \
@@ -186,19 +165,21 @@ RUN --mount=type=bind,from=wheels,source=/wheels,target=/deps/wheels \
 
 COPY --from=deps-rootfs / /
 
-RUN ldconfig
-
 EXPOSE 5000
-EXPOSE 1935
 EXPOSE 8554
 EXPOSE 8555/tcp 8555/udp
 
 # Configure logging to prepend timestamps, log to stdout, keep 0 archives and rotate on 10MB
 ENV S6_LOGGING_SCRIPT="T 1 n0 s10000000 T"
+# Do not fail on long-running download scripts
+ENV S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0
 
 ENTRYPOINT ["/init"]
 CMD []
 
+HEALTHCHECK --start-period=120s --start-interval=5s --interval=15s --timeout=5s --retries=3 \
+    CMD curl --fail --silent --show-error http://127.0.0.1:5000/api/version || exit 1
+
 # Frigate deps with Node.js and NPM for devcontainer
 FROM deps AS devcontainer
 
@@ -210,13 +191,13 @@ COPY docker/main/fake_frigate_run /etc/s6-overlay/s6-rc.d/frigate/run
 RUN mkdir -p /opt/frigate \
     && ln -svf /workspace/frigate/frigate /opt/frigate/frigate
 
-# Install Node 16
-RUN apt-get update \
-    && apt-get install wget -y \
-    && wget -qO- https://deb.nodesource.com/setup_16.x | bash - \
-    && apt-get install -y nodejs \
+# Install Node 20
+RUN curl -SLO https://deb.nodesource.com/nsolid_setup_deb.sh && \
+    chmod 500 nsolid_setup_deb.sh && \
+    ./nsolid_setup_deb.sh 20 && \
+    apt-get install nodejs -y \
     && rm -rf /var/lib/apt/lists/* \
-    && npm install -g npm@9
+    && npm install -g npm@10
 
 WORKDIR /workspace/frigate
 
@@ -227,12 +208,14 @@ RUN apt-get update \
 RUN --mount=type=bind,source=./docker/main/requirements-dev.txt,target=/workspace/frigate/requirements-dev.txt \
     pip3 install -r requirements-dev.txt
 
+HEALTHCHECK NONE
+
 CMD ["sleep", "infinity"]
 
 
 # Frigate web build
 # This should be architecture agnostic, so speed up the build on multiarch by not using QEMU.
-FROM --platform=$BUILDPLATFORM node:16 AS web-build
+FROM --platform=$BUILDPLATFORM node:20 AS web-build
 
 WORKDIR /work
 COPY web/package.json web/package-lock.json ./

docker/main/build_nginx.sh

@@ -2,10 +2,11 @@
 
 set -euxo pipefail
 
-NGINX_VERSION="1.25.2"
+NGINX_VERSION="1.25.3"
 VOD_MODULE_VERSION="1.31"
 SECURE_TOKEN_MODULE_VERSION="1.5"
-RTMP_MODULE_VERSION="1.2.2"
+SET_MISC_MODULE_VERSION="v0.33"
+NGX_DEVEL_KIT_VERSION="v0.3.3"
 
 cp /etc/apt/sources.list /etc/apt/sources.list.d/sources-src.list
 sed -i 's|deb http|deb-src http|g' /etc/apt/sources.list.d/sources-src.list
@@ -49,10 +50,16 @@ mkdir /tmp/nginx-secure-token-module
 wget https://github.com/kaltura/nginx-secure-token-module/archive/refs/tags/${SECURE_TOKEN_MODULE_VERSION}.tar.gz
 tar -zxf ${SECURE_TOKEN_MODULE_VERSION}.tar.gz -C /tmp/nginx-secure-token-module --strip-components=1
 rm ${SECURE_TOKEN_MODULE_VERSION}.tar.gz
-mkdir /tmp/nginx-rtmp-module
-wget -nv https://github.com/arut/nginx-rtmp-module/archive/refs/tags/v${RTMP_MODULE_VERSION}.tar.gz
-tar -zxf v${RTMP_MODULE_VERSION}.tar.gz -C /tmp/nginx-rtmp-module --strip-components=1
-rm v${RTMP_MODULE_VERSION}.tar.gz
+
+mkdir /tmp/ngx_devel_kit
+wget https://github.com/vision5/ngx_devel_kit/archive/refs/tags/${NGX_DEVEL_KIT_VERSION}.tar.gz
+tar -zxf ${NGX_DEVEL_KIT_VERSION}.tar.gz -C /tmp/ngx_devel_kit --strip-components=1
+rm ${NGX_DEVEL_KIT_VERSION}.tar.gz
+
+mkdir /tmp/nginx-set-misc-module
+wget https://github.com/openresty/set-misc-nginx-module/archive/refs/tags/${SET_MISC_MODULE_VERSION}.tar.gz
+tar -zxf ${SET_MISC_MODULE_VERSION}.tar.gz -C /tmp/nginx-set-misc-module --strip-components=1
+rm ${SET_MISC_MODULE_VERSION}.tar.gz
 
 cd /tmp/nginx
 
@@ -60,10 +67,13 @@ cd /tmp/nginx
     --with-file-aio \
     --with-http_sub_module \
     --with-http_ssl_module \
+    --with-http_auth_request_module \
+    --with-http_realip_module \
     --with-threads \
+    --add-module=../ngx_devel_kit \
+    --add-module=../nginx-set-misc-module \
     --add-module=../nginx-vod-module \
     --add-module=../nginx-secure-token-module \
-    --add-module=../nginx-rtmp-module \
     --with-cc-opt="-O3 -Wno-error=implicit-fallthrough"
 
 make CC="ccache gcc" -j$(nproc) && make install

docker/main/build_ov_model.py

@@ -0,0 +1,11 @@
+import openvino as ov
+from openvino.tools import mo
+
+ov_model = mo.convert_model(
+    "/models/ssdlite_mobilenet_v2_coco_2018_05_09/frozen_inference_graph.pb",
+    compress_to_fp16=True,
+    transformations_config="/usr/local/lib/python3.9/dist-packages/openvino/tools/mo/front/tf/ssd_v2_support.json",
+    tensorflow_object_detection_api_pipeline_config="/models/ssdlite_mobilenet_v2_coco_2018_05_09/pipeline.config",
+    reverse_input_channels=True,
+)
+ov.save_model(ov_model, "/models/ssdlite_mobilenet_v2.xml")

docker/main/install_deps.sh

@@ -55,17 +55,16 @@ fi
 
 # arch specific packages
 if [[ "${TARGETARCH}" == "amd64" ]]; then
-    # Use debian testing repo only for hwaccel packages
-    echo 'deb http://deb.debian.org/debian testing main non-free' >/etc/apt/sources.list.d/debian-testing.list
+    # use debian bookworm for hwaccel packages
+    echo 'deb https://deb.debian.org/debian bookworm main contrib non-free' >/etc/apt/sources.list.d/debian-bookworm.list
     apt-get -qq update
-    # intel-opencl-icd specifically for GPU support in OpenVino
     apt-get -qq install --no-install-recommends --no-install-suggests -y \
         intel-opencl-icd \
-        mesa-va-drivers libva-drm2 intel-media-va-driver-non-free i965-va-driver libmfx1 radeontop intel-gpu-tools
+        mesa-va-drivers radeontop libva-drm2 intel-media-va-driver-non-free i965-va-driver libmfx1 intel-gpu-tools
     # something about this dependency requires it to be installed in a separate call rather than in the line above
     apt-get -qq install --no-install-recommends --no-install-suggests -y \
         i965-va-driver-shaders
-    rm -f /etc/apt/sources.list.d/debian-testing.list
+    rm -f /etc/apt/sources.list.d/debian-bookworm.list
 fi
 
 if [[ "${TARGETARCH}" == "arm64" ]]; then

docker/main/install_tempio.sh

@@ -0,0 +1,16 @@
+#!/bin/bash
+
+set -euxo pipefail
+
+tempio_version="2021.09.0"
+
+if [[ "${TARGETARCH}" == "amd64" ]]; then
+    arch="amd64"
+elif [[ "${TARGETARCH}" == "arm64" ]]; then
+    arch="aarch64"
+fi
+
+mkdir -p /rootfs/usr/local/tempio/bin
+
+wget -q -O /rootfs/usr/local/tempio/bin/tempio "https://github.com/home-assistant/tempio/releases/download/${tempio_version}/tempio_${arch}"
+chmod 755 /rootfs/usr/local/tempio/bin/tempio

docker/main/requirements-dev.txt

@@ -1,3 +1 @@
-black == 23.3.*
-isort
 ruff

docker/main/requirements-ov.txt

@@ -1,5 +1,3 @@
 numpy
-# Openvino Library - Custom built with MYRIAD support
-openvino @ https://github.com/NateMeyer/openvino-wheels/releases/download/multi-arch_2022.3.1/openvino-2022.3.1-1-cp39-cp39-manylinux_2_31_x86_64.whl; platform_machine == 'x86_64'
-openvino @ https://github.com/NateMeyer/openvino-wheels/releases/download/multi-arch_2022.3.1/openvino-2022.3.1-1-cp39-cp39-linux_aarch64.whl; platform_machine == 'aarch64'
-openvino-dev[tensorflow2] @ https://github.com/NateMeyer/openvino-wheels/releases/download/multi-arch_2022.3.1/openvino_dev-2022.3.1-1-py3-none-any.whl
+tensorflow
+openvino-dev>=2024.0.0

docker/main/requirements-wheels.txt

@@ -1,28 +1,33 @@
 click == 8.1.*
-Flask == 2.3.*
+Flask == 3.0.*
+Flask_Limiter == 3.7.*
 imutils == 0.5.*
-matplotlib == 3.7.*
-mypy == 1.4.1
-numpy == 1.23.*
+joserfc == 0.11.*
+markupsafe == 2.1.*
+matplotlib == 3.8.*
+mypy == 1.6.1
+numpy == 1.26.*
 onvif_zeep == 0.2.12
-opencv-python-headless == 4.7.0.*
-paho-mqtt == 1.6.*
-peewee == 3.16.*
+opencv-python-headless == 4.9.0.*
+paho-mqtt == 2.1.*
+pandas == 2.2.*
+peewee == 3.17.*
 peewee_migrate == 1.12.*
 psutil == 5.9.*
-pydantic == 1.10.*
+pydantic == 2.7.*
 git+https://github.com/fbcotter/py3nvml#egg=py3nvml
 PyYAML == 6.0.*
-pytz == 2023.3
-ruamel.yaml == 0.17.*
-tzlocal == 5.0.*
+pytz == 2024.1
+pyzmq == 26.0.*
+ruamel.yaml == 0.18.*
+tzlocal == 5.2
 types-PyYAML == 6.0.*
-requests == 2.31.*
-types-requests == 2.31.*
-scipy == 1.11.*
+requests == 2.32.*
+types-requests == 2.32.*
+scipy == 1.13.*
 norfair == 2.2.*
 setproctitle == 1.3.*
 ws4py == 0.5.*
-# Openvino Library - Custom built with MYRIAD support
-openvino @ https://github.com/NateMeyer/openvino-wheels/releases/download/multi-arch_2022.3.1/openvino-2022.3.1-1-cp39-cp39-manylinux_2_31_x86_64.whl; platform_machine == 'x86_64'
-openvino @ https://github.com/NateMeyer/openvino-wheels/releases/download/multi-arch_2022.3.1/openvino-2022.3.1-1-cp39-cp39-linux_aarch64.whl; platform_machine == 'aarch64'
+unidecode == 1.3.*
+onnxruntime == 1.18.*
+openvino == 2024.1.*

docker/main/rootfs/etc/s6-overlay/s6-rc.d/certsync-log/consumer-for

@@ -0,0 +1 @@
+certsync

docker/main/rootfs/etc/s6-overlay/s6-rc.d/certsync-log/pipeline-name

@@ -0,0 +1 @@
+certsync-pipeline

docker/main/rootfs/etc/s6-overlay/s6-rc.d/certsync-log/run

@@ -0,0 +1,4 @@
+#!/command/with-contenv bash
+# shellcheck shell=bash
+
+exec logutil-service /dev/shm/logs/certsync

docker/main/rootfs/etc/s6-overlay/s6-rc.d/certsync-log/type

@@ -0,0 +1 @@
+longrun

docker/main/rootfs/etc/s6-overlay/s6-rc.d/certsync/finish

@@ -0,0 +1,30 @@
+#!/command/with-contenv bash
+# shellcheck shell=bash
+# Take down the S6 supervision tree when the service fails
+
+set -o errexit -o nounset -o pipefail
+
+# Logs should be sent to stdout so that s6 can collect them
+
+declare exit_code_container
+exit_code_container=$(cat /run/s6-linux-init-container-results/exitcode)
+readonly exit_code_container
+readonly exit_code_service="${1}"
+readonly exit_code_signal="${2}"
+readonly service="CERTSYNC"
+
+echo "[INFO] Service ${service} exited with code ${exit_code_service} (by signal ${exit_code_signal})"
+
+if [[ "${exit_code_service}" -eq 256 ]]; then
+  if [[ "${exit_code_container}" -eq 0 ]]; then
+    echo $((128 + exit_code_signal)) >/run/s6-linux-init-container-results/exitcode
+  fi
+  if [[ "${exit_code_signal}" -eq 15 ]]; then
+    exec /run/s6/basedir/bin/halt
+  fi
+elif [[ "${exit_code_service}" -ne 0 ]]; then
+  if [[ "${exit_code_container}" -eq 0 ]]; then
+    echo "${exit_code_service}" >/run/s6-linux-init-container-results/exitcode
+  fi
+  exec /run/s6/basedir/bin/halt
+fi

docker/main/rootfs/etc/s6-overlay/s6-rc.d/certsync/producer-for

@@ -0,0 +1 @@
+certsync-log

docker/main/rootfs/etc/s6-overlay/s6-rc.d/certsync/run

@@ -0,0 +1,58 @@
+#!/command/with-contenv bash
+# shellcheck shell=bash
+# Start the CERTSYNC service
+
+set -o errexit -o nounset -o pipefail
+
+# Logs should be sent to stdout so that s6 can collect them
+
+echo "[INFO] Starting certsync..."
+
+lefile="/etc/letsencrypt/live/frigate/fullchain.pem"
+
+tls_enabled=`python3 /usr/local/nginx/get_tls_settings.py | jq -r .enabled`
+
+while true
+do
+    if [[ "$tls_enabled" == 'false' ]]; then
+        sleep 9999
+        continue
+    fi
+
+    if [ ! -e $lefile ]
+    then
+        echo "[ERROR] TLS certificate does not exist: $lefile"
+    fi
+
+    leprint=`openssl x509 -in $lefile -fingerprint -noout 2>&1 || echo 'failed'`
+
+    case "$leprint" in
+        *Fingerprint*)
+            ;;
+        *)
+            echo "[ERROR] Missing fingerprint from $lefile"
+            ;;
+    esac
+
+    liveprint=`echo | openssl s_client -showcerts -connect 127.0.0.1:8080 2>&1 | openssl x509 -fingerprint 2>&1 | grep -i fingerprint  || echo 'failed'`
+
+    case "$liveprint" in
+        *Fingerprint*)
+            ;;
+        *)
+            echo "[ERROR] Missing fingerprint from current nginx TLS cert"
+            ;;
+    esac
+
+    if [[ "$leprint" != "failed" && "$liveprint" != "failed" && "$leprint" != "$liveprint" ]]
+    then
+        echo "[INFO] Reloading nginx to refresh TLS certificate"
+        echo "$lefile: $leprint"
+        /usr/local/nginx/sbin/nginx -s reload
+    fi
+
+    sleep 60
+
+done
+
+exit 0

docker/main/rootfs/etc/s6-overlay/s6-rc.d/certsync/timeout-kill

@@ -0,0 +1 @@
+30000

docker/main/rootfs/etc/s6-overlay/s6-rc.d/certsync/type

@@ -0,0 +1 @@
+longrun

docker/main/rootfs/etc/s6-overlay/s6-rc.d/go2rtc/run

@@ -45,8 +45,13 @@ function get_ip_and_port_from_supervisor() {
 
 export LIBAVFORMAT_VERSION_MAJOR=$(ffmpeg -version | grep -Po 'libavformat\W+\K\d+')
 
+if [[ -f "/dev/shm/go2rtc.yaml" ]]; then
+    echo "[INFO] Removing stale config from last run..."
+    rm /dev/shm/go2rtc.yaml
+fi
+
 if [[ ! -f "/dev/shm/go2rtc.yaml" ]]; then
-    echo "[INFO] Preparing go2rtc config..."
+    echo "[INFO] Preparing new go2rtc config..."
 
     if [[ -n "${SUPERVISOR_TOKEN:-}" ]]; then
         # Running as a Home Assistant add-on, infer the IP address and port
@@ -54,6 +59,8 @@ if [[ ! -f "/dev/shm/go2rtc.yaml" ]]; then
     fi
 
     python3 /usr/local/go2rtc/create_config.py
+else
+    echo "[WARNING] Unable to remove existing go2rtc config. Changes made to your frigate config file may not be recognized. Please remove the /dev/shm/go2rtc.yaml from your docker host manually."
 fi
 
 readonly config_path="/config"

docker/main/rootfs/etc/s6-overlay/s6-rc.d/log-prepare/run

@@ -4,7 +4,7 @@
 
 set -o errexit -o nounset -o pipefail
 
-dirs=(/dev/shm/logs/frigate /dev/shm/logs/go2rtc /dev/shm/logs/nginx)
+dirs=(/dev/shm/logs/frigate /dev/shm/logs/go2rtc /dev/shm/logs/nginx /dev/shm/logs/certsync)
 
 mkdir -p "${dirs[@]}"
 chown nobody:nogroup "${dirs[@]}"

docker/main/rootfs/etc/s6-overlay/s6-rc.d/nginx/data/check

@@ -0,0 +1,5 @@
+#!/usr/bin/env bash
+set -e
+
+# Wait for PID file to exist.
+while ! test -f /run/nginx.pid; do sleep 1; done

docker/main/rootfs/etc/s6-overlay/s6-rc.d/nginx/notification-fd

@@ -0,0 +1 @@
+3

docker/main/rootfs/etc/s6-overlay/s6-rc.d/nginx/run

@@ -8,6 +8,84 @@ set -o errexit -o nounset -o pipefail
 
 echo "[INFO] Starting NGINX..."
 
+# Taken from https://github.com/felipecrs/cgroup-scripts/commits/master/get_cpus.sh
+function get_cpus() {
+    local quota=""
+    local period=""
+
+    if [ -f /sys/fs/cgroup/cgroup.controllers ]; then
+        if [ -f /sys/fs/cgroup/cpu.max ]; then
+            read -r quota period </sys/fs/cgroup/cpu.max
+            if [ "$quota" = "max" ]; then
+                quota=""
+                period=""
+            fi
+        else
+            echo "[WARN] /sys/fs/cgroup/cpu.max not found. Falling back to /proc/cpuinfo." >&2
+        fi
+    else
+        if [ -f /sys/fs/cgroup/cpu/cpu.cfs_quota_us ] && [ -f /sys/fs/cgroup/cpu/cpu.cfs_period_us ]; then
+            quota=$(cat /sys/fs/cgroup/cpu/cpu.cfs_quota_us)
+            period=$(cat /sys/fs/cgroup/cpu/cpu.cfs_period_us)
+
+            if [ "$quota" = "-1" ]; then
+                quota=""
+                period=""
+            fi
+        else
+            echo "[WARN] /sys/fs/cgroup/cpu/cpu.cfs_quota_us or /sys/fs/cgroup/cpu/cpu.cfs_period_us not found. Falling back to /proc/cpuinfo." >&2
+        fi
+    fi
+
+    local cpus
+    if [ -n "${quota}" ] && [ -n "${period}" ]; then
+        cpus=$((quota / period))
+        if [ "$cpus" -eq 0 ]; then
+            cpus=1
+        fi
+    else
+        cpus=$(grep -c ^processor /proc/cpuinfo)
+    fi
+
+    printf '%s' "$cpus"
+}
+
+function set_worker_processes() {
+    # Capture number of assigned CPUs to calculate worker processes
+    local cpus
+
+    cpus=$(get_cpus)
+    if [[ "${cpus}" -gt 4 ]]; then
+        cpus=4
+    fi
+
+    # we need to catch any errors because sed will fail if user has bind mounted a custom nginx file
+    sed -i "s/worker_processes auto;/worker_processes ${cpus};/" /usr/local/nginx/conf/nginx.conf || true
+}
+
+set_worker_processes
+
+# ensure the directory for ACME challenges exists
+mkdir -p /etc/letsencrypt/www
+
+# Create self signed certs if needed
+letsencrypt_path=/etc/letsencrypt/live/frigate
+mkdir -p $letsencrypt_path
+
+if [ ! \( -f "$letsencrypt_path/privkey.pem" -a -f "$letsencrypt_path/fullchain.pem" \) ]; then
+    echo "[INFO] No TLS certificate found. Generating a self signed certificate..."
+    openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 \
+        -subj "/O=FRIGATE DEFAULT CERT/CN=*" \
+        -keyout "$letsencrypt_path/privkey.pem" -out "$letsencrypt_path/fullchain.pem" 2>/dev/null
+fi
+
+# build templates for optional TLS support
+python3 /usr/local/nginx/get_tls_settings.py | \
+    tempio  -template /usr/local/nginx/templates/listen.gotmpl \
+            -out /usr/local/nginx/conf/listen.conf
+
 # Replace the bash process with the NGINX process, redirecting stderr to stdout
 exec 2>&1
-exec nginx
+exec \
+    s6-notifyoncheck -t 30000 -n 1 \
+    nginx

docker/main/rootfs/labelmap/coco-80.txt

@@ -0,0 +1,80 @@
+0  person
+1  bicycle
+2  car
+3  motorcycle
+4  airplane
+5  car
+6  train
+7  car
+8  boat
+9  traffic light
+10  fire hydrant
+11  stop sign
+12  parking meter
+13  bench
+14  bird
+15  cat
+16  dog
+17  horse
+18  sheep
+19  cow
+20  elephant
+21  bear
+22  zebra
+23  giraffe
+24  backpack
+25  umbrella
+26  handbag
+27  tie
+28  suitcase
+29  frisbee
+30  skis
+31  snowboard
+32  sports ball
+33  kite
+34  baseball bat
+35  baseball glove
+36  skateboard
+37  surfboard
+38  tennis racket
+39  bottle
+40  wine glass
+41  cup
+42  fork
+43  knife
+44  spoon
+45  bowl
+46  banana
+47  apple
+48  sandwich
+49  orange
+50  broccoli
+51  carrot
+52  hot dog
+53  pizza
+54  donut
+55  cake
+56  chair
+57  couch
+58  potted plant
+59  bed
+60  dining table
+61  toilet
+62  tv
+63  laptop
+64  mouse
+65  remote
+66  keyboard
+67  cell phone
+68  microwave
+69  oven
+70  toaster
+71  sink
+72  refrigerator
+73  book
+74  clock
+75  vase
+76  scissors
+77  teddy bear
+78  hair drier
+79  toothbrush

docker/main/rootfs/labelmap/coco.txt

@@ -0,0 +1,91 @@
+0  person
+1  bicycle
+2  car
+3  motorcycle
+4  airplane
+5  bus
+6  train
+7  car
+8  boat
+9  traffic light
+10  fire hydrant
+11  street sign
+12  stop sign
+13  parking meter
+14  bench
+15  bird
+16  cat
+17  dog
+18  horse
+19  sheep
+20  cow
+21  elephant
+22  bear
+23  zebra
+24  giraffe
+25  hat
+26  backpack
+27  umbrella
+28  shoe
+29  eye glasses
+30  handbag
+31  tie
+32  suitcase
+33  frisbee
+34  skis
+35  snowboard
+36  sports ball
+37  kite
+38  baseball bat
+39  baseball glove
+40  skateboard
+41  surfboard
+42  tennis racket
+43  bottle
+44  plate
+45  wine glass
+46  cup
+47  fork
+48  knife
+49  spoon
+50  bowl
+51  banana
+52  apple
+53  sandwich
+54  orange
+55  broccoli
+56  carrot
+57  hot dog
+58  pizza
+59  donut
+60  cake
+61  chair
+62  couch
+63  potted plant
+64  bed
+65  mirror
+66  dining table
+67  window
+68  desk
+69  toilet
+70  door
+71  tv
+72  laptop
+73  mouse
+74  remote
+75  keyboard
+76  cell phone
+77  microwave
+78  oven
+79  toaster
+80  sink
+81  refrigerator
+82  blender
+83  book
+84  clock
+85  vase
+86  scissors
+87  teddy bear
+88  hair drier
+89  toothbrush
+90  hair brush

docker/main/rootfs/usr/local/go2rtc/create_config.py

@@ -3,6 +3,7 @@
 import json
 import os
 import sys
+from pathlib import Path
 
 import yaml
 
@@ -16,6 +17,14 @@ sys.path.remove("/opt/frigate")
 
 
 FRIGATE_ENV_VARS = {k: v for k, v in os.environ.items() if k.startswith("FRIGATE_")}
+# read docker secret files as env vars too
+if os.path.isdir("/run/secrets"):
+    for secret_file in os.listdir("/run/secrets"):
+        if secret_file.startswith("FRIGATE_"):
+            FRIGATE_ENV_VARS[secret_file] = Path(
+                os.path.join("/run/secrets", secret_file)
+            ).read_text()
+
 config_file = os.environ.get("CONFIG_FILE", "/config/config.yml")
 
 # Check if we can use .yaml instead of .yml
@@ -23,13 +32,16 @@ config_file_yaml = config_file.replace(".yml", ".yaml")
 if os.path.isfile(config_file_yaml):
     config_file = config_file_yaml
 
-with open(config_file) as f:
-    raw_config = f.read()
+try:
+    with open(config_file) as f:
+        raw_config = f.read()
 
-if config_file.endswith((".yaml", ".yml")):
-    config: dict[str, any] = yaml.safe_load(raw_config)
-elif config_file.endswith(".json"):
-    config: dict[str, any] = json.loads(raw_config)
+    if config_file.endswith((".yaml", ".yml")):
+        config: dict[str, any] = yaml.safe_load(raw_config)
+    elif config_file.endswith(".json"):
+        config: dict[str, any] = json.loads(raw_config)
+except FileNotFoundError:
+    config: dict[str, any] = {}
 
 go2rtc_config: dict[str, any] = config.get("go2rtc", {})
 
@@ -49,7 +61,15 @@ if go2rtc_config.get("log") is None:
 elif go2rtc_config["log"].get("format") is None:
     go2rtc_config["log"]["format"] = "text"
 
-if not go2rtc_config.get("webrtc", {}).get("candidates", []):
+# ensure there is a default webrtc config
+if not go2rtc_config.get("webrtc"):
+    go2rtc_config["webrtc"] = {}
+
+# go2rtc should listen on 8555 tcp & udp by default
+if not go2rtc_config["webrtc"].get("listen"):
+    go2rtc_config["webrtc"]["listen"] = ":8555"
+
+if not go2rtc_config["webrtc"].get("candidates", []):
     default_candidates = []
     # use internal candidate if it was discovered when running through the add-on
     internal_candidate = os.environ.get(
@@ -92,20 +112,33 @@ if int(os.environ["LIBAVFORMAT_VERSION_MAJOR"]) < 59:
             "rtsp": "-fflags nobuffer -flags low_delay -stimeout 5000000 -user_agent go2rtc/ffmpeg -rtsp_transport tcp -i {input}"
         }
     elif go2rtc_config["ffmpeg"].get("rtsp") is None:
-        go2rtc_config["ffmpeg"][
-            "rtsp"
-        ] = "-fflags nobuffer -flags low_delay -stimeout 5000000 -user_agent go2rtc/ffmpeg -rtsp_transport tcp -i {input}"
+        go2rtc_config["ffmpeg"]["rtsp"] = (
+            "-fflags nobuffer -flags low_delay -stimeout 5000000 -user_agent go2rtc/ffmpeg -rtsp_transport tcp -i {input}"
+        )
 
 for name in go2rtc_config.get("streams", {}):
     stream = go2rtc_config["streams"][name]
 
     if isinstance(stream, str):
-        go2rtc_config["streams"][name] = go2rtc_config["streams"][name].format(
-            **FRIGATE_ENV_VARS
-        )
+        try:
+            go2rtc_config["streams"][name] = go2rtc_config["streams"][name].format(
+                **FRIGATE_ENV_VARS
+            )
+        except KeyError as e:
+            print(
+                "[ERROR] Invalid substitution found, see https://docs.frigate.video/configuration/restream#advanced-restream-configurations for more info."
+            )
+            sys.exit(e)
+
     elif isinstance(stream, list):
         for i, stream in enumerate(stream):
-            go2rtc_config["streams"][name][i] = stream.format(**FRIGATE_ENV_VARS)
+            try:
+                go2rtc_config["streams"][name][i] = stream.format(**FRIGATE_ENV_VARS)
+            except KeyError as e:
+                print(
+                    "[ERROR] Invalid substitution found, see https://docs.frigate.video/configuration/restream#advanced-restream-configurations for more info."
+                )
+                sys.exit(e)
 
 # add birdseye restream stream if enabled
 if config.get("birdseye", {}).get("restream", False):

docker/main/rootfs/usr/local/nginx/conf/auth_location.conf

@@ -0,0 +1,43 @@
+set $upstream_auth http://127.0.0.1:5001/auth;
+
+## Virtual endpoint created by nginx to forward auth requests.
+location /auth {
+    ## Essential Proxy Configuration
+    internal;
+    proxy_pass $upstream_auth;
+
+    ## Headers
+
+    # First strip out all the request headers
+    # Note: This is important to ensure that upgrade requests for secure
+    #       websockets dont cause the backend to fail
+    proxy_pass_request_headers off;
+    # Pass info about the request
+    proxy_set_header X-Original-Method $request_method;
+    proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
+    proxy_set_header X-Server-Port $server_port;
+    proxy_set_header Content-Length "";
+    # Pass along auth related info
+    proxy_set_header Authorization $http_authorization;
+    proxy_set_header Cookie $http_cookie;
+    proxy_set_header X-CSRF-TOKEN "1";
+
+    # include headers from common auth proxies
+    include proxy_trusted_headers.conf;
+
+    ## Basic Proxy Configuration
+    proxy_pass_request_body off;
+    proxy_next_upstream error timeout invalid_header http_500 http_502 http_503; # Timeout if the real server is dead
+    proxy_redirect http:// $scheme://;
+    proxy_http_version 1.1;
+    proxy_cache_bypass $cookie_session;
+    proxy_no_cache $cookie_session;
+    proxy_buffers 4 32k;
+    client_body_buffer_size 128k;
+
+    ## Advanced Proxy Configuration
+    send_timeout 5m;
+    proxy_read_timeout 240;
+    proxy_send_timeout 240;
+    proxy_connect_timeout 240;
+}

docker/main/rootfs/usr/local/nginx/conf/auth_request.conf

@@ -0,0 +1,22 @@
+## Send a subrequest to verify if the user is authenticated and has permission to access the resource.
+auth_request /auth;
+
+## Save the upstream metadata response headers from Authelia to variables.
+auth_request_set $user $upstream_http_remote_user;
+auth_request_set $groups $upstream_http_remote_groups;
+auth_request_set $name $upstream_http_remote_name;
+auth_request_set $email $upstream_http_remote_email;
+
+## Inject the metadata response headers from the variables into the request made to the backend.
+proxy_set_header Remote-User $user;
+proxy_set_header Remote-Groups $groups;
+proxy_set_header Remote-Email $email;
+proxy_set_header Remote-Name $name;
+
+## Refresh the cookie as needed
+auth_request_set $auth_cookie $upstream_http_set_cookie;
+add_header Set-Cookie $auth_cookie;
+
+## Pass the location header back up if it exists
+auth_request_set $redirection_url $upstream_http_location;
+add_header Location $redirection_url;

docker/main/rootfs/usr/local/nginx/conf/go2rtc_upstream.conf

@@ -0,0 +1,4 @@
+upstream go2rtc {
+    server 127.0.0.1:1984;
+    keepalive 1024;
+}

docker/main/rootfs/usr/local/nginx/conf/nginx.conf

@@ -10,6 +10,8 @@ events {
 }
 
 http {
+    map_hash_bucket_size 256;
+
     include mime.types;
     default_type application/octet-stream;
 
@@ -32,6 +34,13 @@ http {
     gzip_proxied no-cache no-store private expired auth;
     gzip_vary on;
 
+    proxy_cache_path /dev/shm/nginx_cache levels=1:2 keys_zone=api_cache:10m max_size=10m inactive=1m use_temp_path=off;
+
+    map $sent_http_content_type $should_not_cache {
+        'application/json' 0;
+        default 1;
+    }
+
     upstream frigate_api {
         server 127.0.0.1:5001;
         keepalive 1024;
@@ -47,13 +56,13 @@ http {
         keepalive 1024;
     }
 
-    upstream go2rtc {
-        server 127.0.0.1:1984;
-        keepalive 1024;
-    }
+    include go2rtc_upstream.conf;
 
     server {
-        listen 5000;
+        # intended for internal traffic, not protected by auth
+        listen [::]:5000 ipv6only=off;
+
+        include listen.conf;
 
         # vod settings
         vod_base_url '';
@@ -86,34 +95,24 @@ http {
         gzip on;
         gzip_types application/vnd.apple.mpegurl;
 
+        include auth_location.conf;
+
         location /vod/ {
+            include auth_request.conf;
             aio threads;
             vod hls;
 
             secure_token $args;
             secure_token_types application/vnd.apple.mpegurl;
 
-            add_header Access-Control-Allow-Headers '*';
-            add_header Access-Control-Expose-Headers 'Server,range,Content-Length,Content-Range';
-            add_header Access-Control-Allow-Methods 'GET, HEAD, OPTIONS';
-            add_header Access-Control-Allow-Origin '*';
             add_header Cache-Control "no-store";
             expires off;
         }
 
         location /stream/ {
+            include auth_request.conf;
             add_header Cache-Control "no-store";
             expires off;
-            add_header 'Access-Control-Allow-Origin' "$http_origin" always;
-            add_header 'Access-Control-Allow-Credentials' 'true';
-            add_header 'Access-Control-Expose-Headers' 'Content-Length';
-            if ($request_method = 'OPTIONS') {
-                add_header 'Access-Control-Allow-Origin' "$http_origin";
-                add_header 'Access-Control-Max-Age' 1728000;
-                add_header 'Content-Type' 'text/plain charset=UTF-8';
-                add_header 'Content-Length' 0;
-                return 204;
-            }
 
             types {
                 application/dash+xml mpd;
@@ -126,22 +125,14 @@ http {
         }
 
         location /clips/ {
-            add_header 'Access-Control-Allow-Origin' "$http_origin" always;
-            add_header 'Access-Control-Allow-Credentials' 'true';
-            add_header 'Access-Control-Expose-Headers' 'Content-Length';
-            if ($request_method = 'OPTIONS') {
-                add_header 'Access-Control-Allow-Origin' "$http_origin";
-                add_header 'Access-Control-Max-Age' 1728000;
-                add_header 'Content-Type' 'text/plain charset=UTF-8';
-                add_header 'Content-Length' 0;
-                return 204;
-            }
-
+            include auth_request.conf;
             types {
                 video/mp4 mp4;
                 image/jpeg jpg;
             }
 
+            expires 7d;
+            add_header Cache-Control "public";
             autoindex on;
             root /media/frigate;
         }
@@ -152,17 +143,7 @@ http {
         }
 
         location /recordings/ {
-            add_header 'Access-Control-Allow-Origin' "$http_origin" always;
-            add_header 'Access-Control-Allow-Credentials' 'true';
-            add_header 'Access-Control-Expose-Headers' 'Content-Length';
-            if ($request_method = 'OPTIONS') {
-                add_header 'Access-Control-Allow-Origin' "$http_origin";
-                add_header 'Access-Control-Max-Age' 1728000;
-                add_header 'Content-Type' 'text/plain charset=UTF-8';
-                add_header 'Content-Length' 0;
-                return 204;
-            }
-
+            include auth_request.conf;
             types {
                 video/mp4 mp4;
             }
@@ -173,17 +154,7 @@ http {
         }
 
         location /exports/ {
-            add_header 'Access-Control-Allow-Origin' "$http_origin" always;
-            add_header 'Access-Control-Allow-Credentials' 'true';
-            add_header 'Access-Control-Expose-Headers' 'Content-Length';
-            if ($request_method = 'OPTIONS') {
-                add_header 'Access-Control-Allow-Origin' "$http_origin";
-                add_header 'Access-Control-Max-Age' 1728000;
-                add_header 'Content-Type' 'text/plain charset=UTF-8';
-                add_header 'Content-Length' 0;
-                return 204;
-            }
-
+            include auth_request.conf;
             types {
                 video/mp4 mp4;
             }
@@ -194,72 +165,121 @@ http {
         }
 
         location /ws {
+            include auth_request.conf;
             proxy_pass http://mqtt_ws/;
-            proxy_http_version 1.1;
-            proxy_set_header Upgrade $http_upgrade;
-            proxy_set_header Connection "Upgrade";
-            proxy_set_header Host $host;
+            include proxy.conf;
         }
 
         location /live/jsmpeg/ {
+            include auth_request.conf;
             proxy_pass http://jsmpeg/;
-            proxy_http_version 1.1;
-            proxy_set_header Upgrade $http_upgrade;
-            proxy_set_header Connection "Upgrade";
-            proxy_set_header Host $host;
+            include proxy.conf;
         }
 
-        location /live/mse/ {
-            proxy_pass http://go2rtc/;
-            proxy_http_version 1.1;
-            proxy_set_header Upgrade $http_upgrade;
-            proxy_set_header Connection "Upgrade";
-            proxy_set_header Host $host;
+        # frigate lovelace card uses this path
+        location /live/mse/api/ws {
+            include auth_request.conf;
+            limit_except GET {
+                deny  all;
+            }
+            proxy_pass http://go2rtc/api/ws;
+            include proxy.conf;
         }
 
-        location /live/webrtc/ {
-            proxy_pass http://go2rtc/;
-            proxy_http_version 1.1;
-            proxy_set_header Upgrade $http_upgrade;
-            proxy_set_header Connection "Upgrade";
-            proxy_set_header Host $host;
+        location /live/webrtc/api/ws {
+            include auth_request.conf;
+            limit_except GET {
+                deny  all;
+            }
+            proxy_pass http://go2rtc/api/ws;
+            include proxy.conf;
         }
 
-        location ~* /api/go2rtc([/]?.*)$ {
-            proxy_pass http://go2rtc;
-            rewrite ^/api/go2rtc(.*)$ /api$1 break;
-            proxy_http_version 1.1;
-            proxy_set_header Upgrade $http_upgrade;
-            proxy_set_header Connection "Upgrade";
-            proxy_set_header Host $host;
+        # pass through go2rtc player
+        location /live/webrtc/webrtc.html {
+            include auth_request.conf;
+            limit_except GET {
+                deny  all;
+            }
+            proxy_pass http://go2rtc/webrtc.html;
+            include proxy.conf;
         }
 
-        location ~* /api/.*\.(jpg|jpeg|png)$ {
-            add_header 'Access-Control-Allow-Origin' '*';
-            add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
+        # frontend uses this to fetch the version
+        location /api/go2rtc/api {
+            include auth_request.conf;
+            limit_except GET {
+                deny  all;
+            }
+            proxy_pass http://go2rtc/api;
+            include proxy.conf;
+        }
+
+        # integration uses this to add webrtc candidate
+        location /api/go2rtc/webrtc {
+            include auth_request.conf;
+            limit_except POST {
+                deny  all;
+            }
+            proxy_pass http://go2rtc/api/webrtc;
+            include proxy.conf;
+        }
+
+        location ~* /api/.*\.(jpg|jpeg|png|webp|gif)$ {
+            include auth_request.conf;
             rewrite ^/api/(.*)$ $1 break;
             proxy_pass http://frigate_api;
-            proxy_pass_request_headers on;
-            proxy_set_header Host $host;
-            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-            proxy_set_header X-Forwarded-Proto $scheme;
+            include proxy.conf;
         }
 
         location /api/ {
+            include auth_request.conf;
             add_header Cache-Control "no-store";
             expires off;
-
-            add_header 'Access-Control-Allow-Origin' '*';
-            add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
-            add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
             proxy_pass http://frigate_api/;
-            proxy_pass_request_headers on;
-            proxy_set_header Host $host;
-            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-            proxy_set_header X-Forwarded-Proto $scheme;
+            include proxy.conf;
+
+            proxy_cache api_cache;
+            proxy_cache_lock on;
+            proxy_cache_use_stale updating;
+            proxy_cache_valid 200 5s;
+            proxy_cache_bypass $http_x_cache_bypass;
+            proxy_no_cache $should_not_cache;
+            add_header X-Cache-Status $upstream_cache_status;
+
+            location /api/vod/ {
+                include auth_request.conf;
+                proxy_pass http://frigate_api/vod/;
+                include proxy.conf;
+                proxy_cache off;
+            }
+
+            location /api/login {
+                auth_request off;
+                rewrite ^/api(/.*)$ $1 break;
+                proxy_pass http://frigate_api;
+                include proxy.conf;
+            }
+
+            location /api/stats {
+                include auth_request.conf;
+                access_log off;
+                rewrite ^/api(/.*)$ $1 break;
+                proxy_pass http://frigate_api;
+                include proxy.conf;
+            }
+
+            location /api/version {
+                include auth_request.conf;
+                access_log off;
+                rewrite ^/api(/.*)$ $1 break;
+                proxy_pass http://frigate_api;
+                include proxy.conf;
+            }
         }
 
         location / {
+            # do not require auth for static assets
             add_header Cache-Control "no-store";
             expires off;
 
@@ -281,22 +301,7 @@ http {
             sub_filter_once off;
 
             root /opt/frigate/web;
-            try_files $uri $uri/ /index.html;
+            try_files $uri $uri.html $uri/ /index.html;
         }
     }
 }
-
-rtmp {
-    server {
-        listen 1935;
-        chunk_size 4096;
-        allow publish 127.0.0.1;
-        deny publish all;
-        allow play all;
-        application live {
-            live on;
-            record off;
-            meta copy;
-        }
-    }
-}

docker/main/rootfs/usr/local/nginx/conf/proxy.conf

@@ -0,0 +1,26 @@
+## Headers
+proxy_set_header Host $host;
+proxy_set_header Upgrade $http_upgrade;
+proxy_set_header Connection "Upgrade";
+proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
+proxy_set_header X-Forwarded-Proto $scheme;
+proxy_set_header X-Forwarded-Host $http_host;
+proxy_set_header X-Forwarded-URI $request_uri;
+proxy_set_header X-Forwarded-Ssl on;
+proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+proxy_set_header X-Real-IP $remote_addr;
+
+## Basic Proxy Configuration
+client_body_buffer_size 128k;
+proxy_next_upstream error timeout invalid_header http_500 http_502 http_503; ## Timeout if the real server is dead.
+proxy_redirect  http://  $scheme://;
+proxy_http_version 1.1;
+proxy_cache_bypass $cookie_session;
+proxy_no_cache $cookie_session;
+proxy_buffers 64 256k;
+
+## Advanced Proxy Configuration
+send_timeout 5m;
+proxy_read_timeout 360;
+proxy_send_timeout 360;
+proxy_connect_timeout 360;

docker/main/rootfs/usr/local/nginx/conf/proxy_trusted_headers.conf

@@ -0,0 +1,22 @@
+# these headers will be copied to the /auth request and are available
+# to be mapped in the config to Frigate's remote-user header
+
+# List of headers sent by common authentication proxies:
+# - Authelia
+# - Traefik forward auth
+# - oauth2_proxy
+# - Authentik
+
+proxy_set_header Remote-User $http_remote_user;
+proxy_set_header Remote-Groups $http_remote_groups;
+proxy_set_header Remote-Email $http_remote_email;
+proxy_set_header Remote-Name $http_remote_name;
+proxy_set_header X-Forwarded-User $http_x_forwarded_user;
+proxy_set_header X-Forwarded-Groups $http_x_forwarded_groups;
+proxy_set_header X-Forwarded-Email $http_x_forwarded_email;
+proxy_set_header X-Forwarded-Preferred-Username $http_x_forwarded_preferred_username;
+proxy_set_header X-authentik-username $http_x_authentik_username;
+proxy_set_header X-authentik-groups $http_x_authentik_groups;
+proxy_set_header X-authentik-email $http_x_authentik_email;
+proxy_set_header X-authentik-name $http_x_authentik_name;
+proxy_set_header X-authentik-uid $http_x_authentik_uid;

docker/main/rootfs/usr/local/nginx/get_tls_settings.py

@@ -0,0 +1,28 @@
+"""Prints the tls config as json to stdout."""
+
+import json
+import os
+
+import yaml
+
+config_file = os.environ.get("CONFIG_FILE", "/config/config.yml")
+
+# Check if we can use .yaml instead of .yml
+config_file_yaml = config_file.replace(".yml", ".yaml")
+if os.path.isfile(config_file_yaml):
+    config_file = config_file_yaml
+
+try:
+    with open(config_file) as f:
+        raw_config = f.read()
+
+    if config_file.endswith((".yaml", ".yml")):
+        config: dict[str, any] = yaml.safe_load(raw_config)
+    elif config_file.endswith(".json"):
+        config: dict[str, any] = json.loads(raw_config)
+except FileNotFoundError:
+    config: dict[str, any] = {}
+
+tls_config: dict[str, any] = config.get("tls", {})
+
+print(json.dumps(tls_config))

docker/main/rootfs/usr/local/nginx/templates/listen.gotmpl

@@ -0,0 +1,30 @@
+{{ if not .enabled }}
+# intended for external traffic, protected by auth
+listen [::]:8080 ipv6only=off;
+{{ else }}
+# intended for external traffic, protected by auth
+listen [::]:8080 ipv6only=off ssl;
+
+ssl_certificate /etc/letsencrypt/live/frigate/fullchain.pem;
+ssl_certificate_key /etc/letsencrypt/live/frigate/privkey.pem;
+
+# generated 2024-06-01, Mozilla Guideline v5.7, nginx 1.25.3, OpenSSL 1.1.1w, modern configuration, no OCSP
+# https://ssl-config.mozilla.org/#server=nginx&version=1.25.3&config=modern&openssl=1.1.1w&ocsp=false&guideline=5.7
+ssl_session_timeout 1d;
+ssl_session_cache shared:MozSSL:10m;  # about 40000 sessions
+ssl_session_tickets off;
+
+# modern configuration
+ssl_protocols TLSv1.3;
+ssl_prefer_server_ciphers off;
+
+# HSTS (ngx_http_headers_module is required) (63072000 seconds)
+add_header Strict-Transport-Security "max-age=63072000" always;
+
+# ACME challenge location
+location /.well-known/acme-challenge/ {
+    default_type "text/plain";
+    root /etc/letsencrypt/www;
+}
+{{ end }}
+

docker/rockchip/Dockerfile

@@ -0,0 +1,26 @@
+# syntax=docker/dockerfile:1.6
+
+# https://askubuntu.com/questions/972516/debian-frontend-environment-variable
+ARG DEBIAN_FRONTEND=noninteractive
+
+FROM wheels as rk-wheels
+COPY docker/main/requirements-wheels.txt /requirements-wheels.txt
+COPY docker/rockchip/requirements-wheels-rk.txt /requirements-wheels-rk.txt
+RUN sed -i "/https:\/\//d" /requirements-wheels.txt
+RUN pip3 wheel --wheel-dir=/rk-wheels -c /requirements-wheels.txt -r /requirements-wheels-rk.txt
+
+FROM deps AS rk-frigate
+ARG TARGETARCH
+
+RUN --mount=type=bind,from=rk-wheels,source=/rk-wheels,target=/deps/rk-wheels \
+    pip3 install -U /deps/rk-wheels/*.whl
+
+WORKDIR /opt/frigate/
+COPY --from=rootfs / /
+
+ADD https://github.com/MarcA711/rknn-toolkit2/releases/download/v2.0.0/librknnrt.so /usr/lib/
+
+RUN rm -rf /usr/lib/btbn-ffmpeg/bin/ffmpeg
+RUN rm -rf /usr/lib/btbn-ffmpeg/bin/ffprobe
+ADD --chmod=111 https://github.com/MarcA711/Rockchip-FFmpeg-Builds/releases/download/6.1-5/ffmpeg /usr/lib/btbn-ffmpeg/bin/
+ADD --chmod=111 https://github.com/MarcA711/Rockchip-FFmpeg-Builds/releases/download/6.1-5/ffprobe /usr/lib/btbn-ffmpeg/bin/

docker/rockchip/requirements-wheels-rk.txt

@@ -0,0 +1 @@
+rknn-toolkit-lite2 @ https://github.com/MarcA711/rknn-toolkit2/releases/download/v2.0.0/rknn_toolkit_lite2-2.0.0b0-cp39-cp39-linux_aarch64.whl

docker/rockchip/rk.hcl

@@ -0,0 +1,27 @@
+target wheels {
+  dockerfile = "docker/main/Dockerfile"
+  platforms = ["linux/arm64"]
+  target = "wheels"
+}
+
+target deps {
+  dockerfile = "docker/main/Dockerfile"
+  platforms = ["linux/arm64"]
+  target = "deps"
+}
+
+target rootfs {
+  dockerfile = "docker/main/Dockerfile"
+  platforms = ["linux/arm64"]
+  target = "rootfs"
+}
+
+target rk {
+  dockerfile = "docker/rockchip/Dockerfile"
+  contexts = {
+    wheels = "target:wheels",
+    deps = "target:deps",
+    rootfs = "target:rootfs"
+  }
+  platforms = ["linux/arm64"]
+}

docker/rockchip/rk.mk

@@ -0,0 +1,10 @@
+BOARDS += rk
+
+local-rk: version
+	docker buildx bake --load --file=docker/rockchip/rk.hcl --set rk.tags=frigate:latest-rk rk
+
+build-rk: version
+	docker buildx bake --file=docker/rockchip/rk.hcl --set rk.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rk rk
+
+push-rk: build-rk
+	docker buildx bake --push --file=docker/rockchip/rk.hcl --set rk.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rk rk

docker/rocm/Dockerfile

@@ -0,0 +1,106 @@
+# syntax=docker/dockerfile:1.4
+
+# https://askubuntu.com/questions/972516/debian-frontend-environment-variable
+ARG DEBIAN_FRONTEND=noninteractive
+ARG ROCM=5.7.3
+ARG AMDGPU=gfx900
+ARG HSA_OVERRIDE_GFX_VERSION
+ARG HSA_OVERRIDE
+
+#######################################################################
+FROM ubuntu:focal as rocm
+
+ARG ROCM
+
+RUN apt-get update && apt-get -y upgrade
+RUN apt-get -y install gnupg wget
+
+RUN mkdir --parents --mode=0755 /etc/apt/keyrings
+
+RUN wget https://repo.radeon.com/rocm/rocm.gpg.key -O - | gpg --dearmor | tee /etc/apt/keyrings/rocm.gpg > /dev/null
+COPY docker/rocm/rocm.list /etc/apt/sources.list.d/
+COPY docker/rocm/rocm-pin-600 /etc/apt/preferences.d/
+
+RUN apt-get update
+
+RUN apt-get -y install --no-install-recommends migraphx
+RUN apt-get -y install --no-install-recommends migraphx-dev
+
+RUN mkdir -p /opt/rocm-dist/opt/rocm-$ROCM/lib
+RUN cd /opt/rocm-$ROCM/lib && cp -dpr libMIOpen*.so* libamd*.so* libhip*.so* libhsa*.so* libmigraphx*.so* librocm*.so* librocblas*.so* /opt/rocm-dist/opt/rocm-$ROCM/lib/
+RUN cd /opt/rocm-dist/opt/ && ln -s rocm-$ROCM rocm
+
+RUN mkdir -p /opt/rocm-dist/etc/ld.so.conf.d/
+RUN echo /opt/rocm/lib|tee /opt/rocm-dist/etc/ld.so.conf.d/rocm.conf
+
+#######################################################################
+FROM --platform=linux/amd64 debian:11 as debian-base
+
+RUN apt-get update && apt-get -y upgrade
+RUN apt-get -y install --no-install-recommends libelf1 libdrm2 libdrm-amdgpu1 libnuma1 kmod
+
+RUN apt-get -y install python3
+
+#######################################################################
+# ROCm does not come with migraphx wrappers for python 3.9, so we build it here
+FROM debian-base as debian-build
+
+ARG ROCM
+
+COPY --from=rocm /opt/rocm-$ROCM /opt/rocm-$ROCM
+RUN ln -s /opt/rocm-$ROCM /opt/rocm
+
+RUN apt-get -y install g++ cmake
+RUN apt-get -y install python3-pybind11 python3.9-distutils python3-dev
+
+WORKDIR /opt/build
+
+COPY docker/rocm/migraphx .
+
+RUN mkdir build && cd build && cmake .. && make install
+
+#######################################################################
+FROM deps AS deps-prelim
+
+# need this to install libnuma1
+RUN apt-get update
+# no ugprade?!?!
+RUN apt-get -y install libnuma1
+
+WORKDIR /opt/frigate/
+COPY --from=rootfs / /
+COPY docker/rocm/rootfs/ /
+
+#######################################################################
+FROM scratch AS rocm-dist
+
+ARG ROCM
+ARG AMDGPU
+
+COPY --from=rocm /opt/rocm-$ROCM/bin/rocminfo /opt/rocm-$ROCM/bin/migraphx-driver /opt/rocm-$ROCM/bin/
+COPY --from=rocm /opt/rocm-$ROCM/share/miopen/db/*$AMDGPU* /opt/rocm-$ROCM/share/miopen/db/
+COPY --from=rocm /opt/rocm-$ROCM/lib/rocblas/library/*$AMDGPU* /opt/rocm-$ROCM/lib/rocblas/library/
+COPY --from=rocm /opt/rocm-dist/ /
+COPY --from=debian-build /opt/rocm/lib/migraphx.cpython-39-x86_64-linux-gnu.so /opt/rocm-$ROCM/lib/
+
+#######################################################################
+FROM deps-prelim AS rocm-prelim-hsa-override0
+
+ENV HSA_ENABLE_SDMA=0
+
+COPY --from=rocm-dist / /
+
+RUN ldconfig
+
+#######################################################################
+FROM rocm-prelim-hsa-override0 as rocm-prelim-hsa-override1
+
+ARG HSA_OVERRIDE_GFX_VERSION
+ENV HSA_OVERRIDE_GFX_VERSION=$HSA_OVERRIDE_GFX_VERSION
+
+#######################################################################
+FROM rocm-prelim-hsa-override$HSA_OVERRIDE as rocm-deps
+
+# Request yolov8 download at startup
+ENV DOWNLOAD_YOLOV8=1
+

docker/rocm/migraphx/CMakeLists.txt

@@ -0,0 +1,26 @@
+
+cmake_minimum_required(VERSION 3.1)
+
+set(CMAKE_CXX_STANDARD 17)
+set(CMAKE_CXX_STANDARD_REQUIRED ON)
+set(CMAKE_CXX_EXTENSIONS OFF)
+
+if(NOT CMAKE_BUILD_TYPE)
+  set(CMAKE_BUILD_TYPE Release)
+endif()
+
+SET(CMAKE_INSTALL_RPATH_USE_LINK_PATH TRUE)
+
+project(migraphx_py)
+
+include_directories(/opt/rocm/include)
+
+find_package(pybind11 REQUIRED)
+pybind11_add_module(migraphx migraphx_py.cpp)
+
+target_link_libraries(migraphx PRIVATE /opt/rocm/lib/libmigraphx.so /opt/rocm/lib/libmigraphx_tf.so /opt/rocm/lib/libmigraphx_onnx.so)
+
+install(TARGETS migraphx
+  COMPONENT python
+  LIBRARY DESTINATION /opt/rocm/lib
+)

docker/rocm/migraphx/migraphx_py.cpp

@@ -0,0 +1,582 @@
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 Advanced Micro Devices, Inc. All rights reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include <pybind11/pybind11.h>
+#include <pybind11/stl.h>
+#include <pybind11/numpy.h>
+#include <migraphx/program.hpp>
+#include <migraphx/instruction_ref.hpp>
+#include <migraphx/operation.hpp>
+#include <migraphx/quantization.hpp>
+#include <migraphx/generate.hpp>
+#include <migraphx/instruction.hpp>
+#include <migraphx/ref/target.hpp>
+#include <migraphx/stringutils.hpp>
+#include <migraphx/tf.hpp>
+#include <migraphx/onnx.hpp>
+#include <migraphx/load_save.hpp>
+#include <migraphx/register_target.hpp>
+#include <migraphx/json.hpp>
+#include <migraphx/make_op.hpp>
+#include <migraphx/op/common.hpp>
+
+#ifdef HAVE_GPU
+#include <migraphx/gpu/hip.hpp>
+#endif
+
+using half   = half_float::half;
+namespace py = pybind11;
+
+#ifdef __clang__
+#define MIGRAPHX_PUSH_UNUSED_WARNING \
+    _Pragma("clang diagnostic push") \
+        _Pragma("clang diagnostic ignored \"-Wused-but-marked-unused\"")
+#define MIGRAPHX_POP_WARNING _Pragma("clang diagnostic pop")
+#else
+#define MIGRAPHX_PUSH_UNUSED_WARNING
+#define MIGRAPHX_POP_WARNING
+#endif
+#define MIGRAPHX_PYBIND11_MODULE(...) \
+    MIGRAPHX_PUSH_UNUSED_WARNING      \
+    PYBIND11_MODULE(__VA_ARGS__)      \
+    MIGRAPHX_POP_WARNING
+
+#define MIGRAPHX_PYTHON_GENERATE_SHAPE_ENUM(x, t) .value(#x, migraphx::shape::type_t::x)
+namespace migraphx {
+
+migraphx::value to_value(py::kwargs kwargs);
+migraphx::value to_value(py::list lst);
+
+template <class T, class F>
+void visit_py(T x, F f)
+{
+    if(py::isinstance<py::kwargs>(x))
+    {
+        f(to_value(x.template cast<py::kwargs>()));
+    }
+    else if(py::isinstance<py::list>(x))
+    {
+        f(to_value(x.template cast<py::list>()));
+    }
+    else if(py::isinstance<py::bool_>(x))
+    {
+        f(x.template cast<bool>());
+    }
+    else if(py::isinstance<py::int_>(x) or py::hasattr(x, "__index__"))
+    {
+        f(x.template cast<int>());
+    }
+    else if(py::isinstance<py::float_>(x))
+    {
+        f(x.template cast<float>());
+    }
+    else if(py::isinstance<py::str>(x))
+    {
+        f(x.template cast<std::string>());
+    }
+    else if(py::isinstance<migraphx::shape::dynamic_dimension>(x))
+    {
+        f(migraphx::to_value(x.template cast<migraphx::shape::dynamic_dimension>()));
+    }
+    else
+    {
+        MIGRAPHX_THROW("VISIT_PY: Unsupported data type!");
+    }
+}
+
+migraphx::value to_value(py::list lst)
+{
+    migraphx::value v = migraphx::value::array{};
+    for(auto val : lst)
+    {
+        visit_py(val, [&](auto py_val) { v.push_back(py_val); });
+    }
+
+    return v;
+}
+
+migraphx::value to_value(py::kwargs kwargs)
+{
+    migraphx::value v = migraphx::value::object{};
+
+    for(auto arg : kwargs)
+    {
+        auto&& key = py::str(arg.first);
+        auto&& val = arg.second;
+        visit_py(val, [&](auto py_val) { v[key] = py_val; });
+    }
+    return v;
+}
+} // namespace migraphx
+
+namespace pybind11 {
+namespace detail {
+
+template <>
+struct npy_format_descriptor<half>
+{
+    static std::string format()
+    {
+        // following: https://docs.python.org/3/library/struct.html#format-characters
+        return "e";
+    }
+    static constexpr auto name() { return _("half"); }
+};
+
+} // namespace detail
+} // namespace pybind11
+
+template <class F>
+void visit_type(const migraphx::shape& s, F f)
+{
+    s.visit_type(f);
+}
+
+template <class T, class F>
+void visit(const migraphx::raw_data<T>& x, F f)
+{
+    x.visit(f);
+}
+
+template <class F>
+void visit_types(F f)
+{
+    migraphx::shape::visit_types(f);
+}
+
+template <class T>
+py::buffer_info to_buffer_info(T& x)
+{
+    migraphx::shape s = x.get_shape();
+    assert(s.type() != migraphx::shape::tuple_type);
+    if(s.dynamic())
+        MIGRAPHX_THROW("MIGRAPHX PYTHON: dynamic shape argument passed to to_buffer_info");
+    auto strides = s.strides();
+    std::transform(
+        strides.begin(), strides.end(), strides.begin(), [&](auto i) { return i * s.type_size(); });
+    py::buffer_info b;
+    visit_type(s, [&](auto as) {
+        // migraphx use int8_t data to store bool type, we need to
+        // explicitly specify the data type as bool for python
+        if(s.type() == migraphx::shape::bool_type)
+        {
+            b = py::buffer_info(x.data(),
+                                as.size(),
+                                py::format_descriptor<bool>::format(),
+                                s.ndim(),
+                                s.lens(),
+                                strides);
+        }
+        else
+        {
+            b = py::buffer_info(x.data(),
+                                as.size(),
+                                py::format_descriptor<decltype(as())>::format(),
+                                s.ndim(),
+                                s.lens(),
+                                strides);
+        }
+    });
+    return b;
+}
+
+migraphx::shape to_shape(const py::buffer_info& info)
+{
+    migraphx::shape::type_t t;
+    std::size_t n = 0;
+    visit_types([&](auto as) {
+        if(info.format == py::format_descriptor<decltype(as())>::format() or
+           (info.format == "l" and py::format_descriptor<decltype(as())>::format() == "q") or
+           (info.format == "L" and py::format_descriptor<decltype(as())>::format() == "Q"))
+        {
+            t = as.type_enum();
+            n = sizeof(as());
+        }
+        else if(info.format == "?" and py::format_descriptor<decltype(as())>::format() == "b")
+        {
+            t = migraphx::shape::bool_type;
+            n = sizeof(bool);
+        }
+    });
+
+    if(n == 0)
+    {
+        MIGRAPHX_THROW("MIGRAPHX PYTHON: Unsupported data type " + info.format);
+    }
+
+    auto strides = info.strides;
+    std::transform(strides.begin(), strides.end(), strides.begin(), [&](auto i) -> std::size_t {
+        return n > 0 ? i / n : 0;
+    });
+
+    // scalar support
+    if(info.shape.empty())
+    {
+        return migraphx::shape{t};
+    }
+    else
+    {
+        return migraphx::shape{t, info.shape, strides};
+    }
+}
+
+MIGRAPHX_PYBIND11_MODULE(migraphx, m)
+{
+    py::class_<migraphx::shape> shape_cls(m, "shape");
+    shape_cls
+        .def(py::init([](py::kwargs kwargs) {
+            auto v = migraphx::to_value(kwargs);
+            auto t = migraphx::shape::parse_type(v.get("type", "float"));
+            if(v.contains("dyn_dims"))
+            {
+                auto dyn_dims =
+                    migraphx::from_value<std::vector<migraphx::shape::dynamic_dimension>>(
+                        v.at("dyn_dims"));
+                return migraphx::shape(t, dyn_dims);
+            }
+            auto lens = v.get<std::size_t>("lens", {1});
+            if(v.contains("strides"))
+                return migraphx::shape(t, lens, v.at("strides").to_vector<std::size_t>());
+            else
+                return migraphx::shape(t, lens);
+        }))
+        .def("type", &migraphx::shape::type)
+        .def("lens", &migraphx::shape::lens)
+        .def("strides", &migraphx::shape::strides)
+        .def("ndim", &migraphx::shape::ndim)
+        .def("elements", &migraphx::shape::elements)
+        .def("bytes", &migraphx::shape::bytes)
+        .def("type_string", &migraphx::shape::type_string)
+        .def("type_size", &migraphx::shape::type_size)
+        .def("dyn_dims", &migraphx::shape::dyn_dims)
+        .def("packed", &migraphx::shape::packed)
+        .def("transposed", &migraphx::shape::transposed)
+        .def("broadcasted", &migraphx::shape::broadcasted)
+        .def("standard", &migraphx::shape::standard)
+        .def("scalar", &migraphx::shape::scalar)
+        .def("dynamic", &migraphx::shape::dynamic)
+        .def("__eq__", std::equal_to<migraphx::shape>{})
+        .def("__ne__", std::not_equal_to<migraphx::shape>{})
+        .def("__repr__", [](const migraphx::shape& s) { return migraphx::to_string(s); });
+
+    py::enum_<migraphx::shape::type_t>(shape_cls, "type_t")
+        MIGRAPHX_SHAPE_VISIT_TYPES(MIGRAPHX_PYTHON_GENERATE_SHAPE_ENUM);
+
+    py::class_<migraphx::shape::dynamic_dimension>(shape_cls, "dynamic_dimension")
+        .def(py::init<>())
+        .def(py::init<std::size_t, std::size_t>())
+        .def(py::init<std::size_t, std::size_t, std::set<std::size_t>>())
+        .def_readwrite("min", &migraphx::shape::dynamic_dimension::min)
+        .def_readwrite("max", &migraphx::shape::dynamic_dimension::max)
+        .def_readwrite("optimals", &migraphx::shape::dynamic_dimension::optimals)
+        .def("is_fixed", &migraphx::shape::dynamic_dimension::is_fixed);
+
+    py::class_<migraphx::argument>(m, "argument", py::buffer_protocol())
+        .def_buffer([](migraphx::argument& x) -> py::buffer_info { return to_buffer_info(x); })
+        .def(py::init([](py::buffer b) {
+            py::buffer_info info = b.request();
+            return migraphx::argument(to_shape(info), info.ptr);
+        }))
+        .def("get_shape", &migraphx::argument::get_shape)
+        .def("data_ptr",
+             [](migraphx::argument& x) { return reinterpret_cast<std::uintptr_t>(x.data()); })
+        .def("tolist",
+             [](migraphx::argument& x) {
+                 py::list l{x.get_shape().elements()};
+                 visit(x, [&](auto data) { l = py::cast(data.to_vector()); });
+                 return l;
+             })
+        .def("__eq__", std::equal_to<migraphx::argument>{})
+        .def("__ne__", std::not_equal_to<migraphx::argument>{})
+        .def("__repr__", [](const migraphx::argument& x) { return migraphx::to_string(x); });
+
+    py::class_<migraphx::target>(m, "target");
+
+    py::class_<migraphx::instruction_ref>(m, "instruction_ref")
+        .def("shape", [](migraphx::instruction_ref i) { return i->get_shape(); })
+        .def("op", [](migraphx::instruction_ref i) { return i->get_operator(); });
+
+    py::class_<migraphx::module, std::unique_ptr<migraphx::module, py::nodelete>>(m, "module")
+        .def("print", [](const migraphx::module& mm) { std::cout << mm << std::endl; })
+        .def(
+            "add_instruction",
+            [](migraphx::module& mm,
+               const migraphx::operation& op,
+               std::vector<migraphx::instruction_ref>& args,
+               std::vector<migraphx::module*>& mod_args) {
+                return mm.add_instruction(op, args, mod_args);
+            },
+            py::arg("op"),
+            py::arg("args"),
+            py::arg("mod_args") = std::vector<migraphx::module*>{})
+        .def(
+            "add_literal",
+            [](migraphx::module& mm, py::buffer data) {
+                py::buffer_info info = data.request();
+                auto literal_shape   = to_shape(info);
+                return mm.add_literal(literal_shape, reinterpret_cast<char*>(info.ptr));
+            },
+            py::arg("data"))
+        .def(
+            "add_parameter",
+            [](migraphx::module& mm, const std::string& name, const migraphx::shape shape) {
+                return mm.add_parameter(name, shape);
+            },
+            py::arg("name"),
+            py::arg("shape"))
+        .def(
+            "add_return",
+            [](migraphx::module& mm, std::vector<migraphx::instruction_ref>& args) {
+                return mm.add_return(args);
+            },
+            py::arg("args"))
+        .def("__repr__", [](const migraphx::module& mm) { return migraphx::to_string(mm); });
+
+    py::class_<migraphx::program>(m, "program")
+        .def(py::init([]() { return migraphx::program(); }))
+        .def("get_parameter_names", &migraphx::program::get_parameter_names)
+        .def("get_parameter_shapes", &migraphx::program::get_parameter_shapes)
+        .def("get_output_shapes", &migraphx::program::get_output_shapes)
+        .def("is_compiled", &migraphx::program::is_compiled)
+        .def(
+            "compile",
+            [](migraphx::program& p,
+               const migraphx::target& t,
+               bool offload_copy,
+               bool fast_math,
+               bool exhaustive_tune) {
+                migraphx::compile_options options;
+                options.offload_copy    = offload_copy;
+                options.fast_math       = fast_math;
+                options.exhaustive_tune = exhaustive_tune;
+                p.compile(t, options);
+            },
+            py::arg("t"),
+            py::arg("offload_copy")    = true,
+            py::arg("fast_math")       = true,
+            py::arg("exhaustive_tune") = false)
+        .def("get_main_module", [](const migraphx::program& p) { return p.get_main_module(); })
+        .def(
+            "create_module",
+            [](migraphx::program& p, const std::string& name) { return p.create_module(name); },
+            py::arg("name"))
+        .def("run",
+             [](migraphx::program& p, py::dict params) {
+                 migraphx::parameter_map pm;
+                 for(auto x : params)
+                 {
+                     std::string key      = x.first.cast<std::string>();
+                     py::buffer b         = x.second.cast<py::buffer>();
+                     py::buffer_info info = b.request();
+                     pm[key]              = migraphx::argument(to_shape(info), info.ptr);
+                 }
+                 return p.eval(pm);
+             })
+        .def("run_async",
+             [](migraphx::program& p,
+                py::dict params,
+                std::uintptr_t stream,
+                std::string stream_name) {
+                 migraphx::parameter_map pm;
+                 for(auto x : params)
+                 {
+                     std::string key      = x.first.cast<std::string>();
+                     py::buffer b         = x.second.cast<py::buffer>();
+                     py::buffer_info info = b.request();
+                     pm[key]              = migraphx::argument(to_shape(info), info.ptr);
+                 }
+                 migraphx::execution_environment exec_env{
+                     migraphx::any_ptr(reinterpret_cast<void*>(stream), stream_name), true};
+                 return p.eval(pm, exec_env);
+             })
+        .def("sort", &migraphx::program::sort)
+        .def("print", [](const migraphx::program& p) { std::cout << p << std::endl; })
+        .def("__eq__", std::equal_to<migraphx::program>{})
+        .def("__ne__", std::not_equal_to<migraphx::program>{})
+        .def("__repr__", [](const migraphx::program& p) { return migraphx::to_string(p); });
+
+    py::class_<migraphx::operation> op(m, "op");
+    op.def(py::init([](const std::string& name, py::kwargs kwargs) {
+          migraphx::value v = migraphx::value::object{};
+          if(kwargs)
+          {
+              v = migraphx::to_value(kwargs);
+          }
+          return migraphx::make_op(name, v);
+      }))
+        .def("name", &migraphx::operation::name);
+
+    py::enum_<migraphx::op::pooling_mode>(op, "pooling_mode")
+        .value("average", migraphx::op::pooling_mode::average)
+        .value("max", migraphx::op::pooling_mode::max)
+        .value("lpnorm", migraphx::op::pooling_mode::lpnorm);
+
+    py::enum_<migraphx::op::rnn_direction>(op, "rnn_direction")
+        .value("forward", migraphx::op::rnn_direction::forward)
+        .value("reverse", migraphx::op::rnn_direction::reverse)
+        .value("bidirectional", migraphx::op::rnn_direction::bidirectional);
+
+    m.def(
+        "argument_from_pointer",
+        [](const migraphx::shape shape, const int64_t address) {
+            return migraphx::argument(shape, reinterpret_cast<void*>(address));
+        },
+        py::arg("shape"),
+        py::arg("address"));
+
+    m.def(
+        "parse_tf",
+        [](const std::string& filename,
+           bool is_nhwc,
+           unsigned int batch_size,
+           std::unordered_map<std::string, std::vector<std::size_t>> map_input_dims,
+           std::vector<std::string> output_names) {
+            return migraphx::parse_tf(
+                filename, migraphx::tf_options{is_nhwc, batch_size, map_input_dims, output_names});
+        },
+        "Parse tf protobuf (default format is nhwc)",
+        py::arg("filename"),
+        py::arg("is_nhwc")        = true,
+        py::arg("batch_size")     = 1,
+        py::arg("map_input_dims") = std::unordered_map<std::string, std::vector<std::size_t>>(),
+        py::arg("output_names")   = std::vector<std::string>());
+
+    m.def(
+        "parse_onnx",
+        [](const std::string& filename,
+           unsigned int default_dim_value,
+           migraphx::shape::dynamic_dimension default_dyn_dim_value,
+           std::unordered_map<std::string, std::vector<std::size_t>> map_input_dims,
+           std::unordered_map<std::string, std::vector<migraphx::shape::dynamic_dimension>>
+               map_dyn_input_dims,
+           bool skip_unknown_operators,
+           bool print_program_on_error,
+           int64_t max_loop_iterations) {
+            migraphx::onnx_options options;
+            options.default_dim_value      = default_dim_value;
+            options.default_dyn_dim_value  = default_dyn_dim_value;
+            options.map_input_dims         = map_input_dims;
+            options.map_dyn_input_dims     = map_dyn_input_dims;
+            options.skip_unknown_operators = skip_unknown_operators;
+            options.print_program_on_error = print_program_on_error;
+            options.max_loop_iterations    = max_loop_iterations;
+            return migraphx::parse_onnx(filename, options);
+        },
+        "Parse onnx file",
+        py::arg("filename"),
+        py::arg("default_dim_value")     = 0,
+        py::arg("default_dyn_dim_value") = migraphx::shape::dynamic_dimension{1, 1},
+        py::arg("map_input_dims") = std::unordered_map<std::string, std::vector<std::size_t>>(),
+        py::arg("map_dyn_input_dims") =
+            std::unordered_map<std::string, std::vector<migraphx::shape::dynamic_dimension>>(),
+        py::arg("skip_unknown_operators") = false,
+        py::arg("print_program_on_error") = false,
+        py::arg("max_loop_iterations")    = 10);
+
+    m.def(
+        "parse_onnx_buffer",
+        [](const std::string& onnx_buffer,
+           unsigned int default_dim_value,
+           migraphx::shape::dynamic_dimension default_dyn_dim_value,
+           std::unordered_map<std::string, std::vector<std::size_t>> map_input_dims,
+           std::unordered_map<std::string, std::vector<migraphx::shape::dynamic_dimension>>
+               map_dyn_input_dims,
+           bool skip_unknown_operators,
+           bool print_program_on_error) {
+            migraphx::onnx_options options;
+            options.default_dim_value      = default_dim_value;
+            options.default_dyn_dim_value  = default_dyn_dim_value;
+            options.map_input_dims         = map_input_dims;
+            options.map_dyn_input_dims     = map_dyn_input_dims;
+            options.skip_unknown_operators = skip_unknown_operators;
+            options.print_program_on_error = print_program_on_error;
+            return migraphx::parse_onnx_buffer(onnx_buffer, options);
+        },
+        "Parse onnx file",
+        py::arg("filename"),
+        py::arg("default_dim_value")     = 0,
+        py::arg("default_dyn_dim_value") = migraphx::shape::dynamic_dimension{1, 1},
+        py::arg("map_input_dims") = std::unordered_map<std::string, std::vector<std::size_t>>(),
+        py::arg("map_dyn_input_dims") =
+            std::unordered_map<std::string, std::vector<migraphx::shape::dynamic_dimension>>(),
+        py::arg("skip_unknown_operators") = false,
+        py::arg("print_program_on_error") = false);
+
+    m.def(
+        "load",
+        [](const std::string& name, const std::string& format) {
+            migraphx::file_options options;
+            options.format = format;
+            return migraphx::load(name, options);
+        },
+        "Load MIGraphX program",
+        py::arg("filename"),
+        py::arg("format") = "msgpack");
+
+    m.def(
+        "save",
+        [](const migraphx::program& p, const std::string& name, const std::string& format) {
+            migraphx::file_options options;
+            options.format = format;
+            return migraphx::save(p, name, options);
+        },
+        "Save MIGraphX program",
+        py::arg("p"),
+        py::arg("filename"),
+        py::arg("format") = "msgpack");
+
+    m.def("get_target", &migraphx::make_target);
+    m.def("create_argument", [](const migraphx::shape& s, const std::vector<double>& values) {
+        if(values.size() != s.elements())
+            MIGRAPHX_THROW("Values and shape elements do not match");
+        migraphx::argument a{s};
+        a.fill(values.begin(), values.end());
+        return a;
+    });
+    m.def("generate_argument", &migraphx::generate_argument, py::arg("s"), py::arg("seed") = 0);
+    m.def("fill_argument", &migraphx::fill_argument, py::arg("s"), py::arg("value"));
+    m.def("quantize_fp16",
+          &migraphx::quantize_fp16,
+          py::arg("prog"),
+          py::arg("ins_names") = std::vector<std::string>{"all"});
+    m.def("quantize_int8",
+          &migraphx::quantize_int8,
+          py::arg("prog"),
+          py::arg("t"),
+          py::arg("calibration") = std::vector<migraphx::parameter_map>{},
+          py::arg("ins_names")   = std::vector<std::string>{"dot", "convolution"});
+
+#ifdef HAVE_GPU
+    m.def("allocate_gpu", &migraphx::gpu::allocate_gpu, py::arg("s"), py::arg("host") = false);
+    m.def("to_gpu", &migraphx::gpu::to_gpu, py::arg("arg"), py::arg("host") = false);
+    m.def("from_gpu", &migraphx::gpu::from_gpu);
+    m.def("gpu_sync", [] { migraphx::gpu::gpu_sync(); });
+#endif
+
+#ifdef VERSION_INFO
+    m.attr("__version__") = VERSION_INFO;
+#else
+    m.attr("__version__") = "dev";
+#endif
+}

docker/rocm/rocm-pin-600

@@ -0,0 +1,3 @@
+Package: *
+Pin: release o=repo.radeon.com
+Pin-Priority: 600

docker/rocm/rocm.hcl

@@ -0,0 +1,38 @@
+variable "AMDGPU" {
+  default = "gfx900"
+}
+variable "ROCM" {
+  default = "5.7.3"
+}
+variable "HSA_OVERRIDE_GFX_VERSION" {
+  default = ""
+}
+variable "HSA_OVERRIDE" {
+  default = "1"
+}
+target deps {
+  dockerfile = "docker/main/Dockerfile"
+  platforms = ["linux/amd64"]
+  target = "deps"
+}
+
+target rootfs {
+  dockerfile = "docker/main/Dockerfile"
+  platforms = ["linux/amd64"]
+  target = "rootfs"
+}
+
+target rocm {
+  dockerfile = "docker/rocm/Dockerfile"
+  contexts = {
+    deps = "target:deps",
+    rootfs = "target:rootfs"
+  }
+  platforms = ["linux/amd64"]
+  args = {
+    AMDGPU = AMDGPU,
+    ROCM = ROCM,
+    HSA_OVERRIDE_GFX_VERSION = HSA_OVERRIDE_GFX_VERSION,
+    HSA_OVERRIDE = HSA_OVERRIDE
+  }
+}

docker/rocm/rocm.list

@@ -0,0 +1 @@
+deb [arch=amd64 signed-by=/etc/apt/keyrings/rocm.gpg] https://repo.radeon.com/rocm/apt/5.7.3 focal main

docker/rocm/rocm.mk

@@ -0,0 +1,17 @@
+BOARDS += rocm
+
+# AMD/ROCm is chunky so we build couple of smaller images for specific chipsets
+ROCM_CHIPSETS:=gfx900:9.0.0 gfx1030:10.3.0 gfx1100:11.0.0
+
+local-rocm: version
+	$(foreach chipset,$(ROCM_CHIPSETS),AMDGPU=$(word 1,$(subst :, ,$(chipset))) HSA_OVERRIDE_GFX_VERSION=$(word 2,$(subst :, ,$(chipset))) HSA_OVERRIDE=1 docker buildx bake --load --file=docker/rocm/rocm.hcl --set rocm.tags=frigate:latest-rocm-$(word 1,$(subst :, ,$(chipset))) rocm;)
+	unset HSA_OVERRIDE_GFX_VERSION && HSA_OVERRIDE=0 AMDGPU=gfx docker buildx bake --load --file=docker/rocm/rocm.hcl --set rocm.tags=frigate:latest-rocm rocm
+
+build-rocm: version
+	$(foreach chipset,$(ROCM_CHIPSETS),AMDGPU=$(word 1,$(subst :, ,$(chipset))) HSA_OVERRIDE_GFX_VERSION=$(word 2,$(subst :, ,$(chipset))) HSA_OVERRIDE=1 docker buildx bake --file=docker/rocm/rocm.hcl --set rocm.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rocm-$(chipset) rocm;)
+	unset HSA_OVERRIDE_GFX_VERSION && HSA_OVERRIDE=0 AMDGPU=gfx docker buildx bake --file=docker/rocm/rocm.hcl --set rocm.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rocm rocm
+
+push-rocm: build-rocm
+	$(foreach chipset,$(ROCM_CHIPSETS),AMDGPU=$(word 1,$(subst :, ,$(chipset))) HSA_OVERRIDE_GFX_VERSION=$(word 2,$(subst :, ,$(chipset))) HSA_OVERRIDE=1 docker buildx bake --push --file=docker/rocm/rocm.hcl --set rocm.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rocm-$(chipset) rocm;)
+	unset HSA_OVERRIDE_GFX_VERSION && HSA_OVERRIDE=0 AMDGPU=gfx docker buildx bake --push --file=docker/rocm/rocm.hcl --set rocm.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rocm rocm
+

docker/rocm/rootfs/etc/s6-overlay/s6-rc.d/compile-rocm-models/run

@@ -0,0 +1,20 @@
+#!/command/with-contenv bash
+# shellcheck shell=bash
+# Compile YoloV8 ONNX files into ROCm MIGraphX files
+
+OVERRIDE=$(cd /opt/frigate && python3 -c 'import frigate.detectors.plugins.rocm as rocm; print(rocm.auto_override_gfx_version())')
+
+if ! test -z "$OVERRIDE"; then
+  echo "Using HSA_OVERRIDE_GFX_VERSION=${OVERRIDE}"
+  export HSA_OVERRIDE_GFX_VERSION=$OVERRIDE
+fi
+
+for onnx in /config/model_cache/yolov8/*.onnx
+do
+  mxr="${onnx%.onnx}.mxr"
+  if ! test -f $mxr; then
+    echo "processing $onnx into $mxr"
+    /opt/rocm/bin/migraphx-driver compile $onnx --optimize --gpu --enable-offload-copy --binary -o $mxr
+  fi
+done
+

docker/rocm/rootfs/etc/s6-overlay/s6-rc.d/compile-rocm-models/type

@@ -0,0 +1 @@
+oneshot

docker/rocm/rootfs/etc/s6-overlay/s6-rc.d/compile-rocm-models/up

@@ -0,0 +1 @@
+/etc/s6-overlay/s6-rc.d/compile-rocm-models/run

docker/tensorrt/Dockerfile.base

@@ -1,4 +1,4 @@
-# syntax=docker/dockerfile:1.4
+# syntax=docker/dockerfile:1.6
 
 # https://askubuntu.com/questions/972516/debian-frontend-environment-variable
 ARG DEBIAN_FRONTEND=noninteractive
@@ -8,6 +8,8 @@ ARG TRT_BASE=nvcr.io/nvidia/tensorrt:23.03-py3
 # Build TensorRT-specific library
 FROM ${TRT_BASE} AS trt-deps
 
+ARG COMPUTE_LEVEL
+
 RUN apt-get update \
     && apt-get install -y git build-essential cuda-nvcc-* cuda-nvtx-* libnvinfer-dev libnvinfer-plugin-dev libnvparsers-dev libnvonnxparsers-dev \
     && rm -rf /var/lib/apt/lists/*
@@ -24,3 +26,6 @@ COPY --from=trt-deps /usr/local/lib/libyolo_layer.so /usr/local/lib/libyolo_laye
 COPY --from=trt-deps /usr/local/src/tensorrt_demos /usr/local/src/tensorrt_demos
 COPY docker/tensorrt/detector/rootfs/ /
 ENV YOLO_MODELS="yolov7-320"
+
+HEALTHCHECK --start-period=600s --start-interval=5s --interval=15s --timeout=5s --retries=3 \
+    CMD curl --fail --silent --show-error http://127.0.0.1:5000/api/version || exit 1

docker/tensorrt/build_jetson_ffmpeg.sh

@@ -23,8 +23,8 @@ else
 fi
 tar xaf jetson_multimedia_api.tbz2 -C / && rm jetson_multimedia_api.tbz2
 
-wget -q https://github.com/madsciencetist/jetson-ffmpeg/archive/refs/heads/master.zip
-unzip master.zip && rm master.zip && cd jetson-ffmpeg-master
+wget -q https://github.com/AndBobsYourUncle/jetson-ffmpeg/archive/9c17b09.zip -O jetson-ffmpeg.zip
+unzip jetson-ffmpeg.zip && rm jetson-ffmpeg.zip && mv jetson-ffmpeg-* jetson-ffmpeg && cd jetson-ffmpeg
 LD_LIBRARY_PATH=$(pwd)/stubs:$LD_LIBRARY_PATH   # tegra multimedia libs aren't available in image, so use stubs for ffmpeg build
 mkdir build
 cd build
@@ -42,7 +42,7 @@ cd ../ && rm -rf nv-codec-headers-master
 # Build ffmpeg with nvmpi patch
 wget -q https://ffmpeg.org/releases/ffmpeg-6.0.tar.xz
 tar xaf ffmpeg-*.tar.xz && rm ffmpeg-*.tar.xz && cd ffmpeg-*
-patch -p1 < ../jetson-ffmpeg-master/ffmpeg_patches/ffmpeg6.0_nvmpi.patch
+patch -p1 < ../jetson-ffmpeg/ffmpeg_patches/ffmpeg6.0_nvmpi.patch
 export PKG_CONFIG_PATH=$INSTALL_PREFIX/lib/pkgconfig
 # enable Jetson codecs but disable dGPU codecs
 ./configure --cc='ccache gcc' --cxx='ccache g++' \

docker/tensorrt/detector/rootfs/etc/s6-overlay/s6-rc.d/trt-model-prepare/run

@@ -43,6 +43,15 @@ if [[ -z ${MODEL_CONVERT} ]]; then
     exit 0
 fi
 
+# Setup ENV to select GPU for conversion
+if [ ! -z ${TRT_MODEL_PREP_DEVICE+x} ]; then
+    if [ ! -z ${CUDA_VISIBLE_DEVICES+x} ]; then
+        PREVIOUS_CVD="$CUDA_VISIBLE_DEVICES"
+        unset CUDA_VISIBLE_DEVICES
+    fi
+    export CUDA_VISIBLE_DEVICES="$TRT_MODEL_PREP_DEVICE"
+fi
+
 # On Jetpack 4.6, the nvidia container runtime will mount several host nvidia libraries into the
 # container which should not be present in the image - if they are, TRT model generation will
 # fail or produce invalid models. Thus we must request the user to install them on the host in
@@ -87,5 +96,14 @@ do
     echo "Generated ${model}.trt in $(($(date +%s)-start)) seconds"
 done
 
+# Restore ENV after conversion
+if [ ! -z ${TRT_MODEL_PREP_DEVICE+x} ]; then
+    unset CUDA_VISIBLE_DEVICES
+    if [ ! -z ${PREVIOUS_CVD+x} ]; then
+        export CUDA_VISIBLE_DEVICES="$PREVIOUS_CVD"
+    fi
+fi
+
+# Print which models exist in output folder
 echo "Available tensorrt models:"
 cd ${OUTPUT_FOLDER} && ls *.trt;

docker/tensorrt/detector/tensorrt_libyolo.sh

@@ -11,7 +11,7 @@ git clone --depth 1 https://github.com/NateMeyer/tensorrt_demos.git -b condition
 if [ ! -e /usr/local/cuda ]; then
     ln -s /usr/local/cuda-* /usr/local/cuda
 fi
-cd ./tensorrt_demos/plugins && make all -j$(nproc)
+cd ./tensorrt_demos/plugins && make all -j$(nproc) computes="${COMPUTE_LEVEL:-}"
 cp libyolo_layer.so /usr/local/lib/libyolo_layer.so
 
 # Store yolo scripts for later conversion

docker/tensorrt/trt.hcl

@@ -10,12 +10,16 @@ variable "SLIM_BASE" {
 variable "TRT_BASE" {
   default = null
 }
+variable "COMPUTE_LEVEL" {
+  default = ""
+}
 
 target "_build_args" {
   args = {
     BASE_IMAGE = BASE_IMAGE,
     SLIM_BASE = SLIM_BASE,
-    TRT_BASE = TRT_BASE
+    TRT_BASE = TRT_BASE,
+    COMPUTE_LEVEL = COMPUTE_LEVEL
   }
   platforms = ["linux/${ARCH}"]
 }

docker/tensorrt/trt.mk

@@ -2,7 +2,7 @@ BOARDS += trt
 
 JETPACK4_BASE ?= timongentzsch/l4t-ubuntu20-opencv:latest	# L4T 32.7.1 JetPack 4.6.1
 JETPACK5_BASE ?= nvcr.io/nvidia/l4t-tensorrt:r8.5.2-runtime	# L4T 35.3.1 JetPack 5.1.1
-X86_DGPU_ARGS := ARCH=amd64
+X86_DGPU_ARGS := ARCH=amd64 COMPUTE_LEVEL="50 60 70 80 90"
 JETPACK4_ARGS := ARCH=arm64 BASE_IMAGE=$(JETPACK4_BASE) SLIM_BASE=$(JETPACK4_BASE) TRT_BASE=$(JETPACK4_BASE)
 JETPACK5_ARGS := ARCH=arm64 BASE_IMAGE=$(JETPACK5_BASE) SLIM_BASE=$(JETPACK5_BASE) TRT_BASE=$(JETPACK5_BASE)
 

docs/docs/configuration/advanced.md

@@ -96,7 +96,7 @@ model:
 
 Note that if you rename objects in the labelmap, you will also need to update your `objects -> track` list as well.
 
-:::caution
+:::warning
 
 Some labels have special handling and modifications can disable functionality.
 
@@ -120,7 +120,7 @@ NOTE: The folder that is mapped from the host needs to be the folder that contai
 
 ## Custom go2rtc version
 
-Frigate currently includes go2rtc v1.6.2, there may be certain cases where you want to run a different version of go2rtc.
+Frigate currently includes go2rtc v1.9.2, there may be certain cases where you want to run a different version of go2rtc.
 
 To do this:
 
@@ -128,3 +128,34 @@ To do this:
 2. Rename the build to `go2rtc`.
 3. Give `go2rtc` execute permission.
 4. Restart Frigate and the custom version will be used, you can verify by checking go2rtc logs.
+
+## Validating your config.yaml file updates
+
+When frigate starts up, it checks whether your config file is valid, and if it is not, the process exits. To minimize interruptions when updating your config, you have three options -- you can edit the config via the WebUI which has built in validation, use the config API, or you can validate on the command line using the frigate docker container.
+
+### Via API
+
+Frigate can accept a new configuration file as JSON at the `/config/save` endpoint. When updating the config this way, Frigate will validate the config before saving it, and return a `400` if the config is not valid.
+
+```bash
+curl -X POST http://frigate_host:5000/config/save -d @config.json
+```
+
+if you'd like you can use your yaml config directly by using [`yq`](https://github.com/mikefarah/yq) to convert it to json:
+
+```bash
+yq r -j config.yml | curl -X POST http://frigate_host:5000/config/save -d @-
+```
+
+### Via Command Line
+
+You can also validate your config at the command line by using the docker container itself. In CI/CD, you leverage the return code to determine if your config is valid, Frigate will return `1` if the config is invalid, or `0` if it's valid.
+
+```bash
+docker run                                \
+  -v $(pwd)/config.yml:/config/config.yml \
+  --entrypoint python3                    \
+  ghcr.io/blakeblackshear/frigate:stable  \
+  -u -m frigate                           \
+  --validate_config
+```

docs/docs/configuration/audio_detectors.md

@@ -48,15 +48,26 @@ cameras:
             - detect
 ```
 
+### Configuring Minimum Volume
+
+The audio detector uses volume levels in the same way that motion in a camera feed is used for object detection. This means that frigate will not run audio detection unless the audio volume is above the configured level in order to reduce resource usage. Audio levels can vary widely between camera models so it is important to run tests to see what volume levels are. MQTT explorer can be used on the audio topic to see what volume level is being detected.
+
+:::tip
+
+Volume is considered motion for recordings, this means when the `record -> retain -> mode` is set to `motion` any time audio volume is > min_volume that recording segment for that camera will be kept.
+
+:::
+
 ### Configuring Audio Events
 
-The included audio model has over [500 different types](https://github.com/blakeblackshear/frigate/blob/dev/audio-labelmap.txt) of audio that can be detected, many of which are not practical. By default `bark`, `speech`, `yell`, and `scream` are enabled but these can be customized.
+The included audio model has over [500 different types](https://github.com/blakeblackshear/frigate/blob/dev/audio-labelmap.txt) of audio that can be detected, many of which are not practical. By default `bark`, `fire_alarm`, `scream`, `speech`, and `yell` are enabled but these can be customized.
 
 ```yaml
 audio:
   enabled: True
   listen:
     - bark
+    - fire_alarm
     - scream
     - speech
     - yell

docs/docs/configuration/authentication.md

@@ -0,0 +1,132 @@
+---
+id: authentication
+title: Authentication
+---
+
+# Authentication
+
+Frigate stores user information in its database. Password hashes are generated using industry standard PBKDF2-SHA256 with 600,000 iterations. Upon successful login, a JWT token is issued with an expiration date and set as a cookie. The cookie is refreshed as needed automatically. This JWT token can also be passed in the Authorization header as a bearer token.
+
+Users are managed in the UI under Settings > Users.
+
+The following ports are available to access the Frigate web UI.
+
+| Port   | Description                                                                                                                                                                                                  |
+| ------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
+| `8080` | Authenticated UI and API. Reverse proxies should use this port.                                                                                                                                              |
+| `5000` | Internal unauthenticated UI and API access. Access to this port should be limited. Intended to be used within the docker network for services that integrate with Frigate and do not support authentication. |
+
+## Onboarding
+
+On startup, an admin user and password are generated and printed in the logs. It is recommended to set a new password for the admin account after logging in for the first time under Settings > Users.
+
+## Resetting admin password
+
+In the event that you are locked out of your instance, you can tell Frigate to reset the admin password and print it in the logs on next startup using the `reset_admin_password` setting in your config file.
+
+## Login failure rate limiting
+
+In order to limit the risk of brute force attacks, rate limiting is available for login failures. This is implemented with Flask-Limiter, and the string notation for valid values is available in [the documentation](https://flask-limiter.readthedocs.io/en/stable/configuration.html#rate-limit-string-notation).
+
+For example, `1/second;5/minute;20/hour` will rate limit the login endpoint when failures occur more than:
+
+- 1 time per second
+- 5 times per minute
+- 20 times per hour
+
+Restarting Frigate will reset the rate limits.
+
+If you are running Frigate behind a proxy, you will want to set `trusted_proxies` or these rate limits will apply to the upstream proxy IP address. This means that a brute force attack will rate limit login attempts from other devices and could temporarily lock you out of your instance. In order to ensure rate limits only apply to the actual IP address where the requests are coming from, you will need to list the upstream networks that you want to trust. These trusted proxies are checked against the `X-Forwarded-For` header when looking for the IP address where the request originated.
+
+If you are running a reverse proxy in the same docker compose file as Frigate, here is an example of how your auth config might look:
+
+```yaml
+auth:
+  failed_login_rate_limit: "1/second;5/minute;20/hour"
+  trusted_proxies:
+    - 172.18.0.0/16 # <---- this is the subnet for the internal docker compose network
+```
+
+## JWT Token Secret
+
+The JWT token secret needs to be kept secure. Anyone with this secret can generate valid JWT tokens to authenticate with Frigate. This should be a cryptographically random string of at least 64 characters.
+
+You can generate a token using the Python secret library with the following command:
+
+```shell
+python3 -c 'import secrets; print(secrets.token_hex(64))'
+```
+
+Frigate looks for a JWT token secret in the following order:
+
+1. An environment variable named `FRIGATE_JWT_SECRET`
+2. A docker secret named `FRIGATE_JWT_SECRET` in `/run/secrets/`
+3. A `jwt_secret` option from the Home Assistant Addon options
+4. A `.jwt_secret` file in the config directory
+
+If no secret is found on startup, Frigate generates one and stores it in a `.jwt_secret` file in the config directory.
+
+Changing the secret will invalidate current tokens.
+
+## Proxy configuration
+
+Frigate can be configured to leverage features of common upstream authentication proxies such as Authelia, Authentik, oauth2_proxy, or traefik-forward-auth.
+
+If you are leveraging the authentication of an upstream proxy, you likely want to disable Frigate's authentication. Optionally, if communication between the reverse proxy and Frigate is over an untrusted network, you should set an `auth_secret` in the `proxy` config and configure the proxy to send the secret value as a header named `X-Proxy-Secret`. Assuming this is an untrusted network, you will also want to [configure a real TLS certificate](tls.md) to ensure the traffic can't simply be sniffed to steal the secret.
+
+Here is an example of how to disable Frigate's authentication and also ensure the requests come only from your known proxy.
+
+```yaml
+auth:
+  enabled: False
+
+proxy:
+  auth_secret: <some random long string>
+```
+
+You can use the following code to generate a random secret.
+
+```shell
+python3 -c 'import secrets; print(secrets.token_hex(64))'
+```
+
+### Header mapping
+
+If you have disabled Frigate's authentication and your proxy supports passing a header with the authenticated username, you can use the `header_map` config to specify the header name so it is passed to Frigate. For example, the following will map the `X-Forwarded-User` value. Header names are not case sensitive.
+
+```yaml
+proxy:
+  ...
+  header_map:
+    user: x-forwarded-user
+```
+
+Note that only the following list of headers are permitted by default:
+
+```
+Remote-User
+Remote-Groups
+Remote-Email
+Remote-Name
+X-Forwarded-User
+X-Forwarded-Groups
+X-Forwarded-Email
+X-Forwarded-Preferred-Username
+X-authentik-username
+X-authentik-groups
+X-authentik-email
+X-authentik-name
+X-authentik-uid
+```
+
+If you would like to add more options, you can overwrite the default file with a docker bind mount at `/usr/local/nginx/conf/proxy_trusted_headers.conf`. Reference the source code for the default file formatting.
+
+Future versions of Frigate may leverage group and role headers for authorization in Frigate as well.
+
+### Login page redirection
+
+Frigate gracefully performs login page redirection that should work with most authentication proxies. If your reverse proxy returns a `Location` header on `401`, `302`, or `307` unauthorized responses, Frigate's frontend will automatically detect it and redirect to that URL.
+
+### Custom logout url
+
+If your reverse proxy has a dedicated logout url, you can specify using the `logout_url` config option. This will update the link for the `Logout` link in the UI.

docs/docs/configuration/autotracking.md

@@ -5,6 +5,8 @@ title: Camera Autotracking
 
 An ONVIF-capable, PTZ (pan-tilt-zoom) camera that supports relative movement within the field of view (FOV) can be configured to automatically track moving objects and keep them in the center of the frame.
 
+![Autotracking example with zooming](/img/frigate-autotracking-example.gif)
+
 ## Autotracking behavior
 
 Once Frigate determines that an object is not a false positive and has entered one of the required zones, the autotracker will move the PTZ camera to keep the object centered in the frame until the object either moves out of the frame, the PTZ is not capable of any more movement, or Frigate loses track of it.
@@ -21,13 +23,15 @@ Many cheaper or older PTZs may not support this standard. Frigate will report an
 
 Alternatively, you can download and run [this simple Python script](https://gist.github.com/hawkeye217/152a1d4ba80760dac95d46e143d37112), replacing the details on line 4 with your camera's IP address, ONVIF port, username, and password to check your camera.
 
+A growing list of cameras and brands that have been reported by users to work with Frigate's autotracking can be found [here](cameras.md).
+
 ## Configuration
 
 First, set up a PTZ preset in your camera's firmware and give it a name. If you're unsure how to do this, consult the documentation for your camera manufacturer's firmware. Some tutorials for common brands: [Amcrest](https://www.youtube.com/watch?v=lJlE9-krmrM), [Reolink](https://www.youtube.com/watch?v=VAnxHUY5i5w), [Dahua](https://www.youtube.com/watch?v=7sNbc5U-k54).
 
 Edit your Frigate configuration file and enter the ONVIF parameters for your camera. Specify the object types to track, a required zone the object must enter to begin autotracking, and the camera preset name you configured in your camera's firmware to return to when tracking has ended. Optionally, specify a delay in seconds before Frigate returns the camera to the preset.
 
-An [ONVIF connection](cameras.md) is required for autotracking to function.
+An [ONVIF connection](cameras.md) is required for autotracking to function. Also, a [motion mask](masks.md) over your camera's timestamp and any overlay text is recommended to ensure they are completely excluded from scene change calculations when the camera is moving.
 
 Note that `autotracking` is disabled by default but can be enabled in the configuration or by MQTT.
 
@@ -50,6 +54,23 @@ cameras:
       autotracking:
         # Optional: enable/disable object autotracking. (default: shown below)
         enabled: False
+        # Optional: calibrate the camera on startup (default: shown below)
+        # A calibration will move the PTZ in increments and measure the time it takes to move.
+        # The results are used to help estimate the position of tracked objects after a camera move.
+        # Frigate will update your config file automatically after a calibration with
+        # a "movement_weights" entry for the camera. You should then set calibrate_on_startup to False.
+        calibrate_on_startup: False
+        # Optional: the mode to use for zooming in/out on objects during autotracking. (default: shown below)
+        # Available options are: disabled, absolute, and relative
+        #   disabled - don't zoom in/out on autotracked objects, use pan/tilt only
+        #   absolute - use absolute zooming (supported by most PTZ capable cameras)
+        #   relative - use relative zooming (not supported on all PTZs, but makes concurrent pan/tilt/zoom movements)
+        zooming: disabled
+        # Optional: A value to change the behavior of zooming on autotracked objects. (default: shown below)
+        # A lower value will keep more of the scene in view around a tracked object.
+        # A higher value will zoom in more on a tracked object, but Frigate may lose tracking more quickly.
+        # The value should be between 0.1 and 0.75
+        zoom_factor: 0.3
         # Optional: list of objects to track from labelmap.txt (default: shown below)
         track:
           - person
@@ -60,18 +81,86 @@ cameras:
         return_preset: home
         # Optional: Seconds to delay before returning to preset. (default: shown below)
         timeout: 10
+        # Optional: Values generated automatically by a camera calibration. Do not modify these manually. (default: shown below)
+        movement_weights: []
 ```
 
+## Calibration
+
+PTZ motors operate at different speeds. Performing a calibration will direct Frigate to measure this speed over a variety of movements and use those measurements to better predict the amount of movement necessary to keep autotracked objects in the center of the frame.
+
+Calibration is optional, but will greatly assist Frigate in autotracking objects that move across the camera's field of view more quickly.
+
+To begin calibration, set the `calibrate_on_startup` for your camera to `True` and restart Frigate. Frigate will then make a series of small and large movements with your camera. Don't move the PTZ manually while calibration is in progress. Once complete, camera motion will stop and your config file will be automatically updated with a `movement_weights` parameter to be used in movement calculations. You should not modify this parameter manually.
+
+After calibration has ended, your PTZ will be moved to the preset specified by `return_preset`.
+
+:::note
+
+Frigate's web UI and all other cameras will be unresponsive while calibration is in progress. This is expected and normal to avoid excessive network traffic or CPU usage during calibration. Calibration for most PTZs will take about two minutes. The Frigate log will show calibration progress and any errors.
+
+:::
+
+At this point, Frigate will be running and will continue to refine and update the `movement_weights` parameter in your config automatically as the PTZ moves during autotracking and more measurements are obtained.
+
+Before restarting Frigate, you should set `calibrate_on_startup` in your config file to `False`, otherwise your refined `movement_weights` will be overwritten and calibration will occur when starting again.
+
+You can recalibrate at any time by removing the `movement_weights` parameter, setting `calibrate_on_startup` to `True`, and then restarting Frigate. You may need to recalibrate or remove `movement_weights` from your config altogether if autotracking is erratic. If you change your `return_preset` in any way or if you change your camera's detect `fps` value, a recalibration is also recommended.
+
+If you initially calibrate with zooming disabled and then enable zooming at a later point, you should also recalibrate.
+
 ## Best practices and considerations
 
 Every PTZ camera is different, so autotracking may not perform ideally in every situation. This experimental feature was initially developed using an EmpireTech/Dahua SD1A404XB-GNR.
 
-The object tracker in Frigate estimates the motion of the PTZ so that tracked objects are preserved when the camera moves. In most cases (especially for faster moving objects), the default 5 fps is insufficient for the motion estimator to perform accurately. 10 fps is the current recommendation. Higher frame rates will likely not be more performant and will only slow down Frigate and the motion estimator. Adjust your camera to output at least 10 frames per second and change the `fps` parameter in the [detect configuration](index.md) of your configuration file.
+The object tracker in Frigate estimates the motion of the PTZ so that tracked objects are preserved when the camera moves. In most cases 5 fps is sufficient, but if you plan to track faster moving objects, you may want to increase this slightly. Higher frame rates (> 10fps) will only slow down Frigate and the motion estimator and may lead to dropped frames, especially if you are using experimental zooming.
 
-A fast [detector](object_detectors.md) is recommended. CPU detectors will not perform well or won't work at all. If Frigate already has trouble keeping track of your object, the autotracker will struggle as well.
+A fast [detector](object_detectors.md) is recommended. CPU detectors will not perform well or won't work at all. You can watch Frigate's debug viewer for your camera to see a thicker colored box around the object currently being autotracked.
 
-The autotracker will add PTZ motion requests to a queue while the motor is moving. Once the motor stops, the events in the queue will be executed together as one large move (rather than incremental moves). If your PTZ's motor is slow, you may not be able to reliably autotrack fast moving objects.
+![Autotracking Debug View](/img/autotracking-debug.gif)
+
+A full-frame zone in `required_zones` is not recommended, especially if you've calibrated your camera and there are `movement_weights` defined in the configuration file. Frigate will continue to autotrack an object that has entered one of the `required_zones`, even if it moves outside of that zone.
+
+Some users have found it helpful to adjust the zone `inertia` value. See the [configuration reference](index.md).
+
+## Zooming
+
+Zooming is a very experimental feature and may use significantly more CPU when tracking objects than panning/tilting only.
+
+Absolute zooming makes zoom movements separate from pan/tilt movements. Most PTZ cameras will support absolute zooming. Absolute zooming was developed to be very conservative to work best with a variety of cameras and scenes. Absolute zooming usually will not occur until an object has stopped moving or is moving very slowly.
+
+Relative zooming attempts to make a zoom movement concurrently with any pan/tilt movements. It was tested to work with some Dahua and Amcrest PTZs. But the ONVIF specification indicates that there no assumption about how the generic zoom range is mapped to magnification, field of view or other physical zoom dimension when using relative zooming. So if relative zooming behavior is erratic or just doesn't work, try absolute zooming.
+
+You can optionally adjust the `zoom_factor` for your camera in your configuration file. Lower values will leave more space from the scene around the tracked object while higher values will cause your camera to zoom in more on the object. However, keep in mind that Frigate needs a fair amount of pixels and scene details outside of the bounding box of the tracked object to estimate the motion of your camera. If the object is taking up too much of the frame, Frigate will not be able to track the motion of the camera and your object will be lost.
+
+The range of this option is from 0.1 to 0.75. The default value of 0.3 is conservative and should be sufficient for most users. Because every PTZ and scene is different, you should experiment to determine what works best for you.
 
 ## Usage applications
 
 In security and surveillance, it's common to use "spotter" cameras in combination with your PTZ. When your fixed spotter camera detects an object, you could use an automation platform like Home Assistant to move the PTZ to a specific preset so that Frigate can begin automatically tracking the object. For example: a residence may have fixed cameras on the east and west side of the property, capturing views up and down a street. When the spotter camera on the west side detects a person, a Home Assistant automation could move the PTZ to a camera preset aimed toward the west. When the object enters the specified zone, Frigate's autotracker could then continue to track the person as it moves out of view of any of the fixed cameras.
+
+## Troubleshooting and FAQ
+
+### The autotracker loses track of my object. Why?
+
+There are many reasons this could be the case. If you are using experimental zooming, your `zoom_factor` value might be too high, the object might be traveling too quickly, the scene might be too dark, there are not enough details in the scene (for example, a PTZ looking down on a driveway or other monotone background without a sufficient number of hard edges or corners), or the scene is otherwise less than optimal for Frigate to maintain tracking.
+
+Your camera's shutter speed may also be set too low so that blurring occurs with motion. Check your camera's firmware to see if you can increase the shutter speed.
+
+Watching Frigate's debug view can help to determine a possible cause. The autotracked object will have a thicker colored box around it.
+
+### I'm seeing an error in the logs that my camera "is still in ONVIF 'MOVING' status." What does this mean?
+
+There are two possible known reasons for this (and perhaps others yet unknown): a slow PTZ motor or buggy camera firmware. Frigate uses an ONVIF parameter provided by the camera, `MoveStatus`, to determine when the PTZ's motor is moving or idle. According to some users, Hikvision PTZs (even with the latest firmware), are not updating this value after PTZ movement. Unfortunately there is no workaround to this bug in Hikvision firmware, so autotracking will not function correctly and should be disabled in your config. This may also be the case with other non-Hikvision cameras utilizing Hikvision firmware.
+
+### I tried calibrating my camera, but the logs show that it is stuck at 0% and Frigate is not starting up.
+
+This is often caused by the same reason as above - the `MoveStatus` ONVIF parameter is not changing due to a bug in your camera's firmware. Also, see the note above: Frigate's web UI and all other cameras will be unresponsive while calibration is in progress. This is expected and normal. But if you don't see log entries every few seconds for calibration progress, your camera is not compatible with autotracking.
+
+### I'm seeing this error in the logs: "Autotracker: motion estimator couldn't get transformations". What does this mean?
+
+To maintain object tracking during PTZ moves, Frigate tracks the motion of your camera based on the details of the frame. If you are seeing this message, it could mean that your `zoom_factor` may be set too high, the scene around your detected object does not have enough details (like hard edges or color variations), or your camera's shutter speed is too slow and motion blur is occurring. Try reducing `zoom_factor`, finding a way to alter the scene around your object, or changing your camera's shutter speed.
+
+### Calibration seems to have completed, but the camera is not actually moving to track my object. Why?
+
+Some cameras have firmware that reports that FOV RelativeMove, the ONVIF command that Frigate uses for autotracking, is supported. However, if the camera does not pan or tilt when an object comes into the required zone, your camera's firmware does not actually support FOV RelativeMove. One such camera is the Uniview IPC672LR-AX4DUPK. It actually moves its zoom motor instead of panning and tilting and does not follow the ONVIF standard whatsoever.

docs/docs/configuration/birdseye.md

@@ -1,13 +1,20 @@
 # Birdseye
 
-Birdseye allows a heads-up view of your cameras to see what is going on around your property / space without having to watch all cameras that may have nothing happening. Birdseye allows specific modes that intelligently show and disappear based on what you care about. 
+In addition to Frigate's Live camera dashboard, Birdseye allows a portable heads-up view of your cameras to see what is going on around your property / space without having to watch all cameras that may have nothing happening. Birdseye allows specific modes that intelligently show and disappear based on what you care about.
+
+Birdseye can be viewed by adding the "Birdseye" camera to a Camera Group in the Web UI. Add a Camera Group by pressing the "+" icon on the Live page, and choose "Birdseye" as one of the cameras.
+
+Birdseye can also be used in HomeAssistant dashboards, cast to media devices, etc.
+
+## Birdseye Behavior
 
 ### Birdseye Modes
 
 Birdseye offers different modes to customize which cameras show under which circumstances.
- - **continuous:** All cameras are always included
- - **motion:** Cameras that have detected motion within the last 30 seconds are included
- - **objects:** Cameras that have tracked an active object within the last 30 seconds are included
+
+- **continuous:** All cameras are always included
+- **motion:** Cameras that have detected motion within the last 30 seconds are included
+- **objects:** Cameras that have tracked an active object within the last 30 seconds are included
 
 ### Custom Birdseye Icon
 
@@ -34,6 +41,29 @@ cameras:
       enabled: False
 ```
 
+### Birdseye Inactivity
+
+By default birdseye shows all cameras that have had the configured activity in the last 30 seconds, this can be configured:
+
+```yaml
+birdseye:
+  enabled: True
+  inactivity_threshold: 15
+```
+
+## Birdseye Layout
+
+### Birdseye Dimensions
+
+The resolution and aspect ratio of birdseye can be configured. Resolution will increase the quality but does not affect the layout. Changing the aspect ratio of birdseye does affect how cameras are laid out.
+
+```yaml
+birdseye:
+  enabled: True
+  width: 1280
+  height: 720
+```
+
 ### Sorting cameras in the Birdseye view
 
 It is possible to override the order of cameras that are being shown in the Birdseye view.
@@ -54,4 +84,28 @@ cameras:
       order: 2
 ```
 
-*Note*: Cameras are sorted by default using their name to ensure a constant view inside Birdseye.
+_Note_: Cameras are sorted by default using their name to ensure a constant view inside Birdseye.
+
+### Birdseye Cameras
+
+It is possible to limit the number of cameras shown on birdseye at one time. When this is enabled, birdseye will show the cameras with most recent activity. There is a cooldown to ensure that cameras do not switch too frequently.
+
+For example, this can be configured to only show the most recently active camera.
+
+```yaml
+birdseye:
+  enabled: True
+  layout:
+    max_cameras: 1
+```
+
+### Birdseye Scaling
+
+By default birdseye tries to fit 2 cameras in each row and then double in size until a suitable layout is found. The scaling can be configured with a value between 1.0 and 5.0 depending on use case.
+
+```yaml
+birdseye:
+  enabled: True
+  layout:
+    scaling_factor: 3.0
+```

docs/docs/configuration/camera_specific.md

@@ -69,19 +69,15 @@ cameras:
     ffmpeg:
       output_args:
         record: -f segment -segment_time 10 -segment_format mp4 -reset_timestamps 1 -strftime 1 -c:v copy -tag:v hvc1 -bsf:v hevc_mp4toannexb -c:a aac
-        rtmp: -c:v copy -c:a aac -f flv
 
       inputs:
         - path: rtsp://user:password@camera-ip:554/H264/ch1/main/av_stream # <----- Update for your camera
           roles:
             - detect
             - record
-            - rtmp
-    rtmp:
-      enabled: False # <-- RTMP should be disabled if your stream is not H264
     detect:
-      width: # <- optional, by default Frigate tries to automatically detect resolution 
-      height: # <- optional, by default Frigate tries to automatically detect resolution 
+      width: # <- optional, by default Frigate tries to automatically detect resolution
+      height: # <- optional, by default Frigate tries to automatically detect resolution
 ```
 
 ### Blue Iris RTSP Cameras
@@ -105,26 +101,65 @@ If available, recommended settings are:
 
 According to [this discussion](https://github.com/blakeblackshear/frigate/issues/3235#issuecomment-1135876973), the http video streams seem to be the most reliable for Reolink.
 
+Cameras connected via a Reolink NVR can be connected with the http stream, use `channel[0..15]` in the stream url for the additional channels.
+The setup of main stream can be also done via RTSP, but isn't always reliable on all hardware versions. The example configuration is working with the oldest HW version RLN16-410 device with multiple types of cameras.
+
+:::warning
+
+The below configuration only works for reolink cameras with stream resolution of 5MP or lower, 8MP+ cameras need to use RTSP as http-flv is not supported in this case.
+
+:::
+
 ```yaml
 go2rtc:
   streams:
-    your_reolink_camera: 
+    your_reolink_camera:
       - "ffmpeg:http://reolink_ip/flv?port=1935&app=bcs&stream=channel0_main.bcs&user=username&password=password#video=copy#audio=copy#audio=opus"
-    your_reolink_camera_sub: 
+    your_reolink_camera_sub:
       - "ffmpeg:http://reolink_ip/flv?port=1935&app=bcs&stream=channel0_ext.bcs&user=username&password=password"
+    your_reolink_camera_via_nvr:
+      - "ffmpeg:http://reolink_nvr_ip/flv?port=1935&app=bcs&stream=channel3_main.bcs&user=username&password=password" # channel numbers are 0-15
+      - "ffmpeg:your_reolink_camera_via_nvr#audio=aac"
+    your_reolink_camera_via_nvr_sub:
+      - "ffmpeg:http://reolink_nvr_ip/flv?port=1935&app=bcs&stream=channel3_ext.bcs&user=username&password=password"
 
 cameras:
-  reolink:
+  your_reolink_camera:
     ffmpeg:
       inputs:
-        - path: rtsp://127.0.0.1:8554/your_reolink_camera?video=copy&audio=aac
+        - path: rtsp://127.0.0.1:8554/your_reolink_camera
           input_args: preset-rtsp-restream
           roles:
             - record
-        - path: rtsp://127.0.0.1:8554/your_reolink_camera_sub?video=copy
+        - path: rtsp://127.0.0.1:8554/your_reolink_camera_sub
           input_args: preset-rtsp-restream
           roles:
             - detect
+  reolink_via_nvr:
+    ffmpeg:
+      inputs:
+        - path: rtsp://127.0.0.1:8554/your_reolink_camera_via_nvr?video=copy&audio=aac
+          input_args: preset-rtsp-restream
+          roles:
+            - record
+        - path: rtsp://127.0.0.1:8554/your_reolink_camera_via_nvr_sub?video=copy
+          input_args: preset-rtsp-restream
+          roles:
+            - detect
+```
+
+#### Reolink Doorbell
+
+The reolink doorbell supports 2-way audio via go2rtc and other applications. It is important that the http-flv stream is still used for stability, a secondary rtsp stream can be added that will be using for the two way audio only.
+
+```yaml
+go2rtc:
+  streams:
+    your_reolink_doorbell:
+      - "ffmpeg:http://reolink_ip/flv?port=1935&app=bcs&stream=channel0_main.bcs&user=username&password=password#video=copy#audio=copy#audio=opus"
+      - rtsp://reolink_ip/Preview_01_sub
+    your_reolink_doorbell_sub:
+      - "ffmpeg:http://reolink_ip/flv?port=1935&app=bcs&stream=channel0_ext.bcs&user=username&password=password"
 ```
 
 ### Unifi Protect Cameras
@@ -140,13 +175,16 @@ go2rtc:
       - rtspx://192.168.1.1:7441/abcdefghijk
 ```
 
-[See the go2rtc docs for more information](https://github.com/AlexxIT/go2rtc/tree/v1.6.2#source-rtsp)
+[See the go2rtc docs for more information](https://github.com/AlexxIT/go2rtc/tree/v1.9.2#source-rtsp)
 
-In the Unifi 2.0 update Unifi Protect Cameras had a change in audio sample rate which causes issues for ffmpeg. The input rate needs to be set for record and rtmp if used directly with unifi protect.
+In the Unifi 2.0 update Unifi Protect Cameras had a change in audio sample rate which causes issues for ffmpeg. The input rate needs to be set for record if used directly with unifi protect.
 
 ```yaml
 ffmpeg:
   output_args:
     record: preset-record-ubiquiti
-    rtmp: preset-rtmp-ubiquiti # recommend using go2rtc instead
 ```
+
+### TP-Link VIGI Cameras
+
+TP-Link VIGI cameras need some adjustments to the main stream settings on the camera itself to avoid issues. The stream needs to be configured as `H264` with `Smart Coding` set to `off`. Without these settings you may have problems when trying to watch recorded events. For example Firefox will stop playback after a few seconds and show the following error message: `The media playback was aborted due to a corruption problem or because the media used features your browser did not support.`.

docs/docs/configuration/cameras.md

@@ -11,11 +11,11 @@ A camera is enabled by default but can be temporarily disabled by using `enabled
 
 Each role can only be assigned to one input per camera. The options for roles are as follows:
 
-| Role       | Description                                                                              |
-| ---------- | ---------------------------------------------------------------------------------------- |
-| `detect`   | Main feed for object detection                                                           |
-| `record`   | Saves segments of the video feed based on configuration settings. [docs](record.md)      |
-| `rtmp`     | Deprecated: Broadcast as an RTMP feed for other services to consume. [docs](restream.md) |
+| Role     | Description                                                                         |
+| -------- | ----------------------------------------------------------------------------------- |
+| `detect` | Main feed for object detection. [docs](object_detectors.md)                         |
+| `record` | Saves segments of the video feed based on configuration settings. [docs](record.md) |
+| `audio`  | Feed for audio based detection. [docs](audio_detectors.md)                          |
 
 ```yaml
 mqtt:
@@ -28,7 +28,6 @@ cameras:
         - path: rtsp://viewer:{FRIGATE_RTSP_PASSWORD}@10.0.10.10:554/cam/realmonitor?channel=1&subtype=2
           roles:
             - detect
-            - rtmp # <- deprecated, recommend using restream instead
         - path: rtsp://viewer:{FRIGATE_RTSP_PASSWORD}@10.0.10.10:554/live
           roles:
             - record
@@ -51,13 +50,18 @@ For camera model specific settings check the [camera specific](camera_specific.m
 
 ## Setting up camera PTZ controls
 
-Add onvif config to camera
+:::warning
+
+Not every PTZ supports ONVIF, which is the standard protocol Frigate uses to communicate with your camera. Check the [official list of ONVIF conformant products](https://www.onvif.org/conformant-products/), your camera documentation, or camera manufacturer's website to ensure your PTZ supports ONVIF. Also, ensure your camera is running the latest firmware.
+
+:::
+
+Add the onvif section to your camera in your configuration file:
 
 ```yaml
 cameras:
   back:
-    ffmpeg:
-      ...
+    ffmpeg: ...
     onvif:
       host: 10.0.10.10
       port: 8000
@@ -65,6 +69,48 @@ cameras:
       password: password
 ```
 
-then PTZ controls will be available in the cameras WebUI.
+If the ONVIF connection is successful, PTZ controls will be available in the camera's WebUI.
 
 An ONVIF-capable camera that supports relative movement within the field of view (FOV) can also be configured to automatically track moving objects and keep them in the center of the frame. For autotracking setup, see the [autotracking](autotracking.md) docs.
+
+## ONVIF PTZ camera recommendations
+
+This list of working and non-working PTZ cameras is based on user feedback.
+
+| Brand or specific camera | PTZ Controls | Autotracking | Notes                                                                                                                                           |
+| ------------------------ | :----------: | :----------: | ----------------------------------------------------------------------------------------------------------------------------------------------- |
+| Amcrest                  |      ✅      |      ✅      | ⛔️ Generally, Amcrest should work, but some older models (like the common IP2M-841) don't support autotracking                                 |
+| Amcrest ASH21            |      ❌      |      ❌      | No ONVIF support                                                                                                                                |
+| Ctronics PTZ             |      ✅      |      ❌      |                                                                                                                                                 |
+| Dahua                    |      ✅      |      ✅      |                                                                                                                                                 |
+| Foscam R5                |      ✅      |      ❌      |                                                                                                                                                 |
+| Hanwha XNP-6550RH        |      ✅      |      ❌      |                                                                                                                                                 |
+| Hikvision                |      ✅      |      ❌      | Incomplete ONVIF support (MoveStatus won't update even on latest firmware) - reported with HWP-N4215IH-DE and DS-2DE3304W-DE, but likely others |
+| Reolink 511WA            |      ✅      |      ❌      | Zoom only                                                                                                                                       |
+| Reolink E1 Pro           |      ✅      |      ❌      |                                                                                                                                                 |
+| Reolink E1 Zoom          |      ✅      |      ❌      |                                                                                                                                                 |
+| Reolink RLC-823A 16x     |      ✅      |      ❌      |                                                                                                                                                 |
+| Sunba 405-D20X           |      ✅      |      ❌      |                                                                                                                                                 |
+| Tapo                     |      ✅      |      ❌      | Many models supported, ONVIF Service Port: 2020                                                                                                 |
+| Uniview IPC672LR-AX4DUPK |      ✅      |      ❌      | Firmware says FOV relative movement is supported, but camera doesn't actually move when sending ONVIF commands                                  |
+| Vikylin PTZ-2804X-I2     |      ❌      |      ❌      | Incomplete ONVIF support                                                                                                                        |
+
+## Setting up camera groups
+
+:::tip
+
+It is recommended to set up camera groups using the UI.
+
+:::
+
+Cameras can be grouped together and assigned a name and icon, this allows them to be reviewed and filtered together. There will always be the default group for all cameras.
+
+```yaml
+camera_groups:
+  front:
+    cameras:
+      - driveway_cam
+      - garage_cam
+    icon: car
+    order: 0
+```

docs/docs/configuration/ffmpeg_presets.md

@@ -13,16 +13,16 @@ See [the hwaccel docs](/configuration/hardware_acceleration.md) for more info on
 
 | Preset                | Usage                          | Other Notes                                           |
 | --------------------- | ------------------------------ | ----------------------------------------------------- |
-| preset-rpi-32-h264    | 32 bit Rpi with h264 stream    |                                                       |
 | preset-rpi-64-h264    | 64 bit Rpi with h264 stream    |                                                       |
+| preset-rpi-64-h265    | 64 bit Rpi with h265 stream    |                                                       |
 | preset-vaapi          | Intel & AMD VAAPI              | Check hwaccel docs to ensure correct driver is chosen |
 | preset-intel-qsv-h264 | Intel QSV with h264 stream     | If issues occur recommend using vaapi preset instead  |
 | preset-intel-qsv-h265 | Intel QSV with h265 stream     | If issues occur recommend using vaapi preset instead  |
-| preset-nvidia-h264    | Nvidia GPU with h264 stream    |                                                       |
-| preset-nvidia-h265    | Nvidia GPU with h265 stream    |                                                       |
-| preset-nvidia-mjpeg   | Nvidia GPU with mjpeg stream   | Recommend restreaming mjpeg and using nvidia-h264     |
+| preset-nvidia         | Nvidia GPU                     |                                                       |
 | preset-jetson-h264    | Nvidia Jetson with h264 stream |                                                       |
 | preset-jetson-h265    | Nvidia Jetson with h265 stream |                                                       |
+| preset-rk-h264        | Rockchip MPP with h264 stream  | Use image with \*-rk suffix and privileged mode       |
+| preset-rk-h265        | Rockchip MPP with h265 stream  | Use image with \*-rk suffix and privileged mode       |
 
 ### Input Args Presets
 
@@ -42,7 +42,7 @@ See [the camera specific docs](/configuration/camera_specific.md) for more info
 | preset-rtsp-udp                  | RTSP Stream via UDP       | Use when camera is UDP only                                                                      |
 | preset-rtsp-blue-iris            | Blue Iris RTSP Stream     | Use when consuming a stream from Blue Iris                                                       |
 
-:::caution
+:::warning
 
 It is important to be mindful of input args when using restream because you can have a mix of protocols. `http` and `rtmp` presets cannot be used with `rtsp` streams. For example, when using a reolink cam with the rtsp restream as a source for record the preset-http-reolink will cause a crash. In this case presets will need to be set at the stream level. See the example below.
 
@@ -71,11 +71,11 @@ cameras:
 
 Output args presets help make the config more readable and handle use cases for different types of streams to ensure consistent recordings.
 
-| Preset                           | Usage                             | Other Notes                                   |
-| -------------------------------- | --------------------------------- | --------------------------------------------- |
-| preset-record-generic            | Record WITHOUT audio              | This is the default when nothing is specified |
-| preset-record-generic-audio-aac  | Record WITH aac audio             | Use this to enable audio in recordings        |
-| preset-record-generic-audio-copy | Record WITH original audio        | Use this to enable audio in recordings        |
-| preset-record-mjpeg              | Record an mjpeg stream            | Recommend restreaming mjpeg stream instead    |
-| preset-record-jpeg               | Record live jpeg                  | Recommend restreaming live jpeg instead       |
-| preset-record-ubiquiti           | Record ubiquiti stream with audio | Recordings with ubiquiti non-standard audio   |
+| Preset                           | Usage                             | Other Notes                                                                                                                          |
+| -------------------------------- | --------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------ |
+| preset-record-generic            | Record WITHOUT audio              | This is the default when nothing is specified                                                                                        |
+| preset-record-generic-audio-copy | Record WITH original audio        | Use this to enable audio in recordings                                                                                               |
+| preset-record-generic-audio-aac  | Record WITH transcoded aac audio  | Use this to transcode to aac audio. If your source is already aac, use preset-record-generic-audio-copy instead to avoid re-encoding |
+| preset-record-mjpeg              | Record an mjpeg stream            | Recommend restreaming mjpeg stream instead                                                                                           |
+| preset-record-jpeg               | Record live jpeg                  | Recommend restreaming live jpeg instead                                                                                              |
+| preset-record-ubiquiti           | Record ubiquiti stream with audio | Recordings with ubiquiti non-standard audio                                                                                          |

docs/docs/configuration/hardware_acceleration.md

@@ -3,50 +3,86 @@ id: hardware_acceleration
 title: Hardware Acceleration
 ---
 
-It is recommended to update your configuration to enable hardware accelerated decoding in ffmpeg. Depending on your system, these parameters may not be compatible. More information on hardware accelerated decoding for ffmpeg can be found here: https://trac.ffmpeg.org/wiki/HWAccelIntro
+# Hardware Acceleration
+
+It is highly recommended to use a GPU for hardware acceleration in Frigate. Some types of hardware acceleration are detected and used automatically, but you may need to update your configuration to enable hardware accelerated decoding in ffmpeg.
+
+Depending on your system, these parameters may not be compatible. More information on hardware accelerated decoding for ffmpeg can be found here: https://trac.ffmpeg.org/wiki/HWAccelIntro
 
 # Officially Supported
 
 ## Raspberry Pi 3/4
 
-Ensure you increase the allocated RAM for your GPU to at least 128 (raspi-config > Performance Options > GPU Memory).
-**NOTICE**: If you are using the addon, you may need to turn off `Protection mode` for hardware acceleration.
+Ensure you increase the allocated RAM for your GPU to at least 128 (`raspi-config` > Performance Options > GPU Memory).
+If you are using the HA addon, you may need to use the full access variant and turn off `Protection mode` for hardware acceleration.
 
 ```yaml
+# if you want to decode a h264 stream
 ffmpeg:
   hwaccel_args: preset-rpi-64-h264
+
+# if you want to decode a h265 (hevc) stream
+ffmpeg:
+  hwaccel_args: preset-rpi-64-h265
 ```
 
 :::note
 
-If running Frigate in docker, you either need to run in priviliged mode or be sure to map the /dev/video1x devices to Frigate
+If running Frigate in Docker, you either need to run in privileged mode or
+map the `/dev/video*` devices to Frigate. With Docker compose add:
 
 ```yaml
+services:
+  frigate:
+    ...
+    devices:
+      - /dev/video11:/dev/video11
+```
+
+Or with `docker run`:
+
+```bash
 docker run -d \
   --name frigate \
   ...
-  --device /dev/video10 \
+  --device /dev/video11 \
   ghcr.io/blakeblackshear/frigate:stable
 ```
 
+`/dev/video11` is the correct device (on Raspberry Pi 4B). You can check
+by running the following and looking for `H264`:
+
+```bash
+for d in /dev/video*; do
+  echo -e "---\n$d"
+  v4l2-ctl --list-formats-ext -d $d
+done
+```
+
+Or map in all the `/dev/video*` devices.
+
 :::
 
 ## Intel-based CPUs
 
 ### Via VAAPI
 
-VAAPI supports automatic profile selection so it will work automatically with both H.264 and H.265 streams. VAAPI is recommended for all generations of Intel-based CPUs if QSV does not work.
+VAAPI supports automatic profile selection so it will work automatically with both H.264 and H.265 streams. VAAPI is recommended for all generations of Intel-based CPUs.
 
 ```yaml
 ffmpeg:
   hwaccel_args: preset-vaapi
 ```
 
-**NOTICE**: With some of the processors, like the J4125, the default driver `iHD` doesn't seem to work correctly for hardware acceleration. You may need to change the driver to `i965` by adding the following environment variable `LIBVA_DRIVER_NAME=i965` to your docker-compose file or [in the `frigate.yaml` for HA OS users](advanced.md#environment_vars).
+:::note
+
+With some of the processors, like the J4125, the default driver `iHD` doesn't seem to work correctly for hardware acceleration. You may need to change the driver to `i965` by adding the following environment variable `LIBVA_DRIVER_NAME=i965` to your docker-compose file or [in the `frigate.yaml` for HA OS users](advanced.md#environment_vars).
+
+:::
 
 ### Via Quicksync (>=10th Generation only)
 
-QSV must be set specifically based on the video encoding of the stream.
+If VAAPI does not work for you, you can try QSV if your processor supports it. QSV must be set specifically based on the video encoding of the stream.
 
 #### H.264 streams
 
@@ -64,11 +100,10 @@ ffmpeg:
 
 ### Configuring Intel GPU Stats in Docker
 
-Additional configuration is needed for the Docker container to be able to access the `intel_gpu_top` command for GPU stats. Three possible changes can be made:
+Additional configuration is needed for the Docker container to be able to access the `intel_gpu_top` command for GPU stats. There are two options:
 
 1. Run the container as privileged.
-2. Adding the `CAP_PERFMON` capability.
-3. Setting the `perf_event_paranoid` low enough to allow access to the performance event system.
+2. Add the `CAP_PERFMON` capability (note: you might need to set the `perf_event_paranoid` low enough to allow access to the performance event system.)
 
 #### Run as privileged
 
@@ -125,13 +160,17 @@ _Note: This setting must be changed for the entire system._
 
 For more information on the various values across different distributions, see https://askubuntu.com/questions/1400874/what-does-perf-paranoia-level-four-do.
 
-Depending on your OS and kernel configuration, you may need to change the `/proc/sys/kernel/perf_event_paranoid` kernel tunable. You can test the change by running `sudo sh -c 'echo 2 >/proc/sys/kernel/perf_event_paranoid'` which will persist until a reboot. Make it permanent by running `sudo sh -c 'echo kernel.perf_event_paranoid=1 >> /etc/sysctl.d/local.conf'`
+Depending on your OS and kernel configuration, you may need to change the `/proc/sys/kernel/perf_event_paranoid` kernel tunable. You can test the change by running `sudo sh -c 'echo 2 >/proc/sys/kernel/perf_event_paranoid'` which will persist until a reboot. Make it permanent by running `sudo sh -c 'echo kernel.perf_event_paranoid=2 >> /etc/sysctl.d/local.conf'`
 
 ## AMD/ATI GPUs (Radeon HD 2000 and newer GPUs) via libva-mesa-driver
 
 VAAPI supports automatic profile selection so it will work automatically with both H.264 and H.265 streams.
 
-**Note:** You also need to set `LIBVA_DRIVER_NAME=radeonsi` as an environment variable on the container.
+:::note
+
+You need to change the driver to `radeonsi` by adding the following environment variable `LIBVA_DRIVER_NAME=radeonsi` to your docker-compose file or [in the `frigate.yaml` for HA OS users](advanced.md#environment_vars).
+
+:::
 
 ```yaml
 ffmpeg:
@@ -247,12 +286,12 @@ These instructions were originally based on the [Jellyfin documentation](https:/
 
 # Community Supported
 
-## NVIDIA Jetson (Orin AGX, Orin NX, Orin Nano*, Xavier AGX, Xavier NX, TX2, TX1, Nano)
+## NVIDIA Jetson (Orin AGX, Orin NX, Orin Nano\*, Xavier AGX, Xavier NX, TX2, TX1, Nano)
 
-A separate set of docker images is available that is based on Jetpack/L4T. They comes with an `ffmpeg` build
+A separate set of docker images is available that is based on Jetpack/L4T. They come with an `ffmpeg` build
 with codecs that use the Jetson's dedicated media engine. If your Jetson host is running Jetpack 4.6, use the
-`frigate-tensorrt-jp4` image, or if your Jetson host is running Jetpack 5.0+, use the `frigate-tensorrt-jp5`
-image. Note that the Orin Nano has no video encoder, so frigate will use software encoding on this platform,
+`stable-tensorrt-jp4` tagged image, or if your Jetson host is running Jetpack 5.0+, use the `stable-tensorrt-jp5`
+tagged image. Note that the Orin Nano has no video encoder, so frigate will use software encoding on this platform,
 but the image will still allow hardware decoding and tensorrt object detection.
 
 You will need to use the image with the nvidia container runtime:
@@ -263,7 +302,7 @@ You will need to use the image with the nvidia container runtime:
 docker run -d \
   ...
   --runtime nvidia
-  ghcr.io/blakeblackshear/frigate-tensorrt-jp5
+  ghcr.io/blakeblackshear/frigate:stable-tensorrt-jp5
 ```
 
 ### Docker Compose - Jetson
@@ -273,7 +312,7 @@ version: '2.4'
 services:
   frigate:
     ...
-    image: ghcr.io/blakeblackshear/frigate-tensorrt-jp5
+    image: ghcr.io/blakeblackshear/frigate:stable-tensorrt-jp5
     runtime: nvidia   # Add this
 ```
 
@@ -320,3 +359,31 @@ ffmpeg:
 If everything is working correctly, you should see a significant reduction in ffmpeg CPU load and power consumption.
 Verify that hardware decoding is working by running `jtop` (`sudo pip3 install -U jetson-stats`), which should show
 that NVDEC/NVDEC1 are in use.
+
+## Rockchip platform
+
+Hardware accelerated video de-/encoding is supported on all Rockchip SoCs using [Nyanmisaka's FFmpeg 6.1 Fork](https://github.com/nyanmisaka/ffmpeg-rockchip) based on [Rockchip's mpp library](https://github.com/rockchip-linux/mpp).
+
+### Prerequisites
+
+Make sure to follow the [Rockchip specific installation instructions](/frigate/installation#rockchip-platform).
+
+### Configuration
+
+Add one of the following FFmpeg presets to your `config.yaml` to enable hardware video processing:
+
+```yaml
+# if you try to decode a h264 encoded stream
+ffmpeg:
+  hwaccel_args: preset-rk-h264
+
+# if you try to decode a h265 (hevc) encoded stream
+ffmpeg:
+  hwaccel_args: preset-rk-h265
+```
+
+:::note
+
+Make sure that your SoC supports hardware acceleration for your input stream. For example, if your camera streams with h265 encoding and a 4k resolution, your SoC must be able to de- and encode h265 with a 4k resolution or higher. If you are unsure whether your SoC meets the requirements, take a look at the datasheet.
+
+:::

docs/docs/configuration/index.md

@@ -1,46 +1,35 @@
 ---
 id: index
-title: Frigate Configuration Reference
+title: Frigate Configuration
 ---
 
 For Home Assistant Addon installations, the config file needs to be in the root of your Home Assistant config directory (same location as `configuration.yaml`). It can be named `frigate.yaml` or `frigate.yml`, but if both files exist `frigate.yaml` will be preferred and `frigate.yml` will be ignored.
 
 For all other installation types, the config file should be mapped to `/config/config.yml` inside the container.
 
-It is recommended to start with a minimal configuration and add to it as described in [this guide](../guides/getting_started.md):
+It is recommended to start with a minimal configuration and add to it as described in [this guide](../guides/getting_started.md) and use the built in configuration editor in Frigate's UI which supports validation.
 
 ```yaml
 mqtt:
-  host: mqtt.server.com
+  enabled: False
+
 cameras:
-  back:
+  dummy_camera: # <--- this will be changed to your actual camera later
+    enabled: False
     ffmpeg:
       inputs:
-        - path: rtsp://viewer:{FRIGATE_RTSP_PASSWORD}@10.0.10.10:554/cam/realmonitor?channel=1&subtype=2
+        - path: rtsp://127.0.0.1:554/rtsp
           roles:
             - detect
 ```
 
-### VSCode Configuration Schema
+## VSCode Configuration Schema
 
-VSCode (and VSCode addon) supports the JSON schemas which will automatically validate the config. This can be added by adding `# yaml-language-server: $schema=http://frigate_host:5000/api/config/schema.json` to the top of the config file. `frigate_host` being the IP address of Frigate or `ccab4aaf-frigate` if running in the addon.
+VSCode supports JSON schemas for automatically validating configuration files. You can enable this feature by adding `# yaml-language-server: $schema=http://frigate_host:5000/api/config/schema.json` to the beginning of the configuration file. Replace `frigate_host` with the IP address or hostname of your Frigate server. If you're using both VSCode and Frigate as an add-on, you should use `ccab4aaf-frigate` instead. Make sure to expose the internal unauthenticated port `5000` when accessing the config from VSCode on another machine.
 
-### Full configuration reference:
+## Environment Variable Substitution
 
-:::caution
-
-It is not recommended to copy this full configuration file. Only specify values that are different from the defaults. Configuration options and default values may change in future versions.
-
-:::
-
-**Note:** The following values will be replaced at runtime by using environment variables
-
-- `{FRIGATE_MQTT_USER}`
-- `{FRIGATE_MQTT_PASSWORD}`
-- `{FRIGATE_RTSP_USER}`
-- `{FRIGATE_RTSP_PASSWORD}`
-
-for example:
+Frigate supports the use of environment variables starting with `FRIGATE_` **only** where specifically indicated in the [reference config](./reference.md). For example, the following values can be replaced at runtime by using environment variables:
 
 ```yaml
 mqtt:
@@ -61,586 +50,187 @@ onvif:
 ```
 
 ```yaml
-mqtt:
-  # Optional: Enable mqtt server (default: shown below)
-  enabled: True
-  # Required: host name
-  host: mqtt.server.com
-  # Optional: port (default: shown below)
-  port: 1883
-  # Optional: topic prefix (default: shown below)
-  # NOTE: must be unique if you are running multiple instances
-  topic_prefix: frigate
-  # Optional: client id (default: shown below)
-  # NOTE: must be unique if you are running multiple instances
-  client_id: frigate
-  # Optional: user
-  # NOTE: MQTT user can be specified with an environment variables that must begin with 'FRIGATE_'.
-  #       e.g. user: '{FRIGATE_MQTT_USER}'
-  user: mqtt_user
-  # Optional: password
-  # NOTE: MQTT password can be specified with an environment variables that must begin with 'FRIGATE_'.
-  #       e.g. password: '{FRIGATE_MQTT_PASSWORD}'
-  password: password
-  # Optional: tls_ca_certs for enabling TLS using self-signed certs (default: None)
-  tls_ca_certs: /path/to/ca.crt
-  # Optional: tls_client_cert and tls_client key in order to use self-signed client
-  # certificates (default: None)
-  # NOTE: certificate must not be password-protected
-  #       do not set user and password when using a client certificate
-  tls_client_cert: /path/to/client.crt
-  tls_client_key: /path/to/client.key
-  # Optional: tls_insecure (true/false) for enabling TLS verification of
-  # the server hostname in the server certificate (default: None)
-  tls_insecure: false
-  # Optional: interval in seconds for publishing stats (default: shown below)
-  stats_interval: 60
-
-# Optional: Detectors configuration. Defaults to a single CPU detector
-detectors:
-  # Required: name of the detector
-  detector_name:
-    # Required: type of the detector
-    # Frigate provided types include 'cpu', 'edgetpu', 'openvino' and 'tensorrt' (default: shown below)
-    # Additional detector types can also be plugged in.
-    # Detectors may require additional configuration.
-    # Refer to the Detectors configuration page for more information.
-    type: cpu
-
-# Optional: Database configuration
-database:
-  # The path to store the SQLite DB (default: shown below)
-  path: /config/frigate.db
-
-# Optional: model modifications
-model:
-  # Optional: path to the model (default: automatic based on detector)
-  path: /edgetpu_model.tflite
-  # Optional: path to the labelmap (default: shown below)
-  labelmap_path: /labelmap.txt
-  # Required: Object detection model input width (default: shown below)
-  width: 320
-  # Required: Object detection model input height (default: shown below)
-  height: 320
-  # Optional: Object detection model input colorspace
-  # Valid values are rgb, bgr, or yuv. (default: shown below)
-  input_pixel_format: rgb
-  # Optional: Object detection model input tensor format
-  # Valid values are nhwc or nchw (default: shown below)
-  input_tensor: nhwc
-  # Optional: Object detection model type, currently only used with the OpenVINO detector
-  # Valid values are ssd, yolox, yolov5, or yolov8 (default: shown below)
-  model_type: ssd
-  # Optional: Label name modifications. These are merged into the standard labelmap.
-  labelmap:
-    2: vehicle
-
-# Optional: Audio Events Configuration
-# NOTE: Can be overridden at the camera level
-audio:
-  # Optional: Enable audio events (default: shown below)
-  enabled: False
-  # Optional: Configure the amount of seconds without detected audio to end the event (default: shown below)
-  max_not_heard: 30
-  # Optional: Configure the min rms volume required to run audio detection (default: shown below)
-  # As a rule of thumb:
-  #  - 200 - high sensitivity
-  #  - 500 - medium sensitivity
-  #  - 1000 - low sensitivity
-  min_volume: 500
-  # Optional: Types of audio to listen for (default: shown below)
-  listen:
-    - bark
-    - scream
-    - speech
-    - yell
-  # Optional: Filters to configure detection.
-  filters:
-    # Label that matches label in listen config.
-    speech:
-      # Minimum score that triggers an audio event (default: shown below)
-      threshold: 0.8
-
-# Optional: logger verbosity settings
-logger:
-  # Optional: Default log verbosity (default: shown below)
-  default: info
-  # Optional: Component specific logger overrides
-  logs:
-    frigate.event: debug
-
-# Optional: set environment variables
-environment_vars:
-  EXAMPLE_VAR: value
-
-# Optional: birdseye configuration
-# NOTE: Can (enabled, mode) be overridden at the camera level
-birdseye:
-  # Optional: Enable birdseye view (default: shown below)
-  enabled: True
-  # Optional: Restream birdseye via RTSP (default: shown below)
-  # NOTE: Enabling this will set birdseye to run 24/7 which may increase CPU usage somewhat.
-  restream: False
-  # Optional: Width of the output resolution (default: shown below)
-  width: 1280
-  # Optional: Height of the output resolution (default: shown below)
-  height: 720
-  # Optional: Encoding quality of the mpeg1 feed (default: shown below)
-  # 1 is the highest quality, and 31 is the lowest. Lower quality feeds utilize less CPU resources.
-  quality: 8
-  # Optional: Mode of the view. Available options are: objects, motion, and continuous
-  #   objects - cameras are included if they have had a tracked object within the last 30 seconds
-  #   motion - cameras are included if motion was detected in the last 30 seconds
-  #   continuous - all cameras are included always
-  mode: objects
-
-# Optional: ffmpeg configuration
-# More information about presets at https://docs.frigate.video/configuration/ffmpeg_presets
-ffmpeg:
-  # Optional: global ffmpeg args (default: shown below)
-  global_args: -hide_banner -loglevel warning -threads 2
-  # Optional: global hwaccel args (default: shown below)
-  # NOTE: See hardware acceleration docs for your specific device
-  hwaccel_args: []
-  # Optional: global input args (default: shown below)
-  input_args: preset-rtsp-generic
-  # Optional: global output args
-  output_args:
-    # Optional: output args for detect streams (default: shown below)
-    detect: -threads 2 -f rawvideo -pix_fmt yuv420p
-    # Optional: output args for record streams (default: shown below)
-    record: preset-record-generic
-    # Optional: output args for rtmp streams (default: shown below)
-    rtmp: preset-rtmp-generic
-  # Optional: Time in seconds to wait before ffmpeg retries connecting to the camera. (default: shown below)
-  # If set too low, frigate will retry a connection to the camera's stream too frequently, using up the limited streams some cameras can allow at once
-  # If set too high, then if a ffmpeg crash or camera stream timeout occurs, you could potentially lose up to a maximum of retry_interval second(s) of footage
-  # NOTE: this can be a useful setting for Wireless / Battery cameras to reduce how much footage is potentially lost during a connection timeout.
-  retry_interval: 10
-
-# Optional: Detect configuration
-# NOTE: Can be overridden at the camera level
-detect:
-  # Optional: width of the frame for the input with the detect role (default: shown below)
-  width: 1280
-  # Optional: height of the frame for the input with the detect role (default: shown below)
-  height: 720
-  # Optional: desired fps for your camera for the input with the detect role (default: shown below)
-  # NOTE: Recommended value of 5. Ideally, try and reduce your FPS on the camera.
-  fps: 5
-  # Optional: enables detection for the camera (default: True)
-  enabled: True
-  # Optional: Number of frames without a detection before Frigate considers an object to be gone. (default: 5x the frame rate)
-  max_disappeared: 25
-  # Optional: Configuration for stationary object tracking
-  stationary:
-    # Optional: Frequency for confirming stationary objects (default: same as threshold)
-    # When set to 1, object detection will run to confirm the object still exists on every frame.
-    # If set to 10, object detection will run to confirm the object still exists on every 10th frame.
-    interval: 50
-    # Optional: Number of frames without a position change for an object to be considered stationary (default: 10x the frame rate or 10s)
-    threshold: 50
-    # Optional: Define a maximum number of frames for tracking a stationary object (default: not set, track forever)
-    # This can help with false positives for objects that should only be stationary for a limited amount of time.
-    # It can also be used to disable stationary object tracking. For example, you may want to set a value for person, but leave
-    # car at the default.
-    # WARNING: Setting these values overrides default behavior and disables stationary object tracking.
-    #          There are very few situations where you would want it disabled. It is NOT recommended to
-    #          copy these values from the example config into your config unless you know they are needed.
-    max_frames:
-      # Optional: Default for all object types (default: not set, track forever)
-      default: 3000
-      # Optional: Object specific values
-      objects:
-        person: 1000
-  # Optional: Milliseconds to offset detect annotations by (default: shown below).
-  # There can often be latency between a recording and the detect process,
-  # especially when using separate streams for detect and record.
-  # Use this setting to make the timeline bounding boxes more closely align
-  # with the recording. The value can be positive or negative.
-  # TIP: Imagine there is an event clip with a person walking from left to right.
-  #      If the event timeline bounding box is consistently to the left of the person
-  #      then the value should be decreased. Similarly, if a person is walking from
-  #      left to right and the bounding box is consistently ahead of the person
-  #      then the value should be increased.
-  # TIP: This offset is dynamic so you can change the value and it will update existing
-  #      events, this makes it easy to tune.
-  # WARNING: Fast moving objects will likely not have the bounding box align.
-  annotation_offset: 0
-
-# Optional: Object configuration
-# NOTE: Can be overridden at the camera level
-objects:
-  # Optional: list of objects to track from labelmap.txt (default: shown below)
-  track:
-    - person
-  # Optional: mask to prevent all object types from being detected in certain areas (default: no mask)
-  # Checks based on the bottom center of the bounding box of the object.
-  # NOTE: This mask is COMBINED with the object type specific mask below
-  mask: 0,0,1000,0,1000,200,0,200
-  # Optional: filters to reduce false positives for specific object types
-  filters:
-    person:
-      # Optional: minimum width*height of the bounding box for the detected object (default: 0)
-      min_area: 5000
-      # Optional: maximum width*height of the bounding box for the detected object (default: 24000000)
-      max_area: 100000
-      # Optional: minimum width/height of the bounding box for the detected object (default: 0)
-      min_ratio: 0.5
-      # Optional: maximum width/height of the bounding box for the detected object (default: 24000000)
-      max_ratio: 2.0
-      # Optional: minimum score for the object to initiate tracking (default: shown below)
-      min_score: 0.5
-      # Optional: minimum decimal percentage for tracked object's computed score to be considered a true positive (default: shown below)
-      threshold: 0.7
-      # Optional: mask to prevent this object type from being detected in certain areas (default: no mask)
-      # Checks based on the bottom center of the bounding box of the object
-      mask: 0,0,1000,0,1000,200,0,200
-
-# Optional: Motion configuration
-# NOTE: Can be overridden at the camera level
-motion:
-  # Optional: The threshold passed to cv2.threshold to determine if a pixel is different enough to be counted as motion. (default: shown below)
-  # Increasing this value will make motion detection less sensitive and decreasing it will make motion detection more sensitive.
-  # The value should be between 1 and 255.
-  threshold: 30
-  # Optional: The percentage of the image used to detect lightning or other substantial changes where motion detection
-  #           needs to recalibrate. (default: shown below)
-  # Increasing this value will make motion detection more likely to consider lightning or ir mode changes as valid motion.
-  # Decreasing this value will make motion detection more likely to ignore large amounts of motion such as a person approaching
-  # a doorbell camera.
-  lightning_threshold: 0.8
-  # Optional: Minimum size in pixels in the resized motion image that counts as motion (default: shown below)
-  # Increasing this value will prevent smaller areas of motion from being detected. Decreasing will
-  # make motion detection more sensitive to smaller moving objects.
-  # As a rule of thumb:
-  #  - 10 - high sensitivity
-  #  - 30 - medium sensitivity
-  #  - 50 - low sensitivity
-  contour_area: 10
-  # Optional: Alpha value passed to cv2.accumulateWeighted when averaging frames to determine the background (default: shown below)
-  # Higher values mean the current frame impacts the average a lot, and a new object will be averaged into the background faster.
-  # Low values will cause things like moving shadows to be detected as motion for longer.
-  # https://www.geeksforgeeks.org/background-subtraction-in-an-image-using-concept-of-running-average/
-  frame_alpha: 0.01
-  # Optional: Height of the resized motion frame  (default: 50)
-  # Higher values will result in more granular motion detection at the expense of higher CPU usage.
-  # Lower values result in less CPU, but small changes may not register as motion.
-  frame_height: 100
-  # Optional: motion mask
-  # NOTE: see docs for more detailed info on creating masks
-  mask: 0,900,1080,900,1080,1920,0,1920
-  # Optional: improve contrast (default: shown below)
-  # Enables dynamic contrast improvement. This should help improve night detections at the cost of making motion detection more sensitive
-  # for daytime.
-  improve_contrast: True
-  # Optional: Delay when updating camera motion through MQTT from ON -> OFF (default: shown below).
-  mqtt_off_delay: 30
-
-# Optional: Record configuration
-# NOTE: Can be overridden at the camera level
-record:
-  # Optional: Enable recording (default: shown below)
-  # WARNING: If recording is disabled in the config, turning it on via
-  #          the UI or MQTT later will have no effect.
-  enabled: False
-  # Optional: Number of minutes to wait between cleanup runs (default: shown below)
-  # This can be used to reduce the frequency of deleting recording segments from disk if you want to minimize i/o
-  expire_interval: 60
-  # Optional: Sync recordings with disk on startup (default: shown below).
-  sync_on_startup: False
-  # Optional: Retention settings for recording
-  retain:
-    # Optional: Number of days to retain recordings regardless of events (default: shown below)
-    # NOTE: This should be set to 0 and retention should be defined in events section below
-    #       if you only want to retain recordings of events.
-    days: 0
-    # Optional: Mode for retention. Available options are: all, motion, and active_objects
-    #   all - save all recording segments regardless of activity
-    #   motion - save all recordings segments with any detected motion
-    #   active_objects - save all recording segments with active/moving objects
-    # NOTE: this mode only applies when the days setting above is greater than 0
-    mode: all
-  # Optional: Event recording settings
-  events:
-    # Optional: Number of seconds before the event to include (default: shown below)
-    pre_capture: 5
-    # Optional: Number of seconds after the event to include (default: shown below)
-    post_capture: 5
-    # Optional: Objects to save recordings for. (default: all tracked objects)
-    objects:
-      - person
-    # Optional: Restrict recordings to objects that entered any of the listed zones (default: no required zones)
-    required_zones: []
-    # Optional: Retention settings for recordings of events
-    retain:
-      # Required: Default retention days (default: shown below)
-      default: 10
-      # Optional: Mode for retention. (default: shown below)
-      #   all - save all recording segments for events regardless of activity
-      #   motion - save all recordings segments for events with any detected motion
-      #   active_objects - save all recording segments for event with active/moving objects
-      #
-      # NOTE: If the retain mode for the camera is more restrictive than the mode configured
-      #       here, the segments will already be gone by the time this mode is applied.
-      #       For example, if the camera retain mode is "motion", the segments without motion are
-      #       never stored, so setting the mode to "all" here won't bring them back.
-      mode: motion
-      # Optional: Per object retention days
-      objects:
-        person: 15
-
-# Optional: Configuration for the jpg snapshots written to the clips directory for each event
-# NOTE: Can be overridden at the camera level
-snapshots:
-  # Optional: Enable writing jpg snapshot to /media/frigate/clips (default: shown below)
-  enabled: False
-  # Optional: save a clean PNG copy of the snapshot image (default: shown below)
-  clean_copy: True
-  # Optional: print a timestamp on the snapshots (default: shown below)
-  timestamp: False
-  # Optional: draw bounding box on the snapshots (default: shown below)
-  bounding_box: False
-  # Optional: crop the snapshot (default: shown below)
-  crop: False
-  # Optional: height to resize the snapshot to (default: original size)
-  height: 175
-  # Optional: Restrict snapshots to objects that entered any of the listed zones (default: no required zones)
-  required_zones: []
-  # Optional: Camera override for retention settings (default: global values)
-  retain:
-    # Required: Default retention days (default: shown below)
-    default: 10
-    # Optional: Per object retention days
-    objects:
-      person: 15
-  # Optional: quality of the encoded jpeg, 0-100 (default: shown below)
-  quality: 70
-
-# Optional: RTMP configuration
-# NOTE: RTMP is deprecated in favor of restream
-# NOTE: Can be overridden at the camera level
-rtmp:
-  # Optional: Enable the RTMP stream (default: False)
-  enabled: False
-
-# Optional: Restream configuration
-# Uses https://github.com/AlexxIT/go2rtc (v1.6.2)
 go2rtc:
-
-# Optional: jsmpeg stream configuration for WebUI
-live:
-  # Optional: Set the name of the stream that should be used for live view
-  # in frigate WebUI. (default: name of camera)
-  stream_name: camera_name
-  # Optional: Set the height of the jsmpeg stream. (default: 720)
-  # This must be less than or equal to the height of the detect stream. Lower resolutions
-  # reduce bandwidth required for viewing the jsmpeg stream. Width is computed to match known aspect ratio.
-  height: 720
-  # Optional: Set the encode quality of the jsmpeg stream (default: shown below)
-  # 1 is the highest quality, and 31 is the lowest. Lower quality feeds utilize less CPU resources.
-  quality: 8
-
-# Optional: in-feed timestamp style configuration
-# NOTE: Can be overridden at the camera level
-timestamp_style:
-  # Optional: Position of the timestamp (default: shown below)
-  #           "tl" (top left), "tr" (top right), "bl" (bottom left), "br" (bottom right)
-  position: "tl"
-  # Optional: Format specifier conform to the Python package "datetime" (default: shown below)
-  #           Additional Examples:
-  #             german: "%d.%m.%Y %H:%M:%S"
-  format: "%m/%d/%Y %H:%M:%S"
-  # Optional: Color of font
-  color:
-    # All Required when color is specified (default: shown below)
-    red: 255
-    green: 255
-    blue: 255
-  # Optional: Line thickness of font (default: shown below)
-  thickness: 2
-  # Optional: Effect of lettering (default: shown below)
-  #           None (No effect),
-  #           "solid" (solid background in inverse color of font)
-  #           "shadow" (shadow for font)
-  effect: None
-
-# Required
-cameras:
-  # Required: name of the camera
-  back:
-    # Optional: Enable/Disable the camera (default: shown below).
-    # If disabled: config is used but no live stream and no capture etc.
-    # Events/Recordings are still viewable.
-    enabled: True
-    # Required: ffmpeg settings for the camera
-    ffmpeg:
-      # Required: A list of input streams for the camera. See documentation for more information.
-      inputs:
-        # Required: the path to the stream
-        # NOTE: path may include environment variables, which must begin with 'FRIGATE_' and be referenced in {}
-        - path: rtsp://viewer:{FRIGATE_RTSP_PASSWORD}@10.0.10.10:554/cam/realmonitor?channel=1&subtype=2
-          # Required: list of roles for this stream. valid values are: audio,detect,record,rtmp
-          # NOTICE: In addition to assigning the audio, record, and rtmp roles,
-          # they must also be enabled in the camera config.
-          roles:
-            - audio
-            - detect
-            - record
-            - rtmp
-          # Optional: stream specific global args (default: inherit)
-          # global_args:
-          # Optional: stream specific hwaccel args (default: inherit)
-          # hwaccel_args:
-          # Optional: stream specific input args (default: inherit)
-          # input_args:
-      # Optional: camera specific global args (default: inherit)
-      # global_args:
-      # Optional: camera specific hwaccel args (default: inherit)
-      # hwaccel_args:
-      # Optional: camera specific input args (default: inherit)
-      # input_args:
-      # Optional: camera specific output args (default: inherit)
-      # output_args:
-
-    # Optional: timeout for highest scoring image before allowing it
-    # to be replaced by a newer image. (default: shown below)
-    best_image_timeout: 60
-
-    # Optional: zones for this camera
-    zones:
-      # Required: name of the zone
-      # NOTE: This must be different than any camera names, but can match with another zone on another
-      #       camera.
-      front_steps:
-        # Required: List of x,y coordinates to define the polygon of the zone.
-        # NOTE: Presence in a zone is evaluated only based on the bottom center of the objects bounding box.
-        coordinates: 545,1077,747,939,788,805
-        # Optional: Number of consecutive frames required for object to be considered present in the zone. Allowed values are 1-10 (default: shown below)
-        inertia: 3
-        # Optional: List of objects that can trigger this zone (default: all tracked objects)
-        objects:
-          - person
-        # Optional: Zone level object filters.
-        # NOTE: The global and camera filters are applied upstream.
-        filters:
-          person:
-            min_area: 5000
-            max_area: 100000
-            threshold: 0.7
-
-    # Optional: Configuration for the jpg snapshots published via MQTT
-    mqtt:
-      # Optional: Enable publishing snapshot via mqtt for camera (default: shown below)
-      # NOTE: Only applies to publishing image data to MQTT via 'frigate/<camera_name>/<object_name>/snapshot'.
-      # All other messages will still be published.
-      enabled: True
-      # Optional: print a timestamp on the snapshots (default: shown below)
-      timestamp: True
-      # Optional: draw bounding box on the snapshots (default: shown below)
-      bounding_box: True
-      # Optional: crop the snapshot (default: shown below)
-      crop: True
-      # Optional: height to resize the snapshot to (default: shown below)
-      height: 270
-      # Optional: jpeg encode quality (default: shown below)
-      quality: 70
-      # Optional: Restrict mqtt messages to objects that entered any of the listed zones (default: no required zones)
-      required_zones: []
-
-    # Optional: Configuration for how camera is handled in the GUI.
-    ui:
-      # Optional: Adjust sort order of cameras in the UI. Larger numbers come later (default: shown below)
-      # By default the cameras are sorted alphabetically.
-      order: 0
-      # Optional: Whether or not to show the camera in the Frigate UI (default: shown below)
-      dashboard: True
-
-    # Optional: connect to ONVIF camera
-    # to enable PTZ controls.
-    onvif:
-      # Required: host of the camera being connected to.
-      host: 0.0.0.0
-      # Optional: ONVIF port for device (default: shown below).
-      port: 8000
-      # Optional: username for login.
-      # NOTE: Some devices require admin to access ONVIF.
-      user: admin
-      # Optional: password for login.
-      password: admin
-      # Optional: PTZ camera object autotracking. Keeps a moving object in
-      # the center of the frame by automatically moving the PTZ camera.
-      autotracking:
-        # Optional: enable/disable object autotracking. (default: shown below)
-        enabled: False
-        # Optional: list of objects to track from labelmap.txt (default: shown below)
-        track:
-          - person
-        # Required: Begin automatically tracking an object when it enters any of the listed zones.
-        required_zones:
-          - zone_name
-        # Required: Name of ONVIF preset in camera's firmware to return to when tracking is over. (default: shown below)
-        return_preset: preset_name
-        # Optional: Seconds to delay before returning to preset. (default: shown below)
-        timeout: 10
-
-    # Optional: Configuration for how to sort the cameras in the Birdseye view.
-    birdseye:
-      # Optional: Adjust sort order of cameras in the Birdseye view. Larger numbers come later (default: shown below)
-      # By default the cameras are sorted alphabetically.
-      order: 0
-
-# Optional
-ui:
-  # Optional: Set the default live mode for cameras in the UI (default: shown below)
-  live_mode: mse
-  # Optional: Set a timezone to use in the UI (default: use browser local time)
-  # timezone: America/Denver
-  # Optional: Use an experimental recordings / camera view UI (default: shown below)
-  use_experimental: False
-  # Optional: Set the time format used.
-  # Options are browser, 12hour, or 24hour (default: shown below)
-  time_format: browser
-  # Optional: Set the date style for a specified length.
-  # Options are: full, long, medium, short
-  # Examples:
-  #    short: 2/11/23
-  #    medium: Feb 11, 2023
-  #    full: Saturday, February 11, 2023
-  # (default: shown below).
-  date_style: short
-  # Optional: Set the time style for a specified length.
-  # Options are: full, long, medium, short
-  # Examples:
-  #    short: 8:14 PM
-  #    medium: 8:15:22 PM
-  #    full: 8:15:22 PM Mountain Standard Time
-  # (default: shown below).
-  time_style: medium
-  # Optional: Ability to manually override the date / time styling to use strftime format
-  # https://www.gnu.org/software/libc/manual/html_node/Formatting-Calendar-Time.html
-  # possible values are shown above (default: not set)
-  strftime_fmt: "%Y/%m/%d %H:%M"
-
-# Optional: Telemetry configuration
-telemetry:
-  # Optional: Enabled network interfaces for bandwidth stats monitoring (default: shown below)
-  network_interfaces:
-    - eth
-    - enp
-    - eno
-    - ens
-    - wl
-    - lo
-  # Optional: Configure system stats
-  stats:
-    # Enable AMD GPU stats (default: shown below)
-    amd_gpu_stats: True
-    # Enable Intel GPU stats (default: shown below)
-    intel_gpu_stats: True
-    # Enable network bandwidth stats monitoring for camera ffmpeg processes, go2rtc, and object detectors. (default: shown below)
-    network_bandwidth: False
-  # Optional: Enable the latest version outbound check (default: shown below)
-  # NOTE: If you use the HomeAssistant integration, disabling this will prevent it from reporting new versions
-  version_check: True
+  rtsp:
+    username: "{FRIGATE_GO2RTC_RTSP_USERNAME}"
+    password: "{FRIGATE_GO2RTC_RTSP_PASSWORD}"
+```
+
+## Common configuration examples
+
+Here are some common starter configuration examples. Refer to the [reference config](./reference.md) for detailed information about all the config values.
+
+### Raspberry Pi Home Assistant Addon with USB Coral
+
+- Single camera with 720p, 5fps stream for detect
+- MQTT connected to home assistant mosquitto addon
+- Hardware acceleration for decoding video
+- USB Coral detector
+- Save all video with any detectable motion for 7 days regardless of whether any objects were detected or not
+- Continue to keep all video if it was during any event for 30 days
+- Save snapshots for 30 days
+- Motion mask for the camera timestamp
+
+```yaml
+mqtt:
+  host: core-mosquitto
+  user: mqtt-user
+  password: xxxxxxxxxx
+
+ffmpeg:
+  hwaccel_args: preset-rpi-64-h264
+
+detectors:
+  coral:
+    type: edgetpu
+    device: usb
+
+record:
+  enabled: True
+  retain:
+    days: 7
+    mode: motion
+  events:
+    retain:
+      default: 30
+      mode: motion
+
+snapshots:
+  enabled: True
+  retain:
+    default: 30
+
+cameras:
+  name_of_your_camera:
+    detect:
+      width: 1280
+      height: 720
+      fps: 5
+    ffmpeg:
+      inputs:
+        - path: rtsp://10.0.10.10:554/rtsp
+          roles:
+            - detect
+    motion:
+      mask:
+        - 0.000,0.427,0.002,0.000,0.999,0.000,0.999,0.781,0.885,0.456,0.700,0.424,0.701,0.311,0.507,0.294,0.453,0.347,0.451,0.400
+```
+
+### Standalone Intel Mini PC with USB Coral
+
+- Single camera with 720p, 5fps stream for detect
+- MQTT disabled (not integrated with home assistant)
+- VAAPI hardware acceleration for decoding video
+- USB Coral detector
+- Save all video with any detectable motion for 7 days regardless of whether any objects were detected or not
+- Continue to keep all video if it was during any event for 30 days
+- Save snapshots for 30 days
+- Motion mask for the camera timestamp
+
+```yaml
+mqtt:
+  enabled: False
+
+ffmpeg:
+  hwaccel_args: preset-vaapi
+
+detectors:
+  coral:
+    type: edgetpu
+    device: usb
+
+record:
+  enabled: True
+  retain:
+    days: 7
+    mode: motion
+  events:
+    retain:
+      default: 30
+      mode: motion
+
+snapshots:
+  enabled: True
+  retain:
+    default: 30
+
+cameras:
+  name_of_your_camera:
+    detect:
+      width: 1280
+      height: 720
+      fps: 5
+    ffmpeg:
+      inputs:
+        - path: rtsp://10.0.10.10:554/rtsp
+          roles:
+            - detect
+    motion:
+      mask:
+        - 0.000,0.427,0.002,0.000,0.999,0.000,0.999,0.781,0.885,0.456,0.700,0.424,0.701,0.311,0.507,0.294,0.453,0.347,0.451,0.400
+```
+
+### Home Assistant integrated Intel Mini PC with OpenVino
+
+- Single camera with 720p, 5fps stream for detect
+- MQTT connected to same mqtt server as home assistant
+- VAAPI hardware acceleration for decoding video
+- OpenVino detector
+- Save all video with any detectable motion for 7 days regardless of whether any objects were detected or not
+- Continue to keep all video if it was during any event for 30 days
+- Save snapshots for 30 days
+- Motion mask for the camera timestamp
+
+```yaml
+mqtt:
+  host: 192.168.X.X # <---- same mqtt broker that home assistant uses
+  user: mqtt-user
+  password: xxxxxxxxxx
+
+ffmpeg:
+  hwaccel_args: preset-vaapi
+
+detectors:
+  ov:
+    type: openvino
+    device: AUTO
+    model:
+      path: /openvino-model/ssdlite_mobilenet_v2.xml
+
+model:
+  width: 300
+  height: 300
+  input_tensor: nhwc
+  input_pixel_format: bgr
+  labelmap_path: /openvino-model/coco_91cl_bkgr.txt
+
+record:
+  enabled: True
+  retain:
+    days: 7
+    mode: motion
+  events:
+    retain:
+      default: 30
+      mode: motion
+
+snapshots:
+  enabled: True
+  retain:
+    default: 30
+
+cameras:
+  name_of_your_camera:
+    detect:
+      width: 1280
+      height: 720
+      fps: 5
+    ffmpeg:
+      inputs:
+        - path: rtsp://10.0.10.10:554/rtsp
+          roles:
+            - detect
+    motion:
+      mask:
+        - 0.000,0.427,0.002,0.000,0.999,0.000,0.999,0.781,0.885,0.456,0.700,0.424,0.701,0.311,0.507,0.294,0.453,0.347,0.451,0.400
 ```

docs/docs/configuration/live.md

@@ -3,17 +3,17 @@ id: live
 title: Live View
 ---
 
-Frigate has different live view options, some of which require the bundled `go2rtc` to be configured as shown in the [step by step guide](/guides/configuring_go2rtc).
+Frigate intelligently displays your camera streams on the Live view dashboard. Your camera images update once per minute when no detectable activity is occurring to conserve bandwidth and resources. As soon as any motion is detected, cameras seamlessly switch to a live stream.
 
-## Live View Options
+## Live View technologies
 
-Live view options can be selected while viewing the live stream. The options are:
+Frigate intelligently uses three different streaming technologies to display your camera streams. The highest quality and fluency of the Live view requires the bundled `go2rtc` to be configured as shown in the [step by step guide](/guides/configuring_go2rtc).
 
-| Source | Latency | Frame Rate                            | Resolution     | Audio                        | Requires go2rtc | Other Limitations                            |
-| ------ | ------- | ------------------------------------- | -------------- | ---------------------------- | --------------- | -------------------------------------------- |
-| jsmpeg | low     | same as `detect -> fps`, capped at 10 | same as detect | no                           | no              | none                                         |
-| mse    | low     | native                                | native         | yes (depends on audio codec) | yes             | not supported on iOS, Firefox is h.264 only  |
-| webrtc | lowest  | native                                | native         | yes (depends on audio codec) | yes             | requires extra config, doesn't support h.265 |
+| Source | Latency | Frame Rate                            | Resolution     | Audio                        | Requires go2rtc | Other Limitations                                |
+| ------ | ------- | ------------------------------------- | -------------- | ---------------------------- | --------------- | ------------------------------------------------ |
+| jsmpeg | low     | same as `detect -> fps`, capped at 10 | same as detect | no                           | no              | none                                             |
+| mse    | low     | native                                | native         | yes (depends on audio codec) | yes             | iPhone requires iOS 17.1+, Firefox is h.264 only |
+| webrtc | lowest  | native                                | native         | yes (depends on audio codec) | yes             | requires extra config, doesn't support h.265     |
 
 ### Audio Support
 
@@ -37,12 +37,12 @@ There may be some cameras that you would prefer to use the sub stream for live v
 ```yaml
 go2rtc:
   streams:
-    rtsp_cam:
+    test_cam:
       - rtsp://192.168.1.5:554/live0 # <- stream which supports video & aac audio.
-      - "ffmpeg:rtsp_cam#audio=opus" # <- copy of the stream which transcodes audio to opus
-    rtsp_cam_sub:
+      - "ffmpeg:test_cam#audio=opus" # <- copy of the stream which transcodes audio to opus for webrtc
+    test_cam_sub:
       - rtsp://192.168.1.5:554/substream # <- stream which supports video & aac audio.
-      - "ffmpeg:rtsp_cam_sub#audio=opus" # <- copy of the stream which transcodes audio to opus
+      - "ffmpeg:test_cam_sub#audio=opus" # <- copy of the stream which transcodes audio to opus for webrtc
 
 cameras:
   test_cam:
@@ -59,7 +59,7 @@ cameras:
           roles:
             - detect
     live:
-      stream_name: rtsp_cam_sub
+      stream_name: test_cam_sub
 ```
 
 ### WebRTC extra configuration:
@@ -78,8 +78,8 @@ WebRTC works by creating a TCP or UDP connection on port `8555`. However, it req
         - 192.168.1.10:8555
         - stun:8555
   ```
-  
-- For access through Tailscale, the Frigate system's Tailscale IP must be added as a WebRTC candidate. Tailscale IPs all start with `100.`, and are reserved within the `100.0.0.0/8` CIDR block.
+
+- For access through Tailscale, the Frigate system's Tailscale IP must be added as a WebRTC candidate. Tailscale IPs all start with `100.`, and are reserved within the `100.64.0.0/10` CIDR block.
 
 :::tip
 
@@ -104,6 +104,7 @@ If you are having difficulties getting WebRTC to work and you are running Frigat
 If not running in host mode, port 8555 will need to be mapped for the container:
 
 docker-compose.yml
+
 ```yaml
 services:
   frigate:
@@ -115,4 +116,4 @@ services:
 
 :::
 
-See [go2rtc WebRTC docs](https://github.com/AlexxIT/go2rtc/tree/v1.6.2#module-webrtc) for more information about this.
+See [go2rtc WebRTC docs](https://github.com/AlexxIT/go2rtc/tree/v1.8.3#module-webrtc) for more information about this.

docs/docs/configuration/masks.md

@@ -3,41 +3,49 @@ id: masks
 title: Masks
 ---
 
-There are two types of masks available:
+## Motion masks
 
-**Motion masks**: Motion masks are used to prevent unwanted types of motion from triggering detection. Try watching the debug feed with `Motion Boxes` enabled to see what may be regularly detected as motion. For example, you want to mask out your timestamp, the sky, rooftops, etc. Keep in mind that this mask only prevents motion from being detected and does not prevent objects from being detected if object detection was started due to motion in unmasked areas. Motion is also used during object tracking to refine the object detection area in the next frame. Over masking will make it more difficult for objects to be tracked. To see this effect, create a mask, and then watch the video feed with `Motion Boxes` enabled again.
+Motion masks are used to prevent unwanted types of motion from triggering detection. Try watching the Debug feed (Settings --> Debug) with `Motion Boxes` enabled to see what may be regularly detected as motion. For example, you want to mask out your timestamp, the sky, rooftops, etc. Keep in mind that this mask only prevents motion from being detected and does not prevent objects from being detected if object detection was started due to motion in unmasked areas. Motion is also used during object tracking to refine the object detection area in the next frame. _Over-masking will make it more difficult for objects to be tracked._
 
-**Object filter masks**: Object filter masks are used to filter out false positives for a given object type based on location. These should be used to filter any areas where it is not possible for an object of that type to be. The bottom center of the detected object's bounding box is evaluated against the mask. If it is in a masked area, it is assumed to be a false positive. For example, you may want to mask out rooftops, walls, the sky, treetops for people. For cars, masking locations other than the street or your driveway will tell Frigate that anything in your yard is a false positive.
+See [further clarification](#further-clarification) below on why you may not want to use a motion mask.
+
+## Object filter masks
+
+Object filter masks are used to filter out false positives for a given object type based on location. These should be used to filter any areas where it is not possible for an object of that type to be. The bottom center of the detected object's bounding box is evaluated against the mask. If it is in a masked area, it is assumed to be a false positive. For example, you may want to mask out rooftops, walls, the sky, treetops for people. For cars, masking locations other than the street or your driveway will tell Frigate that anything in your yard is a false positive.
+
+Object filter masks can be used to filter out stubborn false positives in fixed locations. For example, the base of this tree may be frequently detected as a person. The following image shows an example of an object filter mask (shaded red area) over the location where the bottom center is typically located to filter out person detections in a precise location.
+
+![object mask](/img/bottom-center-mask.jpg)
+
+## Using the mask creator
 
 To create a poly mask:
 
 1. Visit the Web UI
-1. Click the camera you wish to create a mask for
-1. Select "Debug" at the top
-1. Expand the "Options" below the video feed
-1. Click "Mask & Zone creator"
-1. Click "Add" on the type of mask or zone you would like to create
-1. Click on the camera's latest image to create a masked area. The yaml representation will be updated in real-time
-1. When you've finished creating your mask, click "Copy" and paste the contents into your config file and restart Frigate
+2. Click/tap the gear icon and open "Settings"
+3. Select "Mask / zone editor"
+4. At the top right, select the camera you wish to create a mask or zone for
+5. Click the plus icon under the type of mask or zone you would like to create
+6. Click on the camera's latest image to create the points for a masked area. Click the first point again to close the polygon.
+7. When you've finished creating your mask, press Save.
+8. Restart Frigate to apply your changes.
 
-Example of a finished row corresponding to the below example image:
+Your config file will be updated with the relative coordinates of the mask/zone:
 
 ```yaml
 motion:
-  mask: "0,461,3,0,1919,0,1919,843,1699,492,1344,458,1346,336,973,317,869,375,866,432"
+  mask: "0.000,0.427,0.002,0.000,0.999,0.000,0.999,0.781,0.885,0.456,0.700,0.424,0.701,0.311,0.507,0.294,0.453,0.347,0.451,0.400"
 ```
 
-Multiple masks can be listed.
+Multiple masks can be listed in your config.
 
 ```yaml
 motion:
   mask:
-    - 458,1346,336,973,317,869,375,866,432
-    - 0,461,3,0,1919,0,1919,843,1699,492,1344
+    - 0.239,1.246,0.175,0.901,0.165,0.805,0.195,0.802
+    - 0.000,0.427,0.002,0.000,0.999,0.000,0.999,0.781,0.885,0.456
 ```
 
-![poly](/img/example-mask-poly-min.png)
-
 ### Further Clarification
 
 This is a response to a [question posed on reddit](https://www.reddit.com/r/homeautomation/comments/ppxdve/replacing_my_doorbell_with_a_security_camera_a_6/hd876w4?utm_source=share&utm_medium=web2x&context=3):

docs/docs/configuration/motion_detection.md

@@ -0,0 +1,101 @@
+---
+id: motion_detection
+title: Motion Detection
+---
+
+# Tuning Motion Detection
+
+Frigate uses motion detection as a first line check to see if there is anything happening in the frame worth checking with object detection.
+
+Once motion is detected, it tries to group up nearby areas of motion together in hopes of identifying a rectangle in the image that will capture the area worth inspecting. These are the red "motion boxes" you see in the debug viewer.
+
+## The Goal
+
+The default motion settings should work well for the majority of cameras, however there are cases where tuning motion detection can lead to better and more optimal results. Each camera has its own environment with different variables that affect motion, this means that the same motion settings will not fit all of your cameras.
+
+Before tuning motion it is important to understand the goal. In an optimal configuration, motion from people and cars would be detected, but not grass moving, lighting changes, timestamps, etc. If your motion detection is too sensitive, you will experience higher CPU loads and greater false positives from the increased rate of object detection. If it is not sensitive enough, you will miss events.
+
+## Create Motion Masks
+
+First, mask areas with regular motion not caused by the objects you want to detect. The best way to find candidates for motion masks is by watching the debug stream with motion boxes enabled. Good use cases for motion masks are timestamps or tree limbs and large bushes that regularly move due to wind. When possible, avoid creating motion masks that would block motion detection for objects you want to track **even if they are in locations where you don't want events**. Motion masks should not be used to avoid detecting objects in specific areas. More details can be found [in the masks docs.](/configuration/masks.md).
+
+## Prepare For Testing
+
+The easiest way to tune motion detection is to use the Frigate UI under Settings > Motion Tuner. This screen allows the changing of motion detection values live to easily see the immediate effect on what is detected as motion.
+
+## Tuning Motion Detection During The Day
+
+Now that things are set up, find a time to tune that represents normal circumstances. For example, if you tune your motion on a day that is sunny and windy you may find later that the motion settings are not sensitive enough on a cloudy and still day.
+
+:::note
+
+Remember that motion detection is just used to determine when object detection should be used. You should aim to have motion detection sensitive enough that you won't miss events from objects you want to detect with object detection. The goal is to prevent object detection from running constantly for every small pixel change in the image. Windy days are still going to result in lots of motion being detected.
+
+:::
+
+### Threshold
+
+The threshold value dictates how much of a change in a pixels luminance is required to be considered motion.
+
+```yaml
+# default threshold value
+motion:
+  # Optional: The threshold passed to cv2.threshold to determine if a pixel is different enough to be counted as motion. (default: shown below)
+  # Increasing this value will make motion detection less sensitive and decreasing it will make motion detection more sensitive.
+  # The value should be between 1 and 255.
+  threshold: 30
+```
+
+Lower values mean motion detection is more sensitive to changes in color, making it more likely for example to detect motion when a brown dogs blends in with a brown fence or a person wearing a red shirt blends in with a red car. If the threshold is too low however, it may detect things like grass blowing in the wind, shadows, etc. to be detected as motion.
+
+Watching the motion boxes in the debug view, increase the threshold until you only see motion that is visible to the eye. Once this is done, it is important to test and ensure that desired motion is still detected.
+
+### Contour Area
+
+```yaml
+# default contour_area value
+motion:
+  # Optional: Minimum size in pixels in the resized motion image that counts as motion (default: shown below)
+  # Increasing this value will prevent smaller areas of motion from being detected. Decreasing will
+  # make motion detection more sensitive to smaller moving objects.
+  # As a rule of thumb:
+  #  - 10 - high sensitivity
+  #  - 30 - medium sensitivity
+  #  - 50 - low sensitivity
+  contour_area: 10
+```
+
+Once the threshold calculation is run, the pixels that have changed are grouped together. The contour area value is used to decide which groups of changed pixels qualify as motion. Smaller values are more sensitive meaning people that are far away, small animals, etc. are more likely to be detected as motion, but it also means that small changes in shadows, leaves, etc. are detected as motion. Higher values are less sensitive meaning these things won't be detected as motion but with the risk that desired motion won't be detected until closer to the camera.
+
+Watching the motion boxes in the debug view, adjust the contour area until there are no motion boxes smaller than the smallest you'd expect frigate to detect something moving.
+
+### Improve Contrast
+
+At this point if motion is working as desired there is no reason to continue with tuning for the day. If you were unable to find a balance between desired and undesired motion being detected, you can try disabling improve contrast and going back to the threshold and contour area steps.
+
+## Tuning Motion Detection During The Night
+
+Once daytime motion detection is tuned, there is a chance that the settings will work well for motion detection during the night as well. If this is the case then the preferred settings can be written to the config file and left alone.
+
+However, if the preferred day settings do not work well at night it is recommended to use HomeAssistant or some other solution to automate changing the settings. That way completely separate sets of motion settings can be used for optimal day and night motion detection.
+
+## Tuning For Large Changes In Motion
+
+```yaml
+# default lightning_threshold:
+motion:
+  # Optional: The percentage of the image used to detect lightning or other substantial changes where motion detection
+  #           needs to recalibrate. (default: shown below)
+  # Increasing this value will make motion detection more likely to consider lightning or ir mode changes as valid motion.
+  # Decreasing this value will make motion detection more likely to ignore large amounts of motion such as a person approaching
+  # a doorbell camera.
+  lightning_threshold: 0.8
+```
+
+:::tip
+
+Some cameras like doorbell cameras may have missed detections when someone walks directly in front of the camera and the lightning_threshold causes motion detection to be re-calibrated. In this case, it may be desirable to increase the `lightning_threshold` to ensure these events are not missed.
+
+:::
+
+Large changes in motion like PTZ moves and camera switches between Color and IR mode should result in no motion detection. This is done via the `lightning_threshold` configuration. It is defined as the percentage of the image used to detect lightning or other substantial changes where motion detection needs to recalibrate. Increasing this value will make motion detection more likely to consider lightning or IR mode changes as valid motion. Decreasing this value will make motion detection more likely to ignore large amounts of motion such as a person approaching a doorbell camera.

docs/docs/configuration/object_detectors.md

@@ -5,12 +5,18 @@ title: Object Detectors
 
 # Officially Supported Detectors
 
-Frigate provides the following builtin detector types: `cpu`, `edgetpu`, `openvino`, and `tensorrt`. By default, Frigate will use a single CPU detector. Other detectors may require additional configuration as described below. When using multiple detectors they will run in dedicated processes, but pull from a common queue of detection requests from across all cameras.
+Frigate provides the following builtin detector types: `cpu`, `edgetpu`, `openvino`, `tensorrt`, and `rknn`. By default, Frigate will use a single CPU detector. Other detectors may require additional configuration as described below. When using multiple detectors they will run in dedicated processes, but pull from a common queue of detection requests from across all cameras.
 
 ## CPU Detector (not recommended)
 
 The CPU detector type runs a TensorFlow Lite model utilizing the CPU without hardware acceleration. It is recommended to use a hardware accelerated detector type instead for better performance. To configure a CPU based detector, set the `"type"` attribute to `"cpu"`.
 
+:::tip
+
+If you do not have GPU or Edge TPU hardware, using the [OpenVINO Detector](#openvino-detector) is often more efficient than using the CPU detector.
+
+:::
+
 The number of threads used by the interpreter can be specified using the `"num_threads"` attribute, and defaults to `3.`
 
 A TensorFlow Lite model is provided in the container at `/cpu_model.tflite` and is used by this detector type by default. To provide your own model, bind mount the file into the container and provide the path with `model.path`.
@@ -29,14 +35,20 @@ detectors:
 
 When using CPU detectors, you can add one CPU detector per camera. Adding more detectors than the number of cameras should not improve performance.
 
-## Edge-TPU Detector
+## Edge TPU Detector
 
-The EdgeTPU detector type runs a TensorFlow Lite model utilizing the Google Coral delegate for hardware acceleration. To configure an EdgeTPU detector, set the `"type"` attribute to `"edgetpu"`.
+The Edge TPU detector type runs a TensorFlow Lite model utilizing the Google Coral delegate for hardware acceleration. To configure an Edge TPU detector, set the `"type"` attribute to `"edgetpu"`.
 
-The EdgeTPU device can be specified using the `"device"` attribute according to the [Documentation for the TensorFlow Lite Python API](https://coral.ai/docs/edgetpu/multiple-edgetpu/#using-the-tensorflow-lite-python-api). If not set, the delegate will use the first device it finds.
+The Edge TPU device can be specified using the `"device"` attribute according to the [Documentation for the TensorFlow Lite Python API](https://coral.ai/docs/edgetpu/multiple-edgetpu/#using-the-tensorflow-lite-python-api). If not set, the delegate will use the first device it finds.
 
 A TensorFlow Lite model is provided in the container at `/edgetpu_model.tflite` and is used by this detector type by default. To provide your own model, bind mount the file into the container and provide the path with `model.path`.
 
+:::tip
+
+See [common Edge TPU troubleshooting steps](/troubleshooting/edgetpu) if the Edge TPU is not detected.
+
+:::
+
 ### Single USB Coral
 
 ```yaml
@@ -95,11 +107,15 @@ detectors:
 
 ## OpenVINO Detector
 
-The OpenVINO detector type runs an OpenVINO IR model on Intel CPU, GPU and VPU hardware. To configure an OpenVINO detector, set the `"type"` attribute to `"openvino"`.
+The OpenVINO detector type runs an OpenVINO IR model on AMD and Intel CPUs, Intel GPUs and Intel VPU hardware. To configure an OpenVINO detector, set the `"type"` attribute to `"openvino"`.
 
-The OpenVINO device to be used is specified using the `"device"` attribute according to the naming conventions in the [Device Documentation](https://docs.openvino.ai/latest/openvino_docs_OV_UG_Working_with_devices.html). Other supported devices could be `AUTO`, `CPU`, `GPU`, `MYRIAD`, etc. If not specified, the default OpenVINO device will be selected by the `AUTO` plugin.
+The OpenVINO device to be used is specified using the `"device"` attribute according to the naming conventions in the [Device Documentation](https://docs.openvino.ai/2024/openvino-workflow/running-inference/inference-devices-and-modes.html). The most common devices are `CPU` and `GPU`. Currently, there is a known issue with using `AUTO`. For backwards compatibility, Frigate will attempt to use `GPU` if `AUTO` is set in your configuration.
 
-OpenVINO is supported on 6th Gen Intel platforms (Skylake) and newer. A supported Intel platform is required to use the `GPU` device with OpenVINO. The `MYRIAD` device may be run on any platform, including Arm devices. For detailed system requirements, see [OpenVINO System Requirements](https://www.intel.com/content/www/us/en/developer/tools/openvino-toolkit/system-requirements.html)
+OpenVINO is supported on 6th Gen Intel platforms (Skylake) and newer. It will also run on AMD CPUs despite having no official support for it. A supported Intel platform is required to use the `GPU` device with OpenVINO. For detailed system requirements, see [OpenVINO System Requirements](https://docs.openvino.ai/2024/about-openvino/release-notes-openvino/system-requirements.html)
+
+### Supported Models
+
+#### SSDLite MobileNet v2
 
 An OpenVINO model is provided in the container at `/openvino-model/ssdlite_mobilenet_v2.xml` and is used by this detector type by default. The model comes from Intel's Open Model Zoo [SSDLite MobileNet V2](https://github.com/openvinotoolkit/open_model_zoo/tree/master/models/public/ssdlite_mobilenet_v2) and is converted to an FP16 precision IR model. Use the model configuration shown below when using the OpenVINO detector with the default model.
 
@@ -107,27 +123,26 @@ An OpenVINO model is provided in the container at `/openvino-model/ssdlite_mobil
 detectors:
   ov:
     type: openvino
-    device: AUTO
-    model:
-      path: /openvino-model/ssdlite_mobilenet_v2.xml
+    device: GPU
 
 model:
   width: 300
   height: 300
   input_tensor: nhwc
   input_pixel_format: bgr
+  path: /openvino-model/ssdlite_mobilenet_v2.xml
   labelmap_path: /openvino-model/coco_91cl_bkgr.txt
 ```
 
-This detector also supports some YOLO variants: YOLOX, YOLOv5, and YOLOv8 specifically. Other YOLO variants are not officially supported/tested. Frigate does not come with any yolo models preloaded, so you will need to supply your own models. This detector has been verified to work with the [yolox_tiny](https://github.com/openvinotoolkit/open_model_zoo/tree/master/models/public/yolox-tiny) model from Intel's Open Model Zoo. You can follow [these instructions](https://github.com/openvinotoolkit/open_model_zoo/tree/master/models/public/yolox-tiny#download-a-model-and-convert-it-into-openvino-ir-format) to retrieve the OpenVINO-compatible `yolox_tiny` model. Make sure that the model input dimensions match the `width` and `height` parameters, and `model_type` is set accordingly. See [Full Configuration Reference](/configuration/index.md#full-configuration-reference) for a list of possible `model_type` options. Below is an example of how `yolox_tiny` can be used in Frigate:
+#### YOLOX
+
+This detector also supports YOLOX. Frigate does not come with any YOLOX models preloaded, so you will need to supply your own models. This detector has been verified to work with the [yolox_tiny](https://github.com/openvinotoolkit/open_model_zoo/tree/master/models/public/yolox-tiny) model from Intel's Open Model Zoo. You can follow [these instructions](https://github.com/openvinotoolkit/open_model_zoo/tree/master/models/public/yolox-tiny#download-a-model-and-convert-it-into-openvino-ir-format) to retrieve the OpenVINO-compatible `yolox_tiny` model. Make sure that the model input dimensions match the `width` and `height` parameters, and `model_type` is set accordingly. See [Full Configuration Reference](/configuration/reference.md) for a list of possible `model_type` options. Below is an example of how `yolox_tiny` can be used in Frigate:
 
 ```yaml
 detectors:
   ov:
     type: openvino
-    device: AUTO
-    model:
-      path: /path/to/yolox_tiny.xml
+    device: GPU
 
 model:
   width: 416
@@ -135,42 +150,45 @@ model:
   input_tensor: nchw
   input_pixel_format: bgr
   model_type: yolox
+  path: /path/to/yolox_tiny.xml
   labelmap_path: /path/to/coco_80cl.txt
 ```
 
-### Intel NCS2 VPU and Myriad X Setup
+#### YOLO-NAS
 
-Intel produces a neural net inference accelleration chip called Myriad X. This chip was sold in their Neural Compute Stick 2 (NCS2) which has been discontinued. If intending to use the MYRIAD device for accelleration, additional setup is required to pass through the USB device. The host needs a udev rule installed to handle the NCS2 device.
+[YOLO-NAS](https://github.com/Deci-AI/super-gradients/blob/master/YOLONAS.md) models are supported, but not included by default. You can build and download a compatible model with pre-trained weights using [this notebook](https://github.com/frigate/blob/dev/notebooks/YOLO_NAS_Pretrained_Export.ipynb) [![Open In Colab](https://colab.research.google.com/assets/colab-badge.svg)](https://colab.research.google.com/github/blakeblackshear/frigate/blob/dev/notebooks/YOLO_NAS_Pretrained_Export.ipynb).
 
-```bash
-sudo usermod -a -G users "$(whoami)"
-cat <<EOF > 97-myriad-usbboot.rules
-SUBSYSTEM=="usb", ATTRS{idProduct}=="2485", ATTRS{idVendor}=="03e7", GROUP="users", MODE="0666", ENV{ID_MM_DEVICE_IGNORE}="1"
-SUBSYSTEM=="usb", ATTRS{idProduct}=="f63b", ATTRS{idVendor}=="03e7", GROUP="users", MODE="0666", ENV{ID_MM_DEVICE_IGNORE}="1"
-EOF
-sudo cp 97-myriad-usbboot.rules /etc/udev/rules.d/
-sudo udevadm control --reload-rules
-sudo udevadm trigger
+:::warning
+
+The pre-trained YOLO-NAS weights from DeciAI are subject to their license and can't be used commercially. For more information, see: https://docs.deci.ai/super-gradients/latest/LICENSE.YOLONAS.html
+
+:::
+
+The input image size in this notebook is set to 320x320. This results in lower CPU usage and faster inference times without impacting performance in most cases due to the way Frigate crops video frames to areas of interest before running detection. The notebook and config can be updated to 640x640 if desired.
+
+After placing the downloaded onnx model in your config folder, you can use the following configuration:
+
+```yaml
+detectors:
+  ov:
+    type: openvino
+    device: GPU
+
+model:
+  model_type: yolonas
+  width: 320 # <--- should match whatever was set in notebook
+  height: 320 # <--- should match whatever was set in notebook
+  input_tensor: nchw
+  input_pixel_format: bgr
+  path: /config/yolo_nas_s.onnx
+  labelmap_path: /labelmap/coco-80.txt
 ```
 
-Additionally, the Frigate docker container needs to run with the following configuration:
-
-```bash
---device-cgroup-rule='c 189:\* rmw' -v /dev/bus/usb:/dev/bus/usb
-```
-
-or in your compose file:
-
-```yml
-device_cgroup_rules:
-  - "c 189:* rmw"
-volumes:
-  - /dev/bus/usb:/dev/bus/usb
-```
+Note that the labelmap uses a subset of the complete COCO label set that has only 80 objects.
 
 ## NVidia TensorRT Detector
 
-NVidia GPUs may be used for object detection using the TensorRT libraries. Due to the size of the additional libraries, this detector is only provided in images with the `-tensorrt` tag suffix. This detector is designed to work with Yolo models for object detection.
+Nvidia GPUs may be used for object detection using the TensorRT libraries. Due to the size of the additional libraries, this detector is only provided in images with the `-tensorrt` tag suffix, e.g. `ghcr.io/blakeblackshear/frigate:stable-tensorrt`. This detector is designed to work with Yolo models for object detection.
 
 ### Minimum Hardware Support
 
@@ -192,7 +210,7 @@ There are improved capabilities in newer GPU architectures that TensorRT can ben
 
 The model used for TensorRT must be preprocessed on the same hardware platform that they will run on. This means that each user must run additional setup to generate a model file for the TensorRT library. A script is included that will build several common models.
 
-The Frigate image will generate model files during startup if the specified model is not found.  Processed models are stored in the `/config/model_cache` folder.  Typically the `/config` path is mapped to a directory on the host already and the `model_cache` does not need to be mapped separately unless the user wants to store it in a different location on the host.
+The Frigate image will generate model files during startup if the specified model is not found. Processed models are stored in the `/config/model_cache` folder. Typically the `/config` path is mapped to a directory on the host already and the `model_cache` does not need to be mapped separately unless the user wants to store it in a different location on the host.
 
 By default, the `yolov7-320` model will be generated, but this can be overridden by specifying the `YOLO_MODELS` environment variable in Docker. One or more models may be listed in a comma-separated format, and each one will be generated. To select no model generation, set the variable to an empty string, `YOLO_MODELS=""`. Models will only be generated if the corresponding `{model}.trt` file is not present in the `model_cache` folder, so you can force a model to be regenerated by deleting it from your Frigate data folder.
 
@@ -235,13 +253,21 @@ An example `docker-compose.yml` fragment that converts the `yolov4-608` and `yol
 ```yml
 frigate:
   environment:
-    - YOLO_MODELS="yolov4-608,yolov7x-640"
+    - YOLO_MODELS=yolov4-608,yolov7x-640
     - USE_FP16=false
 ```
 
+If you have multiple GPUs passed through to Frigate, you can specify which one to use for the model conversion. The conversion script will use the first visible GPU, however in systems with mixed GPU models you may not want to use the default index for object detection. Add the `TRT_MODEL_PREP_DEVICE` environment variable to select a specific GPU.
+
+```yml
+frigate:
+  environment:
+    - TRT_MODEL_PREP_DEVICE=0 # Optionally, select which GPU is used for  model optimization
+```
+
 ### Configuration Parameters
 
-The TensorRT detector can be selected by specifying `tensorrt` as the model type. The GPU will need to be passed through to the docker container using the same methods described in the [Hardware Acceleration](hardware_acceleration.md#nvidia-gpu) section. If you pass through multiple GPUs, you can select which GPU is used for a detector with the `device` configuration parameter. The `device` parameter is an integer value of the GPU index, as shown by `nvidia-smi` within the container.
+The TensorRT detector can be selected by specifying `tensorrt` as the model type. The GPU will need to be passed through to the docker container using the same methods described in the [Hardware Acceleration](hardware_acceleration.md#nvidia-gpus) section. If you pass through multiple GPUs, you can select which GPU is used for a detector with the `device` configuration parameter. The `device` parameter is an integer value of the GPU index, as shown by `nvidia-smi` within the container.
 
 The TensorRT detector uses `.trt` model files that are located in `/config/model_cache/tensorrt` by default. These model path and dimensions used will depend on which model you have generated.
 
@@ -281,5 +307,89 @@ Replace `<your_codeproject_ai_server_ip>` and `<port>` with the IP address and p
 
 To verify that the integration is working correctly, start Frigate and observe the logs for any error messages related to CodeProject.AI. Additionally, you can check the Frigate web interface to see if the objects detected by CodeProject.AI are being displayed and tracked properly.
 
-
 # Community Supported Detectors
+
+## Rockchip platform
+
+Hardware accelerated object detection is supported on the following SoCs:
+
+- RK3562
+- RK3566
+- RK3568
+- RK3576
+- RK3588
+
+This implementation uses the [Rockchip's RKNN-Toolkit2](https://github.com/airockchip/rknn-toolkit2/), version v2.0.0.beta0. Currently, only [Yolo-NAS](https://github.com/Deci-AI/super-gradients/blob/master/YOLONAS.md) is supported as object detection model.
+
+### Prerequisites
+
+Make sure to follow the [Rockchip specific installation instrucitions](/frigate/installation#rockchip-platform).
+
+### Configuration
+
+This `config.yml` shows all relevant options to configure the detector and explains them. All values shown are the default values (except for two). Lines that are required at least to use the detector are labeled as required, all other lines are optional.
+
+```yaml
+detectors: # required
+  rknn: # required
+    type: rknn # required
+    # number of NPU cores to use
+    # 0 means choose automatically
+    # increase for better performance if you have a multicore NPU e.g. set to 3 on rk3588
+    num_cores: 0
+
+model: # required
+  # name of model (will be automatically downloaded) or path to your own .rknn model file
+  # possible values are:
+  # - deci-fp16-yolonas_s
+  # - deci-fp16-yolonas_m
+  # - deci-fp16-yolonas_l
+  # - /config/model_cache/your_custom_model.rknn
+  path: deci-fp16-yolonas_s
+  # width and height of detection frames
+  width: 320
+  height: 320
+  # pixel format of detection frame
+  # default value is rgb but yolo models usually use bgr format
+  input_pixel_format: bgr # required
+  # shape of detection frame
+  input_tensor: nhwc
+  # needs to be adjusted to model, see below
+  labelmap_path: /labelmap.txt # required
+```
+
+The correct labelmap must be loaded for each model. If you use a custom model (see notes below), you must make sure to provide the correct labelmap. The table below lists the correct paths for the bundled models:
+
+| `path`                | `labelmap_path`       |
+| --------------------- | --------------------- |
+| deci-fp16-yolonas\_\* | /labelmap/coco-80.txt |
+
+### Choosing a model
+
+:::warning
+
+The pre-trained YOLO-NAS weights from DeciAI are subject to their license and can't be used commercially. For more information, see: https://docs.deci.ai/super-gradients/latest/LICENSE.YOLONAS.html
+
+:::
+
+The inference time was determined on a rk3588 with 3 NPU cores.
+
+| Model               | Size in mb | Inference time in ms |
+| ------------------- | ---------- | -------------------- |
+| deci-fp16-yolonas_s | 24         | 25                   |
+| deci-fp16-yolonas_m | 62         | 35                   |
+| deci-fp16-yolonas_l | 81         | 45                   |
+
+:::tip
+
+You can get the load of your NPU with the following command:
+
+```bash
+$ cat /sys/kernel/debug/rknpu/load
+>> NPU load:  Core0:  0%, Core1:  0%, Core2:  0%,
+```
+
+:::
+
+- All models are automatically downloaded and stored in the folder `config/model_cache/rknn_cache`. After upgrading Frigate, you should remove older models to free up space.
+- You can also provide your own `.rknn` model. You should not save your own models in the `rknn_cache` folder, store them directly in the `model_cache` folder or another subfolder. To convert a model to `.rknn` format see the `rknn-toolkit2` (requires a x86 machine). Note, that there is only post-processing for the supported models.

docs/docs/configuration/object_filters.md

@@ -0,0 +1,59 @@
+---
+id: object_filters
+title: Filters
+---
+
+There are several types of object filters that can be used to reduce false positive rates.
+
+## Object Scores
+
+For object filters in your configuration, any single detection below `min_score` will be ignored as a false positive. `threshold` is based on the median of the history of scores (padded to 3 values) for a tracked object. Consider the following frames when `min_score` is set to 0.6 and threshold is set to 0.85:
+
+| Frame | Current Score | Score History                     | Computed Score | Detected Object |
+| ----- | ------------- | --------------------------------- | -------------- | --------------- |
+| 1     | 0.7           | 0.0, 0, 0.7                       | 0.0            | No              |
+| 2     | 0.55          | 0.0, 0.7, 0.0                     | 0.0            | No              |
+| 3     | 0.85          | 0.7, 0.0, 0.85                    | 0.7            | No              |
+| 4     | 0.90          | 0.7, 0.85, 0.95, 0.90             | 0.875          | Yes             |
+| 5     | 0.88          | 0.7, 0.85, 0.95, 0.90, 0.88       | 0.88           | Yes             |
+| 6     | 0.95          | 0.7, 0.85, 0.95, 0.90, 0.88, 0.95 | 0.89           | Yes             |
+
+In frame 2, the score is below the `min_score` value, so Frigate ignores it and it becomes a 0.0. The computed score is the median of the score history (padding to at least 3 values), and only when that computed score crosses the `threshold` is the object marked as a true positive. That happens in frame 4 in the example.
+
+show image of snapshot vs event with differing scores
+
+### Minimum Score
+
+Any detection below `min_score` will be immediately thrown out and never tracked because it is considered a false positive. If `min_score` is too low then false positives may be detected and tracked which can confuse the object tracker and may lead to wasted resources. If `min_score` is too high then lower scoring true positives like objects that are further away or partially occluded may be thrown out which can also confuse the tracker and cause valid events to be lost or disjointed.
+
+### Threshold
+
+`threshold` is used to determine that the object is a true positive. Once an object is detected with a score >= `threshold` object is considered a true positive. If `threshold` is too low then some higher scoring false positives may create an event. If `threshold` is too high then true positive events may be missed due to the object never scoring high enough.
+
+## Object Shape
+
+False positives can also be reduced by filtering a detection based on its shape.
+
+### Object Area
+
+`min_area` and `max_area` filter on the area of an objects bounding box in pixels and can be used to reduce false positives that are outside the range of expected sizes. For example when a leaf is detected as a dog or when a large tree is detected as a person, these can be reduced by adding a `min_area` / `max_area` filter.
+
+### Object Proportions
+
+`min_ratio` and `max_ratio` values are compared against a given detected object's width/height ratio (in pixels). If the ratio is outside this range, the object will be ignored as a false positive. This allows objects that are proportionally too short-and-wide (higher ratio) or too tall-and-narrow (smaller ratio) to be ignored.
+
+:::info
+
+Conceptually, a ratio of 1 is a square, 0.5 is a "tall skinny" box, and 2 is a "wide flat" box. If `min_ratio` is 1.0, any object that is taller than it is wide will be ignored. Similarly, if `max_ratio` is 1.0, then any object that is wider than it is tall will be ignored.
+
+:::
+
+## Other Tools
+
+### Zones
+
+[Required zones](/configuration/zones.md) can be a great tool to reduce false positives that may be detected in the sky or other areas that are not of interest. The required zones will only create events for objects that enter the zone.
+
+### Object Masks
+
+[Object Filter Masks](/configuration/masks) are a last resort but can be useful when false positives are in the relatively same place but can not be filtered due to their size or shape.

docs/docs/configuration/objects.mdx

@@ -1,15 +1,16 @@
 ---
 id: objects
-title: Objects
+title: Available Objects
 ---
 
 import labels from "../../../labelmap.txt";
 
 Frigate includes the object models listed below from the Google Coral test data.
 
-Please note: 
- - `car` is listed twice because `truck` has been renamed to `car` by default. These object types are frequently confused.
- - `person` is the only tracked object by default. See the [full configuration reference](index.md#full-configuration-reference) for an example of expanding the list of tracked objects.
+Please note:
+
+- `car` is listed twice because `truck` has been renamed to `car` by default. These object types are frequently confused.
+- `person` is the only tracked object by default. See the [full configuration reference](reference.md) for an example of expanding the list of tracked objects.
 
 <ul>
   {labels.split("\n").map((label) => (

docs/docs/configuration/record.md

@@ -3,17 +3,90 @@ id: record
 title: Recording
 ---
 
-Recordings can be enabled and are stored at `/media/frigate/recordings`. The folder structure for the recordings is `YYYY-MM-DD/HH/<camera_name>/MM.SS.mp4`. These recordings are written directly from your camera stream without re-encoding. Each camera supports a configurable retention policy in the config. Frigate chooses the largest matching retention value between the recording retention and the event retention when determining if a recording should be removed.
+Recordings can be enabled and are stored at `/media/frigate/recordings`. The folder structure for the recordings is `YYYY-MM-DD/HH/<camera_name>/MM.SS.mp4` in **UTC time**. These recordings are written directly from your camera stream without re-encoding. Each camera supports a configurable retention policy in the config. Frigate chooses the largest matching retention value between the recording retention and the event retention when determining if a recording should be removed.
 
 New recording segments are written from the camera stream to cache, they are only moved to disk if they match the setup recording retention policy.
 
 H265 recordings can be viewed in Chrome 108+, Edge and Safari only. All other browsers require recordings to be encoded with H264.
 
+## Common recording configurations
+
+### Most conservative: Ensure all video is saved
+
+For users deploying Frigate in environments where it is important to have contiguous video stored even if there was no detectable motion, the following config will store all video for 3 days. After 3 days, only video containing motion and overlapping with events will be retained until 30 days have passed.
+
+```yaml
+record:
+  enabled: True
+  retain:
+    days: 3
+    mode: all
+  events:
+    retain:
+      default: 30
+      mode: motion
+```
+
+### Reduced storage: Only saving video when motion is detected
+
+In order to reduce storage requirements, you can adjust your config to only retain video where motion was detected.
+
+```yaml
+record:
+  enabled: True
+  retain:
+    days: 3
+    mode: motion
+  events:
+    retain:
+      default: 30
+      mode: motion
+```
+
+### Minimum: Events only
+
+If you only want to retain video that occurs during an event, this config will discard video unless an event is ongoing.
+
+```yaml
+record:
+  enabled: True
+  retain:
+    days: 0
+    mode: all
+  events:
+    retain:
+      default: 30
+      mode: motion
+```
+
 ## Will Frigate delete old recordings if my storage runs out?
 
 As of Frigate 0.12 if there is less than an hour left of storage, the oldest 2 hours of recordings will be deleted.
 
-## What if I don't want 24/7 recordings?
+## Configuring Recording Retention
+
+Frigate supports both continuous and event based recordings with separate retention modes and retention periods.
+
+:::tip
+
+Retention configs support decimals meaning they can be configured to retain `0.5` days, for example.
+
+:::
+
+### Continuous Recording
+
+The number of days to retain continuous recordings can be set via the following config where X is a number, by default continuous recording is disabled.
+
+```yaml
+record:
+  enabled: True
+  retain:
+    days: 1 # <- number of days to keep continuous recordings
+```
+
+Continuous recording supports different retention modes [which are described below](#what-do-the-different-retain-modes-mean)
+
+### Event Recording
 
 If you only used clips in previous versions with recordings disabled, you can use the following config to get the same behavior. This is also the default behavior when recordings are enabled.
 
@@ -22,34 +95,31 @@ record:
   enabled: True
   events:
     retain:
-      default: 10
+      default: 10 # <- number of days to keep event recordings
 ```
 
 This configuration will retain recording segments that overlap with events and have active tracked objects for 10 days. Because multiple events can reference the same recording segments, this avoids storing duplicate footage for overlapping events and reduces overall storage needs.
 
-When `retain -> days` is set to `0`, segments will be deleted from the cache if no events are in progress.
-
-## Can I have "24/7" recordings, but only at certain times?
-
-Using Frigate UI, HomeAssistant, or MQTT, cameras can be automated to only record in certain situations or at certain times.
-
 **WARNING**: Recordings still must be enabled in the config. If a camera has recordings disabled in the config, enabling via the methods listed above will have no effect.
 
 ## What do the different retain modes mean?
 
-Frigate saves from the stream with the `record` role in 10 second segments. These options determine which recording segments are kept for 24/7 recording (but can also affect events).
+Frigate saves from the stream with the `record` role in 10 second segments. These options determine which recording segments are kept for continuous recording (but can also affect events).
+
+Let's say you have Frigate configured so that your doorbell camera would retain the last **2** days of continuous recording.
 
-Let's say you have Frigate configured so that your doorbell camera would retain the last **2** days of 24/7 recording.
 - With the `all` option all 48 hours of those two days would be kept and viewable.
 - With the `motion` option the only parts of those 48 hours would be segments that Frigate detected motion. This is the middle ground option that won't keep all 48 hours, but will likely keep all segments of interest along with the potential for some extra segments.
 - With the `active_objects` option the only segments that would be kept are those where there was a true positive object that was not considered stationary.
 
 The same options are available with events. Let's consider a scenario where you drive up and park in your driveway, go inside, then come back out 4 hours later.
+
 - With the `all` option all segments for the duration of the event would be saved for the event. This event would have 4 hours of footage.
 - With the `motion` option all segments for the duration of the event with motion would be saved. This means any segment where a car drove by in the street, person walked by, lighting changed, etc. would be saved.
 - With the `active_objects` it would only keep segments where the object was active. In this case the only segments that would be saved would be the ones where the car was driving up, you going inside, you coming outside, and the car driving away. Essentially reducing the 4 hours to a minute or two of event footage.
 
 A configuration example of the above retain modes where all `motion` segments are stored for 7 days and `active objects` are stored for 14 days would be as follows:
+
 ```yaml
 record:
   enabled: True
@@ -61,11 +131,13 @@ record:
       default: 14
       mode: active_objects
 ```
+
 The above configuration example can be added globally or on a per camera basis.
 
 ### Object Specific Retention
 
 You can also set specific retention length for an object type. The below configuration example builds on from above but also specifies that recordings of dogs only need to be kept for 2 days and recordings of cars should be kept for 7 days.
+
 ```yaml
 record:
   enabled: True
@@ -81,17 +153,40 @@ record:
         car: 7
 ```
 
+## Can I have "continuous" recordings, but only at certain times?
+
+Using Frigate UI, HomeAssistant, or MQTT, cameras can be automated to only record in certain situations or at certain times.
+
 ## How do I export recordings?
 
-The export page in the Frigate WebUI allows for exporting real time clips with a designated start and stop time as well as exporting a timelapse for a designated start and stop time. These exports can take a while so it is important to leave the file until it is no longer in progress.
+The export page in the Frigate WebUI allows for exporting real time clips with a designated start and stop time as well as exporting a time-lapse for a designated start and stop time. These exports can take a while so it is important to leave the file until it is no longer in progress.
 
-## Syncing Recordings With Disk
+### Time-lapse export
 
-In some cases the recordings files may be deleted but Frigate will not know this has happened. Sync on startup can be enabled which will tell Frigate to check the file system and delete any db entries for files which don't exist.
+When exporting a time-lapse the default speed-up is 25x with 30 FPS. This means that every 25 seconds of (real-time) recording is condensed into 1 second of time-lapse video (always without audio) with a smoothness of 30 FPS.
+To configure the speed-up factor, the frame rate and further custom settings, the configuration parameter `timelapse_args` can be used. The below configuration example would change the time-lapse speed to 60x (for fitting 1 hour of recording into 1 minute of time-lapse) with 25 FPS:
 
 ```yaml
 record:
-  sync_on_startup: True
+  enabled: True
+  export:
+    timelapse_args: "-vf setpts=PTS/60 -r 25"
+```
+
+:::tip
+
+When using `hwaccel_args` globally hardware encoding is used for time lapse generation. The encoder determines its own behavior so the resulting file size may be undesirably large.
+To reduce the output file size the ffmpeg parameter `-qp n` can be utilized (where `n` stands for the value of the quantisation parameter). The value can be adjusted to get an acceptable tradeoff between quality and file size for the given scenario.
+
+:::
+
+## Syncing Recordings With Disk
+
+In some cases the recordings files may be deleted but Frigate will not know this has happened. Recordings sync can be enabled which will tell Frigate to check the file system and delete any db entries for files which don't exist.
+
+```yaml
+record:
+  sync_recordings: True
 ```
 
 :::warning

docs/docs/configuration/reference.md

@@ -0,0 +1,722 @@
+---
+id: reference
+title: Full Reference Config
+---
+
+### Full configuration reference:
+
+:::warning
+
+It is not recommended to copy this full configuration file. Only specify values that are different from the defaults. Configuration options and default values may change in future versions.
+
+:::
+
+```yaml
+mqtt:
+  # Optional: Enable mqtt server (default: shown below)
+  enabled: True
+  # Required: host name
+  host: mqtt.server.com
+  # Optional: port (default: shown below)
+  port: 1883
+  # Optional: topic prefix (default: shown below)
+  # NOTE: must be unique if you are running multiple instances
+  topic_prefix: frigate
+  # Optional: client id (default: shown below)
+  # NOTE: must be unique if you are running multiple instances
+  client_id: frigate
+  # Optional: user
+  # NOTE: MQTT user can be specified with an environment variable or docker secrets that must begin with 'FRIGATE_'.
+  #       e.g. user: '{FRIGATE_MQTT_USER}'
+  user: mqtt_user
+  # Optional: password
+  # NOTE: MQTT password can be specified with an environment variable or docker secrets that must begin with 'FRIGATE_'.
+  #       e.g. password: '{FRIGATE_MQTT_PASSWORD}'
+  password: password
+  # Optional: tls_ca_certs for enabling TLS using self-signed certs (default: None)
+  tls_ca_certs: /path/to/ca.crt
+  # Optional: tls_client_cert and tls_client key in order to use self-signed client
+  # certificates (default: None)
+  # NOTE: certificate must not be password-protected
+  #       do not set user and password when using a client certificate
+  tls_client_cert: /path/to/client.crt
+  tls_client_key: /path/to/client.key
+  # Optional: tls_insecure (true/false) for enabling TLS verification of
+  # the server hostname in the server certificate (default: None)
+  tls_insecure: false
+  # Optional: interval in seconds for publishing stats (default: shown below)
+  stats_interval: 60
+
+# Optional: Detectors configuration. Defaults to a single CPU detector
+detectors:
+  # Required: name of the detector
+  detector_name:
+    # Required: type of the detector
+    # Frigate provided types include 'cpu', 'edgetpu', 'openvino' and 'tensorrt' (default: shown below)
+    # Additional detector types can also be plugged in.
+    # Detectors may require additional configuration.
+    # Refer to the Detectors configuration page for more information.
+    type: cpu
+
+# Optional: Database configuration
+database:
+  # The path to store the SQLite DB (default: shown below)
+  path: /config/frigate.db
+
+# Optional: TLS configuration
+tls:
+  # Optional: Enable TLS for port 8080 (default: shown below)
+  enabled: True
+
+# Optional: Proxy configuration
+proxy:
+  # Optional: Mapping for headers from upstream proxies. Only used if Frigate's auth
+  # is disabled.
+  # NOTE: Many authentication proxies pass a header downstream with the authenticated
+  #       user name. Not all values are supported. It must be a whitelisted header.
+  #       See the docs for more info.
+  header_map:
+    user: x-forwarded-user
+  # Optional: Url for logging out a user. This sets the location of the logout url in
+  # the UI.
+  logout_url: /api/logout
+  # Optional: Auth secret that is checked against the X-Proxy-Secret header sent from
+  # the proxy. If not set, all requests are trusted regardless of origin.
+  auth_secret: None
+
+# Optional: Authentication configuration
+auth:
+  # Optional: Enable authentication
+  enabled: True
+  # Optional: Reset the admin user password on startup (default: shown below)
+  # New password is printed in the logs
+  reset_admin_password: False
+  # Optional: Cookie to store the JWT token for native auth (default: shown below)
+  cookie_name: frigate_token
+  # Optional: Set secure flag on cookie. (default: shown below)
+  # NOTE: This should be set to True if you are using TLS
+  cookie_secure: False
+  # Optional: Session length in seconds (default: shown below)
+  session_length: 86400 # 24 hours
+  # Optional: Refresh time in seconds (default: shown below)
+  # When the session is going to expire in less time than this setting,
+  # it will be refreshed back to the session_length.
+  refresh_time: 43200 # 12 hours
+  # Optional: Rate limiting for login failures to help prevent brute force
+  # login attacks (default: shown below)
+  # See the docs for more information on valid values
+  failed_login_rate_limit: None
+  # Optional: Trusted proxies for determining IP address to rate limit
+  # NOTE: This is only used for rate limiting login attempts and does not bypass
+  # authentication. See the authentication docs for more details.
+  trusted_proxies: []
+  # Optional: Number of hashing iterations for user passwords
+  # As of Feb 2023, OWASP recommends 600000 iterations for PBKDF2-SHA256
+  # NOTE: changing this value will not automatically update password hashes, you
+  #       will need to change each user password for it to apply
+  hash_iterations: 600000
+
+# Optional: model modifications
+model:
+  # Optional: path to the model (default: automatic based on detector)
+  path: /edgetpu_model.tflite
+  # Optional: path to the labelmap (default: shown below)
+  labelmap_path: /labelmap.txt
+  # Required: Object detection model input width (default: shown below)
+  width: 320
+  # Required: Object detection model input height (default: shown below)
+  height: 320
+  # Optional: Object detection model input colorspace
+  # Valid values are rgb, bgr, or yuv. (default: shown below)
+  input_pixel_format: rgb
+  # Optional: Object detection model input tensor format
+  # Valid values are nhwc or nchw (default: shown below)
+  input_tensor: nhwc
+  # Optional: Object detection model type, currently only used with the OpenVINO detector
+  # Valid values are ssd, yolox, yolonas (default: shown below)
+  model_type: ssd
+  # Optional: Label name modifications. These are merged into the standard labelmap.
+  labelmap:
+    2: vehicle
+
+# Optional: Audio Events Configuration
+# NOTE: Can be overridden at the camera level
+audio:
+  # Optional: Enable audio events (default: shown below)
+  enabled: False
+  # Optional: Configure the amount of seconds without detected audio to end the event (default: shown below)
+  max_not_heard: 30
+  # Optional: Configure the min rms volume required to run audio detection (default: shown below)
+  # As a rule of thumb:
+  #  - 200 - high sensitivity
+  #  - 500 - medium sensitivity
+  #  - 1000 - low sensitivity
+  min_volume: 500
+  # Optional: Types of audio to listen for (default: shown below)
+  listen:
+    - bark
+    - fire_alarm
+    - scream
+    - speech
+    - yell
+  # Optional: Filters to configure detection.
+  filters:
+    # Label that matches label in listen config.
+    speech:
+      # Minimum score that triggers an audio event (default: shown below)
+      threshold: 0.8
+
+# Optional: logger verbosity settings
+logger:
+  # Optional: Default log verbosity (default: shown below)
+  default: info
+  # Optional: Component specific logger overrides
+  logs:
+    frigate.event: debug
+
+# Optional: set environment variables
+environment_vars:
+  EXAMPLE_VAR: value
+
+# Optional: birdseye configuration
+# NOTE: Can (enabled, mode) be overridden at the camera level
+birdseye:
+  # Optional: Enable birdseye view (default: shown below)
+  enabled: True
+  # Optional: Restream birdseye via RTSP (default: shown below)
+  # NOTE: Enabling this will set birdseye to run 24/7 which may increase CPU usage somewhat.
+  restream: False
+  # Optional: Width of the output resolution (default: shown below)
+  width: 1280
+  # Optional: Height of the output resolution (default: shown below)
+  height: 720
+  # Optional: Encoding quality of the mpeg1 feed (default: shown below)
+  # 1 is the highest quality, and 31 is the lowest. Lower quality feeds utilize less CPU resources.
+  quality: 8
+  # Optional: Mode of the view. Available options are: objects, motion, and continuous
+  #   objects - cameras are included if they have had a tracked object within the last 30 seconds
+  #   motion - cameras are included if motion was detected in the last 30 seconds
+  #   continuous - all cameras are included always
+  mode: objects
+  # Optional: Threshold for camera activity to stop showing camera (default: shown below)
+  inactivity_threshold: 30
+  # Optional: Configure the birdseye layout
+  layout:
+    # Optional: Scaling factor for the layout calculator (default: shown below)
+    scaling_factor: 2.0
+    # Optional: Maximum number of cameras to show at one time, showing the most recent (default: show all cameras)
+    max_cameras: 1
+
+# Optional: ffmpeg configuration
+# More information about presets at https://docs.frigate.video/configuration/ffmpeg_presets
+ffmpeg:
+  # Optional: global ffmpeg args (default: shown below)
+  global_args: -hide_banner -loglevel warning -threads 2
+  # Optional: global hwaccel args (default: auto detect)
+  # NOTE: See hardware acceleration docs for your specific device
+  hwaccel_args: "auto"
+  # Optional: global input args (default: shown below)
+  input_args: preset-rtsp-generic
+  # Optional: global output args
+  output_args:
+    # Optional: output args for detect streams (default: shown below)
+    detect: -threads 2 -f rawvideo -pix_fmt yuv420p
+    # Optional: output args for record streams (default: shown below)
+    record: preset-record-generic
+  # Optional: Time in seconds to wait before ffmpeg retries connecting to the camera. (default: shown below)
+  # If set too low, frigate will retry a connection to the camera's stream too frequently, using up the limited streams some cameras can allow at once
+  # If set too high, then if a ffmpeg crash or camera stream timeout occurs, you could potentially lose up to a maximum of retry_interval second(s) of footage
+  # NOTE: this can be a useful setting for Wireless / Battery cameras to reduce how much footage is potentially lost during a connection timeout.
+  retry_interval: 10
+
+# Optional: Detect configuration
+# NOTE: Can be overridden at the camera level
+detect:
+  # Optional: width of the frame for the input with the detect role (default: use native stream resolution)
+  width: 1280
+  # Optional: height of the frame for the input with the detect role (default: use native stream resolution)
+  height: 720
+  # Optional: desired fps for your camera for the input with the detect role (default: shown below)
+  # NOTE: Recommended value of 5. Ideally, try and reduce your FPS on the camera.
+  fps: 5
+  # Optional: enables detection for the camera (default: True)
+  enabled: True
+  # Optional: Number of consecutive detection hits required for an object to be initialized in the tracker. (default: 1/2 the frame rate)
+  min_initialized: 2
+  # Optional: Number of frames without a detection before Frigate considers an object to be gone. (default: 5x the frame rate)
+  max_disappeared: 25
+  # Optional: Configuration for stationary object tracking
+  stationary:
+    # Optional: Frequency for confirming stationary objects (default: same as threshold)
+    # When set to 1, object detection will run to confirm the object still exists on every frame.
+    # If set to 10, object detection will run to confirm the object still exists on every 10th frame.
+    interval: 50
+    # Optional: Number of frames without a position change for an object to be considered stationary (default: 10x the frame rate or 10s)
+    threshold: 50
+    # Optional: Define a maximum number of frames for tracking a stationary object (default: not set, track forever)
+    # This can help with false positives for objects that should only be stationary for a limited amount of time.
+    # It can also be used to disable stationary object tracking. For example, you may want to set a value for person, but leave
+    # car at the default.
+    # WARNING: Setting these values overrides default behavior and disables stationary object tracking.
+    #          There are very few situations where you would want it disabled. It is NOT recommended to
+    #          copy these values from the example config into your config unless you know they are needed.
+    max_frames:
+      # Optional: Default for all object types (default: not set, track forever)
+      default: 3000
+      # Optional: Object specific values
+      objects:
+        person: 1000
+  # Optional: Milliseconds to offset detect annotations by (default: shown below).
+  # There can often be latency between a recording and the detect process,
+  # especially when using separate streams for detect and record.
+  # Use this setting to make the timeline bounding boxes more closely align
+  # with the recording. The value can be positive or negative.
+  # TIP: Imagine there is an event clip with a person walking from left to right.
+  #      If the event timeline bounding box is consistently to the left of the person
+  #      then the value should be decreased. Similarly, if a person is walking from
+  #      left to right and the bounding box is consistently ahead of the person
+  #      then the value should be increased.
+  # TIP: This offset is dynamic so you can change the value and it will update existing
+  #      events, this makes it easy to tune.
+  # WARNING: Fast moving objects will likely not have the bounding box align.
+  annotation_offset: 0
+
+# Optional: Object configuration
+# NOTE: Can be overridden at the camera level
+objects:
+  # Optional: list of objects to track from labelmap.txt (default: shown below)
+  track:
+    - person
+  # Optional: mask to prevent all object types from being detected in certain areas (default: no mask)
+  # Checks based on the bottom center of the bounding box of the object.
+  # NOTE: This mask is COMBINED with the object type specific mask below
+  mask: 0.000,0.000,0.781,0.000,0.781,0.278,0.000,0.278
+  # Optional: filters to reduce false positives for specific object types
+  filters:
+    person:
+      # Optional: minimum width*height of the bounding box for the detected object (default: 0)
+      min_area: 5000
+      # Optional: maximum width*height of the bounding box for the detected object (default: 24000000)
+      max_area: 100000
+      # Optional: minimum width/height of the bounding box for the detected object (default: 0)
+      min_ratio: 0.5
+      # Optional: maximum width/height of the bounding box for the detected object (default: 24000000)
+      max_ratio: 2.0
+      # Optional: minimum score for the object to initiate tracking (default: shown below)
+      min_score: 0.5
+      # Optional: minimum decimal percentage for tracked object's computed score to be considered a true positive (default: shown below)
+      threshold: 0.7
+      # Optional: mask to prevent this object type from being detected in certain areas (default: no mask)
+      # Checks based on the bottom center of the bounding box of the object
+      mask: 0.000,0.000,0.781,0.000,0.781,0.278,0.000,0.278
+
+# Optional: Review configuration
+# NOTE: Can be overridden at the camera level
+review:
+  # Optional: alerts configuration
+  alerts:
+    # Optional: labels that qualify as an alert (default: shown below)
+    labels:
+      - car
+      - person
+    # Optional: required zones for an object to be marked as an alert (default: none)
+    required_zones:
+      - driveway
+  # Optional: detections configuration
+  detections:
+    # Optional: labels that qualify as a detection (default: all labels that are tracked / listened to)
+    labels:
+      - car
+      - person
+    # Optional: required zones for an object to be marked as a detection (default: none)
+    required_zones:
+      - driveway
+
+# Optional: Motion configuration
+# NOTE: Can be overridden at the camera level
+motion:
+  # Optional: The threshold passed to cv2.threshold to determine if a pixel is different enough to be counted as motion. (default: shown below)
+  # Increasing this value will make motion detection less sensitive and decreasing it will make motion detection more sensitive.
+  # The value should be between 1 and 255.
+  threshold: 30
+  # Optional: The percentage of the image used to detect lightning or other substantial changes where motion detection
+  #           needs to recalibrate. (default: shown below)
+  # Increasing this value will make motion detection more likely to consider lightning or ir mode changes as valid motion.
+  # Decreasing this value will make motion detection more likely to ignore large amounts of motion such as a person approaching
+  # a doorbell camera.
+  lightning_threshold: 0.8
+  # Optional: Minimum size in pixels in the resized motion image that counts as motion (default: shown below)
+  # Increasing this value will prevent smaller areas of motion from being detected. Decreasing will
+  # make motion detection more sensitive to smaller moving objects.
+  # As a rule of thumb:
+  #  - 10 - high sensitivity
+  #  - 30 - medium sensitivity
+  #  - 50 - low sensitivity
+  contour_area: 10
+  # Optional: Alpha value passed to cv2.accumulateWeighted when averaging frames to determine the background (default: shown below)
+  # Higher values mean the current frame impacts the average a lot, and a new object will be averaged into the background faster.
+  # Low values will cause things like moving shadows to be detected as motion for longer.
+  # https://www.geeksforgeeks.org/background-subtraction-in-an-image-using-concept-of-running-average/
+  frame_alpha: 0.01
+  # Optional: Height of the resized motion frame  (default: 100)
+  # Higher values will result in more granular motion detection at the expense of higher CPU usage.
+  # Lower values result in less CPU, but small changes may not register as motion.
+  frame_height: 100
+  # Optional: motion mask
+  # NOTE: see docs for more detailed info on creating masks
+  mask: 0.000,0.469,1.000,0.469,1.000,1.000,0.000,1.000
+  # Optional: improve contrast (default: shown below)
+  # Enables dynamic contrast improvement. This should help improve night detections at the cost of making motion detection more sensitive
+  # for daytime.
+  improve_contrast: True
+  # Optional: Delay when updating camera motion through MQTT from ON -> OFF (default: shown below).
+  mqtt_off_delay: 30
+
+# Optional: Record configuration
+# NOTE: Can be overridden at the camera level
+record:
+  # Optional: Enable recording (default: shown below)
+  # WARNING: If recording is disabled in the config, turning it on via
+  #          the UI or MQTT later will have no effect.
+  enabled: False
+  # Optional: Number of minutes to wait between cleanup runs (default: shown below)
+  # This can be used to reduce the frequency of deleting recording segments from disk if you want to minimize i/o
+  expire_interval: 60
+  # Optional: Sync recordings with disk on startup and once a day (default: shown below).
+  sync_recordings: False
+  # Optional: Retention settings for recording
+  retain:
+    # Optional: Number of days to retain recordings regardless of events (default: shown below)
+    # NOTE: This should be set to 0 and retention should be defined in events section below
+    #       if you only want to retain recordings of events.
+    days: 0
+    # Optional: Mode for retention. Available options are: all, motion, and active_objects
+    #   all - save all recording segments regardless of activity
+    #   motion - save all recordings segments with any detected motion
+    #   active_objects - save all recording segments with active/moving objects
+    # NOTE: this mode only applies when the days setting above is greater than 0
+    mode: all
+  # Optional: Recording Export Settings
+  export:
+    # Optional: Timelapse Output Args (default: shown below).
+    # NOTE: The default args are set to fit 24 hours of recording into 1 hour playback.
+    # See https://stackoverflow.com/a/58268695 for more info on how these args work.
+    # As an example: if you wanted to go from 24 hours to 30 minutes that would be going
+    # from 86400 seconds to 1800 seconds which would be 1800 / 86400 = 0.02.
+    # The -r (framerate) dictates how smooth the output video is.
+    # So the args would be -vf setpts=0.02*PTS -r 30 in that case.
+    timelapse_args: "-vf setpts=0.04*PTS -r 30"
+  # Optional: Recording Preview Settings
+  preview:
+    # Optional: Quality of recording preview (default: shown below).
+    # Options are: very_low, low, medium, high, very_high
+    quality: medium
+  # Optional: Event recording settings
+  events:
+    # Optional: Number of seconds before the event to include (default: shown below)
+    pre_capture: 5
+    # Optional: Number of seconds after the event to include (default: shown below)
+    post_capture: 5
+    # Optional: Objects to save recordings for. (default: all tracked objects)
+    objects:
+      - person
+    # Optional: Retention settings for recordings of events
+    retain:
+      # Required: Default retention days (default: shown below)
+      default: 10
+      # Optional: Mode for retention. (default: shown below)
+      #   all - save all recording segments for events regardless of activity
+      #   motion - save all recordings segments for events with any detected motion
+      #   active_objects - save all recording segments for event with active/moving objects
+      #
+      # NOTE: If the retain mode for the camera is more restrictive than the mode configured
+      #       here, the segments will already be gone by the time this mode is applied.
+      #       For example, if the camera retain mode is "motion", the segments without motion are
+      #       never stored, so setting the mode to "all" here won't bring them back.
+      mode: motion
+      # Optional: Per object retention days
+      objects:
+        person: 15
+
+# Optional: Configuration for the jpg snapshots written to the clips directory for each event
+# NOTE: Can be overridden at the camera level
+snapshots:
+  # Optional: Enable writing jpg snapshot to /media/frigate/clips (default: shown below)
+  enabled: False
+  # Optional: save a clean PNG copy of the snapshot image (default: shown below)
+  clean_copy: True
+  # Optional: print a timestamp on the snapshots (default: shown below)
+  timestamp: False
+  # Optional: draw bounding box on the snapshots (default: shown below)
+  bounding_box: True
+  # Optional: crop the snapshot (default: shown below)
+  crop: False
+  # Optional: height to resize the snapshot to (default: original size)
+  height: 175
+  # Optional: Restrict snapshots to objects that entered any of the listed zones (default: no required zones)
+  required_zones: []
+  # Optional: Camera override for retention settings (default: global values)
+  retain:
+    # Required: Default retention days (default: shown below)
+    default: 10
+    # Optional: Per object retention days
+    objects:
+      person: 15
+  # Optional: quality of the encoded jpeg, 0-100 (default: shown below)
+  quality: 70
+
+# Optional: Restream configuration
+# Uses https://github.com/AlexxIT/go2rtc (v1.8.3)
+go2rtc:
+
+# Optional: jsmpeg stream configuration for WebUI
+live:
+  # Optional: Set the name of the stream that should be used for live view
+  # in frigate WebUI. (default: name of camera)
+  stream_name: camera_name
+  # Optional: Set the height of the jsmpeg stream. (default: 720)
+  # This must be less than or equal to the height of the detect stream. Lower resolutions
+  # reduce bandwidth required for viewing the jsmpeg stream. Width is computed to match known aspect ratio.
+  height: 720
+  # Optional: Set the encode quality of the jsmpeg stream (default: shown below)
+  # 1 is the highest quality, and 31 is the lowest. Lower quality feeds utilize less CPU resources.
+  quality: 8
+
+# Optional: in-feed timestamp style configuration
+# NOTE: Can be overridden at the camera level
+timestamp_style:
+  # Optional: Position of the timestamp (default: shown below)
+  #           "tl" (top left), "tr" (top right), "bl" (bottom left), "br" (bottom right)
+  position: "tl"
+  # Optional: Format specifier conform to the Python package "datetime" (default: shown below)
+  #           Additional Examples:
+  #             german: "%d.%m.%Y %H:%M:%S"
+  format: "%m/%d/%Y %H:%M:%S"
+  # Optional: Color of font
+  color:
+    # All Required when color is specified (default: shown below)
+    red: 255
+    green: 255
+    blue: 255
+  # Optional: Line thickness of font (default: shown below)
+  thickness: 2
+  # Optional: Effect of lettering (default: shown below)
+  #           None (No effect),
+  #           "solid" (solid background in inverse color of font)
+  #           "shadow" (shadow for font)
+  effect: None
+
+# Required
+cameras:
+  # Required: name of the camera
+  back:
+    # Optional: Enable/Disable the camera (default: shown below).
+    # If disabled: config is used but no live stream and no capture etc.
+    # Events/Recordings are still viewable.
+    enabled: True
+    # Required: ffmpeg settings for the camera
+    ffmpeg:
+      # Required: A list of input streams for the camera. See documentation for more information.
+      inputs:
+        # Required: the path to the stream
+        # NOTE: path may include environment variables or docker secrets, which must begin with 'FRIGATE_' and be referenced in {}
+        - path: rtsp://viewer:{FRIGATE_RTSP_PASSWORD}@10.0.10.10:554/cam/realmonitor?channel=1&subtype=2
+          # Required: list of roles for this stream. valid values are: audio,detect,record
+          # NOTICE: In addition to assigning the audio, detect, and record roles
+          # they must also be enabled in the camera config.
+          roles:
+            - audio
+            - detect
+            - record
+          # Optional: stream specific global args (default: inherit)
+          # global_args:
+          # Optional: stream specific hwaccel args (default: inherit)
+          # hwaccel_args:
+          # Optional: stream specific input args (default: inherit)
+          # input_args:
+      # Optional: camera specific global args (default: inherit)
+      # global_args:
+      # Optional: camera specific hwaccel args (default: inherit)
+      # hwaccel_args:
+      # Optional: camera specific input args (default: inherit)
+      # input_args:
+      # Optional: camera specific output args (default: inherit)
+      # output_args:
+
+    # Optional: timeout for highest scoring image before allowing it
+    # to be replaced by a newer image. (default: shown below)
+    best_image_timeout: 60
+
+    # Optional: URL to visit the camera web UI directly from the system page. Might not be available on every camera.
+    webui_url: ""
+
+    # Optional: zones for this camera
+    zones:
+      # Required: name of the zone
+      # NOTE: This must be different than any camera names, but can match with another zone on another
+      #       camera.
+      front_steps:
+        # Required: List of x,y coordinates to define the polygon of the zone.
+        # NOTE: Presence in a zone is evaluated only based on the bottom center of the objects bounding box.
+        coordinates: 0.284,0.997,0.389,0.869,0.410,0.745
+        # Optional: Number of consecutive frames required for object to be considered present in the zone (default: shown below).
+        inertia: 3
+        # Optional: Number of seconds that an object must loiter to be considered in the zone (default: shown below)
+        loitering_time: 0
+        # Optional: List of objects that can trigger this zone (default: all tracked objects)
+        objects:
+          - person
+        # Optional: Zone level object filters.
+        # NOTE: The global and camera filters are applied upstream.
+        filters:
+          person:
+            min_area: 5000
+            max_area: 100000
+            threshold: 0.7
+
+    # Optional: Configuration for the jpg snapshots published via MQTT
+    mqtt:
+      # Optional: Enable publishing snapshot via mqtt for camera (default: shown below)
+      # NOTE: Only applies to publishing image data to MQTT via 'frigate/<camera_name>/<object_name>/snapshot'.
+      # All other messages will still be published.
+      enabled: True
+      # Optional: print a timestamp on the snapshots (default: shown below)
+      timestamp: True
+      # Optional: draw bounding box on the snapshots (default: shown below)
+      bounding_box: True
+      # Optional: crop the snapshot (default: shown below)
+      crop: True
+      # Optional: height to resize the snapshot to (default: shown below)
+      height: 270
+      # Optional: jpeg encode quality (default: shown below)
+      quality: 70
+      # Optional: Restrict mqtt messages to objects that entered any of the listed zones (default: no required zones)
+      required_zones: []
+
+    # Optional: Configuration for how camera is handled in the GUI.
+    ui:
+      # Optional: Adjust sort order of cameras in the UI. Larger numbers come later (default: shown below)
+      # By default the cameras are sorted alphabetically.
+      order: 0
+      # Optional: Whether or not to show the camera in the Frigate UI (default: shown below)
+      dashboard: True
+
+    # Optional: connect to ONVIF camera
+    # to enable PTZ controls.
+    onvif:
+      # Required: host of the camera being connected to.
+      host: 0.0.0.0
+      # Optional: ONVIF port for device (default: shown below).
+      port: 8000
+      # Optional: username for login.
+      # NOTE: Some devices require admin to access ONVIF.
+      user: admin
+      # Optional: password for login.
+      password: admin
+      # Optional: PTZ camera object autotracking. Keeps a moving object in
+      # the center of the frame by automatically moving the PTZ camera.
+      autotracking:
+        # Optional: enable/disable object autotracking. (default: shown below)
+        enabled: False
+        # Optional: calibrate the camera on startup (default: shown below)
+        # A calibration will move the PTZ in increments and measure the time it takes to move.
+        # The results are used to help estimate the position of tracked objects after a camera move.
+        # Frigate will update your config file automatically after a calibration with
+        # a "movement_weights" entry for the camera. You should then set calibrate_on_startup to False.
+        calibrate_on_startup: False
+        # Optional: the mode to use for zooming in/out on objects during autotracking. (default: shown below)
+        # Available options are: disabled, absolute, and relative
+        #   disabled - don't zoom in/out on autotracked objects, use pan/tilt only
+        #   absolute - use absolute zooming (supported by most PTZ capable cameras)
+        #   relative - use relative zooming (not supported on all PTZs, but makes concurrent pan/tilt/zoom movements)
+        zooming: disabled
+        # Optional: A value to change the behavior of zooming on autotracked objects. (default: shown below)
+        # A lower value will keep more of the scene in view around a tracked object.
+        # A higher value will zoom in more on a tracked object, but Frigate may lose tracking more quickly.
+        # The value should be between 0.1 and 0.75
+        zoom_factor: 0.3
+        # Optional: list of objects to track from labelmap.txt (default: shown below)
+        track:
+          - person
+        # Required: Begin automatically tracking an object when it enters any of the listed zones.
+        required_zones:
+          - zone_name
+        # Required: Name of ONVIF preset in camera's firmware to return to when tracking is over. (default: shown below)
+        return_preset: home
+        # Optional: Seconds to delay before returning to preset. (default: shown below)
+        timeout: 10
+        # Optional: Values generated automatically by a camera calibration. Do not modify these manually. (default: shown below)
+        movement_weights: []
+
+    # Optional: Configuration for how to sort the cameras in the Birdseye view.
+    birdseye:
+      # Optional: Adjust sort order of cameras in the Birdseye view. Larger numbers come later (default: shown below)
+      # By default the cameras are sorted alphabetically.
+      order: 0
+
+# Optional
+ui:
+  # Optional: Set a timezone to use in the UI (default: use browser local time)
+  # timezone: America/Denver
+  # Optional: Set the time format used.
+  # Options are browser, 12hour, or 24hour (default: shown below)
+  time_format: browser
+  # Optional: Set the date style for a specified length.
+  # Options are: full, long, medium, short
+  # Examples:
+  #    short: 2/11/23
+  #    medium: Feb 11, 2023
+  #    full: Saturday, February 11, 2023
+  # (default: shown below).
+  date_style: short
+  # Optional: Set the time style for a specified length.
+  # Options are: full, long, medium, short
+  # Examples:
+  #    short: 8:14 PM
+  #    medium: 8:15:22 PM
+  #    full: 8:15:22 PM Mountain Standard Time
+  # (default: shown below).
+  time_style: medium
+  # Optional: Ability to manually override the date / time styling to use strftime format
+  # https://www.gnu.org/software/libc/manual/html_node/Formatting-Calendar-Time.html
+  # possible values are shown above (default: not set)
+  strftime_fmt: "%Y/%m/%d %H:%M"
+
+# Optional: Telemetry configuration
+telemetry:
+  # Optional: Enabled network interfaces for bandwidth stats monitoring (default: empty list, let nethogs search all)
+  network_interfaces:
+    - eth
+    - enp
+    - eno
+    - ens
+    - wl
+    - lo
+  # Optional: Configure system stats
+  stats:
+    # Enable AMD GPU stats (default: shown below)
+    amd_gpu_stats: True
+    # Enable Intel GPU stats (default: shown below)
+    intel_gpu_stats: True
+    # Enable network bandwidth stats monitoring for camera ffmpeg processes, go2rtc, and object detectors. (default: shown below)
+    # NOTE: The container must either be privileged or have cap_net_admin, cap_net_raw capabilities enabled.
+    network_bandwidth: False
+  # Optional: Enable the latest version outbound check (default: shown below)
+  # NOTE: If you use the HomeAssistant integration, disabling this will prevent it from reporting new versions
+  version_check: True
+
+# Optional: Camera groups (default: no groups are setup)
+# NOTE: It is recommended to use the UI to setup camera groups
+camera_groups:
+  # Required: Name of camera group
+  front:
+    # Required: list of cameras in the group
+    cameras:
+      - front_cam
+      - side_cam
+      - front_doorbell_cam
+    # Required: icon used for group
+    icon: car
+    # Required: index of this group
+    order: 0
+```