return 401 for login failures (#15432)

* return 401 for login failures

* only setup the rate limiter when configured

.cspell/frigate-dictionary.txt

@@ -1,168 +1,311 @@
-rtmp
-edgetpu
-labelmap
-rockchip
-jetson
-rocm
-vaapi
-CUDA
-hwaccel
-RTSP
-Hikvision
-Dahua
-Amcrest
-Reolink
-Loryta
-Beelink
-Celeron
-vaapi
-blakeblackshear
-workdir
-onvif
-autotracking
-openvino
-tflite
-deepstack
-codeproject
-udev
-tailscale
-restream
-restreaming
-webrtc
-ssdlite
-mobilenet
-mosquitto
-datasheet
-Jellyfin
-Radeon
-libva
-Ubiquiti
-Unifi
-Tapo
-Annke
-autotracker
-autotracked
-variations
-ONVIF
-traefik
-devcontainer
-rootfs
-ffprobe
-autotrack
-logpipe
-imread
-imwrite
-imencode
-imutils
-thresholded
-timelapse
-ultrafast
-sleeptime
-radeontop
-vainfo
-tmpfs
-homography
-websockets
-LIBAVFORMAT
-NTSC
-onnxruntime
-fourcc
-radeonsi
-paho
-imagestream
-jsonify
-cgroups
-sysconf
-memlimit
-gpuload
-nvml
-setproctitle
-psutil
-Kalman
-frontdoor
-namedtuples
-zeep
-fflags
-probesize
-wallclock
-rknn
-socs
-pydantic
-shms
-imdecode
-colormap
-webui
-mse
-jsmpeg
-unreviewed
-Chromecast
-Swipeable
-flac
-scroller
-cmdline
-toggleable
-bottombar
-opencv
-apexcharts
-buildx
-mqtt
-rawvideo
-defragment
-Norfair
-subclassing
-yolo
-tensorrt
-blackshear
-stylelint
-HACS
-homeassistant
-hass
-castable
-mobiledet
-framebuffer
-mjpeg
-substream
-codeowner
-noninteractive
-restreamed
-mountpoint
-fstype
-OWASP
-iotop
-letsencrypt
-fullchain
-lsusb
-iostat
-usermod
-balena
-passwordless
-debconf
-dpkg
-poweroff
-surveillance
-qnap
-homekit
-colorspace
-quantisation
-skylake
-Cuvid
-foscam
-onnx
-numpy
-protobuf
 aarch
+absdiff
+airockchip
+Alloc
+Amcrest
 amdgpu
-chipset
-referer
-mpegts
-webp
+analyzeduration
+Annke
+apexcharts
+arange
+argmax
+argmin
+argpartition
+ascontiguousarray
+astype
 authelia
 authentik
-unichip
-rebranded
-udevadm
+autodetected
 automations
-unraid
-hideable
+autotrack
+autotracked
+autotracker
+autotracking
+balena
+Beelink
+BGRA
+BHWC
+blackshear
+blakeblackshear
+bottombar
+buildx
+castable
+cdist
+Celeron
+cgroups
+chipset
+chromadb
+Chromecast
+cmdline
+codeowner
+CODEOWNERS
+codeproject
+colormap
+colorspace
+comms
+coro
+ctypeslib
+CUDA
+Cuvid
+Dahua
+datasheet
+debconf
+deci
+deepstack
+defragment
+devcontainer
+DEVICEMAP
+discardcorrupt
+dpkg
+dsize
+dtype
+ECONNRESET
+edgetpu
+fastapi
+faststart
+fflags
+ffprobe
+fillna
+flac
+foscam
+fourcc
+framebuffer
+fregate
+frégate
+fromarray
+frombuffer
+frontdoor
+fstype
+fullchain
+fullscreen
+genai
+generativeai
+genpts
+getpid
+gpuload
+HACS
+Hailo
+hass
+hconcat
 healthcheck
-keepalive
+hideable
+Hikvision
+homeassistant
+homekit
+homography
+hsize
+hstack
+httpx
+hwaccel
+hwdownload
+hwmap
+hwupload
+iloc
+imagestream
+imdecode
+imencode
+imread
+imutils
+imwrite
+interp
+iostat
+iotop
+itemsize
+Jellyfin
+jetson
+jetsons
+joserfc
+jsmpeg
+jsonify
+Kalman
+keepalive
+keepdims
+labelmap
+letsencrypt
+levelname
+LIBAVFORMAT
+libedgetpu
+libnvinfer
+libva
+libwebp
+libx
+libyolo
+linalg
+localzone
+logpipe
+Loryta
+lstsq
+lsusb
+markupsafe
+maxsplit
+MEMHOSTALLOC
+memlimit
+meshgrid
+metadatas
+migraphx
+minilm
+mjpeg
+mkfifo
+mobiledet
+mobilenet
+modelpath
+mosquitto
+mountpoint
+movflags
+mpegts
+mqtt
+mse
+msenc
+namedtuples
+nbytes
+nchw
+ndarray
+ndimage
+nethogs
+newaxis
+nhwc
+NOBLOCK
+nobuffer
+nokey
+NONBLOCK
+noninteractive
+noprint
+Norfair
+nptype
+NTSC
+numpy
+nvenc
+nvhost
+nvml
+nvmpi
+ollama
+onnx
+onnxruntime
+onvif
+ONVIF
+openai
+opencv
+openvino
+OWASP
+paho
+passwordless
+popleft
+posthog
+postprocess
+poweroff
+preexec
+probesize
+protobuf
+pstate
+psutil
+pubkey
+putenv
+pycache
+pydantic
+pyobj
+pysqlite
+pytz
+pywebpush
+qnap
+quantisation
+Radeon
+radeonsi
+radeontop
+rawvideo
+rcond
+RDONLY
+rebranded
+referer
+reindex
+Reolink
+restream
+restreamed
+restreaming
+rkmpp
+rknn
+rkrga
+rockchip
+rocm
+rocminfo
+rootfs
+rtmp
+RTSP
+ruamel
+scroller
+setproctitle
+setpts
+shms
+SIGUSR
+skylake
+sleeptime
+SNDMORE
+socs
+sqliteq
+sqlitevecq
+ssdlite
+statm
+stimeout
+stylelint
+subclassing
+substream
+superfast
+surveillance
+svscan
+Swipeable
+sysconf
+tailscale
+Tapo
+tensorrt
+tflite
+thresholded
+timelapse
+tmpfs
+tobytes
+toggleable
+traefik
+tzlocal
+Ubiquiti
+udev
+udevadm
+ultrafast
+unichip
+unidecode
+Unifi
+unixepoch
+unraid
+unreviewed
+userdata
+usermod
+uvicorn
+vaapi
+vainfo
+variations
+vbios
+vconcat
+vitb
+vstream
+vsync
+wallclock
+webp
+webpush
+webrtc
+websockets
+webui
+werkzeug
+workdir
+WRONLY
+wsgirefserver
+wsgiutils
+wsize
+xaddr
+xmaxs
+xmins
+XPUB
+XSUB
+ymaxs
+ymins
+yolo
+yolonas
+yolox
+zeep
+zerolatency

.devcontainer/devcontainer.json

@@ -10,9 +10,9 @@
   "features": {
     "ghcr.io/devcontainers/features/common-utils:1": {}
   },
-  "forwardPorts": [8080, 5000, 5001, 5173, 8554, 8555],
+  "forwardPorts": [8971, 5000, 5001, 5173, 8554, 8555],
   "portsAttributes": {
-    "8080": {
+    "8971": {
       "label": "External NGINX",
       "onAutoForward": "silent"
     },
@@ -52,7 +52,8 @@
         "csstools.postcss",
         "blanu.vscode-styled-jsx",
         "bradlc.vscode-tailwindcss",
-        "charliermarsh.ruff"
+        "charliermarsh.ruff",
+        "eamodio.gitlens"
       ],
       "settings": {
         "remote.autoForwardPorts": false,

.devcontainer/post_create.sh

@@ -3,10 +3,12 @@
 set -euxo pipefail
 
 # Cleanup the old github host key
-sed -i -e '/AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31\/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi\/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==/d' ~/.ssh/known_hosts
-# Add new github host key
-curl -L https://api.github.com/meta | jq -r '.ssh_keys | .[]' | \
-  sed -e 's/^/github.com /' >> ~/.ssh/known_hosts
+if [[ -f ~/.ssh/known_hosts ]]; then
+  # Add new github host key
+  sed -i -e '/AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31\/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi\/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==/d' ~/.ssh/known_hosts
+  curl -L https://api.github.com/meta | jq -r '.ssh_keys | .[]' | \
+    sed -e 's/^/github.com /' >> ~/.ssh/known_hosts
+fi
 
 # Frigate normal container runs as root, so it have permission to create
 # the folders. But the devcontainer runs as the host user, so we need to
@@ -17,7 +19,7 @@ sudo chown -R "$(id -u):$(id -g)" /media/frigate
 # When started as a service, LIBAVFORMAT_VERSION_MAJOR is defined in the
 # s6 service file. For dev, where frigate is started from an interactive
 # shell, we define it in .bashrc instead.
-echo 'export LIBAVFORMAT_VERSION_MAJOR=$(ffmpeg -version | grep -Po "libavformat\W+\K\d+")' >> $HOME/.bashrc
+echo 'export LIBAVFORMAT_VERSION_MAJOR=$(/usr/lib/ffmpeg/7.0/bin/ffmpeg -version | grep -Po "libavformat\W+\K\d+")' >> $HOME/.bashrc
 
 make version
 

.github/DISCUSSION_TEMPLATE/camera-support.yml

@@ -1,6 +1,16 @@
 title: "[Camera Support]: "
 labels: ["support", "triage"]
 body:
+  - type: markdown
+    attributes:
+      value: |
+        Use this form for support or questions for an issue with your cameras.
+
+        Before submitting your support request, please [search the discussions][discussions], read the [official Frigate documentation][docs], and read the [Frigate FAQ][faq] pinned at the Discussion page to see if your question has already been answered by the community.
+
+        [discussions]: https://www.github.com/blakeblackshear/frigate/discussions
+        [docs]: https://docs.frigate.video
+        [faq]: https://github.com/blakeblackshear/frigate/discussions/12724
   - type: textarea
     id: description
     attributes:
@@ -11,9 +21,15 @@ body:
     id: version
     attributes:
       label: Version
-      description: Visible on the System page in the Web UI
+      description: Visible on the System page in the Web UI. Please include the full version including the build identifier (eg. 0.14.0-ea36ds1)
     validations:
       required: true
+  - type: input
+    attributes:
+      label: What browser(s) are you using?
+      placeholder: Google Chrome 88.0.4324.150
+      description: >
+        Provide the full name and don't forget to add the version!
   - type: textarea
     id: config
     attributes:
@@ -23,10 +39,18 @@ body:
     validations:
       required: true
   - type: textarea
-    id: logs
+    id: frigatelogs
     attributes:
-      label: Relevant log output
-      description: Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks.
+      label: Relevant Frigate log output
+      description: Please copy and paste any relevant Frigate log output. Include logs before and after your exact error when possible. This will be automatically formatted into code, so no need for backticks.
+      render: shell
+    validations:
+      required: true
+  - type: textarea
+    id: go2rtclogs
+    attributes:
+      label: Relevant go2rtc log output
+      description: Please copy and paste any relevant go2rtc log output. Include logs before and after your exact error when possible. Logs can be viewed via the Frigate UI, Docker, or the go2rtc dashboard. This will be automatically formatted into code, so no need for backticks.
       render: shell
     validations:
       required: true
@@ -34,7 +58,7 @@ body:
     id: ffprobe
     attributes:
       label: FFprobe output from your camera
-      description: Run `ffprobe <camera_url>` and provide output below
+      description: Run `ffprobe <camera_url>` from within the Frigate container if possible, and provide output below
       render: shell
     validations:
       required: true
@@ -66,17 +90,20 @@ body:
         - HassOS Addon
         - Docker Compose
         - Docker CLI
+        - Proxmox via Docker
+        - Proxmox via TTeck Script
+        - Windows WSL2
     validations:
       required: true
   - type: dropdown
-    id: coral
+    id: object-detector
     attributes:
-      label: Coral version
+      label: Object Detector
       options:
-        - USB
-        - PCIe
-        - M.2
-        - Dev Board
+        - Coral
+        - OpenVino
+        - TensorRT
+        - RKNN
         - Other
         - CPU (no coral)
     validations:
@@ -98,6 +125,13 @@ body:
       description: Dahua, hikvision, amcrest, reolink, etc and model number
     validations:
       required: true
+  - type: textarea
+    id: screenshots
+    attributes:
+      label: Screenshots of the Frigate UI's System metrics pages
+      description: Drag and drop for images is possible in this field. Please post screenshots of at least General and Cameras tabs.
+    validations:
+      required: true
   - type: textarea
     id: other
     attributes:

.github/DISCUSSION_TEMPLATE/config-support.yml

@@ -1,6 +1,16 @@
 title: "[Config Support]: "
 labels: ["support", "triage"]
 body:
+  - type: markdown
+    attributes:
+      value: |
+        Use this form for support or questions related to Frigate's configuration and config file.
+
+        Before submitting your support request, please [search the discussions][discussions], read the [official Frigate documentation][docs], and read the [Frigate FAQ][faq] pinned at the Discussion page to see if your question has already been answered by the community.
+
+        [discussions]: https://www.github.com/blakeblackshear/frigate/discussions
+        [docs]: https://docs.frigate.video
+        [faq]: https://github.com/blakeblackshear/frigate/discussions/12724
   - type: textarea
     id: description
     attributes:
@@ -11,7 +21,7 @@ body:
     id: version
     attributes:
       label: Version
-      description: Visible on the System page in the Web UI
+      description: Visible on the System page in the Web UI. Please include the full version including the build identifier (eg. 0.14.0-ea36ds1)
     validations:
       required: true
   - type: textarea
@@ -23,10 +33,18 @@ body:
     validations:
       required: true
   - type: textarea
-    id: logs
+    id: frigatelogs
     attributes:
-      label: Relevant log output
-      description: Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks.
+      label: Relevant Frigate log output
+      description: Please copy and paste any relevant Frigate log output. Include logs before and after your exact error when possible. This will be automatically formatted into code, so no need for backticks.
+      render: shell
+    validations:
+      required: true
+  - type: textarea
+    id: go2rtclogs
+    attributes:
+      label: Relevant go2rtc log output
+      description: Please copy and paste any relevant go2rtc log output. Include logs before and after your exact error when possible. This will be automatically formatted into code, so no need for backticks.
       render: shell
     validations:
       required: true
@@ -58,21 +76,37 @@ body:
         - HassOS Addon
         - Docker Compose
         - Docker CLI
+        - Proxmox via Docker
+        - Proxmox via TTeck Script
+        - Windows WSL2
+    validations:
+      required: true
+  - type: textarea
+    id: docker
+    attributes:
+      label: docker-compose file or Docker CLI command
+      description: This will be automatically formatted into code, so no need for backticks.
+      render: yaml
     validations:
       required: true
   - type: dropdown
-    id: coral
+    id: object-detector
     attributes:
-      label: Coral version
+      label: Object Detector
       options:
-        - USB
-        - PCIe
-        - M.2
-        - Dev Board
+        - Coral
+        - OpenVino
+        - TensorRT
+        - RKNN
         - Other
         - CPU (no coral)
     validations:
       required: true
+  - type: textarea
+    id: screenshots
+    attributes:
+      label: Screenshots of the Frigate UI's System metrics pages
+      description: Drag and drop or simple cut/paste is possible in this field
   - type: textarea
     id: other
     attributes:

.github/DISCUSSION_TEMPLATE/detector-support.yml

@@ -1,6 +1,16 @@
 title: "[Detector Support]: "
 labels: ["support", "triage"]
 body:
+  - type: markdown
+    attributes:
+      value: |
+        Use this form for support or questions related to Frigate's object detectors.
+
+        Before submitting your support request, please [search the discussions][discussions], read the [official Frigate documentation][docs], and read the [Frigate FAQ][faq] pinned at the Discussion page to see if your question has already been answered by the community.
+
+        [discussions]: https://www.github.com/blakeblackshear/frigate/discussions
+        [docs]: https://docs.frigate.video
+        [faq]: https://github.com/blakeblackshear/frigate/discussions/12724
   - type: textarea
     id: description
     attributes:
@@ -11,7 +21,7 @@ body:
     id: version
     attributes:
       label: Version
-      description: Visible on the System page in the Web UI
+      description: Visible on the System page in the Web UI. Please include the full version including the build identifier (eg. 0.14.0-ea36ds1)
     validations:
       required: true
   - type: textarea
@@ -31,27 +41,13 @@ body:
     validations:
       required: true
   - type: textarea
-    id: logs
+    id: frigatelogs
     attributes:
-      label: Relevant log output
-      description: Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks.
+      label: Relevant Frigate log output
+      description: Please copy and paste any relevant Frigate log output. Include logs before and after your exact error when possible. This will be automatically formatted into code, so no need for backticks.
       render: shell
     validations:
       required: true
-  - type: dropdown
-    id: os
-    attributes:
-      label: Operating system
-      options:
-        - HassOS
-        - Debian
-        - Other Linux
-        - Proxmox
-        - UNRAID
-        - Windows
-        - Other
-    validations:
-      required: true
   - type: dropdown
     id: install-method
     attributes:
@@ -60,21 +56,31 @@ body:
         - HassOS Addon
         - Docker Compose
         - Docker CLI
+        - Proxmox via Docker
+        - Proxmox via TTeck Script
+        - Windows WSL2
     validations:
       required: true
   - type: dropdown
-    id: coral
+    id: object-detector
     attributes:
-      label: Coral version
+      label: Object Detector
       options:
-        - USB
-        - PCIe
-        - M.2
-        - Dev Board
+        - Coral
+        - OpenVino
+        - TensorRT
+        - RKNN
         - Other
         - CPU (no coral)
     validations:
       required: true
+  - type: textarea
+    id: screenshots
+    attributes:
+      label: Screenshots of the Frigate UI's System metrics pages
+      description: Drag and drop for images is possible in this field. Please post screenshots of at least General and Cameras tabs.
+    validations:
+      required: true
   - type: textarea
     id: other
     attributes:

.github/DISCUSSION_TEMPLATE/general-support.yml

@@ -1,6 +1,16 @@
 title: "[Support]: "
 labels: ["support", "triage"]
 body:
+  - type: markdown
+    attributes:
+      value: |
+        Use this form for support for issues that don't fall into any specific category.
+
+        Before submitting your support request, please [search the discussions][discussions], read the [official Frigate documentation][docs], and read the [Frigate FAQ][faq] pinned at the Discussion page to see if your question has already been answered by the community.
+
+        [discussions]: https://www.github.com/blakeblackshear/frigate/discussions
+        [docs]: https://docs.frigate.video
+        [faq]: https://github.com/blakeblackshear/frigate/discussions/12724
   - type: textarea
     id: description
     attributes:
@@ -11,9 +21,15 @@ body:
     id: version
     attributes:
       label: Version
-      description: Visible on the System page in the Web UI
+      description: Visible on the System page in the Web UI. Please include the full version including the build identifier (eg. 0.14.0-ea36ds1)
     validations:
       required: true
+  - type: input
+    attributes:
+      label: What browser(s) are you using?
+      placeholder: Google Chrome 88.0.4324.150
+      description: >
+        Provide the full name and don't forget to add the version!
   - type: textarea
     id: config
     attributes:
@@ -23,10 +39,18 @@ body:
     validations:
       required: true
   - type: textarea
-    id: logs
+    id: frigatelogs
     attributes:
-      label: Relevant log output
-      description: Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks.
+      label: Relevant Frigate log output
+      description: Please copy and paste any relevant Frigate log output. Include logs before and after your exact error when possible. This will be automatically formatted into code, so no need for backticks.
+      render: shell
+    validations:
+      required: true
+  - type: textarea
+    id: go2rtclogs
+    attributes:
+      label: Relevant go2rtc log output
+      description: Please copy and paste any relevant go2rtc log output. Include logs before and after your exact error when possible. Logs can be viewed via the Frigate UI, Docker, or the go2rtc dashboard. This will be automatically formatted into code, so no need for backticks.
       render: shell
     validations:
       required: true
@@ -34,7 +58,7 @@ body:
     id: ffprobe
     attributes:
       label: FFprobe output from your camera
-      description: Run `ffprobe <camera_url>` and provide output below
+      description: Run `ffprobe <camera_url>` from within the Frigate container if possible, and provide output below
       render: shell
     validations:
       required: true
@@ -44,20 +68,6 @@ body:
       label: Frigate stats
       description: Output from frigate's /api/stats endpoint
       render: json
-  - type: dropdown
-    id: os
-    attributes:
-      label: Operating system
-      options:
-        - HassOS
-        - Debian
-        - Other Linux
-        - Proxmox
-        - UNRAID
-        - Windows
-        - Other
-    validations:
-      required: true
   - type: dropdown
     id: install-method
     attributes:
@@ -66,17 +76,28 @@ body:
         - HassOS Addon
         - Docker Compose
         - Docker CLI
+        - Proxmox via Docker
+        - Proxmox via TTeck Script
+        - Windows WSL2
+    validations:
+      required: true
+  - type: textarea
+    id: docker
+    attributes:
+      label: docker-compose file or Docker CLI command
+      description: This will be automatically formatted into code, so no need for backticks.
+      render: yaml
     validations:
       required: true
   - type: dropdown
-    id: coral
+    id: object-detector
     attributes:
-      label: Coral version
+      label: Object Detector
       options:
-        - USB
-        - PCIe
-        - M.2
-        - Dev Board
+        - Coral
+        - OpenVino
+        - TensorRT
+        - RKNN
         - Other
         - CPU (no coral)
     validations:
@@ -98,6 +119,11 @@ body:
       description: Dahua, hikvision, amcrest, reolink, etc and model number
     validations:
       required: true
+  - type: textarea
+    id: screenshots
+    attributes:
+      label: Screenshots of the Frigate UI's System metrics pages
+      description: Drag and drop for images is possible in this field
   - type: textarea
     id: other
     attributes:

.github/DISCUSSION_TEMPLATE/hardware-acceleration-support.yml

@@ -1,6 +1,16 @@
 title: "[HW Accel Support]: "
 labels: ["support", "triage"]
 body:
+  - type: markdown
+    attributes:
+      value: |
+        Use this form to submit a support request for hardware acceleration issues.
+
+        Before submitting your support request, please [search the discussions][discussions], read the [official Frigate documentation][docs], and read the [Frigate FAQ][faq] pinned at the Discussion page to see if your question has already been answered by the community.
+
+        [discussions]: https://www.github.com/blakeblackshear/frigate/discussions
+        [docs]: https://docs.frigate.video
+        [faq]: https://github.com/blakeblackshear/frigate/discussions/12724
   - type: textarea
     id: description
     attributes:
@@ -11,7 +21,7 @@ body:
     id: version
     attributes:
       label: Version
-      description: Visible on the System page in the Web UI
+      description: Visible on the System page in the Web UI. Please include the full version including the build identifier (eg. 0.14.0-ea36ds1)
     validations:
       required: true
   - type: textarea
@@ -31,10 +41,18 @@ body:
     validations:
       required: true
   - type: textarea
-    id: logs
+    id: frigatelogs
     attributes:
-      label: Relevant log output
-      description: Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks.
+      label: Relevant Frigate log output
+      description: Please copy and paste any relevant Frigate log output. Include logs before and after your exact error when possible. This will be automatically formatted into code, so no need for backticks.
+      render: shell
+    validations:
+      required: true
+  - type: textarea
+    id: go2rtclogs
+    attributes:
+      label: Relevant go2rtc log output
+      description: Please copy and paste any relevant go2rtc log output. Include logs before and after your exact error when possible. Logs can be viewed via the Frigate UI, Docker, or the go2rtc dashboard. This will be automatically formatted into code, so no need for backticks.
       render: shell
     validations:
       required: true
@@ -42,24 +60,10 @@ body:
     id: ffprobe
     attributes:
       label: FFprobe output from your camera
-      description: Run `ffprobe <camera_url>` and provide output below
+      description: Run `ffprobe <camera_url>` from within the Frigate container if possible, and provide output below
       render: shell
     validations:
       required: true
-  - type: dropdown
-    id: os
-    attributes:
-      label: Operating system
-      options:
-        - HassOS
-        - Debian
-        - Other Linux
-        - Proxmox
-        - UNRAID
-        - Windows
-        - Other
-    validations:
-      required: true
   - type: dropdown
     id: install-method
     attributes:
@@ -68,6 +72,22 @@ body:
         - HassOS Addon
         - Docker Compose
         - Docker CLI
+        - Proxmox via Docker
+        - Proxmox via TTeck Script
+        - Windows WSL2
+    validations:
+      required: true
+  - type: dropdown
+    id: object-detector
+    attributes:
+      label: Object Detector
+      options:
+        - Coral
+        - OpenVino
+        - TensorRT
+        - RKNN
+        - Other
+        - CPU (no coral)
     validations:
       required: true
   - type: dropdown
@@ -87,6 +107,13 @@ body:
       description: Dahua, hikvision, amcrest, reolink, etc and model number
     validations:
       required: true
+  - type: textarea
+    id: screenshots
+    attributes:
+      label: Screenshots of the Frigate UI's System metrics pages
+      description: Drag and drop for images is possible in this field. Please post screenshots of at least General and Cameras tabs.
+    validations:
+      required: true
   - type: textarea
     id: other
     attributes:

.github/DISCUSSION_TEMPLATE/question.yml

@@ -1,9 +1,21 @@
 title: "[Question]: "
 labels: ["question"]
 body:
+  - type: markdown
+    attributes:
+      value: |
+        Use this form for questions you have about Frigate.
+
+        Before submitting your question, please [search the discussions][discussions], read the [official Frigate documentation][docs], and read the [Frigate FAQ][faq] pinned at the Discussion page to see if your question has already been answered by the community.
+
+        **If you are looking for support, start a new discussion and use a support category.**
+
+        [discussions]: https://www.github.com/blakeblackshear/frigate/discussions
+        [docs]: https://docs.frigate.video
+        [faq]: https://github.com/blakeblackshear/frigate/discussions/12724
   - type: textarea
     id: description
     attributes:
-      label: "What is your question:"
+      label: "What is your question?"
     validations:
       required: true

.github/DISCUSSION_TEMPLATE/report-a-bug.yml

@@ -0,0 +1,146 @@
+title: "[Bug]: "
+labels: ["bug", "triage"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Use this form to submit a reproducible bug in Frigate or Frigate's UI.
+
+        Before submitting your bug report, please [search the discussions][discussions], look at recent open and closed [pull requests][prs], read the [official Frigate documentation][docs], and read the [Frigate FAQ][faq] pinned at the Discussion page to see if your bug has already been fixed by the developers or reported by the community.
+
+        **If you are unsure if your issue is actually a bug or not, please submit a support request first.**
+
+        [discussions]: https://www.github.com/blakeblackshear/frigate/discussions
+        [prs]: https://www.github.com/blakeblackshear/frigate/pulls
+        [docs]: https://docs.frigate.video
+        [faq]: https://github.com/blakeblackshear/frigate/discussions/12724
+  - type: checkboxes
+    attributes:
+      label: Checklist
+      description: Please verify that you've followed these steps
+      options:
+        - label: I have updated to the latest available Frigate version.
+          required: true
+        - label: I have cleared the cache of my browser.
+          required: true
+        - label: I have tried a different browser to see if it is related to my browser.
+          required: true
+        - label: I have tried reproducing the issue in [incognito mode](https://www.computerworld.com/article/1719851/how-to-go-incognito-in-chrome-firefox-safari-and-edge.html) to rule out problems with any third party extensions or plugins I have installed.
+  - type: textarea
+    id: description
+    attributes:
+      label: Describe the problem you are having
+      description: Provide a clear and concise description of what the bug is.
+    validations:
+      required: true
+  - type: textarea
+    id: steps
+    attributes:
+      label: Steps to reproduce
+      description: |
+        Please tell us exactly how to reproduce your issue.
+        Provide clear and concise step by step instructions and add code snippets if needed.
+      value: |
+        1.
+        2.
+        3.
+        ...
+    validations:
+      required: true
+  - type: input
+    id: version
+    attributes:
+      label: Version
+      description: Visible on the System page in the Web UI. Please include the full version including the build identifier (eg. 0.14.0-ea36ds1)
+    validations:
+      required: true
+  - type: input
+    attributes:
+      label: In which browser(s) are you experiencing the issue with?
+      placeholder: Google Chrome 88.0.4324.150
+      description: >
+        Provide the full name and don't forget to add the version!
+  - type: textarea
+    id: config
+    attributes:
+      label: Frigate config file
+      description: This will be automatically formatted into code, so no need for backticks.
+      render: yaml
+    validations:
+      required: true
+  - type: textarea
+    id: docker
+    attributes:
+      label: docker-compose file or Docker CLI command
+      description: This will be automatically formatted into code, so no need for backticks.
+      render: yaml
+    validations:
+      required: true
+  - type: textarea
+    id: frigatelogs
+    attributes:
+      label: Relevant Frigate log output
+      description: Please copy and paste any relevant Frigate log output. Include logs before and after your exact error when possible. This will be automatically formatted into code, so no need for backticks.
+      render: shell
+    validations:
+      required: true
+  - type: textarea
+    id: go2rtclogs
+    attributes:
+      label: Relevant go2rtc log output
+      description: Please copy and paste any relevant go2rtc log output. Include logs before and after your exact error when possible. Logs can be viewed via the Frigate UI, Docker, or the go2rtc dashboard. This will be automatically formatted into code, so no need for backticks.
+      render: shell
+    validations:
+      required: true
+  - type: dropdown
+    id: os
+    attributes:
+      label: Operating system
+      options:
+        - HassOS
+        - Debian
+        - Other Linux
+        - Proxmox
+        - UNRAID
+        - Windows
+        - Other
+    validations:
+      required: true
+  - type: dropdown
+    id: install-method
+    attributes:
+      label: Install method
+      options:
+        - HassOS Addon
+        - Docker Compose
+        - Docker CLI
+    validations:
+      required: true
+  - type: dropdown
+    id: network
+    attributes:
+      label: Network connection
+      options:
+        - Wired
+        - Wireless
+        - Mixed
+    validations:
+      required: true
+  - type: input
+    id: camera
+    attributes:
+      label: Camera make and model
+      description: Dahua, hikvision, amcrest, reolink, etc and model number
+    validations:
+      required: true
+  - type: textarea
+    id: screenshots
+    attributes:
+      label: Screenshots of the Frigate UI's System metrics pages
+      description: Drag and drop for images is possible in this field. Please post screenshots of all tabs.
+    validations:
+      required: true
+  - type: textarea
+    id: other
+    attributes:
+      label: Any other information that may be helpful

.github/FUNDING.yml

@@ -1,3 +1,4 @@
 github:
   - blakeblackshear
   - NickM-27
+  - hawkeye217

.github/ISSUE_TEMPLATE/config.yml

@@ -2,4 +2,7 @@ blank_issues_enabled: false
 contact_links:
   - name: Frigate Support
     url: https://github.com/blakeblackshear/frigate/discussions/new/choose
-    about: Get support for setting up or troubelshooting Frigate.
+    about: Get support for setting up or troubleshooting Frigate.
+  - name: Frigate Bug Report
+    url: https://github.com/blakeblackshear/frigate/discussions/new/choose
+    about: Report a specific UI or backend bug.

.github/actions/setup/action.yml

@@ -5,7 +5,7 @@ inputs:
     required: true
 outputs:
   image-name:
-    value: ghcr.io/${{ steps.lowercaseRepo.outputs.lowercase }}:${{ github.ref_name }}-${{ steps.create-short-sha.outputs.SHORT_SHA }}
+    value: ghcr.io/${{ steps.lowercaseRepo.outputs.lowercase }}:${{ steps.create-short-sha.outputs.SHORT_SHA }}
   cache-name:
     value: ghcr.io/${{ steps.lowercaseRepo.outputs.lowercase }}:cache
 runs:

.github/pull_request_template.md

@@ -0,0 +1,32 @@
+## Proposed change
+<!--
+  Describe what this pull request does and how it will benefit users of Frigate.
+  Please describe in detail any considerations, breaking changes, etc. that are 
+  made in this pull request.
+-->
+
+
+## Type of change
+
+- [ ] Dependency upgrade
+- [ ] Bugfix (non-breaking change which fixes an issue)
+- [ ] New feature
+- [ ] Breaking change (fix/feature causing existing functionality to break)
+- [ ] Code quality improvements to existing code
+- [ ] Documentation Update
+
+## Additional information
+
+- This PR fixes or closes issue: fixes #
+- This PR is related to issue: 
+
+## Checklist
+
+<!--
+  Put an `x` in the boxes that apply.
+-->
+
+- [ ] The code change is tested and works locally.
+- [ ] Local tests pass. **Your PR cannot be merged unless tests pass**
+- [ ] There is no commented out code in this PR.
+- [ ] The code has been formatted using Ruff (`ruff format frigate`)

.github/workflows/ci.yml

@@ -6,6 +6,8 @@ on:
     branches:
       - dev
       - master
+    paths-ignore:
+      - 'docs/**'      
 
 # only run the latest commit to avoid cache overwrites
 concurrency:
@@ -155,57 +157,64 @@ jobs:
             tensorrt.tags=${{ steps.setup.outputs.image-name }}-tensorrt
             *.cache-from=type=registry,ref=${{ steps.setup.outputs.cache-name }}-amd64
             *.cache-to=type=registry,ref=${{ steps.setup.outputs.cache-name }}-amd64,mode=max
-      #- name: AMD/ROCm general build
-      #  env:
-      #    AMDGPU: gfx
-      #    HSA_OVERRIDE: 0
-      #  uses: docker/bake-action@v3
-      #  with:
-      #    push: true
-      #    targets: rocm
-      #    files: docker/rocm/rocm.hcl
-      #    set: |
-      #      rocm.tags=${{ steps.setup.outputs.image-name }}-rocm
-      #      *.cache-from=type=gha
-      #- name: AMD/ROCm gfx900
-      #  env:
-      #    AMDGPU: gfx900
-      #    HSA_OVERRIDE: 1
-      #    HSA_OVERRIDE_GFX_VERSION: 9.0.0
-      #  uses: docker/bake-action@v3
-      #  with:
-      #    push: true
-      #    targets: rocm
-      #    files: docker/rocm/rocm.hcl
-      #    set: |
-      #      rocm.tags=${{ steps.setup.outputs.image-name }}-rocm-gfx900
-      #      *.cache-from=type=gha
-      #- name: AMD/ROCm gfx1030
-      #  env:
-      #    AMDGPU: gfx1030
-      #    HSA_OVERRIDE: 1
-      #    HSA_OVERRIDE_GFX_VERSION: 10.3.0
-      #  uses: docker/bake-action@v3
-      #  with:
-      #    push: true
-      #    targets: rocm
-      #    files: docker/rocm/rocm.hcl
-      #    set: |
-      #      rocm.tags=${{ steps.setup.outputs.image-name }}-rocm-gfx1030
-      #      *.cache-from=type=gha
-      #- name: AMD/ROCm gfx1100
-      #  env:
-      #    AMDGPU: gfx1100
-      #    HSA_OVERRIDE: 1
-      #    HSA_OVERRIDE_GFX_VERSION: 11.0.0
-      #  uses: docker/bake-action@v3
-      #  with:
-      #    push: true
-      #    targets: rocm
-      #    files: docker/rocm/rocm.hcl
-      #    set: |
-      #      rocm.tags=${{ steps.setup.outputs.image-name }}-rocm-gfx1100
-      #      *.cache-from=type=gha
+  arm64_extra_builds:
+    runs-on: ubuntu-latest
+    name: ARM Extra Build
+    needs:
+      - arm64_build
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+      - name: Set up QEMU and Buildx
+        id: setup
+        uses: ./.github/actions/setup
+        with:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Build and push Rockchip build
+        uses: docker/bake-action@v3
+        with:
+          push: true
+          targets: rk
+          files: docker/rockchip/rk.hcl
+          set: |
+            rk.tags=${{ steps.setup.outputs.image-name }}-rk
+            *.cache-from=type=gha
+  combined_extra_builds:
+    runs-on: ubuntu-latest
+    name: Combined Extra Builds
+    needs:
+      - amd64_build
+      - arm64_build
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+      - name: Set up QEMU and Buildx
+        id: setup
+        uses: ./.github/actions/setup
+        with:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Build and push Hailo-8l build
+        uses: docker/bake-action@v4
+        with:
+          push: true
+          targets: h8l
+          files: docker/hailo8l/h8l.hcl
+          set: |
+            h8l.tags=${{ steps.setup.outputs.image-name }}-h8l
+            *.cache-from=type=registry,ref=${{ steps.setup.outputs.cache-name }}-h8l
+            *.cache-to=type=registry,ref=${{ steps.setup.outputs.cache-name }}-h8l,mode=max
+      - name: AMD/ROCm general build
+        env:
+          AMDGPU: gfx
+          HSA_OVERRIDE: 0
+        uses: docker/bake-action@v3
+        with:
+          push: true
+          targets: rocm
+          files: docker/rocm/rocm.hcl
+          set: |
+            rocm.tags=${{ steps.setup.outputs.image-name }}-rocm
+            *.cache-from=type=gha
   # The majority of users running arm64 are rpi users, so the rpi
   # build should be the primary arm64 image
   assemble_default_build:
@@ -220,7 +229,7 @@ jobs:
         with:
           string: ${{ github.repository }}
       - name: Log in to the Container registry
-        uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20
+        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
@@ -229,7 +238,7 @@ jobs:
         run: echo "SHORT_SHA=${GITHUB_SHA::7}" >> $GITHUB_ENV
       - uses: int128/docker-manifest-create-action@v2
         with:
-          tags: ghcr.io/${{ steps.lowercaseRepo.outputs.lowercase }}:${{ github.ref_name }}-${{ env.SHORT_SHA }}
+          tags: ghcr.io/${{ steps.lowercaseRepo.outputs.lowercase }}:${{ env.SHORT_SHA }}
           sources: |
-            ghcr.io/${{ steps.lowercaseRepo.outputs.lowercase }}:${{ github.ref_name }}-${{ env.SHORT_SHA }}-amd64
-            ghcr.io/${{ steps.lowercaseRepo.outputs.lowercase }}:${{ github.ref_name }}-${{ env.SHORT_SHA }}-rpi
+            ghcr.io/${{ steps.lowercaseRepo.outputs.lowercase }}:${{ env.SHORT_SHA }}-amd64
+            ghcr.io/${{ steps.lowercaseRepo.outputs.lowercase }}:${{ env.SHORT_SHA }}-rpi

.github/workflows/pull_request.yml

@@ -1,6 +1,9 @@
 name: On pull request
 
-on: pull_request
+on:
+  pull_request:
+    paths-ignore:
+      - 'docs/**'
 
 env:
   DEFAULT_PYTHON: 3.9

.github/workflows/release.yml

@@ -16,22 +16,32 @@ jobs:
         with:
           string: ${{ github.repository }}
       - name: Log in to the Container registry
-        uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20
+        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
       - name: Create tag variables
         run: |
-          BRANCH=$([[ "${{ github.ref_name }}" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]] && echo "master" || echo "dev")
+          BUILD_TYPE=$([[ "${{ github.ref_name }}" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]] && echo "stable" || echo "beta")
+          echo "BUILD_TYPE=${BUILD_TYPE}" >> $GITHUB_ENV
           echo "BASE=ghcr.io/${{ steps.lowercaseRepo.outputs.lowercase }}" >> $GITHUB_ENV
-          echo "BUILD_TAG=${BRANCH}-${GITHUB_SHA::7}" >> $GITHUB_ENV
+          echo "BUILD_TAG=${GITHUB_SHA::7}" >> $GITHUB_ENV
           echo "CLEAN_VERSION=$(echo ${GITHUB_REF##*/} | tr '[:upper:]' '[:lower:]' | sed 's/^[v]//')" >> $GITHUB_ENV
       - name: Tag and push the main image
         run: |
           VERSION_TAG=${BASE}:${CLEAN_VERSION}
+          STABLE_TAG=${BASE}:stable
           PULL_TAG=${BASE}:${BUILD_TAG}
           docker run --rm -v $HOME/.docker/config.json:/config.json quay.io/skopeo/stable:latest copy --authfile /config.json --multi-arch all docker://${PULL_TAG} docker://${VERSION_TAG}
-          for variant in standard-arm64 tensorrt tensorrt-jp4 tensorrt-jp5 rk; do
+          for variant in standard-arm64 tensorrt tensorrt-jp4 tensorrt-jp5 rk h8l rocm; do
             docker run --rm -v $HOME/.docker/config.json:/config.json quay.io/skopeo/stable:latest copy --authfile /config.json --multi-arch all docker://${PULL_TAG}-${variant} docker://${VERSION_TAG}-${variant}
           done
+
+          # stable tag
+          if [[ "${BUILD_TYPE}" == "stable" ]]; then
+            docker run --rm -v $HOME/.docker/config.json:/config.json quay.io/skopeo/stable:latest copy --authfile /config.json --multi-arch all docker://${PULL_TAG} docker://${STABLE_TAG}
+            for variant in standard-arm64 tensorrt tensorrt-jp4 tensorrt-jp5 rk h8l rocm; do
+              docker run --rm -v $HOME/.docker/config.json:/config.json quay.io/skopeo/stable:latest copy --authfile /config.json --multi-arch all docker://${PULL_TAG}-${variant} docker://${STABLE_TAG}-${variant}
+            done
+          fi

.github/workflows/stale.yml

@@ -25,17 +25,17 @@ jobs:
       - name: Print outputs
         run: echo ${{ join(steps.stale.outputs.*, ',') }}
 
-  clean_ghcr:
-    name: Delete outdated dev container images
-    runs-on: ubuntu-latest
-    steps:
-      - name: Delete old images
-        uses: snok/container-retention-policy@v2
-        with:
-          image-names: dev-*
-          cut-off: 60 days ago UTC
-          keep-at-least: 5
-          account-type: personal
-          token: ${{ secrets.GITHUB_TOKEN }}
-          token-type: github-token
+  # clean_ghcr:
+  #   name: Delete outdated dev container images
+  #   runs-on: ubuntu-latest
+  #   steps:
+  #     - name: Delete old images
+  #       uses: snok/container-retention-policy@v2
+  #       with:
+  #         image-names: dev-*
+  #         cut-off: 60 days ago UTC
+  #         keep-at-least: 5
+  #         account-type: personal
+  #         token: ${{ secrets.GITHUB_TOKEN }}
+  #         token-type: github-token
 

.gitignore

@@ -1,5 +1,6 @@
 .DS_Store
-*.pyc
+__pycache__
+.mypy_cache
 *.swp
 debug
 .vscode/*
@@ -16,4 +17,5 @@ web/node_modules
 web/coverage
 core
 !/web/**/*.ts
-.idea/*
+.idea/*
+.ipynb_checkpoints

.vscode/launch.json

@@ -3,10 +3,9 @@
   "configurations": [
     {
       "name": "Python: Launch Frigate",
-      "type": "python",
+      "type": "debugpy",
       "request": "launch",
-      "module": "frigate",
-      "justMyCode": true
+      "module": "frigate"
     }
   ]
 }

CODEOWNERS

@@ -4,3 +4,4 @@
 /docker/tensorrt/*jetson* @madsciencetist
 /docker/rockchip/ @MarcA711
 /docker/rocm/ @harakas
+/docker/hailo8l/ @spanner3003

Makefile

@@ -1,11 +1,9 @@
 default_target: local
 
 COMMIT_HASH := $(shell git log -1 --pretty=format:"%h"|tail -1)
-VERSION = 0.14.0
+VERSION = 0.15.0
 IMAGE_REPO ?= ghcr.io/blakeblackshear/frigate
 GITHUB_REF_NAME ?= $(shell git rev-parse --abbrev-ref HEAD)
-CURRENT_UID := $(shell id -u)
-CURRENT_GID := $(shell id -g)
 BOARDS= #Initialized empty
 
 include docker/*/*.mk
@@ -18,25 +16,38 @@ version:
 	echo 'VERSION = "$(VERSION)-$(COMMIT_HASH)"' > frigate/version.py
 
 local: version
-	docker buildx build --target=frigate --tag frigate:latest --load --file docker/main/Dockerfile .
+	docker buildx build --target=frigate --file docker/main/Dockerfile . \
+		--tag frigate:latest \
+		--load
 
 amd64:
-	docker buildx build --platform linux/amd64 --target=frigate --tag $(IMAGE_REPO):$(VERSION)-$(COMMIT_HASH) --file docker/main/Dockerfile .
+	docker buildx build --target=frigate --file docker/main/Dockerfile . \
+		--tag $(IMAGE_REPO):$(VERSION)-$(COMMIT_HASH) \
+		--platform linux/amd64
 
 arm64:
-	docker buildx build --platform linux/arm64 --target=frigate --tag $(IMAGE_REPO):$(VERSION)-$(COMMIT_HASH) --file docker/main/Dockerfile .
+	docker buildx build --target=frigate --file docker/main/Dockerfile . \
+		--tag $(IMAGE_REPO):$(VERSION)-$(COMMIT_HASH) \
+		--platform linux/arm64
 
 build: version amd64 arm64
-	docker buildx build --platform linux/arm64/v8,linux/amd64 --target=frigate --tag $(IMAGE_REPO):$(VERSION)-$(COMMIT_HASH) --file docker/main/Dockerfile .
+	docker buildx build --target=frigate --file docker/main/Dockerfile . \
+		--tag $(IMAGE_REPO):$(VERSION)-$(COMMIT_HASH) \
+		--platform linux/arm64/v8,linux/amd64
 
 push: push-boards
-	docker buildx build --push --platform linux/arm64/v8,linux/amd64 --target=frigate --tag $(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH) --file docker/main/Dockerfile .
+	docker buildx build --target=frigate --file docker/main/Dockerfile . \
+		--tag $(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH) \
+		--platform linux/arm64/v8,linux/amd64 \
+		--push
 
 run: local
 	docker run --rm --publish=5000:5000 --volume=${PWD}/config:/config frigate:latest
 
 run_tests: local
-	docker run --rm --workdir=/opt/frigate --entrypoint= frigate:latest python3 -u -m unittest
-	docker run --rm --workdir=/opt/frigate --entrypoint= frigate:latest python3 -u -m mypy --config-file frigate/mypy.ini frigate
+	docker run --rm --workdir=/opt/frigate --entrypoint= frigate:latest \
+		python3 -u -m unittest
+	docker run --rm --workdir=/opt/frigate --entrypoint= frigate:latest \
+		python3 -u -m mypy --config-file frigate/mypy.ini frigate
 
 .PHONY: run_tests

README.md

@@ -29,18 +29,22 @@ If you would like to make a donation to support development, please use [Github
 
 ## Screenshots
 
-Integration into Home Assistant
-
+### Live dashboard
 <div>
-<a href="docs/static/img/media_browser.png"><img src="docs/static/img/media_browser.png" height=400></a>
-<a href="docs/static/img/notification.png"><img src="docs/static/img/notification.png" height=400></a>
+<img width="800" alt="Live dashboard" src="https://github.com/blakeblackshear/frigate/assets/569905/5e713cb9-9db5-41dc-947a-6937c3bc376e">
 </div>
 
-Also comes with a builtin UI:
-
+### Streamlined review workflow
 <div>
-<a href="docs/static/img/home-ui.png"><img src="docs/static/img/home-ui.png" height=400></a>
-<a href="docs/static/img/camera-ui.png"><img src="docs/static/img/camera-ui.png" height=400></a>
+<img width="800" alt="Streamlined review workflow" src="https://github.com/blakeblackshear/frigate/assets/569905/6fed96e8-3b18-40e5-9ddc-31e6f3c9f2ff">
 </div>
 
-![Events](docs/static/img/events-ui.png)
+### Multi-camera scrubbing
+<div>
+<img width="800" alt="Multi-camera scrubbing" src="https://github.com/blakeblackshear/frigate/assets/569905/d6788a15-0eeb-4427-a8d4-80b93cae3d74">
+</div>
+
+### Built-in mask and zone editor
+<div>
+<img width="800" alt="Multi-camera scrubbing" src="https://github.com/blakeblackshear/frigate/assets/569905/d7885fc3-bfe6-452f-b7d0-d957cb3e31f5">
+</div>

benchmark.py

@@ -4,6 +4,7 @@ from statistics import mean
 
 import numpy as np
 
+import frigate.util as util
 from frigate.config import DetectorTypeEnum
 from frigate.object_detection import (
     ObjectDetectProcess,
@@ -90,7 +91,7 @@ edgetpu_process_2 = ObjectDetectProcess(
 )
 
 for x in range(0, 10):
-    camera_process = mp.Process(
+    camera_process = util.Process(
         target=start, args=(x, 300, detection_queue, events[str(x)])
     )
     camera_process.daemon = True

cspell.json

@@ -7,7 +7,8 @@
     "*.db",
     "node_modules",
     "__pycache__",
-    "dist"
+    "dist",
+    "/audio-labelmap.txt"
   ],
   "language": "en",
   "dictionaryDefinitions": [

docker-compose.yml

@@ -23,7 +23,7 @@ services:
     #                     count: 1
     #                     capabilities: [gpu]
     environment:
-      YOLO_MODELS: yolov7-320
+      YOLO_MODELS: ""
     devices:
       - /dev/bus/usb:/dev/bus/usb
       # - /dev/dri:/dev/dri # for intel hwaccel, needs to be updated for your hardware

docker/hailo8l/Dockerfile

@@ -0,0 +1,40 @@
+# syntax=docker/dockerfile:1.6
+
+ARG DEBIAN_FRONTEND=noninteractive
+
+# Build Python wheels
+FROM wheels AS h8l-wheels
+
+COPY docker/main/requirements-wheels.txt /requirements-wheels.txt
+COPY docker/hailo8l/requirements-wheels-h8l.txt /requirements-wheels-h8l.txt
+
+RUN sed -i "/https:\/\//d" /requirements-wheels.txt
+
+# Create a directory to store the built wheels
+RUN mkdir /h8l-wheels
+
+# Build the wheels
+RUN pip3 wheel --wheel-dir=/h8l-wheels -c /requirements-wheels.txt -r /requirements-wheels-h8l.txt
+
+FROM wget AS hailort
+ARG TARGETARCH
+RUN --mount=type=bind,source=docker/hailo8l/install_hailort.sh,target=/deps/install_hailort.sh \
+    /deps/install_hailort.sh
+
+# Use deps as the base image
+FROM deps AS h8l-frigate
+
+# Copy the wheels from the wheels stage
+COPY --from=h8l-wheels /h8l-wheels /deps/h8l-wheels
+COPY --from=hailort /hailo-wheels /deps/hailo-wheels
+COPY --from=hailort /rootfs/ /
+
+# Install the wheels
+RUN pip3 install -U /deps/h8l-wheels/*.whl
+RUN pip3 install -U /deps/hailo-wheels/*.whl
+
+# Copy base files from the rootfs stage
+COPY --from=rootfs / /
+
+# Set workdir
+WORKDIR /opt/frigate/

docker/hailo8l/h8l.hcl

@@ -0,0 +1,34 @@
+target wget {
+  dockerfile = "docker/main/Dockerfile"
+  platforms = ["linux/arm64","linux/amd64"]
+  target = "wget"
+}
+
+target wheels {
+  dockerfile = "docker/main/Dockerfile"
+  platforms = ["linux/arm64","linux/amd64"]
+  target = "wheels"
+}
+
+target deps {
+  dockerfile = "docker/main/Dockerfile"
+  platforms = ["linux/arm64","linux/amd64"]
+  target = "deps"
+}
+
+target rootfs {
+  dockerfile = "docker/main/Dockerfile"
+  platforms = ["linux/arm64","linux/amd64"]
+  target = "rootfs"
+}
+
+target h8l {
+  dockerfile = "docker/hailo8l/Dockerfile"
+  contexts = {
+    wget = "target:wget"
+    wheels = "target:wheels"
+    deps = "target:deps"
+    rootfs = "target:rootfs"
+  }
+  platforms = ["linux/arm64","linux/amd64"]
+}

docker/hailo8l/h8l.mk

@@ -0,0 +1,15 @@
+BOARDS += h8l
+
+local-h8l: version
+	docker buildx bake --file=docker/hailo8l/h8l.hcl h8l \
+		--set h8l.tags=frigate:latest-h8l \
+		--load
+
+build-h8l: version
+	docker buildx bake --file=docker/hailo8l/h8l.hcl h8l \
+		--set h8l.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-h8l
+
+push-h8l: build-h8l
+	docker buildx bake --file=docker/hailo8l/h8l.hcl h8l \
+	 	--set h8l.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-h8l \
+		--push

docker/hailo8l/install_hailort.sh

@@ -0,0 +1,19 @@
+#!/bin/bash
+
+set -euxo pipefail
+
+hailo_version="4.19.0"
+
+if [[ "${TARGETARCH}" == "amd64" ]]; then
+    arch="x86_64"
+elif [[ "${TARGETARCH}" == "arm64" ]]; then
+    arch="aarch64"
+fi
+
+wget -qO- "https://github.com/frigate-nvr/hailort/releases/download/v${hailo_version}/hailort-${TARGETARCH}.tar.gz" |
+    tar -C / -xzf -
+
+mkdir -p /hailo-wheels
+
+wget -P /hailo-wheels/ "https://github.com/frigate-nvr/hailort/releases/download/v${hailo_version}/hailort-${hailo_version}-cp39-cp39-linux_${arch}.whl"
+

docker/hailo8l/requirements-wheels-h8l.txt

@@ -0,0 +1,12 @@
+appdirs==1.4.4
+argcomplete==2.0.0
+contextlib2==0.6.0.post1
+distlib==0.3.6
+filelock==3.8.0
+future==0.18.2
+importlib-metadata==5.1.0
+importlib-resources==5.1.2
+netaddr==0.8.0
+netifaces==0.10.9
+verboselogs==1.7
+virtualenv==20.17.0

docker/hailo8l/user_installation.sh

@@ -0,0 +1,48 @@
+#!/bin/bash
+
+# Update package list and install dependencies
+sudo apt-get update
+sudo apt-get install -y build-essential cmake git wget
+
+arch=$(uname -m)
+
+if [[ $arch == "x86_64" ]]; then
+    sudo apt install -y linux-headers-$(uname -r);
+else
+    sudo apt install -y linux-modules-extra-$(uname -r);
+fi
+
+# Clone the HailoRT driver repository
+git clone --depth 1 --branch v4.19.0 https://github.com/hailo-ai/hailort-drivers.git
+
+# Build and install the HailoRT driver
+cd hailort-drivers/linux/pcie
+sudo make all
+sudo make install
+
+# Load the Hailo PCI driver
+sudo modprobe hailo_pci
+
+if [ $? -ne 0 ]; then
+  echo "Unable to load hailo_pci module, common reasons for this are:"
+  echo "- Key was rejected by service: Secure Boot is enabling disallowing install."
+  echo "- Permissions are not setup correctly."
+  exit 1
+fi
+
+# Download and install the firmware
+cd ../../
+./download_firmware.sh
+
+# verify the firmware folder is present
+if [ ! -d /lib/firmware/hailo ]; then
+  sudo mkdir /lib/firmware/hailo
+fi
+sudo mv hailo8_fw.*.bin /lib/firmware/hailo/hailo8_fw.bin
+
+# Install udev rules
+sudo cp ./linux/pcie/51-hailo-udev.rules /etc/udev/rules.d/
+sudo udevadm control --reload-rules && sudo udevadm trigger
+
+echo "HailoRT driver installation complete."
+echo "reboot your system to load the firmware!"

docker/main/Dockerfile

@@ -30,18 +30,31 @@ RUN --mount=type=tmpfs,target=/tmp --mount=type=tmpfs,target=/var/cache/apt \
     --mount=type=cache,target=/root/.ccache \
     /deps/build_nginx.sh
 
+FROM wget AS sqlite-vec
+ARG DEBIAN_FRONTEND
+
+# Build sqlite_vec from source
+COPY docker/main/build_sqlite_vec.sh /deps/build_sqlite_vec.sh
+RUN --mount=type=tmpfs,target=/tmp --mount=type=tmpfs,target=/var/cache/apt \
+    --mount=type=bind,source=docker/main/build_sqlite_vec.sh,target=/deps/build_sqlite_vec.sh \
+    --mount=type=cache,target=/root/.ccache \
+    /deps/build_sqlite_vec.sh
+
 FROM scratch AS go2rtc
 ARG TARGETARCH
 WORKDIR /rootfs/usr/local/go2rtc/bin
 ADD --link --chmod=755 "https://github.com/AlexxIT/go2rtc/releases/download/v1.9.2/go2rtc_linux_${TARGETARCH}" go2rtc
 
+FROM wget AS tempio
+ARG TARGETARCH
+RUN --mount=type=bind,source=docker/main/install_tempio.sh,target=/deps/install_tempio.sh \
+    /deps/install_tempio.sh
 
 ####
 #
 # OpenVino Support
 #
 # 1. Download and convert a model from Intel's Public Open Model Zoo
-# 2. Build libUSB without udev to handle NCS2 enumeration
 #
 ####
 # Download and Convert OpenVino model
@@ -57,11 +70,18 @@ RUN apt-get -qq update \
     && pip install -r /requirements-ov.txt
 
 # Get OpenVino Model
-RUN mkdir /models \
-    && cd /models && omz_downloader --name ssdlite_mobilenet_v2 \
-    && cd /models && omz_converter --name ssdlite_mobilenet_v2 --precision FP16
-
+RUN --mount=type=bind,source=docker/main/build_ov_model.py,target=/build_ov_model.py \
+    mkdir /models && cd /models \
+    && wget http://download.tensorflow.org/models/object_detection/ssdlite_mobilenet_v2_coco_2018_05_09.tar.gz \
+    && tar -xvf ssdlite_mobilenet_v2_coco_2018_05_09.tar.gz \
+    && python3 /build_ov_model.py
 
+####
+#
+# Coral Compatibility
+#
+# Builds libusb without udev. Needed for synology and other devices with USB coral
+####
 # libUSB - No Udev
 FROM wget as libusb-build
 ARG TARGETARCH
@@ -97,11 +117,12 @@ RUN wget -qO edgetpu_model.tflite https://github.com/google-coral/test_data/raw/
 RUN wget -qO cpu_model.tflite https://github.com/google-coral/test_data/raw/release-frogfish/ssdlite_mobiledet_coco_qat_postprocess.tflite
 COPY labelmap.txt .
 # Copy OpenVino model
-COPY --from=ov-converter /models/public/ssdlite_mobilenet_v2/FP16 openvino-model
+COPY --from=ov-converter /models/ssdlite_mobilenet_v2.xml openvino-model/
+COPY --from=ov-converter /models/ssdlite_mobilenet_v2.bin openvino-model/
 RUN wget -q https://github.com/openvinotoolkit/open_model_zoo/raw/master/data/dataset_classes/coco_91cl_bkgr.txt -O openvino-model/coco_91cl_bkgr.txt && \
     sed -i 's/truck/car/g' openvino-model/coco_91cl_bkgr.txt
 # Get Audio Model and labels
-RUN wget -qO cpu_audio_model.tflite https://tfhub.dev/google/lite-model/yamnet/classification/tflite/1?lite-format=tflite
+RUN wget -qO - https://www.kaggle.com/api/v1/models/google/yamnet/tfLite/classification-tflite/1/download | tar xvz && mv 1.tflite cpu_audio_model.tflite
 COPY audio-labelmap.txt .
 
 
@@ -137,6 +158,8 @@ RUN apt-get -qq update \
     gfortran openexr libatlas-base-dev libssl-dev\
     libtbb2 libtbb-dev libdc1394-22-dev libopenexr-dev \
     libgstreamer-plugins-base1.0-dev libgstreamer1.0-dev \
+    # sqlite3 dependencies
+    tclsh \
     # scipy dependencies
     gcc gfortran libopenblas-dev liblapack-dev && \
     rm -rf /var/lib/apt/lists/*
@@ -150,6 +173,10 @@ RUN wget -q https://bootstrap.pypa.io/get-pip.py -O get-pip.py \
 COPY docker/main/requirements.txt /requirements.txt
 RUN pip3 install -r /requirements.txt
 
+# Build pysqlite3 from source
+COPY docker/main/build_pysqlite3.sh /build_pysqlite3.sh
+RUN /build_pysqlite3.sh
+
 COPY docker/main/requirements-wheels.txt /requirements-wheels.txt
 RUN pip3 wheel --wheel-dir=/wheels -r /requirements-wheels.txt
 
@@ -157,8 +184,10 @@ RUN pip3 wheel --wheel-dir=/wheels -r /requirements-wheels.txt
 # Collect deps in a single layer
 FROM scratch AS deps-rootfs
 COPY --from=nginx /usr/local/nginx/ /usr/local/nginx/
+COPY --from=sqlite-vec /usr/local/lib/ /usr/local/lib/
 COPY --from=go2rtc /rootfs/ /
 COPY --from=libusb-build /usr/local/lib /usr/local/lib
+COPY --from=tempio /rootfs/ /
 COPY --from=s6-overlay /rootfs/ /
 COPY --from=models /rootfs/ /
 COPY docker/main/rootfs/ /
@@ -176,7 +205,17 @@ ARG APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=DontWarn
 ENV NVIDIA_VISIBLE_DEVICES=all
 ENV NVIDIA_DRIVER_CAPABILITIES="compute,video,utility"
 
-ENV PATH="/usr/lib/btbn-ffmpeg/bin:/usr/local/go2rtc/bin:/usr/local/nginx/sbin:${PATH}"
+# Disable tokenizer parallelism warning
+# https://stackoverflow.com/questions/62691279/how-to-disable-tokenizers-parallelism-true-false-warning/72926996#72926996
+ENV TOKENIZERS_PARALLELISM=true
+# https://github.com/huggingface/transformers/issues/27214
+ENV TRANSFORMERS_NO_ADVISORY_WARNINGS=1
+
+# Set OpenCV ffmpeg loglevel to fatal: https://ffmpeg.org/doxygen/trunk/log_8h.html
+ENV OPENCV_FFMPEG_LOGLEVEL=8
+
+ENV PATH="/usr/local/go2rtc/bin:/usr/local/tempio/bin:/usr/local/nginx/sbin:${PATH}"
+ENV LIBAVFORMAT_VERSION_MAJOR=60
 
 # Install dependencies
 RUN --mount=type=bind,source=docker/main/install_deps.sh,target=/deps/install_deps.sh \
@@ -202,7 +241,7 @@ ENV S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0
 ENTRYPOINT ["/init"]
 CMD []
 
-HEALTHCHECK --start-period=120s --start-interval=5s --interval=15s --timeout=5s --retries=3 \
+HEALTHCHECK --start-period=300s --start-interval=5s --interval=15s --timeout=5s --retries=3 \
     CMD curl --fail --silent --show-error http://127.0.0.1:5000/api/version || exit 1
 
 # Frigate deps with Node.js and NPM for devcontainer

docker/main/build_ov_model.py

@@ -0,0 +1,11 @@
+import openvino as ov
+from openvino.tools import mo
+
+ov_model = mo.convert_model(
+    "/models/ssdlite_mobilenet_v2_coco_2018_05_09/frozen_inference_graph.pb",
+    compress_to_fp16=True,
+    transformations_config="/usr/local/lib/python3.9/dist-packages/openvino/tools/mo/front/tf/ssd_v2_support.json",
+    tensorflow_object_detection_api_pipeline_config="/models/ssdlite_mobilenet_v2_coco_2018_05_09/pipeline.config",
+    reverse_input_channels=True,
+)
+ov.save_model(ov_model, "/models/ssdlite_mobilenet_v2.xml")

docker/main/build_pysqlite3.sh

@@ -0,0 +1,35 @@
+#!/bin/bash
+
+set -euxo pipefail
+
+SQLITE3_VERSION="96c92aba00c8375bc32fafcdf12429c58bd8aabfcadab6683e35bbb9cdebf19e" # 3.46.0
+PYSQLITE3_VERSION="0.5.3"
+
+# Fetch the source code for the latest release of Sqlite.
+if [[ ! -d "sqlite" ]]; then
+  wget https://www.sqlite.org/src/tarball/sqlite.tar.gz?r=${SQLITE3_VERSION} -O sqlite.tar.gz
+  tar xzf sqlite.tar.gz
+  cd sqlite/
+  LIBS="-lm" ./configure --disable-tcl --enable-tempstore=always
+  make sqlite3.c
+  cd ../
+  rm sqlite.tar.gz
+fi
+
+# Grab the pysqlite3 source code.
+if [[ ! -d "./pysqlite3" ]]; then
+  git clone https://github.com/coleifer/pysqlite3.git
+fi
+
+cd pysqlite3/
+git checkout ${PYSQLITE3_VERSION}
+
+# Copy the sqlite3 source amalgamation into the pysqlite3 directory so we can
+# create a self-contained extension module.
+cp "../sqlite/sqlite3.c" ./
+cp "../sqlite/sqlite3.h" ./
+
+# Create the wheel and put it in the /wheels dir.
+sed -i "s|name='pysqlite3-binary'|name=PACKAGE_NAME|g" setup.py
+python3 setup.py build_static
+pip3 wheel . -w /wheels

docker/main/build_sqlite_vec.sh

@@ -0,0 +1,31 @@
+#!/bin/bash
+
+set -euxo pipefail
+
+SQLITE_VEC_VERSION="0.1.3"
+
+cp /etc/apt/sources.list /etc/apt/sources.list.d/sources-src.list
+sed -i 's|deb http|deb-src http|g' /etc/apt/sources.list.d/sources-src.list
+apt-get update
+apt-get -yqq build-dep sqlite3 gettext git
+
+mkdir /tmp/sqlite_vec
+# Grab the sqlite_vec source code.
+wget -nv https://github.com/asg017/sqlite-vec/archive/refs/tags/v${SQLITE_VEC_VERSION}.tar.gz
+tar -zxf v${SQLITE_VEC_VERSION}.tar.gz -C /tmp/sqlite_vec
+
+cd /tmp/sqlite_vec/sqlite-vec-${SQLITE_VEC_VERSION}
+
+mkdir -p vendor
+wget -O sqlite-amalgamation.zip https://www.sqlite.org/2024/sqlite-amalgamation-3450300.zip
+unzip sqlite-amalgamation.zip
+mv sqlite-amalgamation-3450300/* vendor/
+rmdir sqlite-amalgamation-3450300
+rm sqlite-amalgamation.zip
+
+# build loadable module
+make loadable
+
+# install it
+cp dist/vec0.* /usr/local/lib
+

docker/main/install_deps.sh

@@ -8,11 +8,13 @@ apt-get -qq install --no-install-recommends -y \
     apt-transport-https \
     gnupg \
     wget \
+    lbzip2 \
     procps vainfo \
     unzip locales tzdata libxml2 xz-utils \
     python3.9 \
     python3-pip \
     curl \
+    lsof \
     jq \
     nethogs
 
@@ -39,39 +41,68 @@ apt-get -qq install --no-install-recommends --no-install-suggests -y \
 
 # btbn-ffmpeg -> amd64
 if [[ "${TARGETARCH}" == "amd64" ]]; then
-    mkdir -p /usr/lib/btbn-ffmpeg
-    wget -qO btbn-ffmpeg.tar.xz "https://github.com/BtbN/FFmpeg-Builds/releases/download/autobuild-2022-07-31-12-37/ffmpeg-n5.1-2-g915ef932a3-linux64-gpl-5.1.tar.xz"
-    tar -xf btbn-ffmpeg.tar.xz -C /usr/lib/btbn-ffmpeg --strip-components 1
-    rm -rf btbn-ffmpeg.tar.xz /usr/lib/btbn-ffmpeg/doc /usr/lib/btbn-ffmpeg/bin/ffplay
+    mkdir -p /usr/lib/ffmpeg/5.0
+    mkdir -p /usr/lib/ffmpeg/7.0
+    wget -qO btbn-ffmpeg.tar.xz "https://github.com/NickM-27/FFmpeg-Builds/releases/download/autobuild-2022-07-31-12-37/ffmpeg-n5.1-2-g915ef932a3-linux64-gpl-5.1.tar.xz"
+    tar -xf btbn-ffmpeg.tar.xz -C /usr/lib/ffmpeg/5.0 --strip-components 1
+    rm -rf btbn-ffmpeg.tar.xz /usr/lib/ffmpeg/5.0/doc /usr/lib/ffmpeg/5.0/bin/ffplay
+    wget -qO btbn-ffmpeg.tar.xz "https://github.com/NickM-27/FFmpeg-Builds/releases/download/autobuild-2024-09-19-12-51/ffmpeg-n7.0.2-18-g3e6cec1286-linux64-gpl-7.0.tar.xz"
+    tar -xf btbn-ffmpeg.tar.xz -C /usr/lib/ffmpeg/7.0 --strip-components 1
+    rm -rf btbn-ffmpeg.tar.xz /usr/lib/ffmpeg/7.0/doc /usr/lib/ffmpeg/7.0/bin/ffplay
 fi
 
 # ffmpeg -> arm64
 if [[ "${TARGETARCH}" == "arm64" ]]; then
-    mkdir -p /usr/lib/btbn-ffmpeg
-    wget -qO btbn-ffmpeg.tar.xz "https://github.com/BtbN/FFmpeg-Builds/releases/download/autobuild-2022-07-31-12-37/ffmpeg-n5.1-2-g915ef932a3-linuxarm64-gpl-5.1.tar.xz"
-    tar -xf btbn-ffmpeg.tar.xz -C /usr/lib/btbn-ffmpeg --strip-components 1
-    rm -rf btbn-ffmpeg.tar.xz /usr/lib/btbn-ffmpeg/doc /usr/lib/btbn-ffmpeg/bin/ffplay
+    mkdir -p /usr/lib/ffmpeg/5.0
+    mkdir -p /usr/lib/ffmpeg/7.0
+    wget -qO btbn-ffmpeg.tar.xz "https://github.com/NickM-27/FFmpeg-Builds/releases/download/autobuild-2022-07-31-12-37/ffmpeg-n5.1-2-g915ef932a3-linuxarm64-gpl-5.1.tar.xz"
+    tar -xf btbn-ffmpeg.tar.xz -C /usr/lib/ffmpeg/5.0 --strip-components 1
+    rm -rf btbn-ffmpeg.tar.xz /usr/lib/ffmpeg/5.0/doc /usr/lib/ffmpeg/5.0/bin/ffplay
+    wget -qO btbn-ffmpeg.tar.xz "https://github.com/NickM-27/FFmpeg-Builds/releases/download/autobuild-2024-09-19-12-51/ffmpeg-n7.0.2-18-g3e6cec1286-linuxarm64-gpl-7.0.tar.xz"
+    tar -xf btbn-ffmpeg.tar.xz -C /usr/lib/ffmpeg/7.0 --strip-components 1
+    rm -rf btbn-ffmpeg.tar.xz /usr/lib/ffmpeg/7.0/doc /usr/lib/ffmpeg/7.0/bin/ffplay
 fi
 
 # arch specific packages
 if [[ "${TARGETARCH}" == "amd64" ]]; then
-    # use debian bookworm for hwaccel packages
+    # use debian bookworm for amd / intel-i965 driver packages
     echo 'deb https://deb.debian.org/debian bookworm main contrib non-free' >/etc/apt/sources.list.d/debian-bookworm.list
     apt-get -qq update
     apt-get -qq install --no-install-recommends --no-install-suggests -y \
-        intel-opencl-icd \
-        mesa-va-drivers radeontop libva-drm2 intel-media-va-driver-non-free i965-va-driver libmfx1 intel-gpu-tools
+        i965-va-driver intel-gpu-tools onevpl-tools \
+        libva-drm2 \
+        mesa-va-drivers radeontop
+
     # something about this dependency requires it to be installed in a separate call rather than in the line above
     apt-get -qq install --no-install-recommends --no-install-suggests -y \
         i965-va-driver-shaders
+
+    # intel packages use zst compression so we need to update dpkg
+    apt-get install -y dpkg
+
     rm -f /etc/apt/sources.list.d/debian-bookworm.list
+
+    # use intel apt intel packages
+    wget -qO - https://repositories.intel.com/gpu/intel-graphics.key | gpg --yes --dearmor --output /usr/share/keyrings/intel-graphics.gpg
+    echo "deb [arch=amd64 signed-by=/usr/share/keyrings/intel-graphics.gpg] https://repositories.intel.com/gpu/ubuntu jammy client" | tee /etc/apt/sources.list.d/intel-gpu-jammy.list
+    apt-get -qq update
+    apt-get -qq install --no-install-recommends --no-install-suggests -y \
+        intel-opencl-icd=24.35.30872.31-996~22.04 intel-level-zero-gpu=1.3.29735.27-914~22.04 intel-media-va-driver-non-free=24.3.3-996~22.04 \
+        libmfx1=23.2.2-880~22.04 libmfxgen1=24.2.4-914~22.04 libvpl2=1:2.13.0.0-996~22.04
+
+    rm -f /usr/share/keyrings/intel-graphics.gpg
+    rm -f /etc/apt/sources.list.d/intel-gpu-jammy.list
 fi
 
 if [[ "${TARGETARCH}" == "arm64" ]]; then
     apt-get -qq install --no-install-recommends --no-install-suggests -y \
-        libva-drm2 mesa-va-drivers
+        libva-drm2 mesa-va-drivers radeontop
 fi
 
+# install vulkan
+apt-get -qq install --no-install-recommends --no-install-suggests -y \
+    libvulkan1 mesa-vulkan-drivers
+
 apt-get purge gnupg apt-transport-https xz-utils -y
 apt-get clean autoclean -y
 apt-get autoremove --purge -y

docker/main/install_tempio.sh

@@ -0,0 +1,16 @@
+#!/bin/bash
+
+set -euxo pipefail
+
+tempio_version="2021.09.0"
+
+if [[ "${TARGETARCH}" == "amd64" ]]; then
+    arch="amd64"
+elif [[ "${TARGETARCH}" == "arm64" ]]; then
+    arch="aarch64"
+fi
+
+mkdir -p /rootfs/usr/local/tempio/bin
+
+wget -q -O /rootfs/usr/local/tempio/bin/tempio "https://github.com/home-assistant/tempio/releases/download/${tempio_version}/tempio_${arch}"
+chmod 755 /rootfs/usr/local/tempio/bin/tempio

docker/main/requirements-ov.txt

@@ -1,5 +1,3 @@
 numpy
-# Openvino Library - Custom built with MYRIAD support
-openvino @ https://github.com/NateMeyer/openvino-wheels/releases/download/multi-arch_2022.3.1/openvino-2022.3.1-1-cp39-cp39-manylinux_2_31_x86_64.whl; platform_machine == 'x86_64'
-openvino @ https://github.com/NateMeyer/openvino-wheels/releases/download/multi-arch_2022.3.1/openvino-2022.3.1-1-cp39-cp39-linux_aarch64.whl; platform_machine == 'aarch64'
-openvino-dev[tensorflow2] @ https://github.com/NateMeyer/openvino-wheels/releases/download/multi-arch_2022.3.1/openvino_dev-2022.3.1-1-py3-none-any.whl
+tensorflow
+openvino-dev>=2024.0.0

docker/main/requirements-wheels.txt

@@ -1,10 +1,15 @@
 click == 8.1.*
-Flask == 3.0.*
-Flask_Limiter == 3.7.*
+# FastAPI
+aiohttp == 3.11.2
+starlette == 0.41.2
+starlette-context == 0.3.6
+fastapi == 0.115.*
+uvicorn == 0.30.*
+slowapi == 0.1.*
 imutils == 0.5.*
-joserfc == 0.10.*
+joserfc == 1.0.*
+pathvalidate == 3.2.*
 markupsafe == 2.1.*
-matplotlib == 3.8.*
 mypy == 1.6.1
 numpy == 1.26.*
 onvif_zeep == 0.2.12
@@ -12,16 +17,14 @@ opencv-python-headless == 4.9.0.*
 paho-mqtt == 2.1.*
 pandas == 2.2.*
 peewee == 3.17.*
-peewee_migrate == 1.12.*
-psutil == 5.9.*
-pydantic == 2.7.*
+peewee_migrate == 1.13.*
+psutil == 6.1.*
+pydantic == 2.8.*
 git+https://github.com/fbcotter/py3nvml#egg=py3nvml
-PyYAML == 6.0.*
-pytz == 2024.1
-pyzmq == 26.0.*
+pytz == 2024.*
+pyzmq == 26.2.*
 ruamel.yaml == 0.18.*
 tzlocal == 5.2
-types-PyYAML == 6.0.*
 requests == 2.32.*
 types-requests == 2.32.*
 scipy == 1.13.*
@@ -29,7 +32,16 @@ norfair == 2.2.*
 setproctitle == 1.3.*
 ws4py == 0.5.*
 unidecode == 1.3.*
-onnxruntime == 1.16.*
-# Openvino Library - Custom built with MYRIAD support
-openvino @ https://github.com/NateMeyer/openvino-wheels/releases/download/multi-arch_2022.3.1/openvino-2022.3.1-1-cp39-cp39-manylinux_2_31_x86_64.whl; platform_machine == 'x86_64'
-openvino @ https://github.com/NateMeyer/openvino-wheels/releases/download/multi-arch_2022.3.1/openvino-2022.3.1-1-cp39-cp39-linux_aarch64.whl; platform_machine == 'aarch64'
+# OpenVino & ONNX
+openvino == 2024.3.*
+onnxruntime-openvino == 1.19.* ; platform_machine == 'x86_64'
+onnxruntime == 1.19.* ; platform_machine == 'aarch64'
+# Embeddings
+transformers == 4.45.*
+# Generative AI
+google-generativeai == 0.8.*
+ollama == 0.3.*
+openai == 1.51.*
+# push notifications
+py-vapid == 1.9.*
+pywebpush == 2.0.*

docker/main/rootfs/etc/s6-overlay/s6-rc.d/certsync-log/consumer-for

@@ -0,0 +1 @@
+certsync

docker/main/rootfs/etc/s6-overlay/s6-rc.d/certsync-log/pipeline-name

@@ -0,0 +1 @@
+certsync-pipeline

docker/main/rootfs/etc/s6-overlay/s6-rc.d/certsync-log/run

@@ -0,0 +1,4 @@
+#!/command/with-contenv bash
+# shellcheck shell=bash
+
+exec logutil-service /dev/shm/logs/certsync

docker/main/rootfs/etc/s6-overlay/s6-rc.d/certsync-log/type

@@ -0,0 +1 @@
+longrun

docker/main/rootfs/etc/s6-overlay/s6-rc.d/certsync/finish

@@ -0,0 +1,30 @@
+#!/command/with-contenv bash
+# shellcheck shell=bash
+# Take down the S6 supervision tree when the service fails
+
+set -o errexit -o nounset -o pipefail
+
+# Logs should be sent to stdout so that s6 can collect them
+
+declare exit_code_container
+exit_code_container=$(cat /run/s6-linux-init-container-results/exitcode)
+readonly exit_code_container
+readonly exit_code_service="${1}"
+readonly exit_code_signal="${2}"
+readonly service="CERTSYNC"
+
+echo "[INFO] Service ${service} exited with code ${exit_code_service} (by signal ${exit_code_signal})"
+
+if [[ "${exit_code_service}" -eq 256 ]]; then
+  if [[ "${exit_code_container}" -eq 0 ]]; then
+    echo $((128 + exit_code_signal)) >/run/s6-linux-init-container-results/exitcode
+  fi
+  if [[ "${exit_code_signal}" -eq 15 ]]; then
+    exec /run/s6/basedir/bin/halt
+  fi
+elif [[ "${exit_code_service}" -ne 0 ]]; then
+  if [[ "${exit_code_container}" -eq 0 ]]; then
+    echo "${exit_code_service}" >/run/s6-linux-init-container-results/exitcode
+  fi
+  exec /run/s6/basedir/bin/halt
+fi

docker/main/rootfs/etc/s6-overlay/s6-rc.d/certsync/producer-for

@@ -0,0 +1 @@
+certsync-log

docker/main/rootfs/etc/s6-overlay/s6-rc.d/certsync/run

@@ -0,0 +1,58 @@
+#!/command/with-contenv bash
+# shellcheck shell=bash
+# Start the CERTSYNC service
+
+set -o errexit -o nounset -o pipefail
+
+# Logs should be sent to stdout so that s6 can collect them
+
+echo "[INFO] Starting certsync..."
+
+lefile="/etc/letsencrypt/live/frigate/fullchain.pem"
+
+tls_enabled=`python3 /usr/local/nginx/get_tls_settings.py | jq -r .enabled`
+
+while true
+do
+    if [[ "$tls_enabled" == 'false' ]]; then
+        sleep 9999
+        continue
+    fi
+
+    if [ ! -e $lefile ]
+    then
+        echo "[ERROR] TLS certificate does not exist: $lefile"
+    fi
+
+    leprint=`openssl x509 -in $lefile -fingerprint -noout 2>&1 || echo 'failed'`
+
+    case "$leprint" in
+        *Fingerprint*)
+            ;;
+        *)
+            echo "[ERROR] Missing fingerprint from $lefile"
+            ;;
+    esac
+
+    liveprint=`echo | openssl s_client -showcerts -connect 127.0.0.1:8971 2>&1 | openssl x509 -fingerprint 2>&1 | grep -i fingerprint  || echo 'failed'`
+
+    case "$liveprint" in
+        *Fingerprint*)
+            ;;
+        *)
+            echo "[ERROR] Missing fingerprint from current nginx TLS cert"
+            ;;
+    esac
+
+    if [[ "$leprint" != "failed" && "$liveprint" != "failed" && "$leprint" != "$liveprint" ]]
+    then
+        echo "[INFO] Reloading nginx to refresh TLS certificate"
+        echo "$lefile: $leprint"
+        /usr/local/nginx/sbin/nginx -s reload
+    fi
+
+    sleep 60
+
+done
+
+exit 0

docker/main/rootfs/etc/s6-overlay/s6-rc.d/certsync/timeout-kill

@@ -0,0 +1 @@
+30000

docker/main/rootfs/etc/s6-overlay/s6-rc.d/certsync/type

@@ -0,0 +1 @@
+longrun

docker/main/rootfs/etc/s6-overlay/s6-rc.d/frigate/run

@@ -16,8 +16,8 @@ function migrate_db_path() {
     if [[ -f "${config_file_yaml}" ]]; then
         config_file="${config_file_yaml}"
     elif [[ ! -f "${config_file}" ]]; then
-        echo "[ERROR] Frigate config file not found"
-        return 1
+        # Frigate will create the config file on startup
+        return 0
     fi
     unset config_file_yaml
 
@@ -44,8 +44,6 @@ function migrate_db_path() {
 
 echo "[INFO] Preparing Frigate..."
 migrate_db_path
-export LIBAVFORMAT_VERSION_MAJOR=$(ffmpeg -version | grep -Po 'libavformat\W+\K\d+')
-
 echo "[INFO] Starting Frigate..."
 
 cd /opt/frigate || echo "[ERROR] Failed to change working directory to /opt/frigate"

docker/main/rootfs/etc/s6-overlay/s6-rc.d/go2rtc/run

@@ -43,8 +43,6 @@ function get_ip_and_port_from_supervisor() {
     export FRIGATE_GO2RTC_WEBRTC_CANDIDATE_INTERNAL="${ip_address}:${webrtc_port}"
 }
 
-export LIBAVFORMAT_VERSION_MAJOR=$(ffmpeg -version | grep -Po 'libavformat\W+\K\d+')
-
 if [[ -f "/dev/shm/go2rtc.yaml" ]]; then
     echo "[INFO] Removing stale config from last run..."
     rm /dev/shm/go2rtc.yaml

docker/main/rootfs/etc/s6-overlay/s6-rc.d/log-prepare/run

@@ -4,7 +4,7 @@
 
 set -o errexit -o nounset -o pipefail
 
-dirs=(/dev/shm/logs/frigate /dev/shm/logs/go2rtc /dev/shm/logs/nginx)
+dirs=(/dev/shm/logs/frigate /dev/shm/logs/go2rtc /dev/shm/logs/nginx /dev/shm/logs/certsync)
 
 mkdir -p "${dirs[@]}"
 chown nobody:nogroup "${dirs[@]}"

docker/main/rootfs/etc/s6-overlay/s6-rc.d/nginx/data/check

@@ -0,0 +1,5 @@
+#!/usr/bin/env bash
+set -e
+
+# Wait for PID file to exist.
+while ! test -f /run/nginx.pid; do sleep 1; done

docker/main/rootfs/etc/s6-overlay/s6-rc.d/nginx/notification-fd

@@ -0,0 +1 @@
+3

docker/main/rootfs/etc/s6-overlay/s6-rc.d/nginx/run

@@ -8,6 +8,84 @@ set -o errexit -o nounset -o pipefail
 
 echo "[INFO] Starting NGINX..."
 
+# Taken from https://github.com/felipecrs/cgroup-scripts/commits/master/get_cpus.sh
+function get_cpus() {
+    local quota=""
+    local period=""
+
+    if [ -f /sys/fs/cgroup/cgroup.controllers ]; then
+        if [ -f /sys/fs/cgroup/cpu.max ]; then
+            read -r quota period </sys/fs/cgroup/cpu.max
+            if [ "$quota" = "max" ]; then
+                quota=""
+                period=""
+            fi
+        else
+            echo "[WARN] /sys/fs/cgroup/cpu.max not found. Falling back to /proc/cpuinfo." >&2
+        fi
+    else
+        if [ -f /sys/fs/cgroup/cpu/cpu.cfs_quota_us ] && [ -f /sys/fs/cgroup/cpu/cpu.cfs_period_us ]; then
+            quota=$(cat /sys/fs/cgroup/cpu/cpu.cfs_quota_us)
+            period=$(cat /sys/fs/cgroup/cpu/cpu.cfs_period_us)
+
+            if [ "$quota" = "-1" ]; then
+                quota=""
+                period=""
+            fi
+        else
+            echo "[WARN] /sys/fs/cgroup/cpu/cpu.cfs_quota_us or /sys/fs/cgroup/cpu/cpu.cfs_period_us not found. Falling back to /proc/cpuinfo." >&2
+        fi
+    fi
+
+    local cpus
+    if [ "${period}" != "0" ] && [ -n "${quota}" ] && [ -n "${period}" ]; then
+        cpus=$((quota / period))
+        if [ "$cpus" -eq 0 ]; then
+            cpus=1
+        fi
+    else
+        cpus=$(grep -c ^processor /proc/cpuinfo)
+    fi
+
+    printf '%s' "$cpus"
+}
+
+function set_worker_processes() {
+    # Capture number of assigned CPUs to calculate worker processes
+    local cpus
+
+    cpus=$(get_cpus)
+    if [[ "${cpus}" -gt 4 ]]; then
+        cpus=4
+    fi
+
+    # we need to catch any errors because sed will fail if user has bind mounted a custom nginx file
+    sed -i "s/worker_processes auto;/worker_processes ${cpus};/" /usr/local/nginx/conf/nginx.conf || true
+}
+
+set_worker_processes
+
+# ensure the directory for ACME challenges exists
+mkdir -p /etc/letsencrypt/www
+
+# Create self signed certs if needed
+letsencrypt_path=/etc/letsencrypt/live/frigate
+mkdir -p $letsencrypt_path
+
+if [ ! \( -f "$letsencrypt_path/privkey.pem" -a -f "$letsencrypt_path/fullchain.pem" \) ]; then
+    echo "[INFO] No TLS certificate found. Generating a self signed certificate..."
+    openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 \
+        -subj "/O=FRIGATE DEFAULT CERT/CN=*" \
+        -keyout "$letsencrypt_path/privkey.pem" -out "$letsencrypt_path/fullchain.pem" 2>/dev/null
+fi
+
+# build templates for optional TLS support
+python3 /usr/local/nginx/get_tls_settings.py | \
+    tempio  -template /usr/local/nginx/templates/listen.gotmpl \
+            -out /usr/local/nginx/conf/listen.conf
+
 # Replace the bash process with the NGINX process, redirecting stderr to stdout
 exec 2>&1
-exec nginx
+exec \
+    s6-notifyoncheck -t 30000 -n 1 \
+    nginx

docker/main/rootfs/labelmap/coco-80.txt

@@ -0,0 +1,80 @@
+0  person
+1  bicycle
+2  car
+3  motorcycle
+4  airplane
+5  car
+6  train
+7  car
+8  boat
+9  traffic light
+10  fire hydrant
+11  stop sign
+12  parking meter
+13  bench
+14  bird
+15  cat
+16  dog
+17  horse
+18  sheep
+19  cow
+20  elephant
+21  bear
+22  zebra
+23  giraffe
+24  backpack
+25  umbrella
+26  handbag
+27  tie
+28  suitcase
+29  frisbee
+30  skis
+31  snowboard
+32  sports ball
+33  kite
+34  baseball bat
+35  baseball glove
+36  skateboard
+37  surfboard
+38  tennis racket
+39  bottle
+40  wine glass
+41  cup
+42  fork
+43  knife
+44  spoon
+45  bowl
+46  banana
+47  apple
+48  sandwich
+49  orange
+50  broccoli
+51  carrot
+52  hot dog
+53  pizza
+54  donut
+55  cake
+56  chair
+57  couch
+58  potted plant
+59  bed
+60  dining table
+61  toilet
+62  tv
+63  laptop
+64  mouse
+65  remote
+66  keyboard
+67  cell phone
+68  microwave
+69  oven
+70  toaster
+71  sink
+72  refrigerator
+73  book
+74  clock
+75  vase
+76  scissors
+77  teddy bear
+78  hair drier
+79  toothbrush

docker/main/rootfs/labelmap/coco.txt

@@ -0,0 +1,91 @@
+0  person
+1  bicycle
+2  car
+3  motorcycle
+4  airplane
+5  bus
+6  train
+7  car
+8  boat
+9  traffic light
+10  fire hydrant
+11  street sign
+12  stop sign
+13  parking meter
+14  bench
+15  bird
+16  cat
+17  dog
+18  horse
+19  sheep
+20  cow
+21  elephant
+22  bear
+23  zebra
+24  giraffe
+25  hat
+26  backpack
+27  umbrella
+28  shoe
+29  eye glasses
+30  handbag
+31  tie
+32  suitcase
+33  frisbee
+34  skis
+35  snowboard
+36  sports ball
+37  kite
+38  baseball bat
+39  baseball glove
+40  skateboard
+41  surfboard
+42  tennis racket
+43  bottle
+44  plate
+45  wine glass
+46  cup
+47  fork
+48  knife
+49  spoon
+50  bowl
+51  banana
+52  apple
+53  sandwich
+54  orange
+55  broccoli
+56  carrot
+57  hot dog
+58  pizza
+59  donut
+60  cake
+61  chair
+62  couch
+63  potted plant
+64  bed
+65  mirror
+66  dining table
+67  window
+68  desk
+69  toilet
+70  door
+71  tv
+72  laptop
+73  mouse
+74  remote
+75  keyboard
+76  cell phone
+77  microwave
+78  oven
+79  toaster
+80  sink
+81  refrigerator
+82  blender
+83  book
+84  clock
+85  vase
+86  scissors
+87  teddy bear
+88  hair drier
+89  toothbrush
+90  hair brush

docker/main/rootfs/usr/local/go2rtc/create_config.py

@@ -2,28 +2,32 @@
 
 import json
 import os
+import shutil
 import sys
 from pathlib import Path
 
-import yaml
+from ruamel.yaml import YAML
 
 sys.path.insert(0, "/opt/frigate")
-from frigate.const import BIRDSEYE_PIPE  # noqa: E402
-from frigate.ffmpeg_presets import (  # noqa: E402
-    parse_preset_hardware_acceleration_encode,
+from frigate.const import (
+    BIRDSEYE_PIPE,
+    DEFAULT_FFMPEG_VERSION,
+    INCLUDED_FFMPEG_VERSIONS,
 )
+from frigate.ffmpeg_presets import parse_preset_hardware_acceleration_encode
 
 sys.path.remove("/opt/frigate")
 
+yaml = YAML()
 
 FRIGATE_ENV_VARS = {k: v for k, v in os.environ.items() if k.startswith("FRIGATE_")}
 # read docker secret files as env vars too
 if os.path.isdir("/run/secrets"):
     for secret_file in os.listdir("/run/secrets"):
         if secret_file.startswith("FRIGATE_"):
-            FRIGATE_ENV_VARS[secret_file] = Path(
-                os.path.join("/run/secrets", secret_file)
-            ).read_text()
+            FRIGATE_ENV_VARS[secret_file] = (
+                Path(os.path.join("/run/secrets", secret_file)).read_text().strip()
+            )
 
 config_file = os.environ.get("CONFIG_FILE", "/config/config.yml")
 
@@ -37,7 +41,7 @@ try:
         raw_config = f.read()
 
     if config_file.endswith((".yaml", ".yml")):
-        config: dict[str, any] = yaml.safe_load(raw_config)
+        config: dict[str, any] = yaml.load(raw_config)
     elif config_file.endswith(".json"):
         config: dict[str, any] = json.loads(raw_config)
 except FileNotFoundError:
@@ -105,16 +109,32 @@ else:
             **FRIGATE_ENV_VARS
         )
 
+# ensure ffmpeg path is set correctly
+path = config.get("ffmpeg", {}).get("path", "default")
+if path == "default":
+    if shutil.which("ffmpeg") is None:
+        ffmpeg_path = f"/usr/lib/ffmpeg/{DEFAULT_FFMPEG_VERSION}/bin/ffmpeg"
+    else:
+        ffmpeg_path = "ffmpeg"
+elif path in INCLUDED_FFMPEG_VERSIONS:
+    ffmpeg_path = f"/usr/lib/ffmpeg/{path}/bin/ffmpeg"
+else:
+    ffmpeg_path = f"{path}/bin/ffmpeg"
+
+if go2rtc_config.get("ffmpeg") is None:
+    go2rtc_config["ffmpeg"] = {"bin": ffmpeg_path}
+elif go2rtc_config["ffmpeg"].get("bin") is None:
+    go2rtc_config["ffmpeg"]["bin"] = ffmpeg_path
+
 # need to replace ffmpeg command when using ffmpeg4
-if int(os.environ["LIBAVFORMAT_VERSION_MAJOR"]) < 59:
-    if go2rtc_config.get("ffmpeg") is None:
-        go2rtc_config["ffmpeg"] = {
-            "rtsp": "-fflags nobuffer -flags low_delay -stimeout 5000000 -user_agent go2rtc/ffmpeg -rtsp_transport tcp -i {input}"
-        }
-    elif go2rtc_config["ffmpeg"].get("rtsp") is None:
+if int(os.environ.get("LIBAVFORMAT_VERSION_MAJOR", "59") or "59") < 59:
+    if go2rtc_config["ffmpeg"].get("rtsp") is None:
         go2rtc_config["ffmpeg"]["rtsp"] = (
             "-fflags nobuffer -flags low_delay -stimeout 5000000 -user_agent go2rtc/ffmpeg -rtsp_transport tcp -i {input}"
         )
+else:
+    if go2rtc_config.get("ffmpeg") is None:
+        go2rtc_config["ffmpeg"] = {"path": ""}
 
 for name in go2rtc_config.get("streams", {}):
     stream = go2rtc_config["streams"][name]
@@ -145,7 +165,7 @@ if config.get("birdseye", {}).get("restream", False):
     birdseye: dict[str, any] = config.get("birdseye")
 
     input = f"-f rawvideo -pix_fmt yuv420p -video_size {birdseye.get('width', 1280)}x{birdseye.get('height', 720)} -r 10 -i {BIRDSEYE_PIPE}"
-    ffmpeg_cmd = f"exec:{parse_preset_hardware_acceleration_encode(config.get('ffmpeg', {}).get('hwaccel_args'), input, '-rtsp_transport tcp -f rtsp {output}')}"
+    ffmpeg_cmd = f"exec:{parse_preset_hardware_acceleration_encode(ffmpeg_path, config.get('ffmpeg', {}).get('hwaccel_args', ''), input, '-rtsp_transport tcp -f rtsp {output}')}"
 
     if go2rtc_config.get("streams"):
         go2rtc_config["streams"]["birdseye"] = ffmpeg_cmd

docker/main/rootfs/usr/local/nginx/conf/go2rtc_upstream.conf

@@ -0,0 +1,4 @@
+upstream go2rtc {
+    server 127.0.0.1:1984;
+    keepalive 1024;
+}

docker/main/rootfs/usr/local/nginx/conf/nginx.conf

@@ -56,16 +56,10 @@ http {
         keepalive 1024;
     }
 
-    upstream go2rtc {
-        server 127.0.0.1:1984;
-        keepalive 1024;
-    }
+    include go2rtc_upstream.conf;
 
     server {
-        # intended for external traffic, protected by auth
-        listen [::]:8080 ipv6only=off;
-        # intended for internal traffic, not protected by auth
-        listen [::]:5000 ipv6only=off;
+        include listen.conf;
 
         # vod settings
         vod_base_url '';
@@ -110,6 +104,8 @@ http {
 
             add_header Cache-Control "no-store";
             expires off;
+
+            keepalive_disable safari;
         }
 
         location /stream/ {
@@ -134,6 +130,8 @@ http {
                 image/jpeg jpg;
             }
 
+            expires 7d;
+            add_header Cache-Control "public";
             autoindex on;
             root /media/frigate;
         }
@@ -228,7 +226,7 @@ http {
 
         location ~* /api/.*\.(jpg|jpeg|png|webp|gif)$ {
             include auth_request.conf;
-            rewrite ^/api/(.*)$ $1 break;
+            rewrite ^/api/(.*)$ /$1 break;
             proxy_pass http://frigate_api;
             include proxy.conf;
         }

docker/main/rootfs/usr/local/nginx/conf/proxy_trusted_headers.conf

@@ -1,3 +1,6 @@
+# Header used to validate reverse proxy trust
+proxy_set_header X-Proxy-Secret $http_x_proxy_secret;
+
 # these headers will be copied to the /auth request and are available
 # to be mapped in the config to Frigate's remote-user header
 
@@ -19,4 +22,4 @@ proxy_set_header X-authentik-username $http_x_authentik_username;
 proxy_set_header X-authentik-groups $http_x_authentik_groups;
 proxy_set_header X-authentik-email $http_x_authentik_email;
 proxy_set_header X-authentik-name $http_x_authentik_name;
-proxy_set_header X-authentik-uid $http_x_authentik_uid;
+proxy_set_header X-authentik-uid $http_x_authentik_uid;

docker/main/rootfs/usr/local/nginx/get_tls_settings.py

@@ -0,0 +1,30 @@
+"""Prints the tls config as json to stdout."""
+
+import json
+import os
+
+from ruamel.yaml import YAML
+
+yaml = YAML()
+
+config_file = os.environ.get("CONFIG_FILE", "/config/config.yml")
+
+# Check if we can use .yaml instead of .yml
+config_file_yaml = config_file.replace(".yml", ".yaml")
+if os.path.isfile(config_file_yaml):
+    config_file = config_file_yaml
+
+try:
+    with open(config_file) as f:
+        raw_config = f.read()
+
+    if config_file.endswith((".yaml", ".yml")):
+        config: dict[str, any] = yaml.load(raw_config)
+    elif config_file.endswith(".json"):
+        config: dict[str, any] = json.loads(raw_config)
+except FileNotFoundError:
+    config: dict[str, any] = {}
+
+tls_config: dict[str, any] = config.get("tls", {"enabled": True})
+
+print(json.dumps(tls_config))

docker/main/rootfs/usr/local/nginx/templates/listen.gotmpl

@@ -0,0 +1,33 @@
+# intended for internal traffic, not protected by auth
+listen 5000;
+
+{{ if not .enabled }}
+# intended for external traffic, protected by auth
+listen 8971;
+{{ else }}
+# intended for external traffic, protected by auth
+listen 8971 ssl;
+
+ssl_certificate /etc/letsencrypt/live/frigate/fullchain.pem;
+ssl_certificate_key /etc/letsencrypt/live/frigate/privkey.pem;
+
+# generated 2024-06-01, Mozilla Guideline v5.7, nginx 1.25.3, OpenSSL 1.1.1w, modern configuration, no OCSP
+# https://ssl-config.mozilla.org/#server=nginx&version=1.25.3&config=modern&openssl=1.1.1w&ocsp=false&guideline=5.7
+ssl_session_timeout 1d;
+ssl_session_cache shared:MozSSL:10m;  # about 40000 sessions
+ssl_session_tickets off;
+
+# modern configuration
+ssl_protocols TLSv1.3;
+ssl_prefer_server_ciphers off;
+
+# HSTS (ngx_http_headers_module is required) (63072000 seconds)
+add_header Strict-Transport-Security "max-age=63072000" always;
+
+# ACME challenge location
+location /.well-known/acme-challenge/ {
+    default_type "text/plain";
+    root /etc/letsencrypt/www;
+}
+{{ end }}
+

docker/rockchip/Dockerfile

@@ -22,5 +22,6 @@ ADD https://github.com/MarcA711/rknn-toolkit2/releases/download/v2.0.0/librknnrt
 
 RUN rm -rf /usr/lib/btbn-ffmpeg/bin/ffmpeg
 RUN rm -rf /usr/lib/btbn-ffmpeg/bin/ffprobe
-ADD --chmod=111 https://github.com/MarcA711/Rockchip-FFmpeg-Builds/releases/download/6.1-3/ffmpeg /usr/lib/btbn-ffmpeg/bin/
-ADD --chmod=111 https://github.com/MarcA711/Rockchip-FFmpeg-Builds/releases/download/6.1-3/ffprobe /usr/lib/btbn-ffmpeg/bin/
+ADD --chmod=111 https://github.com/MarcA711/Rockchip-FFmpeg-Builds/releases/download/6.1-5/ffmpeg /usr/lib/ffmpeg/6.0/bin/
+ADD --chmod=111 https://github.com/MarcA711/Rockchip-FFmpeg-Builds/releases/download/6.1-5/ffprobe /usr/lib/ffmpeg/6.0/bin/
+ENV PATH="/usr/lib/ffmpeg/6.0/bin/:${PATH}"

docker/rockchip/rk.mk

@@ -1,10 +1,15 @@
 BOARDS += rk
 
 local-rk: version
-	docker buildx bake --load --file=docker/rockchip/rk.hcl --set rk.tags=frigate:latest-rk rk
+	docker buildx bake --file=docker/rockchip/rk.hcl rk \
+		--set rk.tags=frigate:latest-rk \
+		--load
 
 build-rk: version
-	docker buildx bake --file=docker/rockchip/rk.hcl --set rk.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rk rk
+	docker buildx bake --file=docker/rockchip/rk.hcl rk \
+		--set rk.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rk
 
 push-rk: build-rk
-	docker buildx bake --push --file=docker/rockchip/rk.hcl --set rk.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rk rk
+	docker buildx bake --file=docker/rockchip/rk.hcl rk \
+		--set rk.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rk \
+		--push

docker/rocm/Dockerfile

@@ -23,11 +23,11 @@ COPY docker/rocm/rocm-pin-600 /etc/apt/preferences.d/
 
 RUN apt-get update
 
-RUN apt-get -y install --no-install-recommends migraphx
+RUN apt-get -y install --no-install-recommends migraphx hipfft roctracer
 RUN apt-get -y install --no-install-recommends migraphx-dev
 
 RUN mkdir -p /opt/rocm-dist/opt/rocm-$ROCM/lib
-RUN cd /opt/rocm-$ROCM/lib && cp -dpr libMIOpen*.so* libamd*.so* libhip*.so* libhsa*.so* libmigraphx*.so* librocm*.so* librocblas*.so* /opt/rocm-dist/opt/rocm-$ROCM/lib/
+RUN cd /opt/rocm-$ROCM/lib && cp -dpr libMIOpen*.so* libamd*.so* libhip*.so* libhsa*.so* libmigraphx*.so* librocm*.so* librocblas*.so* libroctracer*.so* librocfft*.so* /opt/rocm-dist/opt/rocm-$ROCM/lib/
 RUN cd /opt/rocm-dist/opt/ && ln -s rocm-$ROCM rocm
 
 RUN mkdir -p /opt/rocm-dist/etc/ld.so.conf.d/
@@ -69,7 +69,11 @@ RUN apt-get -y install libnuma1
 
 WORKDIR /opt/frigate/
 COPY --from=rootfs / /
-COPY docker/rocm/rootfs/ /
+
+COPY docker/rocm/requirements-wheels-rocm.txt /requirements.txt
+RUN python3 -m pip install --upgrade pip \
+    && pip3 uninstall -y onnxruntime-openvino \
+    && pip3 install -r /requirements.txt
 
 #######################################################################
 FROM scratch AS rocm-dist
@@ -79,6 +83,7 @@ ARG AMDGPU
 
 COPY --from=rocm /opt/rocm-$ROCM/bin/rocminfo /opt/rocm-$ROCM/bin/migraphx-driver /opt/rocm-$ROCM/bin/
 COPY --from=rocm /opt/rocm-$ROCM/share/miopen/db/*$AMDGPU* /opt/rocm-$ROCM/share/miopen/db/
+COPY --from=rocm /opt/rocm-$ROCM/share/miopen/db/*gfx908* /opt/rocm-$ROCM/share/miopen/db/
 COPY --from=rocm /opt/rocm-$ROCM/lib/rocblas/library/*$AMDGPU* /opt/rocm-$ROCM/lib/rocblas/library/
 COPY --from=rocm /opt/rocm-dist/ /
 COPY --from=debian-build /opt/rocm/lib/migraphx.cpython-39-x86_64-linux-gnu.so /opt/rocm-$ROCM/lib/
@@ -101,6 +106,3 @@ ENV HSA_OVERRIDE_GFX_VERSION=$HSA_OVERRIDE_GFX_VERSION
 #######################################################################
 FROM rocm-prelim-hsa-override$HSA_OVERRIDE as rocm-deps
 
-# Request yolov8 download at startup
-ENV DOWNLOAD_YOLOV8=1
-

docker/rocm/requirements-wheels-rocm.txt

@@ -0,0 +1 @@
+onnxruntime-rocm @ https://github.com/NickM-27/frigate-onnxruntime-rocm/releases/download/v1.0.0/onnxruntime_rocm-1.17.3-cp39-cp39-linux_x86_64.whl

docker/rocm/rocm.mk

@@ -4,14 +4,50 @@ BOARDS += rocm
 ROCM_CHIPSETS:=gfx900:9.0.0 gfx1030:10.3.0 gfx1100:11.0.0
 
 local-rocm: version
-	$(foreach chipset,$(ROCM_CHIPSETS),AMDGPU=$(word 1,$(subst :, ,$(chipset))) HSA_OVERRIDE_GFX_VERSION=$(word 2,$(subst :, ,$(chipset))) HSA_OVERRIDE=1 docker buildx bake --load --file=docker/rocm/rocm.hcl --set rocm.tags=frigate:latest-rocm-$(word 1,$(subst :, ,$(chipset))) rocm;)
-	unset HSA_OVERRIDE_GFX_VERSION && HSA_OVERRIDE=0 AMDGPU=gfx docker buildx bake --load --file=docker/rocm/rocm.hcl --set rocm.tags=frigate:latest-rocm rocm
+	$(foreach chipset,$(ROCM_CHIPSETS), \
+		AMDGPU=$(word 1,$(subst :, ,$(chipset))) \
+		HSA_OVERRIDE_GFX_VERSION=$(word 2,$(subst :, ,$(chipset))) \
+		HSA_OVERRIDE=1 \
+		docker buildx bake --file=docker/rocm/rocm.hcl rocm \
+			--set rocm.tags=frigate:latest-rocm-$(word 1,$(subst :, ,$(chipset))) \
+			--load \
+	&&) true
+	
+	unset HSA_OVERRIDE_GFX_VERSION && \
+	HSA_OVERRIDE=0 \
+	AMDGPU=gfx \
+	docker buildx bake --file=docker/rocm/rocm.hcl rocm \
+		--set rocm.tags=frigate:latest-rocm \
+		--load
 
 build-rocm: version
-	$(foreach chipset,$(ROCM_CHIPSETS),AMDGPU=$(word 1,$(subst :, ,$(chipset))) HSA_OVERRIDE_GFX_VERSION=$(word 2,$(subst :, ,$(chipset))) HSA_OVERRIDE=1 docker buildx bake --file=docker/rocm/rocm.hcl --set rocm.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rocm-$(chipset) rocm;)
-	unset HSA_OVERRIDE_GFX_VERSION && HSA_OVERRIDE=0 AMDGPU=gfx docker buildx bake --file=docker/rocm/rocm.hcl --set rocm.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rocm rocm
+	$(foreach chipset,$(ROCM_CHIPSETS), \
+		AMDGPU=$(word 1,$(subst :, ,$(chipset))) \
+		HSA_OVERRIDE_GFX_VERSION=$(word 2,$(subst :, ,$(chipset))) \
+		HSA_OVERRIDE=1 \
+		docker buildx bake --file=docker/rocm/rocm.hcl rocm \
+			--set rocm.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rocm-$(chipset) \
+	&&) true
+
+	unset HSA_OVERRIDE_GFX_VERSION && \
+	HSA_OVERRIDE=0 \
+	AMDGPU=gfx \
+	docker buildx bake --file=docker/rocm/rocm.hcl rocm \
+		--set rocm.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rocm
 
 push-rocm: build-rocm
-	$(foreach chipset,$(ROCM_CHIPSETS),AMDGPU=$(word 1,$(subst :, ,$(chipset))) HSA_OVERRIDE_GFX_VERSION=$(word 2,$(subst :, ,$(chipset))) HSA_OVERRIDE=1 docker buildx bake --push --file=docker/rocm/rocm.hcl --set rocm.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rocm-$(chipset) rocm;)
-	unset HSA_OVERRIDE_GFX_VERSION && HSA_OVERRIDE=0 AMDGPU=gfx docker buildx bake --push --file=docker/rocm/rocm.hcl --set rocm.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rocm rocm
+	$(foreach chipset,$(ROCM_CHIPSETS), \
+		AMDGPU=$(word 1,$(subst :, ,$(chipset))) \
+		HSA_OVERRIDE_GFX_VERSION=$(word 2,$(subst :, ,$(chipset))) \
+		HSA_OVERRIDE=1 \
+		docker buildx bake --file=docker/rocm/rocm.hcl rocm \
+			--set rocm.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rocm-$(chipset) \
+			--push \
+	&&) true
 
+	unset HSA_OVERRIDE_GFX_VERSION && \
+	HSA_OVERRIDE=0 \
+	AMDGPU=gfx \
+	docker buildx bake --file=docker/rocm/rocm.hcl rocm \
+		--set rocm.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rocm \
+		--push

docker/rocm/rootfs/etc/s6-overlay/s6-rc.d/compile-rocm-models/run

@@ -1,20 +0,0 @@
-#!/command/with-contenv bash
-# shellcheck shell=bash
-# Compile YoloV8 ONNX files into ROCm MIGraphX files
-
-OVERRIDE=$(cd /opt/frigate && python3 -c 'import frigate.detectors.plugins.rocm as rocm; print(rocm.auto_override_gfx_version())')
-
-if ! test -z "$OVERRIDE"; then
-  echo "Using HSA_OVERRIDE_GFX_VERSION=${OVERRIDE}"
-  export HSA_OVERRIDE_GFX_VERSION=$OVERRIDE
-fi
-
-for onnx in /config/model_cache/yolov8/*.onnx
-do
-  mxr="${onnx%.onnx}.mxr"
-  if ! test -f $mxr; then
-    echo "processing $onnx into $mxr"
-    /opt/rocm/bin/migraphx-driver compile $onnx --optimize --gpu --enable-offload-copy --binary -o $mxr
-  fi
-done
-

docker/rocm/rootfs/etc/s6-overlay/s6-rc.d/compile-rocm-models/type

@@ -1 +0,0 @@
-oneshot

docker/rocm/rootfs/etc/s6-overlay/s6-rc.d/compile-rocm-models/up

@@ -1 +0,0 @@
-/etc/s6-overlay/s6-rc.d/compile-rocm-models/run

docker/rpi/Dockerfile

@@ -12,5 +12,7 @@ RUN rm -rf /usr/lib/btbn-ffmpeg/
 RUN --mount=type=bind,source=docker/rpi/install_deps.sh,target=/deps/install_deps.sh \
     /deps/install_deps.sh
 
+ENV LIBAVFORMAT_VERSION_MAJOR=58
+
 WORKDIR /opt/frigate/
 COPY --from=rootfs / /

docker/rpi/rpi.mk

@@ -1,10 +1,15 @@
 BOARDS += rpi
 
 local-rpi: version
-	docker buildx bake --load --file=docker/rpi/rpi.hcl --set rpi.tags=frigate:latest-rpi rpi
+	docker buildx bake --file=docker/rpi/rpi.hcl rpi \
+		--set rpi.tags=frigate:latest-rpi \
+		--load
 
 build-rpi: version
-	docker buildx bake --file=docker/rpi/rpi.hcl --set rpi.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rpi rpi
+	docker buildx bake --file=docker/rpi/rpi.hcl rpi \
+		--set rpi.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rpi
 
 push-rpi: build-rpi
-	docker buildx bake --push --file=docker/rpi/rpi.hcl --set rpi.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rpi rpi
+	docker buildx bake --file=docker/rpi/rpi.hcl rpi \
+		--set rpi.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rpi \
+		--push

docker/tensorrt/Dockerfile.amd64

@@ -12,12 +12,28 @@ ARG TARGETARCH
 COPY docker/tensorrt/requirements-amd64.txt /requirements-tensorrt.txt
 RUN mkdir -p /trt-wheels && pip3 wheel --wheel-dir=/trt-wheels -r /requirements-tensorrt.txt
 
+# Build CuDNN
+FROM wget AS cudnn-deps
+
+ARG COMPUTE_LEVEL
+
+RUN apt-get update \
+    && apt-get install -y git build-essential
+
+RUN wget https://developer.download.nvidia.com/compute/cuda/repos/debian11/x86_64/cuda-keyring_1.1-1_all.deb \
+&& dpkg -i cuda-keyring_1.1-1_all.deb \
+&& apt-get update \
+&& apt-get -y install cuda-toolkit \
+&& rm -rf /var/lib/apt/lists/*
+
 FROM tensorrt-base AS frigate-tensorrt
 ENV TRT_VER=8.5.3
 RUN --mount=type=bind,from=trt-wheels,source=/trt-wheels,target=/deps/trt-wheels \
     pip3 install -U /deps/trt-wheels/*.whl && \
     ldconfig
+COPY --from=cudnn-deps /usr/local/cuda-12.6 /usr/local/cuda
 
+ENV LD_LIBRARY_PATH=/usr/local/lib/python3.9/dist-packages/tensorrt:/usr/local/cuda/lib64:/usr/local/lib/python3.9/dist-packages/nvidia/cufft/lib
 WORKDIR /opt/frigate/
 COPY --from=rootfs / /
 
@@ -26,6 +42,7 @@ FROM devcontainer AS devcontainer-trt
 
 COPY --from=trt-deps /usr/local/lib/libyolo_layer.so /usr/local/lib/libyolo_layer.so
 COPY --from=trt-deps /usr/local/src/tensorrt_demos /usr/local/src/tensorrt_demos
+COPY --from=cudnn-deps /usr/local/cuda-12.6 /usr/local/cuda
 COPY docker/tensorrt/detector/rootfs/ /
 COPY --from=trt-deps /usr/local/lib/libyolo_layer.so /usr/local/lib/libyolo_layer.so
 RUN --mount=type=bind,from=trt-wheels,source=/trt-wheels,target=/deps/trt-wheels \

docker/tensorrt/Dockerfile.arm64

@@ -10,8 +10,8 @@ ARG DEBIAN_FRONTEND
 # Use a separate container to build wheels to prevent build dependencies in final image
 RUN apt-get -qq update \
     && apt-get -qq install -y --no-install-recommends \
-       python3.9 python3.9-dev \
-       wget build-essential cmake git \
+    python3.9 python3.9-dev \
+    wget build-essential cmake git \
     && rm -rf /var/lib/apt/lists/*
 
 # Ensure python3 defaults to python3.9
@@ -41,7 +41,11 @@ RUN --mount=type=bind,source=docker/tensorrt/detector/build_python_tensorrt.sh,t
     && TENSORRT_VER=$(cat /etc/TENSORRT_VER) /deps/build_python_tensorrt.sh
 
 COPY docker/tensorrt/requirements-arm64.txt /requirements-tensorrt.txt
-RUN pip3 wheel --wheel-dir=/trt-wheels -r /requirements-tensorrt.txt
+ADD https://nvidia.box.com/shared/static/9aemm4grzbbkfaesg5l7fplgjtmswhj8.whl /tmp/onnxruntime_gpu-1.15.1-cp39-cp39-linux_aarch64.whl
+
+RUN pip3 uninstall -y onnxruntime-openvino \
+    && pip3 wheel --wheel-dir=/trt-wheels -r /requirements-tensorrt.txt \
+    && pip3 install --no-deps /tmp/onnxruntime_gpu-1.15.1-cp39-cp39-linux_aarch64.whl
 
 FROM build-wheels AS trt-model-wheels
 ARG DEBIAN_FRONTEND

docker/tensorrt/Dockerfile.base

@@ -25,7 +25,7 @@ ENV S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0
 COPY --from=trt-deps /usr/local/lib/libyolo_layer.so /usr/local/lib/libyolo_layer.so
 COPY --from=trt-deps /usr/local/src/tensorrt_demos /usr/local/src/tensorrt_demos
 COPY docker/tensorrt/detector/rootfs/ /
-ENV YOLO_MODELS="yolov7-320"
+ENV YOLO_MODELS=""
 
 HEALTHCHECK --start-period=600s --start-interval=5s --interval=15s --timeout=5s --retries=3 \
     CMD curl --fail --silent --show-error http://127.0.0.1:5000/api/version || exit 1

docker/tensorrt/detector/rootfs/etc/s6-overlay/s6-rc.d/trt-model-prepare/run

@@ -11,6 +11,7 @@ set -o errexit -o nounset -o pipefail
 MODEL_CACHE_DIR=${MODEL_CACHE_DIR:-"/config/model_cache/tensorrt"}
 TRT_VER=${TRT_VER:-$(cat /etc/TENSORRT_VER)}
 OUTPUT_FOLDER="${MODEL_CACHE_DIR}/${TRT_VER}"
+YOLO_MODELS=${YOLO_MODELS:-""}
 
 # Create output folder
 mkdir -p ${OUTPUT_FOLDER}
@@ -19,6 +20,11 @@ FIRST_MODEL=true
 MODEL_DOWNLOAD=""
 MODEL_CONVERT=""
 
+if [ -z "$YOLO_MODELS"]; then
+    echo "tensorrt model preparation disabled"
+    exit 0
+fi
+
 for model in ${YOLO_MODELS//,/ }
 do
     # Remove old link in case path/version changed

docker/tensorrt/requirements-amd64.txt

@@ -8,5 +8,7 @@ nvidia-cuda-runtime-cu12 == 12.1.*; platform_machine == 'x86_64'
 nvidia-cuda-runtime-cu11 == 11.8.*; platform_machine == 'x86_64'
 nvidia-cublas-cu11 == 11.11.3.6; platform_machine == 'x86_64'
 nvidia-cudnn-cu11 == 8.6.0.*; platform_machine == 'x86_64'
-onnx==1.14.0; platform_machine == 'x86_64'
-protobuf==3.20.3; platform_machine == 'x86_64'
+nvidia-cufft-cu11==10.*; platform_machine == 'x86_64'
+onnx==1.16.*; platform_machine == 'x86_64'
+onnxruntime-gpu==1.18.*; platform_machine == 'x86_64'
+protobuf==3.20.3; platform_machine == 'x86_64'

docker/tensorrt/requirements-arm64.txt

@@ -1 +1 @@
-cuda-python == 11.7; platform_machine == 'aarch64'
+cuda-python == 11.7; platform_machine == 'aarch64'

docker/tensorrt/trt.mk

@@ -7,20 +7,35 @@ JETPACK4_ARGS := ARCH=arm64 BASE_IMAGE=$(JETPACK4_BASE) SLIM_BASE=$(JETPACK4_BAS
 JETPACK5_ARGS := ARCH=arm64 BASE_IMAGE=$(JETPACK5_BASE) SLIM_BASE=$(JETPACK5_BASE) TRT_BASE=$(JETPACK5_BASE)
 
 local-trt: version
-	$(X86_DGPU_ARGS) docker buildx bake --load --file=docker/tensorrt/trt.hcl --set tensorrt.tags=frigate:latest-tensorrt tensorrt
+	$(X86_DGPU_ARGS) docker buildx bake --file=docker/tensorrt/trt.hcl tensorrt \
+		--set tensorrt.tags=frigate:latest-tensorrt \
+		--load
 
 local-trt-jp4: version
-	$(JETPACK4_ARGS) docker buildx bake --load --file=docker/tensorrt/trt.hcl --set tensorrt.tags=frigate:latest-tensorrt-jp4 tensorrt
+	$(JETPACK4_ARGS) docker buildx bake --file=docker/tensorrt/trt.hcl tensorrt \
+		--set tensorrt.tags=frigate:latest-tensorrt-jp4 \
+		--load
 
 local-trt-jp5: version
-	$(JETPACK5_ARGS) docker buildx bake --load --file=docker/tensorrt/trt.hcl --set tensorrt.tags=frigate:latest-tensorrt-jp5 tensorrt
+	$(JETPACK5_ARGS) docker buildx bake --file=docker/tensorrt/trt.hcl tensorrt \
+		--set tensorrt.tags=frigate:latest-tensorrt-jp5 \
+		--load
 
 build-trt:
-	$(X86_DGPU_ARGS) docker buildx bake --file=docker/tensorrt/trt.hcl --set tensorrt.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-tensorrt tensorrt
-	$(JETPACK4_ARGS) docker buildx bake --file=docker/tensorrt/trt.hcl --set tensorrt.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-tensorrt-jp4 tensorrt
-	$(JETPACK5_ARGS) docker buildx bake --file=docker/tensorrt/trt.hcl --set tensorrt.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-tensorrt-jp5 tensorrt
+	$(X86_DGPU_ARGS) docker buildx bake --file=docker/tensorrt/trt.hcl tensorrt \
+		--set tensorrt.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-tensorrt
+	$(JETPACK4_ARGS) docker buildx bake --file=docker/tensorrt/trt.hcl tensorrt \
+		--set tensorrt.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-tensorrt-jp4
+	$(JETPACK5_ARGS) docker buildx bake --file=docker/tensorrt/trt.hcl tensorrt \
+		--set tensorrt.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-tensorrt-jp5
 
 push-trt: build-trt
-	$(X86_DGPU_ARGS) docker buildx bake --push --file=docker/tensorrt/trt.hcl --set tensorrt.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-tensorrt tensorrt
-	$(JETPACK4_ARGS) docker buildx bake --push --file=docker/tensorrt/trt.hcl --set tensorrt.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-tensorrt-jp4 tensorrt
-	$(JETPACK5_ARGS) docker buildx bake --push --file=docker/tensorrt/trt.hcl --set tensorrt.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-tensorrt-jp5 tensorrt
+	$(X86_DGPU_ARGS) docker buildx bake --file=docker/tensorrt/trt.hcl tensorrt \
+		--set tensorrt.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-tensorrt \
+		--push
+	$(JETPACK4_ARGS) docker buildx bake --file=docker/tensorrt/trt.hcl tensorrt \
+		--set tensorrt.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-tensorrt-jp4 \
+		--push
+	$(JETPACK5_ARGS) docker buildx bake --file=docker/tensorrt/trt.hcl tensorrt \
+		--set tensorrt.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-tensorrt-jp5 \
+		--push

docs/README.md

@@ -1,5 +1,10 @@
 # Website
 
-This website is built using [Docusaurus 2](https://v2.docusaurus.io/), a modern static website generator.
+This website is built using [Docusaurus 3.5](https://docusaurus.io/docs), a modern static website generator.
 
 For installation and contributing instructions, please follow the [Contributing Docs](https://docs.frigate.video/development/contributing).
+
+# Development
+
+1. Run `npm i` to install dependencies
+2. Run `npm run start` to start the website

docs/docs/configuration/advanced.md

@@ -41,7 +41,7 @@ environment_vars:
 
 ### `database`
 
-Event and recording information is managed in a sqlite database at `/config/frigate.db`. If that database is deleted, recordings will be orphaned and will need to be cleaned up manually. They also won't show up in the Media Browser within Home Assistant.
+Tracked object and recording information is managed in a sqlite database at `/config/frigate.db`. If that database is deleted, recordings will be orphaned and will need to be cleaned up manually. They also won't show up in the Media Browser within Home Assistant.
 
 If you are storing your database on a network share (SMB, NFS, etc), you may get a `database is locked` error message on startup. You can customize the location of the database in the config if necessary.
 
@@ -80,6 +80,14 @@ model:
   input_pixel_format: "bgr"
 ```
 
+#### `labelmap`
+
+:::warning
+
+If the labelmap is customized then the labels used for alerts will need to be adjusted as well. See [alert labels](../configuration/review.md#restricting-alerts-to-specific-labels) for more info.
+
+:::
+
 The labelmap can be customized to your needs. A common reason to do this is to combine multiple object types that are easily confused when you don't need to be as granular such as car/truck. By default, truck is renamed to car because they are often confused. You cannot add new object types, but you can change the names of existing objects in the model.
 
 ```yaml
@@ -106,21 +114,67 @@ Some labels have special handling and modifications can disable functionality.
 
 :::
 
-## Custom ffmpeg build
+## Network Configuration
 
-Included with Frigate is a build of ffmpeg that works for the vast majority of users. However, there exists some hardware setups which have incompatibilities with the included build. In this case, a docker volume mapping can be used to overwrite the included ffmpeg build with an ffmpeg build that works for your specific hardware setup.
+Changes to Frigate's internal network configuration can be made by bind mounting nginx.conf into the container. For example:
+
+```yaml
+services:
+  frigate:
+    container_name: frigate
+    ...
+    volumes:
+      ...
+      - /path/to/your/nginx.conf:/usr/local/nginx/conf/nginx.conf
+```
+
+### Enabling IPv6
+
+IPv6 is disabled by default, to enable IPv6 listen.gotmpl needs to be bind mounted with IPv6 enabled. For example:
+
+```
+{{ if not .enabled }}
+# intended for external traffic, protected by auth
+listen 8971;
+{{ else }}
+# intended for external traffic, protected by auth
+listen 8971 ssl;
+
+# intended for internal traffic, not protected by auth
+listen 5000;
+```
+
+becomes
+
+```
+{{ if not .enabled }}
+# intended for external traffic, protected by auth
+listen [::]:8971 ipv6only=off;
+{{ else }}
+# intended for external traffic, protected by auth
+listen [::]:8971 ipv6only=off ssl;
+
+# intended for internal traffic, not protected by auth
+listen [::]:5000 ipv6only=off;
+```
+
+## Custom Dependencies
+
+### Custom ffmpeg build
+
+Included with Frigate is a build of ffmpeg that works for the vast majority of users. However, there exists some hardware setups which have incompatibilities with the included build. In this case, statically built ffmpeg binary can be downloaded to /config and used.
 
 To do this:
 
-1. Download your ffmpeg build and uncompress to a folder on the host (let's use `/home/appdata/frigate/custom-ffmpeg` for this example).
+1. Download your ffmpeg build and uncompress to the Frigate config folder.
 2. Update your docker-compose or docker CLI to include `'/home/appdata/frigate/custom-ffmpeg':'/usr/lib/btbn-ffmpeg':'ro'` in the volume mappings.
 3. Restart Frigate and the custom version will be used if the mapping was done correctly.
 
-NOTE: The folder that is mapped from the host needs to be the folder that contains `/bin`. So if the full structure is `/home/appdata/frigate/custom-ffmpeg/bin/ffmpeg` then `/home/appdata/frigate/custom-ffmpeg` needs to be mapped to `/usr/lib/btbn-ffmpeg`.
+NOTE: The folder that is set for the config needs to be the folder that contains `/bin`. So if the full structure is `/home/appdata/frigate/custom-ffmpeg/bin/ffmpeg` then the `ffmpeg -> path` field should be `/config/custom-ffmpeg/bin`.
 
-## Custom go2rtc version
+### Custom go2rtc version
 
-Frigate currently includes go2rtc v1.9.2, there may be certain cases where you want to run a different version of go2rtc.
+Frigate currently includes go2rtc v1.9.4, there may be certain cases where you want to run a different version of go2rtc.
 
 To do this:
 
@@ -129,7 +183,7 @@ To do this:
 3. Give `go2rtc` execute permission.
 4. Restart Frigate and the custom version will be used, you can verify by checking go2rtc logs.
 
-## Validating your config.yaml file updates
+## Validating your config.yml file updates
 
 When frigate starts up, it checks whether your config file is valid, and if it is not, the process exits. To minimize interruptions when updating your config, you have three options -- you can edit the config via the WebUI which has built in validation, use the config API, or you can validate on the command line using the frigate docker container.
 
@@ -157,5 +211,5 @@ docker run                                \
   --entrypoint python3                    \
   ghcr.io/blakeblackshear/frigate:stable  \
   -u -m frigate                           \
-  --validate_config
+  --validate-config
 ```

docs/docs/configuration/authentication.md

@@ -5,32 +5,28 @@ title: Authentication
 
 # Authentication
 
-## Modes
-
-Frigate supports two modes for authentication
-
-| Mode     | Description                                                                                                                                                                     |
-| -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| `native` | (default) Use this mode if you don't implement authentication with a proxy in front of Frigate.                                                                                 |
-| `proxy`  | Use this mode if you have an existing proxy for authentication. Supports passing authenticated user downstream to Frigate for role-based authorization (future implementation). |
-
-### Native mode
-
 Frigate stores user information in its database. Password hashes are generated using industry standard PBKDF2-SHA256 with 600,000 iterations. Upon successful login, a JWT token is issued with an expiration date and set as a cookie. The cookie is refreshed as needed automatically. This JWT token can also be passed in the Authorization header as a bearer token.
 
 Users are managed in the UI under Settings > Users.
 
-#### Onboarding
+The following ports are available to access the Frigate web UI.
+
+| Port   | Description                                                                                                                                                                                                  |
+| ------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
+| `8971` | Authenticated UI and API. Reverse proxies should use this port.                                                                                                                                              |
+| `5000` | Internal unauthenticated UI and API access. Access to this port should be limited. Intended to be used within the docker network for services that integrate with Frigate and do not support authentication. |
+
+## Onboarding
 
 On startup, an admin user and password are generated and printed in the logs. It is recommended to set a new password for the admin account after logging in for the first time under Settings > Users.
 
-#### Resetting admin password
+## Resetting admin password
 
 In the event that you are locked out of your instance, you can tell Frigate to reset the admin password and print it in the logs on next startup using the `reset_admin_password` setting in your config file.
 
-#### Login failure rate limiting
+## Login failure rate limiting
 
-In order to limit the risk of brute force attacks, rate limiting is available for login failures. This is implemented with Flask-Limiter, and the string notation for valid values is available in [the documentation](https://flask-limiter.readthedocs.io/en/stable/configuration.html#rate-limit-string-notation).
+In order to limit the risk of brute force attacks, rate limiting is available for login failures. This is implemented with SlowApi, and the string notation for valid values is available in [the documentation](https://limits.readthedocs.io/en/stable/quickstart.html#examples).
 
 For example, `1/second;5/minute;20/hour` will rate limit the login endpoint when failures occur more than:
 
@@ -46,22 +42,60 @@ If you are running a reverse proxy in the same docker compose file as Frigate, h
 
 ```yaml
 auth:
-  mode: native
   failed_login_rate_limit: "1/second;5/minute;20/hour"
   trusted_proxies:
     - 172.18.0.0/16 # <---- this is the subnet for the internal docker compose network
 ```
 
-### Proxy mode
+## JWT Token Secret
 
-Proxy mode is designed to complement common upstream authentication proxies such as Authelia, Authentik, oauth2_proxy, or traefik-forward-auth.
+The JWT token secret needs to be kept secure. Anyone with this secret can generate valid JWT tokens to authenticate with Frigate. This should be a cryptographically random string of at least 64 characters.
 
-#### Header mapping
+You can generate a token using the Python secret library with the following command:
 
-If your proxy supports passing a header with the authenticated username, you can use the `header_map` config to specify the header name so it is passed to Frigate. For example, the following will map the `X-Forwarded-User` value. Header names are not case sensitive.
+```shell
+python3 -c 'import secrets; print(secrets.token_hex(64))'
+```
+
+Frigate looks for a JWT token secret in the following order:
+
+1. An environment variable named `FRIGATE_JWT_SECRET`
+2. A docker secret named `FRIGATE_JWT_SECRET` in `/run/secrets/`
+3. A `jwt_secret` option from the Home Assistant Addon options
+4. A `.jwt_secret` file in the config directory
+
+If no secret is found on startup, Frigate generates one and stores it in a `.jwt_secret` file in the config directory.
+
+Changing the secret will invalidate current tokens.
+
+## Proxy configuration
+
+Frigate can be configured to leverage features of common upstream authentication proxies such as Authelia, Authentik, oauth2_proxy, or traefik-forward-auth.
+
+If you are leveraging the authentication of an upstream proxy, you likely want to disable Frigate's authentication. Optionally, if communication between the reverse proxy and Frigate is over an untrusted network, you should set an `auth_secret` in the `proxy` config and configure the proxy to send the secret value as a header named `X-Proxy-Secret`. Assuming this is an untrusted network, you will also want to [configure a real TLS certificate](tls.md) to ensure the traffic can't simply be sniffed to steal the secret.
+
+Here is an example of how to disable Frigate's authentication and also ensure the requests come only from your known proxy.
 
 ```yaml
 auth:
+  enabled: False
+
+proxy:
+  auth_secret: <some random long string>
+```
+
+You can use the following code to generate a random secret.
+
+```shell
+python3 -c 'import secrets; print(secrets.token_hex(64))'
+```
+
+### Header mapping
+
+If you have disabled Frigate's authentication and your proxy supports passing a header with the authenticated username, you can use the `header_map` config to specify the header name so it is passed to Frigate. For example, the following will map the `X-Forwarded-User` value. Header names are not case sensitive.
+
+```yaml
+proxy:
   ...
   header_map:
     user: x-forwarded-user
@@ -89,10 +123,10 @@ If you would like to add more options, you can overwrite the default file with a
 
 Future versions of Frigate may leverage group and role headers for authorization in Frigate as well.
 
-#### Login page redirection
+### Login page redirection
 
 Frigate gracefully performs login page redirection that should work with most authentication proxies. If your reverse proxy returns a `Location` header on `401`, `302`, or `307` unauthorized responses, Frigate's frontend will automatically detect it and redirect to that URL.
 
-#### Custom logout url
+### Custom logout url
 
 If your reverse proxy has a dedicated logout url, you can specify using the `logout_url` config option. This will update the link for the `Logout` link in the UI.

docs/docs/configuration/camera_specific.md

@@ -9,6 +9,12 @@ This page makes use of presets of FFmpeg args. For more information on presets,
 
 :::
 
+:::note
+
+Many cameras support encoding options which greatly affect the live view experience, see the [Live view](/configuration/live) page for more info.
+
+:::
+
 ## MJPEG Cameras
 
 Note that mjpeg cameras require encoding the video into h264 for recording, and restream roles. This will use significantly more CPU than if the cameras supported h264 feeds directly. It is recommended to use the restream role to create an h264 restream and then use that as the source for ffmpeg.
@@ -187,4 +193,4 @@ ffmpeg:
 
 ### TP-Link VIGI Cameras
 
-TP-Link VIGI cameras need some adjustments to the main stream settings on the camera itself to avoid issues. The stream needs to be configured as `H264` with `Smart Coding` set to `off`. Without these settings you may have problems when trying to watch recorded events. For example Firefox will stop playback after a few seconds and show the following error message: `The media playback was aborted due to a corruption problem or because the media used features your browser did not support.`.
+TP-Link VIGI cameras need some adjustments to the main stream settings on the camera itself to avoid issues. The stream needs to be configured as `H264` with `Smart Coding` set to `off`. Without these settings you may have problems when trying to watch recorded footage. For example Firefox will stop playback after a few seconds and show the following error message: `The media playback was aborted due to a corruption problem or because the media used features your browser did not support.`.

docs/docs/configuration/cameras.md

@@ -7,7 +7,7 @@ title: Camera Configuration
 
 Several inputs can be configured for each camera and the role of each input can be mixed and matched based on your needs. This allows you to use a lower resolution stream for object detection, but create recordings from a higher resolution stream, or vice versa.
 
-A camera is enabled by default but can be temporarily disabled by using `enabled: False`. Existing events and recordings can still be accessed. Live streams, recording and detecting are not working. Camera specific configurations will be used.
+A camera is enabled by default but can be temporarily disabled by using `enabled: False`. Existing tracked objects and recordings can still be accessed. Live streams, recording and detecting are not working. Camera specific configurations will be used.
 
 Each role can only be assigned to one input per camera. The options for roles are as follows:
 
@@ -46,6 +46,14 @@ cameras:
   side: ...
 ```
 
+:::note
+
+If you only define one stream in your `inputs` and do not assign a `detect` role to it, Frigate will automatically assign it the `detect` role. Frigate will always decode a stream to support motion detection, Birdseye, the API image endpoints, and other features, even if you have disabled object detection with `enabled: False` in your config's `detect` section.
+
+If you plan to use Frigate for recording only, it is still recommended to define a `detect` role for a low resolution stream to minimize resource usage from the required stream decoding.
+
+:::
+
 For camera model specific settings check the [camera specific](camera_specific.md) infos.
 
 ## Setting up camera PTZ controls
@@ -71,33 +79,41 @@ cameras:
 
 If the ONVIF connection is successful, PTZ controls will be available in the camera's WebUI.
 
+:::tip
+
+If your ONVIF camera does not require authentication credentials, you may still need to specify an empty string for `user` and `password`, eg: `user: ""` and `password: ""`.
+
+:::
+
 An ONVIF-capable camera that supports relative movement within the field of view (FOV) can also be configured to automatically track moving objects and keep them in the center of the frame. For autotracking setup, see the [autotracking](autotracking.md) docs.
 
 ## ONVIF PTZ camera recommendations
 
 This list of working and non-working PTZ cameras is based on user feedback.
 
-| Brand or specific camera | PTZ Controls | Autotracking | Notes                                                                                                                                           |
-| ------------------------ | :----------: | :----------: | ----------------------------------------------------------------------------------------------------------------------------------------------- |
-| Amcrest                  |      ✅      |      ✅      | ⛔️ Generally, Amcrest should work, but some older models (like the common IP2M-841) don't support auto tracking                                  |
-| Amcrest ASH21            |      ❌      |      ❌      | No ONVIF support                                                                                                                                |
-| Ctronics PTZ             |      ✅      |      ❌      |                                                                                                                                                 |
-| Dahua                    |      ✅      |      ✅      |                                                                                                                                                 |
-| Foscam R5                |      ✅      |      ❌      |                                                                                                                                                 |
-| Hanwha XNP-6550RH        |      ✅      |      ❌      |                                                                                                                                                 |
-| Hikvision                |      ✅      |      ❌      | Incomplete ONVIF support (MoveStatus won't update even on latest firmware) - reported with HWP-N4215IH-DE and DS-2DE3304W-DE, but likely others |
-| Reolink 511WA            |      ✅      |      ❌      | Zoom only                                                                                                                                       |
-| Reolink E1 Pro           |      ✅      |      ❌      |                                                                                                                                                 |
-| Reolink E1 Zoom          |      ✅      |      ❌      |                                                                                                                                                 |
-| Reolink RLC-823A 16x     |      ✅      |      ❌      |                                                                                                                                                 |
-| Sunba 405-D20X           |      ✅      |      ❌      |                                                                                                                                                 |
-| Tapo C200                |      ✅      |      ❌      | Incomplete ONVIF support                                                                                                                        |
-| Tapo C210                |      ✅      |      ❌      | Incomplete ONVIF support, ONVIF Service Port: 2020                                                                                              |
-| Tapo C220                |      ✅      |      ❌      | Incomplete ONVIF support, ONVIF Service Port: 2020                                                                                              |
-| Tapo C225                |      ✅      |      ❌      | Incomplete ONVIF support, ONVIF Service Port: 2020                                                                                              |
-| Tapo C520WS              |      ✅      |      ❌      | Incomplete ONVIF support, ONVIF Service Port: 2020                                                                                              |
-| Uniview IPC672LR-AX4DUPK |      ✅      |      ❌      | Firmware says FOV relative movement is supported, but camera doesn't actually move when sending ONVIF commands                                  |
-| Vikylin PTZ-2804X-I2     |      ❌      |      ❌      | Incomplete ONVIF support                                                                                                                        |
+| Brand or specific camera     | PTZ Controls | Autotracking | Notes                                                                                                                                           |
+| ---------------------------- | :----------: | :----------: | ----------------------------------------------------------------------------------------------------------------------------------------------- |
+| Amcrest                      |      ✅      |      ✅      | ⛔️ Generally, Amcrest should work, but some older models (like the common IP2M-841) don't support autotracking                                 |
+| Amcrest ASH21                |      ✅      |      ❌      | ONVIF service port: 80                                                                                                                          |
+| Amcrest IP4M-S2112EW-AI      |      ✅      |      ❌      | FOV relative movement not supported.                                                                                                            |
+| Amcrest IP5M-1190EW          |      ✅      |      ❌      | ONVIF Port: 80. FOV relative movement not supported.                                                                                            |
+| Ctronics PTZ                 |      ✅      |      ❌      |                                                                                                                                                 |
+| Dahua                        |      ✅      |      ✅      |                                                                                                                                                 |
+| Dahua DH-SD2A500HB           |      ✅      |      ❌      |                                                                                                                                                 |
+| Foscam R5                    |      ✅      |      ❌      |                                                                                                                                                 |
+| Hanwha XNP-6550RH            |      ✅      |      ❌      |                                                                                                                                                 |
+| Hikvision                    |      ✅      |      ❌      | Incomplete ONVIF support (MoveStatus won't update even on latest firmware) - reported with HWP-N4215IH-DE and DS-2DE3304W-DE, but likely others |
+| Hikvision DS-2DE3A404IWG-E/W |      ✅      |      ✅      |                                                                                                                                                 |
+| Reolink 511WA                |      ✅      |      ❌      | Zoom only                                                                                                                                       |
+| Reolink E1 Pro               |      ✅      |      ❌      |                                                                                                                                                 |
+| Reolink E1 Zoom              |      ✅      |      ❌      |                                                                                                                                                 |
+| Reolink RLC-823A 16x         |      ✅      |      ❌      |                                                                                                                                                 |
+| Speco O8P32X                 |      ✅      |      ❌      |                                                                                                                                                 |
+| Sunba 405-D20X               |      ✅      |      ❌      | Incomplete ONVIF support reported on original, and 4k models. All models are suspected incompatable.                                            |
+| Tapo                         |      ✅      |      ❌      | Many models supported, ONVIF Service Port: 2020                                                                                                 |
+| Uniview IPC672LR-AX4DUPK     |      ✅      |      ❌      | Firmware says FOV relative movement is supported, but camera doesn't actually move when sending ONVIF commands                                  |
+| Uniview IPC6612SR-X33-VG     |      ✅      |      ✅      | Leave `calibrate_on_startup` as `False`. A user has reported that zooming with `absolute` is working.                                           |
+| Vikylin PTZ-2804X-I2         |      ❌      |      ❌      | Incomplete ONVIF support                                                                                                                        |
 
 ## Setting up camera groups
 
@@ -115,6 +131,6 @@ camera_groups:
     cameras:
       - driveway_cam
       - garage_cam
-    icon: car
+    icon: LuCar
     order: 0
 ```

docs/docs/configuration/genai.md

@@ -0,0 +1,203 @@
+---
+id: genai
+title: Generative AI
+---
+
+Generative AI can be used to automatically generate descriptive text based on the thumbnails of your tracked objects. This helps with [Semantic Search](/configuration/semantic_search) in Frigate to provide more context about your tracked objects. Descriptions are accessed via the _Explore_ view in the Frigate UI by clicking on a tracked object's thumbnail.
+
+:::info
+
+Semantic Search must be enabled to use Generative AI.
+
+:::
+
+## Configuration
+
+Generative AI can be enabled for all cameras or only for specific cameras. There are currently 3 providers available to integrate with Frigate.
+
+If the provider you choose requires an API key, you may either directly paste it in your configuration, or store it in an environment variable prefixed with `FRIGATE_`.
+
+```yaml
+genai:
+  enabled: True
+  provider: gemini
+  api_key: "{FRIGATE_GEMINI_API_KEY}"
+  model: gemini-1.5-flash
+
+cameras:
+  front_camera: ...
+  indoor_camera:
+    genai: # <- disable GenAI for your indoor camera
+      enabled: False
+```
+
+## Ollama
+
+:::warning
+
+Using Ollama on CPU is not recommended, high inference times make using Generative AI impractical.
+
+:::
+
+[Ollama](https://ollama.com/) allows you to self-host large language models and keep everything running locally. It provides a nice API over [llama.cpp](https://github.com/ggerganov/llama.cpp). It is highly recommended to host this server on a machine with an Nvidia graphics card, or on a Apple silicon Mac for best performance.
+
+Most of the 7b parameter 4-bit vision models will fit inside 8GB of VRAM. There is also a [Docker container](https://hub.docker.com/r/ollama/ollama) available.
+
+Parallel requests also come with some caveats. You will need to set `OLLAMA_NUM_PARALLEL=1` and choose a `OLLAMA_MAX_QUEUE` and `OLLAMA_MAX_LOADED_MODELS` values that are appropriate for your hardware and preferences. See the [Ollama documentation](https://github.com/ollama/ollama/blob/main/docs/faq.md#how-does-ollama-handle-concurrent-requests).
+
+### Supported Models
+
+You must use a vision capable model with Frigate. Current model variants can be found [in their model library](https://ollama.com/library). At the time of writing, this includes `llava`, `llava-llama3`, `llava-phi3`, and `moondream`. Note that Frigate will not automatically download the model you specify in your config, you must download the model to your local instance of Ollama first i.e. by running `ollama pull llava:7b` on your Ollama server/Docker container. Note that the model specified in Frigate's config must match the downloaded model tag.
+
+:::note
+
+You should have at least 8 GB of RAM available (or VRAM if running on GPU) to run the 7B models, 16 GB to run the 13B models, and 32 GB to run the 33B models.
+
+:::
+
+### Configuration
+
+```yaml
+genai:
+  enabled: True
+  provider: ollama
+  base_url: http://localhost:11434
+  model: llava:7b
+```
+
+## Google Gemini
+
+Google Gemini has a free tier allowing [15 queries per minute](https://ai.google.dev/pricing) to the API, which is more than sufficient for standard Frigate usage.
+
+### Supported Models
+
+You must use a vision capable model with Frigate. Current model variants can be found [in their documentation](https://ai.google.dev/gemini-api/docs/models/gemini). At the time of writing, this includes `gemini-1.5-pro` and `gemini-1.5-flash`.
+
+### Get API Key
+
+To start using Gemini, you must first get an API key from [Google AI Studio](https://aistudio.google.com).
+
+1. Accept the Terms of Service
+2. Click "Get API Key" from the right hand navigation
+3. Click "Create API key in new project"
+4. Copy the API key for use in your config
+
+### Configuration
+
+```yaml
+genai:
+  enabled: True
+  provider: gemini
+  api_key: "{FRIGATE_GEMINI_API_KEY}"
+  model: gemini-1.5-flash
+```
+
+## OpenAI
+
+OpenAI does not have a free tier for their API. With the release of gpt-4o, pricing has been reduced and each generation should cost fractions of a cent if you choose to go this route.
+
+### Supported Models
+
+You must use a vision capable model with Frigate. Current model variants can be found [in their documentation](https://platform.openai.com/docs/models). At the time of writing, this includes `gpt-4o` and `gpt-4-turbo`.
+
+### Get API Key
+
+To start using OpenAI, you must first [create an API key](https://platform.openai.com/api-keys) and [configure billing](https://platform.openai.com/settings/organization/billing/overview).
+
+### Configuration
+
+```yaml
+genai:
+  enabled: True
+  provider: openai
+  api_key: "{FRIGATE_OPENAI_API_KEY}"
+  model: gpt-4o
+```
+
+## Azure OpenAI
+
+Microsoft offers several vision models through Azure OpenAI. A subscription is required.
+
+### Supported Models
+
+You must use a vision capable model with Frigate. Current model variants can be found [in their documentation](https://learn.microsoft.com/en-us/azure/ai-services/openai/concepts/models). At the time of writing, this includes `gpt-4o` and `gpt-4-turbo`.
+
+### Create Resource and Get API Key
+
+To start using Azure OpenAI, you must first [create a resource](https://learn.microsoft.com/azure/cognitive-services/openai/how-to/create-resource?pivots=web-portal#create-a-resource). You'll need your API key and resource URL, which must include the `api-version` parameter (see the example below). The model field is not required in your configuration as the model is part of the deployment name you chose when deploying the resource.
+
+### Configuration
+
+```yaml
+genai:
+  enabled: True
+  provider: azure_openai
+  base_url: https://example-endpoint.openai.azure.com/openai/deployments/gpt-4o/chat/completions?api-version=2023-03-15-preview
+  api_key: "{FRIGATE_OPENAI_API_KEY}"
+```
+
+## Usage and Best Practices
+
+Frigate's thumbnail search excels at identifying specific details about tracked objects – for example, using an "image caption" approach to find a "person wearing a yellow vest," "a white dog running across the lawn," or "a red car on a residential street." To enhance this further, Frigate’s default prompts are designed to ask your AI provider about the intent behind the object's actions, rather than just describing its appearance.
+
+While generating simple descriptions of detected objects is useful, understanding intent provides a deeper layer of insight. Instead of just recognizing "what" is in a scene, Frigate’s default prompts aim to infer "why" it might be there or "what" it could do next. Descriptions tell you what’s happening, but intent gives context. For instance, a person walking toward a door might seem like a visitor, but if they’re moving quickly after hours, you can infer a potential break-in attempt. Detecting a person loitering near a door at night can trigger an alert sooner than simply noting "a person standing by the door," helping you respond based on the situation’s context.
+
+### Using GenAI for notifications
+
+Frigate provides an [MQTT topic](/integrations/mqtt), `frigate/tracked_object_update`, that is updated with a JSON payload containing `event_id` and `description` when your AI provider returns a description for a tracked object. This description could be used directly in notifications, such as sending alerts to your phone or making audio announcements. If additional details from the tracked object are needed, you can query the [HTTP API](/integrations/api/event-events-event-id-get) using the `event_id`, eg: `http://frigate_ip:5000/api/events/<event_id>`.
+
+## Custom Prompts
+
+Frigate sends multiple frames from the tracked object along with a prompt to your Generative AI provider asking it to generate a description. The default prompt is as follows:
+
+```
+Analyze the sequence of images containing the {label}. Focus on the likely intent or behavior of the {label} based on its actions and movement, rather than describing its appearance or the surroundings. Consider what the {label} is doing, why, and what it might do next.
+```
+
+:::tip
+
+Prompts can use variable replacements like `{label}`, `{sub_label}`, and `{camera}` to substitute information from the tracked object as part of the prompt.
+
+:::
+
+You are also able to define custom prompts in your configuration.
+
+```yaml
+genai:
+  enabled: True
+  provider: ollama
+  base_url: http://localhost:11434
+  model: llava
+  prompt: "Analyze the {label} in these images from the {camera} security camera. Focus on the actions, behavior, and potential intent of the {label}, rather than just describing its appearance."
+  object_prompts:
+    person: "Examine the main person in these images. What are they doing and what might their actions suggest about their intent (e.g., approaching a door, leaving an area, standing still)? Do not describe the surroundings or static details."
+    car: "Observe the primary vehicle in these images. Focus on its movement, direction, or purpose (e.g., parking, approaching, circling). If it's a delivery vehicle, mention the company."
+```
+
+Prompts can also be overriden at the camera level to provide a more detailed prompt to the model about your specific camera, if you desire. By default, descriptions will be generated for all tracked objects and all zones. But you can also optionally specify `objects` and `required_zones` to only generate descriptions for certain tracked objects or zones.
+
+Optionally, you can generate the description using a snapshot (if enabled) by setting `use_snapshot` to `True`. By default, this is set to `False`, which sends the uncompressed images from the `detect` stream collected over the object's lifetime to the model. Once the object lifecycle ends, only a single compressed and cropped thumbnail is saved with the tracked object. Using a snapshot might be useful when you want to _regenerate_ a tracked object's description as it will provide the AI with a higher-quality image (typically downscaled by the AI itself) than the cropped/compressed thumbnail. Using a snapshot otherwise has a trade-off in that only a single image is sent to your provider, which will limit the model's ability to determine object movement or direction.
+
+```yaml
+cameras:
+  front_door:
+    genai:
+      use_snapshot: True
+      prompt: "Analyze the {label} in these images from the {camera} security camera at the front door. Focus on the actions and potential intent of the {label}."
+      object_prompts:
+        person: "Examine the person in these images. What are they doing, and how might their actions suggest their purpose (e.g., delivering something, approaching, leaving)? If they are carrying or interacting with a package, include details about its source or destination."
+        cat: "Observe the cat in these images. Focus on its movement and intent (e.g., wandering, hunting, interacting with objects). If the cat is near the flower pots or engaging in any specific actions, mention it."
+      objects:
+        - person
+        - cat
+      required_zones:
+        - steps
+```
+
+### Experiment with prompts
+
+Many providers also have a public facing chat interface for their models. Download a couple of different thumbnails or snapshots from Frigate and try new things in the playground to get descriptions to your liking before updating the prompt in Frigate.
+
+- OpenAI - [ChatGPT](https://chatgpt.com)
+- Gemini - [Google AI Studio](https://aistudio.google.com)
+- Ollama - [Open WebUI](https://docs.openwebui.com/)

docs/docs/configuration/hardware_acceleration.md

@@ -13,7 +13,7 @@ Depending on your system, these parameters may not be compatible. More informati
 
 ## Raspberry Pi 3/4
 
-Ensure you increase the allocated RAM for your GPU to at least 128 (`raspi-config` > Performance Options > GPU Memory).  
+Ensure you increase the allocated RAM for your GPU to at least 128 (`raspi-config` > Performance Options > GPU Memory).
 If you are using the HA addon, you may need to use the full access variant and turn off `Protection mode` for hardware acceleration.
 
 ```yaml
@@ -65,24 +65,37 @@ Or map in all the `/dev/video*` devices.
 
 ## Intel-based CPUs
 
+:::info
+
+**Recommended hwaccel Preset**
+
+| CPU Generation | Intel Driver | Recommended Preset | Notes                               |
+| -------------- | ------------ | ------------------ | ----------------------------------- |
+| gen1 - gen7    | i965         | preset-vaapi       | qsv is not supported                |
+| gen8 - gen12   | iHD          | preset-vaapi       | preset-intel-qsv-* can also be used |
+| gen13+         | iHD / Xe     | preset-intel-qsv-* |                                     |
+| Intel Arc GPU  | iHD / Xe     | preset-intel-qsv-* |                                     |
+
+:::
+
+:::note
+
+The default driver is `iHD`. You may need to change the driver to `i965` by adding the following environment variable `LIBVA_DRIVER_NAME=i965` to your docker-compose file or [in the `frigate.yaml` for HA OS users](advanced.md#environment_vars).
+
+See [The Intel Docs](https://www.intel.com/content/www/us/en/support/articles/000005505/processors.html) to figure out what generation your CPU is.
+
+:::
+
 ### Via VAAPI
 
-VAAPI supports automatic profile selection so it will work automatically with both H.264 and H.265 streams. VAAPI is recommended for all generations of Intel-based CPUs if QSV does not work.
+VAAPI supports automatic profile selection so it will work automatically with both H.264 and H.265 streams.
 
 ```yaml
 ffmpeg:
   hwaccel_args: preset-vaapi
 ```
 
-:::note
-
-With some of the processors, like the J4125, the default driver `iHD` doesn't seem to work correctly for hardware acceleration. You may need to change the driver to `i965` by adding the following environment variable `LIBVA_DRIVER_NAME=i965` to your docker-compose file or [in the `frigate.yaml` for HA OS users](advanced.md#environment_vars).
-
-:::
-
-### Via Quicksync (>=10th Generation only)
-
-QSV must be set specifically based on the video encoding of the stream.
+### Via Quicksync
 
 #### H.264 streams
 
@@ -218,28 +231,11 @@ docker run -d \
 
 ### Setup Decoder
 
-The decoder you need to pass in the `hwaccel_args` will depend on the input video.
-
-A list of supported codecs (you can use `ffmpeg -decoders | grep cuvid` in the container to get the ones your card supports)
-
-```
- V..... h263_cuvid           Nvidia CUVID H263 decoder (codec h263)
- V..... h264_cuvid           Nvidia CUVID H264 decoder (codec h264)
- V..... hevc_cuvid           Nvidia CUVID HEVC decoder (codec hevc)
- V..... mjpeg_cuvid          Nvidia CUVID MJPEG decoder (codec mjpeg)
- V..... mpeg1_cuvid          Nvidia CUVID MPEG1VIDEO decoder (codec mpeg1video)
- V..... mpeg2_cuvid          Nvidia CUVID MPEG2VIDEO decoder (codec mpeg2video)
- V..... mpeg4_cuvid          Nvidia CUVID MPEG4 decoder (codec mpeg4)
- V..... vc1_cuvid            Nvidia CUVID VC1 decoder (codec vc1)
- V..... vp8_cuvid            Nvidia CUVID VP8 decoder (codec vp8)
- V..... vp9_cuvid            Nvidia CUVID VP9 decoder (codec vp9)
-```
-
-For example, for H264 video, you'll select `preset-nvidia-h264`.
+Using `preset-nvidia` ffmpeg will automatically select the necessary profile for the incoming video, and will log an error if the profile is not supported by your GPU.
 
 ```yaml
 ffmpeg:
-  hwaccel_args: preset-nvidia-h264
+  hwaccel_args: preset-nvidia
 ```
 
 If everything is working correctly, you should see a significant improvement in performance.
@@ -362,43 +358,15 @@ that NVDEC/NVDEC1 are in use.
 
 ## Rockchip platform
 
-Hardware accelerated video de-/encoding is supported on all Rockchip SoCs using [Nyanmisaka's FFmpeg Fork](https://github.com/nyanmisaka/ffmpeg-rockchip) based on [Rockchip's mpp library](https://github.com/rockchip-linux/mpp).
+Hardware accelerated video de-/encoding is supported on all Rockchip SoCs using [Nyanmisaka's FFmpeg 6.1 Fork](https://github.com/nyanmisaka/ffmpeg-rockchip) based on [Rockchip's mpp library](https://github.com/rockchip-linux/mpp).
 
 ### Prerequisites
 
-Make sure that you use a linux distribution that comes with the rockchip BSP kernel 5.10 or 6.1 and rkvdec2 driver. To check, enter the following commands:
-
-```
-$ uname -r
-5.10.xxx-rockchip # or 6.1.xxx; the -rockchip suffix is important
-$ ls /dev/dri
-by-path  card0  card1  renderD128  renderD129 # should list renderD128
-```
-
-I recommend [Joshua Riek's Ubuntu for Rockchip](https://github.com/Joshua-Riek/ubuntu-rockchip), if your board is supported.
-
-### Setup
-
-Follow Frigate's default installation instructions, but use a docker image with `-rk` suffix for example `ghcr.io/blakeblackshear/frigate:stable-rk`.
-
-Next, you need to grant docker permissions to access your hardware:
-- During the configuration process, you should run docker in privileged mode to avoid any errors due to insufficient permissions. To do so, add `privileged: true` to your `docker-compose.yml` file or the `--privileged` flag to your docker run command.
-- After everything works, you should only grant necessary permissions to increase security. Add the lines below to your `docker-compose.yml` file or the following options to your docker run command: `--security-opt systempaths=unconfined --security-opt apparmor=unconfined --device /dev/dri:/dev/dri --device /dev/dma_heap:/dev/dma_heap --device /dev/rga:/dev/rga --device /dev/mpp_service:/dev/mpp_service`:
-
-```yaml
-    security_opt:
-      - apparmor=unconfined
-      - systempaths=unconfined
-    devices:
-      - /dev/dri:/dev/dri
-      - /dev/dma_heap:/dev/dma_heap
-      - /dev/rga:/dev/rga
-      - /dev/mpp_service:/dev/mpp_service
-```
+Make sure to follow the [Rockchip specific installation instructions](/frigate/installation#rockchip-platform).
 
 ### Configuration
 
-Add one of the following FFmpeg presets to your `config.yaml` to enable hardware video processing:
+Add one of the following FFmpeg presets to your `config.yml` to enable hardware video processing:
 
 ```yaml
 # if you try to decode a h264 encoded stream

docs/docs/configuration/index.md

@@ -56,6 +56,11 @@ go2rtc:
     password: "{FRIGATE_GO2RTC_RTSP_PASSWORD}"
 ```
 
+```yaml
+genai:
+  api_key: "{FRIGATE_GENAI_API_KEY}"
+```
+
 ## Common configuration examples
 
 Here are some common starter configuration examples. Refer to the [reference config](./reference.md) for detailed information about all the config values.
@@ -67,7 +72,7 @@ Here are some common starter configuration examples. Refer to the [reference con
 - Hardware acceleration for decoding video
 - USB Coral detector
 - Save all video with any detectable motion for 7 days regardless of whether any objects were detected or not
-- Continue to keep all video if it was during any event for 30 days
+- Continue to keep all video if it qualified as an alert or detection for 30 days
 - Save snapshots for 30 days
 - Motion mask for the camera timestamp
 
@@ -90,10 +95,12 @@ record:
   retain:
     days: 7
     mode: motion
-  events:
+  alerts:
     retain:
-      default: 30
-      mode: motion
+      days: 30
+  detections:
+    retain:
+      days: 30
 
 snapshots:
   enabled: True
@@ -123,7 +130,7 @@ cameras:
 - VAAPI hardware acceleration for decoding video
 - USB Coral detector
 - Save all video with any detectable motion for 7 days regardless of whether any objects were detected or not
-- Continue to keep all video if it was during any event for 30 days
+- Continue to keep all video if it qualified as an alert or detection for 30 days
 - Save snapshots for 30 days
 - Motion mask for the camera timestamp
 
@@ -144,10 +151,12 @@ record:
   retain:
     days: 7
     mode: motion
-  events:
+  alerts:
     retain:
-      default: 30
-      mode: motion
+      days: 30
+  detections:
+    retain:
+      days: 30
 
 snapshots:
   enabled: True
@@ -177,7 +186,7 @@ cameras:
 - VAAPI hardware acceleration for decoding video
 - OpenVino detector
 - Save all video with any detectable motion for 7 days regardless of whether any objects were detected or not
-- Continue to keep all video if it was during any event for 30 days
+- Continue to keep all video if it qualified as an alert or detection for 30 days
 - Save snapshots for 30 days
 - Motion mask for the camera timestamp
 
@@ -209,10 +218,12 @@ record:
   retain:
     days: 7
     mode: motion
-  events:
+  alerts:
     retain:
-      default: 30
-      mode: motion
+      days: 30
+  detections:
+    retain:
+      days: 30
 
 snapshots:
   enabled: True

docs/docs/configuration/live.md

@@ -7,13 +7,25 @@ Frigate intelligently displays your camera streams on the Live view dashboard. Y
 
 ## Live View technologies
 
-Frigate intelligently uses three different streaming technologies to display your camera streams. The highest quality and fluency of the Live view requires the bundled `go2rtc` to be configured as shown in the [step by step guide](/guides/configuring_go2rtc).
+Frigate intelligently uses three different streaming technologies to display your camera streams on the dashboard and the single camera view, switching between available modes based on network bandwidth, player errors, or required features like two-way talk. The highest quality and fluency of the Live view requires the bundled `go2rtc` to be configured as shown in the [step by step guide](/guides/configuring_go2rtc).
 
-| Source | Latency | Frame Rate                            | Resolution     | Audio                        | Requires go2rtc | Other Limitations                                |
-| ------ | ------- | ------------------------------------- | -------------- | ---------------------------- | --------------- | ------------------------------------------------ |
-| jsmpeg | low     | same as `detect -> fps`, capped at 10 | same as detect | no                           | no              | none                                             |
-| mse    | low     | native                                | native         | yes (depends on audio codec) | yes             | iPhone requires iOS 17.1+, Firefox is h.264 only |
-| webrtc | lowest  | native                                | native         | yes (depends on audio codec) | yes             | requires extra config, doesn't support h.265     |
+The jsmpeg live view will use more browser and client GPU resources. Using go2rtc is highly recommended and will provide a superior experience.
+
+| Source | Frame Rate                            | Resolution | Audio                        | Requires go2rtc | Notes                                                                                                                                                               |
+| ------ | ------------------------------------- | ---------- | ---------------------------- | --------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| jsmpeg | same as `detect -> fps`, capped at 10 | 720p       | no                           | no              | Resolution is configurable, but go2rtc is recommended if you want higher resolutions and better frame rates. jsmpeg is Frigate's default without go2rtc configured. |
+| mse    | native                                | native     | yes (depends on audio codec) | yes             | iPhone requires iOS 17.1+, Firefox is h.264 only. This is Frigate's default when go2rtc is configured.                                                              |
+| webrtc | native                                | native     | yes (depends on audio codec) | yes             | Requires extra configuration, doesn't support h.265. Frigate attempts to use WebRTC when MSE fails or when using a camera's two-way talk feature.                   |
+
+### Camera Settings Recommendations
+
+If you are using go2rtc, you should adjust the following settings in your camera's firmware for the best experience with Live view:
+
+- Video codec: **H.264** - provides the most compatible video codec with all Live view technologies and browsers. Avoid any kind of "smart codec" or "+" codec like _H.264+_ or _H.265+_. as these non-standard codecs remove keyframes (see below).
+- Audio codec: **AAC** - provides the most compatible audio codec with all Live view technologies and browsers that support audio.
+- I-frame interval (sometimes called the keyframe interval, the interframe space, or the GOP length): match your camera's frame rate, or choose "1x" (for interframe space on Reolink cameras). For example, if your stream outputs 20fps, your i-frame interval should be 20 (or 1x on Reolink). Values higher than the frame rate will cause the stream to take longer to begin playback. See [this page](https://gardinal.net/understanding-the-keyframe-interval/) for more on keyframes.
+
+The default video and audio codec on your camera may not always be compatible with your browser, which is why setting them to H.264 and AAC is recommended. See the [go2rtc docs](https://github.com/AlexxIT/go2rtc?tab=readme-ov-file#codecs-madness) for codec support information.
 
 ### Audio Support
 
@@ -30,6 +42,15 @@ go2rtc:
       - "ffmpeg:http_cam#audio=opus" # <- copy of the stream which transcodes audio to the missing codec (usually will be opus)
 ```
 
+If your camera does not have audio and you are having problems with Live view, you should have go2rtc send video only:
+
+```yaml
+go2rtc:
+  streams:
+    no_audio_camera:
+      - ffmpeg:rtsp://192.168.1.5:554/live0#video=copy
+```
+
 ### Setting Stream For Live UI
 
 There may be some cameras that you would prefer to use the sub stream for live view, but the main stream for recording. This can be done via `live -> stream_name`.

docs/docs/configuration/masks.md

@@ -78,7 +78,7 @@ It is, but the definition of "unnecessary" varies. I want to ignore areas of mot
 
 > For me, giving my masks ANY padding results in a lot of people detection I'm not interested in. I live in the city and catch a lot of the sidewalk on my camera. People walk by my front door all the time and the margin between the sidewalk and actually walking onto my stoop is very thin, so I basically have everything but the exact contours of my stoop masked out. This results in very tidy detections but this info keeps throwing me off. Am I just overthinking it?
 
-This is what `required_zones` are for. You should define a zone (remember this is evaluated based on the bottom center of the bounding box) and make it required to save snapshots and clips (now events in 0.9.0). You can also use this in your conditions for a notification.
+This is what `required_zones` are for. You should define a zone (remember this is evaluated based on the bottom center of the bounding box) and make it required to save snapshots and clips (previously events in 0.9.0 to 0.13.0 and review items in 0.14.0 and later). You can also use this in your conditions for a notification.
 
 > Maybe my specific situation just warrants this. I've just been having a hard time understanding the relevance of this information - it seems to be that it's exactly what would be expected when "masking out" an area of ANY image.
 

docs/docs/configuration/motion_detection.md

@@ -13,11 +13,11 @@ Once motion is detected, it tries to group up nearby areas of motion together in
 
 The default motion settings should work well for the majority of cameras, however there are cases where tuning motion detection can lead to better and more optimal results. Each camera has its own environment with different variables that affect motion, this means that the same motion settings will not fit all of your cameras.
 
-Before tuning motion it is important to understand the goal. In an optimal configuration, motion from people and cars would be detected, but not grass moving, lighting changes, timestamps, etc. If your motion detection is too sensitive, you will experience higher CPU loads and greater false positives from the increased rate of object detection. If it is not sensitive enough, you will miss events.
+Before tuning motion it is important to understand the goal. In an optimal configuration, motion from people and cars would be detected, but not grass moving, lighting changes, timestamps, etc. If your motion detection is too sensitive, you will experience higher CPU loads and greater false positives from the increased rate of object detection. If it is not sensitive enough, you will miss objects that you want to track.
 
 ## Create Motion Masks
 
-First, mask areas with regular motion not caused by the objects you want to detect. The best way to find candidates for motion masks is by watching the debug stream with motion boxes enabled. Good use cases for motion masks are timestamps or tree limbs and large bushes that regularly move due to wind. When possible, avoid creating motion masks that would block motion detection for objects you want to track **even if they are in locations where you don't want events**. Motion masks should not be used to avoid detecting objects in specific areas. More details can be found [in the masks docs.](/configuration/masks.md).
+First, mask areas with regular motion not caused by the objects you want to detect. The best way to find candidates for motion masks is by watching the debug stream with motion boxes enabled. Good use cases for motion masks are timestamps or tree limbs and large bushes that regularly move due to wind. When possible, avoid creating motion masks that would block motion detection for objects you want to track **even if they are in locations where you don't want alerts or detections**. Motion masks should not be used to avoid detecting objects in specific areas. More details can be found [in the masks docs.](/configuration/masks.md).
 
 ## Prepare For Testing
 
@@ -29,7 +29,7 @@ Now that things are set up, find a time to tune that represents normal circumsta
 
 :::note
 
-Remember that motion detection is just used to determine when object detection should be used. You should aim to have motion detection sensitive enough that you won't miss events from objects you want to detect with object detection. The goal is to prevent object detection from running constantly for every small pixel change in the image. Windy days are still going to result in lots of motion being detected.
+Remember that motion detection is just used to determine when object detection should be used. You should aim to have motion detection sensitive enough that you won't miss objects you want to detect with object detection. The goal is to prevent object detection from running constantly for every small pixel change in the image. Windy days are still going to result in lots of motion being detected.
 
 :::
 
@@ -92,9 +92,15 @@ motion:
   lightning_threshold: 0.8
 ```
 
-:::tip
+:::warning
 
-Some cameras like doorbell cameras may have missed detections when someone walks directly in front of the camera and the lightning_threshold causes motion detection to be re-calibrated. In this case, it may be desirable to increase the `lightning_threshold` to ensure these events are not missed.
+Some cameras like doorbell cameras may have missed detections when someone walks directly in front of the camera and the lightning_threshold causes motion detection to be re-calibrated. In this case, it may be desirable to increase the `lightning_threshold` to ensure these objects are not missed.
+
+:::
+
+:::note
+
+Lightning threshold does not stop motion based recordings from being saved.
 
 :::
 

docs/docs/configuration/notifications.md

@@ -0,0 +1,42 @@
+---
+id: notifications
+title: Notifications
+---
+
+# Notifications
+
+Frigate offers native notifications using the [WebPush Protocol](https://web.dev/articles/push-notifications-web-push-protocol) which uses the [VAPID spec](https://tools.ietf.org/html/draft-thomson-webpush-vapid) to deliver notifications to web apps using encryption.
+
+## Setting up Notifications
+
+In order to use notifications the following requirements must be met:
+
+- Frigate must be accessed via a secure https connection
+- A supported browser must be used. Currently Chrome, Firefox, and Safari are known to be supported.
+- In order for notifications to be usable externally, Frigate must be accessible externally
+
+### Configuration
+
+To configure notifications, go to the Frigate WebUI -> Settings -> Notifications and enable, then fill out the fields and save.
+
+### Registration
+
+Once notifications are enabled, press the `Register for Notifications` button on all devices that you would like to receive notifications on. This will register the background worker. After this Frigate must be restarted and then notifications will begin to be sent.
+
+## Supported Notifications
+
+Currently notifications are only supported for review alerts. More notifications will be supported in the future.
+
+:::note
+
+Currently, only Chrome supports images in notifications. Safari and Firefox will only show a title and message in the notification.
+
+:::
+
+## Reduce Notification Latency
+
+Different platforms handle notifications differently, some settings changes may be required to get optimal notification delivery.
+
+### Android
+
+Most Android phones have battery optimization settings. To get reliable Notification delivery the browser (Chrome, Firefox) should have battery optimizations disabled. If Frigate is running as a PWA then the Frigate app should have battery optimizations disabled as well.

docs/docs/configuration/object_detectors.md

@@ -3,37 +3,39 @@ id: object_detectors
 title: Object Detectors
 ---
 
-# Officially Supported Detectors
+# Supported Hardware
 
-Frigate provides the following builtin detector types: `cpu`, `edgetpu`, `openvino`, `tensorrt`, and `rknn`. By default, Frigate will use a single CPU detector. Other detectors may require additional configuration as described below. When using multiple detectors they will run in dedicated processes, but pull from a common queue of detection requests from across all cameras.
+:::info
 
-## CPU Detector (not recommended)
+Frigate supports multiple different detectors that work on different types of hardware:
 
-The CPU detector type runs a TensorFlow Lite model utilizing the CPU without hardware acceleration. It is recommended to use a hardware accelerated detector type instead for better performance. To configure a CPU based detector, set the `"type"` attribute to `"cpu"`.
+**Most Hardware**
+- [Coral EdgeTPU](#edge-tpu-detector): The Google Coral EdgeTPU is available in USB and m.2 format allowing for a wide range of compatibility with devices.
+- [Hailo](#hailo-8l): The Hailo8 AI Acceleration module is available in m.2 format with a HAT for RPi devices, offering a wide range of compatibility with devices.
 
-:::tip
+**AMD**
+- [ROCm](#amdrocm-gpu-detector): ROCm can run on AMD Discrete GPUs to provide efficient object detection.
+- [ONNX](#onnx): ROCm will automatically be detected and used as a detector in the `-rocm` Frigate image when a supported ONNX model is configured.
 
-If you do not have GPU or Edge TPU hardware, using the [OpenVINO Detector](#openvino-detector) is often more efficient than using the CPU detector.
+**Intel**
+- [OpenVino](#openvino-detector): OpenVino can run on Intel Arc GPUs, Intel integrated GPUs, and Intel CPUs to provide efficient object detection.
+- [ONNX](#onnx): OpenVINO will automatically be detected and used as a detector in the default Frigate image when a supported ONNX model is configured.
+
+**Nvidia**
+- [TensortRT](#nvidia-tensorrt-detector): TensorRT can run on Nvidia GPUs and Jetson devices, using one of many default models.
+- [ONNX](#onnx): TensorRT will automatically be detected and used as a detector in the `-tensorrt` or `-tensorrt-jp(4/5)` Frigate images when a supported ONNX model is configured.
+
+**Rockchip**
+- [RKNN](#rockchip-platform): RKNN models can run on Rockchip devices with included NPUs.
+
+**For Testing**
+- [CPU Detector (not recommended for actual use](#cpu-detector-not-recommended): Use a CPU to run tflite model, this is not recommended and in most cases OpenVINO can be used in CPU mode with better results.
 
 :::
 
-The number of threads used by the interpreter can be specified using the `"num_threads"` attribute, and defaults to `3.`
+# Officially Supported Detectors
 
-A TensorFlow Lite model is provided in the container at `/cpu_model.tflite` and is used by this detector type by default. To provide your own model, bind mount the file into the container and provide the path with `model.path`.
-
-```yaml
-detectors:
-  cpu1:
-    type: cpu
-    num_threads: 3
-    model:
-      path: "/custom_model.tflite"
-  cpu2:
-    type: cpu
-    num_threads: 3
-```
-
-When using CPU detectors, you can add one CPU detector per camera. Adding more detectors than the number of cameras should not improve performance.
+Frigate provides the following builtin detector types: `cpu`, `edgetpu`, `hailo8l`, `onnx`, `openvino`, `rknn`, `rocm`, and `tensorrt`. By default, Frigate will use a single CPU detector. Other detectors may require additional configuration as described below. When using multiple detectors they will run in dedicated processes, but pull from a common queue of detection requests from across all cameras.
 
 ## Edge TPU Detector
 
@@ -81,6 +83,15 @@ detectors:
     device: ""
 ```
 
+### Single PCIE/M.2 Coral
+
+```yaml
+detectors:
+  coral:
+    type: edgetpu
+    device: pci
+```
+
 ### Multiple PCIE/M.2 Corals
 
 ```yaml
@@ -109,9 +120,29 @@ detectors:
 
 The OpenVINO detector type runs an OpenVINO IR model on AMD and Intel CPUs, Intel GPUs and Intel VPU hardware. To configure an OpenVINO detector, set the `"type"` attribute to `"openvino"`.
 
-The OpenVINO device to be used is specified using the `"device"` attribute according to the naming conventions in the [Device Documentation](https://docs.openvino.ai/latest/openvino_docs_OV_UG_Working_with_devices.html). Other supported devices could be `AUTO`, `CPU`, `GPU`, `MYRIAD`, etc. If not specified, the default OpenVINO device will be selected by the `AUTO` plugin.
+The OpenVINO device to be used is specified using the `"device"` attribute according to the naming conventions in the [Device Documentation](https://docs.openvino.ai/2024/openvino-workflow/running-inference/inference-devices-and-modes.html). The most common devices are `CPU` and `GPU`. Currently, there is a known issue with using `AUTO`. For backwards compatibility, Frigate will attempt to use `GPU` if `AUTO` is set in your configuration.
 
-OpenVINO is supported on 6th Gen Intel platforms (Skylake) and newer. It will also run on AMD CPUs despite having no official support for it. A supported Intel platform is required to use the `GPU` device with OpenVINO. The `MYRIAD` device may be run on any platform, including Arm devices. For detailed system requirements, see [OpenVINO System Requirements](https://www.intel.com/content/www/us/en/developer/tools/openvino-toolkit/system-requirements.html)
+OpenVINO is supported on 6th Gen Intel platforms (Skylake) and newer. It will also run on AMD CPUs despite having no official support for it. A supported Intel platform is required to use the `GPU` device with OpenVINO. For detailed system requirements, see [OpenVINO System Requirements](https://docs.openvino.ai/2024/about-openvino/release-notes-openvino/system-requirements.html)
+
+:::tip
+
+When using many cameras one detector may not be enough to keep up. Multiple detectors can be defined assuming GPU resources are available. An example configuration would be:
+
+```yaml
+detectors:
+  ov_0:
+    type: openvino
+    device: GPU
+  ov_1:
+    type: openvino
+    device: GPU
+```
+
+:::
+
+### Supported Models
+
+#### SSDLite MobileNet v2
 
 An OpenVINO model is provided in the container at `/openvino-model/ssdlite_mobilenet_v2.xml` and is used by this detector type by default. The model comes from Intel's Open Model Zoo [SSDLite MobileNet V2](https://github.com/openvinotoolkit/open_model_zoo/tree/master/models/public/ssdlite_mobilenet_v2) and is converted to an FP16 precision IR model. Use the model configuration shown below when using the OpenVINO detector with the default model.
 
@@ -119,66 +150,52 @@ An OpenVINO model is provided in the container at `/openvino-model/ssdlite_mobil
 detectors:
   ov:
     type: openvino
-    device: AUTO
-    model:
-      path: /openvino-model/ssdlite_mobilenet_v2.xml
+    device: GPU
 
 model:
   width: 300
   height: 300
   input_tensor: nhwc
   input_pixel_format: bgr
+  path: /openvino-model/ssdlite_mobilenet_v2.xml
   labelmap_path: /openvino-model/coco_91cl_bkgr.txt
 ```
 
-This detector also supports YOLOX. Other YOLO variants are not officially supported/tested. Frigate does not come with any yolo models preloaded, so you will need to supply your own models. This detector has been verified to work with the [yolox_tiny](https://github.com/openvinotoolkit/open_model_zoo/tree/master/models/public/yolox-tiny) model from Intel's Open Model Zoo. You can follow [these instructions](https://github.com/openvinotoolkit/open_model_zoo/tree/master/models/public/yolox-tiny#download-a-model-and-convert-it-into-openvino-ir-format) to retrieve the OpenVINO-compatible `yolox_tiny` model. Make sure that the model input dimensions match the `width` and `height` parameters, and `model_type` is set accordingly. See [Full Configuration Reference](/configuration/reference.md) for a list of possible `model_type` options. Below is an example of how `yolox_tiny` can be used in Frigate:
+#### YOLOX
+
+This detector also supports YOLOX. Frigate does not come with any YOLOX models preloaded, so you will need to supply your own models.
+
+#### YOLO-NAS
+
+[YOLO-NAS](https://github.com/Deci-AI/super-gradients/blob/master/YOLONAS.md) models are supported, but not included by default. You can build and download a compatible model with pre-trained weights using [this notebook](https://github.com/blakeblackshear/frigate/blob/dev/notebooks/YOLO_NAS_Pretrained_Export.ipynb) [![Open In Colab](https://colab.research.google.com/assets/colab-badge.svg)](https://colab.research.google.com/github/blakeblackshear/frigate/blob/dev/notebooks/YOLO_NAS_Pretrained_Export.ipynb).
+
+:::warning
+
+The pre-trained YOLO-NAS weights from DeciAI are subject to their license and can't be used commercially. For more information, see: https://docs.deci.ai/super-gradients/latest/LICENSE.YOLONAS.html
+
+:::
+
+The input image size in this notebook is set to 320x320. This results in lower CPU usage and faster inference times without impacting performance in most cases due to the way Frigate crops video frames to areas of interest before running detection. The notebook and config can be updated to 640x640 if desired.
+
+After placing the downloaded onnx model in your config folder, you can use the following configuration:
 
 ```yaml
 detectors:
   ov:
     type: openvino
-    device: AUTO
-    model:
-      path: /path/to/yolox_tiny.xml
+    device: GPU
 
 model:
-  width: 416
-  height: 416
+  model_type: yolonas
+  width: 320 # <--- should match whatever was set in notebook
+  height: 320 # <--- should match whatever was set in notebook
   input_tensor: nchw
   input_pixel_format: bgr
-  model_type: yolox
-  labelmap_path: /path/to/coco_80cl.txt
+  path: /config/yolo_nas_s.onnx
+  labelmap_path: /labelmap/coco-80.txt
 ```
 
-### Intel NCS2 VPU and Myriad X Setup
-
-Intel produces a neural net inference acceleration chip called Myriad X. This chip was sold in their Neural Compute Stick 2 (NCS2) which has been discontinued. If intending to use the MYRIAD device for acceleration, additional setup is required to pass through the USB device. The host needs a udev rule installed to handle the NCS2 device.
-
-```bash
-sudo usermod -a -G users "$(whoami)"
-cat <<EOF > 97-myriad-usbboot.rules
-SUBSYSTEM=="usb", ATTRS{idProduct}=="2485", ATTRS{idVendor}=="03e7", GROUP="users", MODE="0666", ENV{ID_MM_DEVICE_IGNORE}="1"
-SUBSYSTEM=="usb", ATTRS{idProduct}=="f63b", ATTRS{idVendor}=="03e7", GROUP="users", MODE="0666", ENV{ID_MM_DEVICE_IGNORE}="1"
-EOF
-sudo cp 97-myriad-usbboot.rules /etc/udev/rules.d/
-sudo udevadm control --reload-rules
-sudo udevadm trigger
-```
-
-Additionally, the Frigate docker container needs to run with the following configuration:
-
-```bash
---device-cgroup-rule='c 189:\* rmw' -v /dev/bus/usb:/dev/bus/usb
-```
-
-or in your compose file:
-
-```yml
-device_cgroup_rules:
-  - "c 189:* rmw"
-volumes:
-  - /dev/bus/usb:/dev/bus/usb
-```
+Note that the labelmap uses a subset of the complete COCO label set that has only 80 objects.
 
 ## NVidia TensorRT Detector
 
@@ -206,7 +223,7 @@ The model used for TensorRT must be preprocessed on the same hardware platform t
 
 The Frigate image will generate model files during startup if the specified model is not found. Processed models are stored in the `/config/model_cache` folder. Typically the `/config` path is mapped to a directory on the host already and the `model_cache` does not need to be mapped separately unless the user wants to store it in a different location on the host.
 
-By default, the `yolov7-320` model will be generated, but this can be overridden by specifying the `YOLO_MODELS` environment variable in Docker. One or more models may be listed in a comma-separated format, and each one will be generated. To select no model generation, set the variable to an empty string, `YOLO_MODELS=""`. Models will only be generated if the corresponding `{model}.trt` file is not present in the `model_cache` folder, so you can force a model to be regenerated by deleting it from your Frigate data folder.
+By default, no models will be generated, but this can be overridden by specifying the `YOLO_MODELS` environment variable in Docker. One or more models may be listed in a comma-separated format, and each one will be generated. Models will only be generated if the corresponding `{model}.trt` file is not present in the `model_cache` folder, so you can force a model to be regenerated by deleting it from your Frigate data folder.
 
 If you have a Jetson device with DLAs (Xavier or Orin), you can generate a model that will run on the DLA by appending `-dla` to your model name, e.g. specify `YOLO_MODELS=yolov7-320-dla`. The model will run on DLA0 (Frigate does not currently support DLA1). DLA-incompatible layers will fall back to running on the GPU.
 
@@ -247,7 +264,7 @@ An example `docker-compose.yml` fragment that converts the `yolov4-608` and `yol
 ```yml
 frigate:
   environment:
-    - YOLO_MODELS=yolov4-608,yolov7x-640
+    - YOLO_MODELS=yolov7-320,yolov7x-640
     - USE_FP16=false
 ```
 
@@ -279,6 +296,220 @@ model:
   height: 320
 ```
 
+## AMD/ROCm GPU detector
+
+### Setup
+
+The `rocm` detector supports running YOLO-NAS models on AMD GPUs. Use a frigate docker image with `-rocm` suffix, for example `ghcr.io/blakeblackshear/frigate:stable-rocm`.
+
+### Docker settings for GPU access
+
+ROCm needs access to the `/dev/kfd` and `/dev/dri` devices. When docker or frigate is not run under root then also `video` (and possibly `render` and `ssl/_ssl`) groups should be added.
+
+When running docker directly the following flags should be added for device access:
+
+```bash
+$ docker run --device=/dev/kfd --device=/dev/dri  \
+    ...
+```
+
+When using docker compose:
+
+```yaml
+services:
+  frigate:
+---
+devices:
+  - /dev/dri
+  - /dev/kfd
+```
+
+For reference on recommended settings see [running ROCm/pytorch in Docker](https://rocm.docs.amd.com/projects/install-on-linux/en/develop/how-to/3rd-party/pytorch-install.html#using-docker-with-pytorch-pre-installed).
+
+### Docker settings for overriding the GPU chipset
+
+Your GPU might work just fine without any special configuration but in many cases they need manual settings. AMD/ROCm software stack comes with a limited set of GPU drivers and for newer or missing models you will have to override the chipset version to an older/generic version to get things working.
+
+Also AMD/ROCm does not "officially" support integrated GPUs. It still does work with most of them just fine but requires special settings. One has to configure the `HSA_OVERRIDE_GFX_VERSION` environment variable. See the [ROCm bug report](https://github.com/ROCm/ROCm/issues/1743) for context and examples.
+
+For the rocm frigate build there is some automatic detection:
+
+- gfx90c -> 9.0.0
+- gfx1031 -> 10.3.0
+- gfx1103 -> 11.0.0
+
+If you have something else you might need to override the `HSA_OVERRIDE_GFX_VERSION` at Docker launch. Suppose the version you want is `9.0.0`, then you should configure it from command line as:
+
+```bash
+$ docker run -e HSA_OVERRIDE_GFX_VERSION=9.0.0 \
+    ...
+```
+
+When using docker compose:
+
+```yaml
+services:
+  frigate:
+...
+environment:
+  HSA_OVERRIDE_GFX_VERSION: "9.0.0"
+```
+
+Figuring out what version you need can be complicated as you can't tell the chipset name and driver from the AMD brand name.
+
+- first make sure that rocm environment is running properly by running `/opt/rocm/bin/rocminfo` in the frigate container -- it should list both the CPU and the GPU with their properties
+- find the chipset version you have (gfxNNN) from the output of the `rocminfo` (see below)
+- use a search engine to query what `HSA_OVERRIDE_GFX_VERSION` you need for the given gfx name ("gfxNNN ROCm HSA_OVERRIDE_GFX_VERSION")
+- override the `HSA_OVERRIDE_GFX_VERSION` with relevant value
+- if things are not working check the frigate docker logs
+
+#### Figuring out if AMD/ROCm is working and found your GPU
+
+```bash
+$ docker exec -it frigate /opt/rocm/bin/rocminfo
+```
+
+#### Figuring out your AMD GPU chipset version:
+
+We unset the `HSA_OVERRIDE_GFX_VERSION` to prevent an existing override from messing up the result:
+
+```bash
+$ docker exec -it frigate /bin/bash -c '(unset HSA_OVERRIDE_GFX_VERSION && /opt/rocm/bin/rocminfo |grep gfx)'
+```
+
+### Supported Models
+
+There is no default model provided, the following formats are supported:
+
+#### YOLO-NAS
+
+[YOLO-NAS](https://github.com/Deci-AI/super-gradients/blob/master/YOLONAS.md) models are supported, but not included by default. You can build and download a compatible model with pre-trained weights using [this notebook](https://github.com/frigate/blob/dev/notebooks/YOLO_NAS_Pretrained_Export.ipynb) [![Open In Colab](https://colab.research.google.com/assets/colab-badge.svg)](https://colab.research.google.com/github/blakeblackshear/frigate/blob/dev/notebooks/YOLO_NAS_Pretrained_Export.ipynb).
+
+:::warning
+
+The pre-trained YOLO-NAS weights from DeciAI are subject to their license and can't be used commercially. For more information, see: https://docs.deci.ai/super-gradients/latest/LICENSE.YOLONAS.html
+
+:::
+
+The input image size in this notebook is set to 320x320. This results in lower CPU usage and faster inference times without impacting performance in most cases due to the way Frigate crops video frames to areas of interest before running detection. The notebook and config can be updated to 640x640 if desired.
+
+After placing the downloaded onnx model in your config folder, you can use the following configuration:
+
+```yaml
+detectors:
+  rocm:
+    type: rocm
+
+model:
+  model_type: yolonas
+  width: 320 # <--- should match whatever was set in notebook
+  height: 320 # <--- should match whatever was set in notebook
+  input_pixel_format: bgr
+  path: /config/yolo_nas_s.onnx
+  labelmap_path: /labelmap/coco-80.txt
+```
+
+Note that the labelmap uses a subset of the complete COCO label set that has only 80 objects.
+
+## ONNX
+
+ONNX is an open format for building machine learning models, Frigate supports running ONNX models on CPU, OpenVINO, and TensorRT. On startup Frigate will automatically try to use a GPU if one is available.
+
+:::info
+
+If the correct build is used for your GPU then the GPU will be detected and used automatically.
+
+- **AMD**
+
+  - ROCm will automatically be detected and used with the ONNX detector in the `-rocm` Frigate image.
+
+- **Intel**
+
+  - OpenVINO will automatically be detected and used with the ONNX detector in the default Frigate image.
+
+- **Nvidia**
+  - Nvidia GPUs will automatically be detected and used with the ONNX detector in the `-tensorrt` Frigate image.
+  - Jetson devices will automatically be detected and used with the ONNX detector in the `-tensorrt-jp(4/5)` Frigate image.
+
+:::
+
+:::tip
+
+When using many cameras one detector may not be enough to keep up. Multiple detectors can be defined assuming GPU resources are available. An example configuration would be:
+
+```yaml
+detectors:
+  onnx_0:
+    type: onnx
+  onnx_1:
+    type: onnx
+```
+
+:::
+
+### Supported Models
+
+There is no default model provided, the following formats are supported:
+
+#### YOLO-NAS
+
+[YOLO-NAS](https://github.com/Deci-AI/super-gradients/blob/master/YOLONAS.md) models are supported, but not included by default. You can build and download a compatible model with pre-trained weights using [this notebook](https://github.com/frigate/blob/dev/notebooks/YOLO_NAS_Pretrained_Export.ipynb) [![Open In Colab](https://colab.research.google.com/assets/colab-badge.svg)](https://colab.research.google.com/github/blakeblackshear/frigate/blob/dev/notebooks/YOLO_NAS_Pretrained_Export.ipynb).
+
+:::warning
+
+The pre-trained YOLO-NAS weights from DeciAI are subject to their license and can't be used commercially. For more information, see: https://docs.deci.ai/super-gradients/latest/LICENSE.YOLONAS.html
+
+:::
+
+The input image size in this notebook is set to 320x320. This results in lower CPU usage and faster inference times without impacting performance in most cases due to the way Frigate crops video frames to areas of interest before running detection. The notebook and config can be updated to 640x640 if desired.
+
+After placing the downloaded onnx model in your config folder, you can use the following configuration:
+
+```yaml
+detectors:
+  onnx:
+    type: onnx
+
+model:
+  model_type: yolonas
+  width: 320 # <--- should match whatever was set in notebook
+  height: 320 # <--- should match whatever was set in notebook
+  input_pixel_format: bgr
+  input_tensor: nchw
+  path: /config/yolo_nas_s.onnx
+  labelmap_path: /labelmap/coco-80.txt
+```
+
+Note that the labelmap uses a subset of the complete COCO label set that has only 80 objects.
+
+## CPU Detector (not recommended)
+
+The CPU detector type runs a TensorFlow Lite model utilizing the CPU without hardware acceleration. It is recommended to use a hardware accelerated detector type instead for better performance. To configure a CPU based detector, set the `"type"` attribute to `"cpu"`.
+
+:::danger
+
+The CPU detector is not recommended for general use. If you do not have GPU or Edge TPU hardware, using the [OpenVINO Detector](#openvino-detector) in CPU mode is often more efficient than using the CPU detector.
+
+:::
+
+The number of threads used by the interpreter can be specified using the `"num_threads"` attribute, and defaults to `3.`
+
+A TensorFlow Lite model is provided in the container at `/cpu_model.tflite` and is used by this detector type by default. To provide your own model, bind mount the file into the container and provide the path with `model.path`.
+
+```yaml
+detectors:
+  cpu1:
+    type: cpu
+    num_threads: 3
+    model:
+      path: "/custom_model.tflite"
+  cpu2:
+    type: cpu
+    num_threads: 3
+```
+
+When using CPU detectors, you can add one CPU detector per camera. Adding more detectors than the number of cameras should not improve performance.
+
 ## Deepstack / CodeProject.AI Server Detector
 
 The Deepstack / CodeProject.AI Server detector for Frigate allows you to integrate Deepstack and CodeProject.AI object detection capabilities into Frigate. CodeProject.AI and DeepStack are open-source AI platforms that can be run on various devices such as the Raspberry Pi, Nvidia Jetson, and other compatible hardware. It is important to note that the integration is performed over the network, so the inference times may not be as fast as native Frigate detectors, but it still provides an efficient and reliable solution for object detection and tracking.
@@ -313,39 +544,11 @@ Hardware accelerated object detection is supported on the following SoCs:
 - RK3576
 - RK3588
 
-This implementation uses the [Rockchip's RKNN-Toolkit2](https://github.com/airockchip/rknn-toolkit2/) Currently, only [Yolo-NAS](https://github.com/Deci-AI/super-gradients/blob/master/YOLONAS.md) is supported as object detection model.
+This implementation uses the [Rockchip's RKNN-Toolkit2](https://github.com/airockchip/rknn-toolkit2/), version v2.0.0.beta0. Currently, only [Yolo-NAS](https://github.com/Deci-AI/super-gradients/blob/master/YOLONAS.md) is supported as object detection model.
 
 ### Prerequisites
 
-Make sure that you use a linux distribution that comes with the rockchip BSP kernel 5.10 or 6.1 and rknpu driver. To check, enter the following commands:
-
-```
-$ uname -r
-5.10.xxx-rockchip # or 6.1.xxx; the -rockchip suffix is important
-$ ls /dev/dri
-by-path  card0  card1  renderD128  renderD129 # should list renderD129
-$ sudo cat /sys/kernel/debug/rknpu/version
-RKNPU driver: v0.9.2 # or later version
-```
-
-I recommend [Joshua Riek's Ubuntu for Rockchip](https://github.com/Joshua-Riek/ubuntu-rockchip), if your board is supported.
-
-### Setup
-
-Follow Frigate's default installation instructions, but use a docker image with `-rk` suffix for example `ghcr.io/blakeblackshear/frigate:stable-rk`.
-
-Next, you need to grant docker permissions to access your hardware:
-
-- During the configuration process, you should run docker in privileged mode to avoid any errors due to insufficient permissions. To do so, add `privileged: true` to your `docker-compose.yml` file or the `--privileged` flag to your docker run command.
-- After everything works, you should only grant necessary permissions to increase security. Add the lines below to your `docker-compose.yml` file or the following options to your docker run command: `--security-opt systempaths=unconfined --security-opt apparmor=unconfined --device /dev/dri:/dev/dri`:
-
-```yaml
-security_opt:
-  - apparmor=unconfined
-  - systempaths=unconfined
-devices:
-  - /dev/dri:/dev/dri
-```
+Make sure to follow the [Rockchip specific installation instrucitions](/frigate/installation#rockchip-platform).
 
 ### Configuration
 
@@ -376,13 +579,21 @@ model: # required
   input_pixel_format: bgr # required
   # shape of detection frame
   input_tensor: nhwc
+  # needs to be adjusted to model, see below
+  labelmap_path: /labelmap.txt # required
 ```
 
+The correct labelmap must be loaded for each model. If you use a custom model (see notes below), you must make sure to provide the correct labelmap. The table below lists the correct paths for the bundled models:
+
+| `path`                | `labelmap_path`       |
+| --------------------- | --------------------- |
+| deci-fp16-yolonas\_\* | /labelmap/coco-80.txt |
+
 ### Choosing a model
 
 :::warning
 
-yolo-nas models use weights from DeciAI. These weights are subject to their license and can't be used commercially. For more information, see: https://docs.deci.ai/super-gradients/latest/LICENSE.YOLONAS.html 
+The pre-trained YOLO-NAS weights from DeciAI are subject to their license and can't be used commercially. For more information, see: https://docs.deci.ai/super-gradients/latest/LICENSE.YOLONAS.html
 
 :::
 
@@ -405,6 +616,29 @@ $ cat /sys/kernel/debug/rknpu/load
 
 :::
 
-- By default the rknn detector uses the yolonas_s model (`model: path: default-fp16-yolonas_s`). This model comes with the image, so no further steps than those mentioned above are necessary and no download happens.
-- The other choices are automatically downloaded and stored in the folder `config/model_cache/rknn_cache`. After upgrading Frigate, you should remove older models to free up space.
-- Finally, you can also provide your own `.rknn` model. You should not save your own models in the `rknn_cache` folder, store them directly in the `model_cache` folder or another subfolder. To convert a model to `.rknn` format see the `rknn-toolkit2` (requires a x86 machine). Note, that there is only post-processing for the supported models.
+- All models are automatically downloaded and stored in the folder `config/model_cache/rknn_cache`. After upgrading Frigate, you should remove older models to free up space.
+- You can also provide your own `.rknn` model. You should not save your own models in the `rknn_cache` folder, store them directly in the `model_cache` folder or another subfolder. To convert a model to `.rknn` format see the `rknn-toolkit2` (requires a x86 machine). Note, that there is only post-processing for the supported models.
+
+## Hailo-8l
+
+This detector is available for use with Hailo-8 AI Acceleration Module.
+
+See the [installation docs](../frigate/installation.md#hailo-8l) for information on configuring the hailo8.
+
+### Configuration
+
+```yaml
+detectors:
+  hailo8l:
+    type: hailo8l
+    device: PCIe
+    model:
+      path: /config/model_cache/h8l_cache/ssd_mobilenet_v1.hef
+
+model:
+  width: 300
+  height: 300
+  input_tensor: nhwc
+  input_pixel_format: bgr
+  model_type: ssd
+```

docs/docs/configuration/object_filters.md

@@ -20,15 +20,13 @@ For object filters in your configuration, any single detection below `min_score`
 
 In frame 2, the score is below the `min_score` value, so Frigate ignores it and it becomes a 0.0. The computed score is the median of the score history (padding to at least 3 values), and only when that computed score crosses the `threshold` is the object marked as a true positive. That happens in frame 4 in the example.
 
-show image of snapshot vs event with differing scores
-
 ### Minimum Score
 
-Any detection below `min_score` will be immediately thrown out and never tracked because it is considered a false positive. If `min_score` is too low then false positives may be detected and tracked which can confuse the object tracker and may lead to wasted resources. If `min_score` is too high then lower scoring true positives like objects that are further away or partially occluded may be thrown out which can also confuse the tracker and cause valid events to be lost or disjointed.
+Any detection below `min_score` will be immediately thrown out and never tracked because it is considered a false positive. If `min_score` is too low then false positives may be detected and tracked which can confuse the object tracker and may lead to wasted resources. If `min_score` is too high then lower scoring true positives like objects that are further away or partially occluded may be thrown out which can also confuse the tracker and cause valid tracked objects to be lost or disjointed.
 
 ### Threshold
 
-`threshold` is used to determine that the object is a true positive. Once an object is detected with a score >= `threshold` object is considered a true positive. If `threshold` is too low then some higher scoring false positives may create an event. If `threshold` is too high then true positive events may be missed due to the object never scoring high enough.
+`threshold` is used to determine that the object is a true positive. Once an object is detected with a score >= `threshold` object is considered a true positive. If `threshold` is too low then some higher scoring false positives may create an tracked object. If `threshold` is too high then true positive tracked objects may be missed due to the object never scoring high enough.
 
 ## Object Shape
 
@@ -36,7 +34,7 @@ False positives can also be reduced by filtering a detection based on its shape.
 
 ### Object Area
 
-`min_area` and `max_area` filter on the area of an objects bounding box in pixels and can be used to reduce false positives that are outside the range of expected sizes. For example when a leaf is detected as a dog or when a large tree is detected as a person, these can be reduced by adding a `min_area` / `max_area` filter. The recordings timeline can be used to determine the area of the bounding box in that frame by selecting a timeline item then mousing over or tapping the red box.
+`min_area` and `max_area` filter on the area of an objects bounding box in pixels and can be used to reduce false positives that are outside the range of expected sizes. For example when a leaf is detected as a dog or when a large tree is detected as a person, these can be reduced by adding a `min_area` / `max_area` filter.
 
 ### Object Proportions
 
@@ -52,7 +50,7 @@ Conceptually, a ratio of 1 is a square, 0.5 is a "tall skinny" box, and 2 is a "
 
 ### Zones
 
-[Required zones](/configuration/zones.md) can be a great tool to reduce false positives that may be detected in the sky or other areas that are not of interest. The required zones will only create events for objects that enter the zone.
+[Required zones](/configuration/zones.md) can be a great tool to reduce false positives that may be detected in the sky or other areas that are not of interest. The required zones will only create tracked objects for objects that enter the zone.
 
 ### Object Masks
 

docs/docs/configuration/objects.md

@@ -5,7 +5,7 @@ title: Available Objects
 
 import labels from "../../../labelmap.txt";
 
-Frigate includes the object models listed below from the Google Coral test data.
+Frigate includes the object labels listed below from the Google Coral test data.
 
 Please note:
 

docs/docs/configuration/pwa.md

@@ -0,0 +1,24 @@
+---
+id: pwa
+title: Installing Frigate App
+---
+
+Frigate supports being installed as a [Progressive Web App](https://web.dev/explore/progressive-web-apps) on Desktop, Android, and iOS.
+
+This adds features including the ability to deep link directly into the app.
+
+## Requirements
+
+In order to install Frigate as a PWA, the following requirements must be met:
+
+- Frigate must be accessed via a secure context (localhost, secure https, etc.)
+- On Android, Firefox, Chrome, Edge, Opera, and Samsung Internet Browser all support installing PWAs.
+- On iOS 16.4 and later, PWAs can be installed from the Share menu in Safari, Chrome, Edge, Firefox, and Orion.
+
+## Installation
+
+Installation varies slightly based on the device that is being used:
+
+- Desktop: Use the install button typically found in right edge of the address bar
+- Android: Use the `Install as App` button in the more options menu
+- iOS: Use the `Add to Homescreen` button in the share menu

docs/docs/configuration/record.md

@@ -3,7 +3,7 @@ id: record
 title: Recording
 ---
 
-Recordings can be enabled and are stored at `/media/frigate/recordings`. The folder structure for the recordings is `YYYY-MM-DD/HH/<camera_name>/MM.SS.mp4` in **UTC time**. These recordings are written directly from your camera stream without re-encoding. Each camera supports a configurable retention policy in the config. Frigate chooses the largest matching retention value between the recording retention and the event retention when determining if a recording should be removed.
+Recordings can be enabled and are stored at `/media/frigate/recordings`. The folder structure for the recordings is `YYYY-MM-DD/HH/<camera_name>/MM.SS.mp4` in **UTC time**. These recordings are written directly from your camera stream without re-encoding. Each camera supports a configurable retention policy in the config. Frigate chooses the largest matching retention value between the recording retention and the tracked object retention when determining if a recording should be removed.
 
 New recording segments are written from the camera stream to cache, they are only moved to disk if they match the setup recording retention policy.
 
@@ -13,7 +13,7 @@ H265 recordings can be viewed in Chrome 108+, Edge and Safari only. All other br
 
 ### Most conservative: Ensure all video is saved
 
-For users deploying Frigate in environments where it is important to have contiguous video stored even if there was no detectable motion, the following config will store all video for 3 days. After 3 days, only video containing motion and overlapping with events will be retained until 30 days have passed.
+For users deploying Frigate in environments where it is important to have contiguous video stored even if there was no detectable motion, the following config will store all video for 3 days. After 3 days, only video containing motion and overlapping with alerts or detections will be retained until 30 days have passed.
 
 ```yaml
 record:
@@ -21,9 +21,13 @@ record:
   retain:
     days: 3
     mode: all
-  events:
+  alerts:
     retain:
-      default: 30
+      days: 30
+      mode: motion
+  detections:
+    retain:
+      days: 30
       mode: motion
 ```
 
@@ -37,25 +41,28 @@ record:
   retain:
     days: 3
     mode: motion
-  events:
+  alerts:
     retain:
-      default: 30
+      days: 30
+      mode: motion
+  detections:
+    retain:
+      days: 30
       mode: motion
 ```
 
-### Minimum: Events only
+### Minimum: Alerts only
 
-If you only want to retain video that occurs during an event, this config will discard video unless an event is ongoing.
+If you only want to retain video that occurs during a tracked object, this config will discard video unless an alert is ongoing.
 
 ```yaml
 record:
   enabled: True
   retain:
     days: 0
-    mode: all
-  events:
+  alerts:
     retain:
-      default: 30
+      days: 30
       mode: motion
 ```
 
@@ -65,7 +72,7 @@ As of Frigate 0.12 if there is less than an hour left of storage, the oldest 2 h
 
 ## Configuring Recording Retention
 
-Frigate supports both continuous and event based recordings with separate retention modes and retention periods.
+Frigate supports both continuous and tracked object based recordings with separate retention modes and retention periods.
 
 :::tip
 
@@ -86,25 +93,28 @@ record:
 
 Continuous recording supports different retention modes [which are described below](#what-do-the-different-retain-modes-mean)
 
-### Event Recording
+### Object Recording
 
-If you only used clips in previous versions with recordings disabled, you can use the following config to get the same behavior. This is also the default behavior when recordings are enabled.
+The number of days to record review items can be specified for review items classified as alerts as well as tracked objects.
 
 ```yaml
 record:
   enabled: True
-  events:
+  alerts:
     retain:
-      default: 10 # <- number of days to keep event recordings
+      days: 10 # <- number of days to keep alert recordings
+  detections:
+    retain:
+      days: 10 # <- number of days to keep detections recordings
 ```
 
-This configuration will retain recording segments that overlap with events and have active tracked objects for 10 days. Because multiple events can reference the same recording segments, this avoids storing duplicate footage for overlapping events and reduces overall storage needs.
+This configuration will retain recording segments that overlap with alerts and detections for 10 days. Because multiple tracked objects can reference the same recording segments, this avoids storing duplicate footage for overlapping tracked objects and reduces overall storage needs.
 
 **WARNING**: Recordings still must be enabled in the config. If a camera has recordings disabled in the config, enabling via the methods listed above will have no effect.
 
 ## What do the different retain modes mean?
 
-Frigate saves from the stream with the `record` role in 10 second segments. These options determine which recording segments are kept for continuous recording (but can also affect events).
+Frigate saves from the stream with the `record` role in 10 second segments. These options determine which recording segments are kept for continuous recording (but can also affect tracked objects).
 
 Let's say you have Frigate configured so that your doorbell camera would retain the last **2** days of continuous recording.
 
@@ -112,11 +122,7 @@ Let's say you have Frigate configured so that your doorbell camera would retain
 - With the `motion` option the only parts of those 48 hours would be segments that Frigate detected motion. This is the middle ground option that won't keep all 48 hours, but will likely keep all segments of interest along with the potential for some extra segments.
 - With the `active_objects` option the only segments that would be kept are those where there was a true positive object that was not considered stationary.
 
-The same options are available with events. Let's consider a scenario where you drive up and park in your driveway, go inside, then come back out 4 hours later.
-
-- With the `all` option all segments for the duration of the event would be saved for the event. This event would have 4 hours of footage.
-- With the `motion` option all segments for the duration of the event with motion would be saved. This means any segment where a car drove by in the street, person walked by, lighting changed, etc. would be saved.
-- With the `active_objects` it would only keep segments where the object was active. In this case the only segments that would be saved would be the ones where the car was driving up, you going inside, you coming outside, and the car driving away. Essentially reducing the 4 hours to a minute or two of event footage.
+The same options are available with alerts and detections, except it will only save the recordings when it overlaps with a review item of that type.
 
 A configuration example of the above retain modes where all `motion` segments are stored for 7 days and `active objects` are stored for 14 days would be as follows:
 
@@ -126,44 +132,32 @@ record:
   retain:
     days: 7
     mode: motion
-  events:
+  alerts:
     retain:
-      default: 14
+      days: 14
+      mode: active_objects
+  detections:
+    retain:
+      days: 14
       mode: active_objects
 ```
 
 The above configuration example can be added globally or on a per camera basis.
 
-### Object Specific Retention
-
-You can also set specific retention length for an object type. The below configuration example builds on from above but also specifies that recordings of dogs only need to be kept for 2 days and recordings of cars should be kept for 7 days.
-
-```yaml
-record:
-  enabled: True
-  retain:
-    days: 7
-    mode: motion
-  events:
-    retain:
-      default: 14
-      mode: active_objects
-      objects:
-        dog: 2
-        car: 7
-```
-
 ## Can I have "continuous" recordings, but only at certain times?
 
 Using Frigate UI, HomeAssistant, or MQTT, cameras can be automated to only record in certain situations or at certain times.
 
 ## How do I export recordings?
 
-The export page in the Frigate WebUI allows for exporting real time clips with a designated start and stop time as well as exporting a time-lapse for a designated start and stop time. These exports can take a while so it is important to leave the file until it is no longer in progress.
+Footage can be exported from Frigate by right-clicking (desktop) or long pressing (mobile) on a review item in the Review pane or by clicking the Export button in the History view. Exported footage is then organized and searchable through the Export view, accessible from the main navigation bar.
 
 ### Time-lapse export
 
+Time lapse exporting is available only via the [HTTP API](../integrations/api/export-recording-export-camera-name-start-start-time-end-end-time-post.api.mdx).
+
 When exporting a time-lapse the default speed-up is 25x with 30 FPS. This means that every 25 seconds of (real-time) recording is condensed into 1 second of time-lapse video (always without audio) with a smoothness of 30 FPS.
+
 To configure the speed-up factor, the frame rate and further custom settings, the configuration parameter `timelapse_args` can be used. The below configuration example would change the time-lapse speed to 60x (for fitting 1 hour of recording into 1 minute of time-lapse) with 25 FPS:
 
 ```yaml