mirror of
https://github.com/blakeblackshear/frigate.git
synced 2026-02-01 16:55:21 +03:00
6b841b1efa
Running via docker on QNAP/synology there might be additional ACLs provided by their respective linux flavors that cause a 403 when trying to view clips/recordings from the UI. Forcing nginx to run as root solves this on my QNAP.
162 lines
5.0 KiB
Nginx Configuration File
162 lines
5.0 KiB
Nginx Configuration File
user root;
|
|
worker_processes 1;
|
|
|
|
error_log /var/log/nginx/error.log warn;
|
|
pid /var/run/nginx.pid;
|
|
|
|
load_module "modules/ngx_rtmp_module.so";
|
|
|
|
events {
|
|
worker_connections 1024;
|
|
}
|
|
|
|
http {
|
|
include /etc/nginx/mime.types;
|
|
default_type application/octet-stream;
|
|
|
|
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
|
'$status $body_bytes_sent "$http_referer" '
|
|
'"$http_user_agent" "$http_x_forwarded_for"';
|
|
|
|
access_log /var/log/nginx/access.log main;
|
|
|
|
sendfile on;
|
|
|
|
keepalive_timeout 65;
|
|
|
|
gzip on;
|
|
gzip_comp_level 6;
|
|
gzip_types text/plain text/css application/json application/x-javascript application/javascript text/javascript image/svg+xml image/x-icon image/bmp image/png image/gif image/jpeg image/jpg;
|
|
gzip_proxied no-cache no-store private expired auth;
|
|
gzip_vary on;
|
|
|
|
upstream frigate_api {
|
|
server localhost:5001;
|
|
keepalive 1024;
|
|
}
|
|
|
|
server {
|
|
listen 5000;
|
|
|
|
location /stream/ {
|
|
add_header 'Cache-Control' 'no-cache';
|
|
add_header 'Access-Control-Allow-Origin' "$http_origin" always;
|
|
add_header 'Access-Control-Allow-Credentials' 'true';
|
|
add_header 'Access-Control-Expose-Headers' 'Content-Length';
|
|
if ($request_method = 'OPTIONS') {
|
|
add_header 'Access-Control-Allow-Origin' "$http_origin";
|
|
add_header 'Access-Control-Max-Age' 1728000;
|
|
add_header 'Content-Type' 'text/plain charset=UTF-8';
|
|
add_header 'Content-Length' 0;
|
|
return 204;
|
|
}
|
|
|
|
types {
|
|
application/dash+xml mpd;
|
|
application/vnd.apple.mpegurl m3u8;
|
|
video/mp2t ts;
|
|
image/jpeg jpg;
|
|
}
|
|
|
|
root /tmp;
|
|
}
|
|
|
|
location /clips/ {
|
|
add_header 'Access-Control-Allow-Origin' "$http_origin" always;
|
|
add_header 'Access-Control-Allow-Credentials' 'true';
|
|
add_header 'Access-Control-Expose-Headers' 'Content-Length';
|
|
if ($request_method = 'OPTIONS') {
|
|
add_header 'Access-Control-Allow-Origin' "$http_origin";
|
|
add_header 'Access-Control-Max-Age' 1728000;
|
|
add_header 'Content-Type' 'text/plain charset=UTF-8';
|
|
add_header 'Content-Length' 0;
|
|
return 204;
|
|
}
|
|
|
|
types {
|
|
video/mp4 mp4;
|
|
image/jpeg jpg;
|
|
}
|
|
|
|
autoindex on;
|
|
root /media/frigate;
|
|
}
|
|
|
|
location /recordings/ {
|
|
add_header 'Access-Control-Allow-Origin' "$http_origin" always;
|
|
add_header 'Access-Control-Allow-Credentials' 'true';
|
|
add_header 'Access-Control-Expose-Headers' 'Content-Length';
|
|
if ($request_method = 'OPTIONS') {
|
|
add_header 'Access-Control-Allow-Origin' "$http_origin";
|
|
add_header 'Access-Control-Max-Age' 1728000;
|
|
add_header 'Content-Type' 'text/plain charset=UTF-8';
|
|
add_header 'Content-Length' 0;
|
|
return 204;
|
|
}
|
|
|
|
types {
|
|
video/mp4 mp4;
|
|
}
|
|
|
|
autoindex on;
|
|
autoindex_format json;
|
|
root /media/frigate;
|
|
}
|
|
|
|
location /ws {
|
|
proxy_pass http://frigate_api/ws;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection "Upgrade";
|
|
proxy_set_header Host $host;
|
|
}
|
|
|
|
location /api/ {
|
|
add_header 'Access-Control-Allow-Origin' '*';
|
|
add_header Cache-Control "no-store";
|
|
proxy_pass http://frigate_api/;
|
|
proxy_pass_request_headers on;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
}
|
|
|
|
|
|
location / {
|
|
add_header Cache-Control "no-cache";
|
|
|
|
location ~* \.(?:js|css|svg|ico|png)$ {
|
|
access_log off;
|
|
expires 1y;
|
|
add_header Cache-Control "public";
|
|
}
|
|
|
|
sub_filter 'href="/' 'href="$http_x_ingress_path/';
|
|
sub_filter 'url(/' 'url($http_x_ingress_path/';
|
|
sub_filter '"/dist/' '"$http_x_ingress_path/dist/';
|
|
sub_filter '"/js/' '"$http_x_ingress_path/js/';
|
|
sub_filter '<body>' '<body><script>window.baseUrl="$http_x_ingress_path";</script>';
|
|
sub_filter_types text/css application/javascript;
|
|
sub_filter_once off;
|
|
|
|
root /opt/frigate/web;
|
|
try_files $uri $uri/ /index.html;
|
|
}
|
|
}
|
|
}
|
|
|
|
rtmp {
|
|
server {
|
|
listen 1935;
|
|
chunk_size 4096;
|
|
allow publish 127.0.0.1;
|
|
deny publish all;
|
|
allow play all;
|
|
application live {
|
|
live on;
|
|
record off;
|
|
meta copy;
|
|
}
|
|
}
|
|
}
|