Trying to re-engineer frigate to use a service instead of a container.

2025-01-29 18:55:53 +01:00 · 2025-01-29 18:55:53 +01:00 · 767f9cdf64
commit 767f9cdf64
parent 3ff3c56290
4 changed files with 25 additions and 98 deletions
--- a/products/frigate/frigate.tf
+++ b/products/frigate/frigate.tf
@ -1,55 +1,14 @@
-data "docker_registry_image" "frigate" {
-  name = "ghcr.io/blakeblackshear/frigate:stable"
-}
-
-resource "docker_container" "frigate" {
-  image        = "${data.docker_registry_image.frigate.name}@${data.docker_registry_image.frigate.sha256_digest}"
-  name         = local.container_name
-  restart      = "unless-stopped"
-  privileged   = "true"
-  shm_size     = var.shm_size_mb
-  network_mode = "bridge"
-  env = [
-    "FRIGATE_RTSP_PASSWORD=${var.frigate_rtsp_password}"
-  ]
-  dynamic "devices" {
-    for_each = var.devices
-    content {
-      host_path      = devices.value.host_path
-      container_path = devices.value.container_path
-      permissions    = devices.value.permissions
-    }
-  }
-  dynamic "volumes" {
-    for_each = var.volumes
-    content {
-      container_path = volumes.value
-      host_path      = volumes.key
-      read_only      = false
-    }
-  }
-  dynamic "ports" {
-    for_each = var.ports
-    content {
-      internal = ports.value.container
-      external = ports.value.host
-      protocol = ports.value.protocol
-    }
-  }
-  dynamic "networks_advanced" {
-    for_each = var.networks
-    content {
-      name = networks_advanced.value.id
-    }
-  }
-  dynamic "labels" {
-    for_each = local.labels
-    content {
-      label = labels.key
-      value = labels.value
-    }
-  }
-  lifecycle {
-    create_before_destroy = false
+module "frigate" {
+  source                = "../../docker/service"
+  image                 = "ghcr.io/blakeblackshear/frigate:stable"
+  stack_name            = var.stack_name
+  service_name          = "frigate"
+  mounts                = var.mounts
+  placement_constraints = var.placement_constraints
+  traefik               = var.traefik
+  environment_variables = {
+    FRIGATE_RTSP_PASSWORD = var.frigate_rtsp_password
  }
+  labels          = var.labels
+  converge_enable = false
 }
--- a/products/frigate/inputs.tf
+++ b/products/frigate/inputs.tf
@ -20,20 +20,11 @@ variable "frigate_rtsp_password" {
  description = "The password to use for the RTSP streams"
  default     = ""
 }
-variable "devices" {
-  type = list(object({
-    host_path      = string
-    container_path = string
-    permissions    = optional(string, "rwm")
-  }))
-  description = "The devices to mount into the container"
-}
-variable "volumes" {
+variable "mounts" {
  type        = map(string)
  default     = {}
-  description = "A map of volume names to create and mount. The key is the volume name, and the value is the mount point."
+  description = "A map of host paths to container paths to mount. The key is the host path, and the value is the container path."
 }
-
 variable "ports" {
  type = list(object({
    host      = number
@ -72,15 +63,16 @@ variable "ports" {
 variable "traefik" {
  default = null
  type = object({
-    domain  = string
-    port    = optional(number, 5000)
-    non-ssl = optional(bool, true)
-    ssl     = optional(bool, false)
-    rule    = optional(string)
-    network = optional(object({
-      name = string
-      id   = string
-    }))
+    domain           = string
+    port             = optional(number)
+    non-ssl          = optional(bool, false)
+    ssl              = optional(bool, false)
+    rule             = optional(string)
+    middlewares      = optional(list(string), [])
+    network          = optional(object({ name = string, id = string }))
+    basic-auth-users = optional(list(string), [])
+    headers          = optional(map(string), {})
+    udp_entrypoints  = optional(list(string), []) # List of UDP entrypoints
  })
  description = "Whether to enable traefik for the service."
 }
--- a/products/frigate/labels.tf
+++ b/products/frigate/labels.tf
@ -1,24 +0,0 @@
-
-locals {
-  container_name = "frigate"
-  # Define service labels en-masse
-  labels = merge({
-    "com.docker.stack.namespace" = var.stack_name
-    "com.docker.stack.image"     = data.docker_registry_image.frigate.name
-    "ooo.grey.service.stack"     = var.stack_name
-    "ooo.grey.service.name"      = local.container_name
-    "ooo.grey.service.image"     = data.docker_registry_image.frigate.name
-    #"ooo.grey.service.image.digest" = data.docker_registry_image.frigate.sha256_digest
-  }, local.traefik_labels, var.labels)
-
-  # Calculate the traefik labels to use if enabled
-  traefik_labels = var.traefik != null ? {
-    "traefik.enable"                                                         = "true"
-    "traefik.http.routers.${local.container_name}.rule"                      = "Host(`${var.traefik.domain}`)"
-    "traefik.http.routers.${local.container_name}.entrypoints"               = "websecure"
-    "traefik.http.routers.${local.container_name}.tls.certresolver"          = "default"
-    "traefik.http.services.${local.container_name}.loadbalancer.server.port" = 5000
-    } : {
-    "traefik.enable" = "false"
-  }
-}
--- a/products/frigate/output.tf
+++ b/products/frigate/output.tf
@ -1,3 +1,3 @@
 output "endpoint" {
-  value = try("https://${var.traefik.domain}", "unknown")
+  value = module.frigate.endpoint
 }