Create CT
- PRIVILEGED
- template debian 12
- cpu: 2
- ram: 2 GB
- disk: 100 GB
- ip: static
- resources -> Device passthought ->
/dev/dri/renderD128
Installation
# https://download.docker.com/linux/debian/dists/bookworm/pool/stable/amd64/
wget https://download.docker.com/linux/debian/dists/bookworm/pool/stable/amd64/containerd.io_1.7.28-0~debian.12~bookworm_amd64.deb
wget https://download.docker.com/linux/debian/dists/bookworm/pool/stable/amd64/docker-buildx-plugin_0.29.1-1~debian.12~bookworm_amd64.deb
wget https://download.docker.com/linux/debian/dists/bookworm/pool/stable/amd64/docker-ce-cli_28.5.0-1~debian.12~bookworm_amd64.deb
wget https://download.docker.com/linux/debian/dists/bookworm/pool/stable/amd64/docker-ce_28.5.0-1~debian.12~bookworm_amd64.deb
wget https://download.docker.com/linux/debian/dists/bookworm/pool/stable/amd64/docker-compose-plugin_2.39.4-0~debian.12~bookworm_amd64.deb
sudo apt --fix-broken install
sudo apt install iptables
sudo dpkg -i containerd.io_1.7.28-0~debian.12~bookworm_amd64.deb \
docker-buildx-plugin_0.29.1-1~debian.12~bookworm_amd64.deb \
docker-ce-cli_28.5.0-1~debian.12~bookworm_amd64.deb \
docker-ce_28.5.0-1~debian.12~bookworm_amd64.deb \
docker-compose-plugin_2.39.4-0~debian.12~bookworm_amd64.deb
sudo usermod -aG docker frigate
# Make sure to remembers where this folders are created
mkdir storage config && touch docker-compose.yml
docker-compose.yml
services:
frigate:
container_name: frigate
restart: unless-stopped
stop_grace_period: 30s
image: ghcr.io/blakeblackshear/frigate:stable
privileged: true
shm_size: "512mb"
devices:
- /dev/bus/usb:/dev/bus/usb
- /dev/dri/renderD128:/dev/dri/renderD128
volumes:
- ./config:/config
- ./storage:/media/frigate
- type: tmpfs # Optional: 1GB of memory, reduces SSD/SD Card wear
target: /tmp/cache
tmpfs:
size: 1000000000
ports:
- "5000:5000" # UI
- "8971:8971"
- "8554:8554" # RTSP feeds
- "1935:1935" # RTMP feeds
Before run docker. In Proxmox host edit /etc/pve/lxc/YOUR_LXC_ID.conf
arch: amd64
cores: 2
features: nesting=1
hostname: frigate
memory: 2048
net0: name=eth0,bridge=vmbr0,firewall=1,gw=192.168.68.1,hwaddr=BC:24:11:48:8F:0F,ip=YOUR_FRIGATE_LOCAL_IP/22,type=veth
ostype: debian
rootfs: ssd-storage:subvol-YOUR_LXC_ID-disk-0,size=200G
swap: 2048
# USB Coral TPU
lxc.cgroup2.devices.allow: c 189:* rwm
lxc.mount.entry: /dev/bus/usb dev/bus/usb none bind,optional,create=dir
# Intel iGPU para VAAPI
lxc.cgroup2.devices.allow: c 226:0 rwm
lxc.cgroup2.devices.allow: c 226:128 rwm
lxc.mount.entry: /dev/dri/card0 dev/dri/card0 none bind,optional,create=file
lxc.mount.entry: /dev/dri/renderD128 dev/dri/renderD128 none bind,optional,create=file
Then stop the LXC and start it again.
Finally run: docker compose up -d
Frigate Config.yaml
auth:
enabled: true
mqtt:
enabled: true
host: HOME_ASSISTANT_LOCAL_IP
user: HOME_ASSISTANT_USER
password: HOME_ASSISTANT_PASS
go2rtc:
streams:
# THIS URL ARE JUST AN EXAMPLE
camera:
- rtsp://USER:PASS@CAMERA_IP:554/h264Preview_01_main
camera_sub:
- rtsp://USER:PASS@CAMERA_IP:554/h264Preview_01_sub
webrtc:
candidates:
- FRIGATE_LOCAL_IP:8555
- stun:8555
ffmpeg:
hwaccel_args: preset-vaapi
output_args:
record: preset-record-generic-audio-aac # Enable audio with video
# This is fot Coral USB TPU
detectors:
coral:
type: edgetpu
device: usb
cameras:
camera:
enabled: true
ffmpeg:
inputs:
- path: rtsp://127.0.0.1:8554/camera
roles:
- detect
- path: rtsp://127.0.0.1:8554/camera_sub
roles:
- record
detect:
enabled: false
width: 640
height: 480
fps: 5
objects:
track:
- person
- cat
- dog
record:
enabled: true
retain:
days: 1
mode: motion
alerts:
retain:
days: 1
mode: motion
detections:
retain:
days: 1
mode: motion
snapshots:
enabled: true
timestamp: true
bounding_box: true
detect:
enabled: true
tls:
enabled: false
version: 0.16-0
NPM
Details:
- Scheme: http
- Forward hostname: YOUR_FRIGATE_LOCAL_IP
- Port: 5000
- Cache Assets ON
- Block Common Exploits ON
- Websockets support ON
SSL
- Force SSL ON
- HTTP/2 Support ON
Advanced
client_max_body_size 100M;
# Streaming timeouts
proxy_read_timeout 3600;
proxy_connect_timeout 3600;
proxy_send_timeout 3600;
send_timeout 3600;
# Websockets headers
proxy_set_header Upgrade \(http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Forwarded-Proto\)scheme;
proxy_set_header X-Forwarded-For \(proxy_add_x_forwarded_for;
proxy_set_header Host\)host;
# Passthrought authentication headers to Frigate
proxy_pass_request_headers on;
proxy_set_header Authorization \(http_authorization;
proxy_pass_header Authorization;
# Force basic auth if Frigate don't ask it
location / {
# Check session cookie
if (\)http_cookie !~* "frigate_token") {
return 302 /login;
}
proxy_pass http://YOUR_FRIGATE_LOCAL_IP:5000;
proxy_pass_request_headers on;
}
# Allow acces to login and auth API
location ~ ^/(login|api/login|api/auth) {
proxy_pass http://YOUR_FRIGATE_LOCAL_IP:5000;
proxy_pass_request_headers on;
}
# Allor static resources
location ~ ^/(assets/|vite.svg) {
proxy_pass http://YOUR_FRIGATE_LOCAL_IP:5000;
}