✨ new talos cluster

kubernetes/cluster-0/apps/home-automation/frigate/config.yaml

@@ -0,0 +1,58 @@
+---
+logger:
+  default: info
+  logs:
+    frigate.record: debug
+
+mqtt:
+  host: emqx.default.svc.cluster.local.
+  topic_prefix: frigate
+  user: "{MQTT_USER}"
+  password: "{MQTT_PASSWORD}"
+
+database:
+  path: /data/frigate.db
+
+detectors:
+  coral:
+    type: edgetpu
+    device: usb
+
+ffmpeg:
+  global_args:
+    - -hide_banner
+    - -loglevel
+    - warning
+  hwaccel_args:
+    - -hwaccel
+    - vaapi
+    - -hwaccel_device
+    - /dev/dri/renderD128
+    - -hwaccel_output_format
+    - yuv420p
+  # https://github.com/blakeblackshear/frigate/issues/3296
+  output_args:
+    record: -f segment -segment_time 10 -segment_format mp4 -reset_timestamps 1 -strftime 1 -c:v copy -ar 44100 -c:a aac
+    rtmp: -c:v copy -f flv -ar 44100 -c:a aac
+
+rtmp:
+  enabled: true
+
+record:
+  enabled: true
+  retain:
+    days: 3
+    mode: all
+  events:
+    retain:
+      default: 7
+      mode: active_objects
+
+objects:
+  track:
+    - person
+  filters:
+    person:
+      min_area: 5000
+      max_area: 100000
+      threshold: 0.7

kubernetes/cluster-0/apps/home-automation/frigate/helm-release.yaml

@@ -0,0 +1,118 @@
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: &app frigate
+  namespace: default
+spec:
+  interval: 15m
+  chart:
+    spec:
+      chart: app-template
+      version: 1.0.1
+      sourceRef:
+        kind: HelmRepository
+        name: bjw-s
+        namespace: flux-system
+  install:
+    createNamespace: true
+    remediation:
+      retries: 5
+  upgrade:
+    remediation:
+      retries: 5
+  dependsOn:
+    - name: emqx
+      namespace: default
+    - name: intel-gpu-plugin
+      namespace: default
+    - name: node-feature-discovery
+      namespace: default
+  values:
+    fullnameOverride: *app
+    image:
+      repository: docker.io/blakeblackshear/frigate
+      tag: 0.11.1
+    env:
+      TZ: "${TIMEZONE}"
+      LIBVA_DRIVER_NAME: i965
+      MQTT_USER: "${SECRET_MQTT_USERNAME}"
+      MQTT_PASSWORD: ${SECRET_MQTT_PASSWORD}
+    service:
+      main:
+        ports:
+          http:
+            port: &port 5000
+    probes:
+      liveness: &probes
+        enabled: true
+        custom: true
+        spec:
+          httpGet:
+            path: /api/version
+            port: *port
+          initialDelaySeconds: 0
+          periodSeconds: 10
+          timeoutSeconds: 1
+          failureThreshold: 3
+      readiness: *probes
+      startup:
+        enabled: false
+    ingress:
+      main:
+        enabled: true
+        ingressClassName: "nginx"
+        annotations:
+          auth.home.arpa/enabled: "true"
+        hosts:
+          - host: &host "{{ .Release.Name }}.${SECRET_CLUSTER_DOMAIN}"
+            paths:
+              - path: /
+                pathType: Prefix
+        tls:
+          - hosts:
+              - *host
+    securityContext:
+      privileged: true
+    persistence:
+      config:
+        enabled: true
+        type: configMap
+        name: *app
+        subPath: config.yaml
+        mountPath: /config/config.yml
+        readOnly: true
+      data:
+        enabled: true
+        existingClaim: frigate-config
+      usb:
+        enabled: true
+        type: hostPath
+        hostPath: /dev/bus/usb
+        hostPathType: Directory
+        mountPath: /dev/bus/usb
+      cache:
+        enabled: true
+        type: emptyDir
+        medium: Memory
+        sizeLimit: 4Gi
+        mountPath: /dev/shm
+    podAnnotations:
+      configmap.reloader.stakater.com/reload: *app
+    affinity:
+      nodeAffinity:
+        requiredDuringSchedulingIgnoredDuringExecution:
+          nodeSelectorTerms:
+            - matchExpressions:
+                - key: feature.node.kubernetes.io/custom-coral-tpu
+                  operator: In
+                  values:
+                    - "true"
+    resources:
+      requests:
+        cpu: 100m
+        memory: 1Gi
+        gpu.intel.com/i915: "1"
+      limits:
+        memory: 6Gi
+        gpu.intel.com/i915: "1"

kubernetes/cluster-0/apps/home-automation/frigate/kustomization.yaml

@@ -0,0 +1,14 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - volume.yaml
+  - helm-release.yaml
+namespace: default
+configMapGenerator:
+  - name: frigate
+    files:
+      - config.yaml
+generatorOptions:
+  disableNameSuffixHash: true
+  annotations:
+    kustomize.toolkit.fluxcd.io/substitute: disabled

kubernetes/cluster-0/apps/home-automation/frigate/volume.yaml

@@ -0,0 +1,17 @@
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: frigate-config
+  namespace: default
+  labels:
+    app.kubernetes.io/name: &name frigate
+    app.kubernetes.io/instance: *name
+    snapshot.home.arpa/enabled: "true"
+spec:
+  accessModes:
+    - ReadWriteOnce
+  storageClassName: rook-ceph-block
+  resources:
+    requests:
+      storage: 5Gi