pfSense, AT&T Fiber (BGW320), IPv6 Prefix Delegation

by

I’ve spent the last few days making this work properly across multiple VLANs, because AT&T does NOT even REMOTELY conform to any kind of industry standard for dishing out IPv6 blocks or addresses.

Normally your WAN would receive a /56 block from an ISP, giving you 00-FF in blocks to assign off of that. And everything you read online says AT&T gives out a /60, which is true. But it’s misleading if you’re expecting to be able to USE that /60. You cannot. You cannot give your WAN adapter a /60 prefix, it does not work that way. It will always be a /64. (we’re not talking about a custom ONT SFP module here or what-not, obviously some people have made it work that way).

So, assuming you just want to use the AT&T BGW320 as-is, and you want multiple IPv6 prefixes, here’s my quick little guide on that.

On the BGW320:

Turn all 3 settings to On under Home Network > IPv6

Under Firewall > Packet Filter, click to Disable Packet Filters (Note: This is not required for this guide, but you should just let pfSense handle packets if that’s your router)

Under Firewall > IP Passthrough
– Allocation Mode: Passthrough
– Passthrough Mode: DHCPS-fixed
– Passthrough Fixed MAC Address: pfSense WAN adapter MAC address

Under Firewall > Firewall Advanced: I would recommend Reflexive ACL, ESP ALG, SIP ALG be turned Off.

pfSense Configuration

Under Interfaces > WAN
– IPv6 Configuration Type: DHCP6

Note: If you only ever want 1 prefix to use for your LAN, and don’t plan to use any other /64 blocks, you do not have to use a custom configuration and could essentially stop here. Set DHCPv6 Prefix Delegation Size to 64 and that’s it, leave the rest of the boxes unchecked. Your WAN will get the passthrough address from the BGW320, and then you’ll have one prefix delegated to use which you can assign statically on your LAN adapter.

If you want multiple /64 prefixes to use, you will need to SSH into your pfSense machine. As that is kind of out of the scope of this guide, but basically use PuTTY or ssh from a linux machine to your pfSense LAN IP, and login with your admin credentials. The menu should say to enter option 8 for a shell I believe.

At the shell, type ls /var/etc/dhcp6*.conf to list your dhcp6 configuration file. It should either be dhcp6c.conf or dhcp6c_wan.conf in some cases I have read. Mine was dhcp6c.conf. We need to copy this file to a new location so we can modify it and use it as our custom WAN interface configuration file. So type cp /var/etc/dhcp6c.conf /conf/dhcp6c_att.conf

cp /var/etc/dhcp6c.conf /conf/dhcp6c_att.conf
nano -w /conf/dhcp6c_att.conf

Edit the file to include extra send ia-pd # lines. The stuff in bold is likely what will not already be in the file. But ultimately you need to start with send ia-pd 0, then 1, then 2, and so on. This is literally my current running configuration, so I hope it works for you. Do not blindly copy and paste this, make sure your interface name matches YOUR firewall, not mine! And yes, I plan to stop using a RealTek adapter soon. I also don’t think the prefix ::/64 infinity; lines are necessary but I added them just in case. The real important part is the send ia-pd lines.

interface re0 {
        send ia-na 0;
        send ia-pd 0;   # THIS WILL BE YOUR 'f' PREFIX and will probably already be in the file
        send ia-pd 1;   # ADD THIS to get the next prefix after f (e)
        send ia-pd 2;   # ..and so on, up to send ia-pd 7 if needed, for a total of 8 usable /64 blocks
        request domain-name-servers;
        request domain-name;
        script "/var/etc/dhcp6c_wan_script.sh";
};
id-assoc na 0 { };
id-assoc pd 0 {
        prefix ::/64 infinity;
};

id-assoc pd 1 {
        prefix ::/64 infinity;
};

id-assoc pd 2 {
        prefix ::/64 infinity;
};

To save your edited file, press CTRL-X, press Y to save, and then press Enter to overwrite the existing file. Alternatively, you can press CTRL-O and then Enter to write the changes out, and then CTRL-X to just exit.

You’ll notice that the blocks actually start at the end of the /60 from the BGW320. So if the BGW320 gives your WAN 2600:1700:a123:b340::, then your first usable /64 will be :b34F, the second is :b34E, the third would be :b34D and so on, C, B, A, 9, 8. 0-7 are reserved by the BGW320 for internal stuff apparently. Personally I’m only using 3 prefixes, and haven’t tested the limits.

Back in pfSense, under Interfaces > WAN, scroll down to DHCP6 Client Configuration, and enable the checkbox for Configuration Override. In the next step we’re going to be creating a configuration to use, so for now, type into Configuration File Override the following: /conf/dhcp6c_att.conf

Save and apply your WAN changes. If all goes well, back on your BGW320 under Home Network > Status, you should see under the IPv6 section near the middle your IPv6 Delegated Prefix Subnet section, and it should list as many prefixes as you put send ia-pd’s into your dhcp6c_att.conf file.

Back in pfSense, under the lan/vlan/tunnel interface(s) you want to assign an IPv6 network to, set their IPv6 type to Static, and, e.g. with our example above, if you have 2600:1700:a123:b34f::/64 as one of your delegated prefixes, set your interface static to 2600:1700:a123:b34f::1 on a /64 subnet size. And then that interface will hold the ::1 ipv6 address on that prefix.

GOOD LUCK!

Quake Q2Pro r3834 Builds!

by

Edit 6-27-2026: I’ve scaled back the number of builds .. it was excessive. There’s no reason to have so many that I can think of.

Edit 6-23-2026: I am redoing the naming convention and adding EVEN MORE builds! Linux x86 builds will now be i386. I am also compiling separate i386 builds that have the ABI Hack enabled and one that is disabled. ‘abi’ builds will have it enabled.

I did not realize someone had forked/taken a snapshot of q2pro, available at https://github.com/q2pro/q2pro

I have taken some time to compile them as well. These are also untested but I suspect will work better than the q2repro builds below which I will probably end up deleting (Edit: I recompiled the q2repro builds with what I learned on this, they may work better if you need repro).

I was able to compile them with http support again, and the various variable fps and anticheat server builds, so you can pick either neither, a ‘vfps’ build (no anticheat), or an ‘ac’ build (anticheat, no vfps), or a vfps-ac build (both). Or none as mentioned.

There are x86 and x64 builds, so you should be able to run any mod. Also included i386 for ubuntu.

Let me know if you’re using them! I’m pretty excited that there’s at least a semi-stable repo for q2pro again!

Download the Builds Here: https://quake2.itbacon.com/public/q2pro

Each file also contains a log file which shows what it was built with, e.g.:

q2pro r3834~601a8df8

  Features
    anticheat-server   : YES
    auto-reply         : YES
    avcodec            : NO
    client-gtv         : NO
    client-ui          : YES
    debug              : NO
    game-abi-hack      : NO (YES on x86 and i386-abi, will add separate win-x86-abi builds later)
    game-new-api       : NO
    icmp-errors        : YES
    libcurl            : YES
    libjpeg            : YES
    libpng             : YES
    md3                : YES
    md5                : YES
    mvd-client         : YES
    mvd-server         : YES
    openal             : YES
    packetdup-hack     : NO
    save-games         : YES
    sdl2               : NO (YES on Linux builds)
    software-sound     : YES
    system-console     : YES
    tests              : NO
    tga                : YES
    variable-fps       : YES
    wayland            : NO (YES on Linux builds)
    windows-crash-dumps: YES
    windows-egl        : NO
    windows-service    : NO
    x11                : NO
    zlib               : YES

  Subprojects
    khr-headers        : YES
    libcurl            : YES
    libjpeg-turbo      : YES
    libpng             : YES
    nghttp2            : YES (from libcurl)
    openal-soft        : YES
    zlib-ng            : YES

  User defined options
    Cross files        : /home/jordan/git/q2pro/.ci/x64-windows-gpt.txt
    anticheat-server   : true
    avcodec            : disabled
    buildtype          : release
    default_library    : static
    game-abi-hack      : disabled
    libcurl            : enabled
    libjpeg            : enabled
    libpng             : enabled
    openal             : enabled
    sdl2               : disabled
    system-wide        : false
    variable-fps       : true
    vid-geometry       : 1920x1080
    vid-modelist       : 320x240 640x480 800x600 1024x768 1280x720 1280x960 1366x768 1600x900 1920x1080 2560x1440 3440x1440 3840x2160 4096x2160 7680x4320
    windows-egl        : false
    windows-service    : false
    wrap_mode          : forcefallback
    zlib               : enabled

Q2RePro Quake 2 builds available

by

I compiled q2repro for linux and windows, i386 and x64, with or without variable fps and anticheat.

Completely untested for the most part currently, sorry. (Edit: they crash when running my servers so.. shrug)

Based off the latest git commit from https://github.com/Paril/q2repro

No OpenAL support in this one.

https://quake2.itbacon.com/public/q2repro

Edit 6-22-2026: I recompiled these using what I learned from the q2pro rebuilds I did after. They may work better now!

Fiber Upgrade

by

The website now runs on symmetrical fiber (1000mbit). This doesn’t really mean anything but hopefully it feels a little snappier now. Much faster than the ~15mbit the site was running on before!

I upgraded from Spectrum cable to AT&T fiber internet. Even though I was paying for 1000/40 from Spectrum, I rarely was able to get above 20mbit for upload.

I can’t believe my last real post was so long ago… I really do want to update some of my guides.

Edit: Whoa, todays date is a palindrome!

WireGuard Guide Update coming!

by

Today I realized my VPN has been setup kind-of-wrong the last oh… 4 years or so. I’ve just never had a reason to notice as I was always accessing internal things.

So, an updated WireGuard Guide for pfsense 2.7.2 will be forthcoming soon!

I’m also just working on adding some better CSS support to my powershell server status script as well. I will soon get that online.

Update 2025: man, I suck. Sorry all, I just lost motivation for a while. I move on to other projects fairly readily, and I’ve just been so tired. I still plan to do this at some point.

PowerShell on.. a Pi ?!

by
That’s right! If you didn’t know, powershell is (nearly?) completely cross-platform.

I’ve recently been working on a server status script for work and I chose to do it in powershell. It does threaded pings, generates html files, etc.

With zero modifications at all the script runs flawlessly on both Ubuntu Linux and my Orange Pi. All I had to do was extract the powershell tarball, chmod +x pwsh and run the script.

Truly awesome.

What blew my mind was Powershell was markedly faster on my Pi than it was on my Ubuntu server.

I’ll be posting more about the script soon, as I need to figure out some things still. But it will be released in due time. I really like it!

tzdata fails to upgrade on Ubuntu 23.10

by

If you’re getting a dpkg error about tzdata prematurely exiting, you need to get this file:
Ubuntu – Package Download Selection — tzdata_2024a-0ubuntu0.23.10_all.deb

Afterwards, install with dpkg -i tzdata_2024a-0ubuntu0.23.10_all.deb

Afterwards, you can do apt upgrade to upgrade to the latest one in the apt repo that was failing.

Hope this helps someone!

dpkg: error processing package tzdata (–configure):
installed tzdata package post-installation script subprocess returned error exit status 10
Errors were encountered while processing:
tzdata
needrestart is being skipped since dpkg has failed

Docker Compose with an external LAN / VLAN IP!

by

I just figured this out, and it’s too cool not to share. I have business grade switches at my house, so I have various VLANs setup already. You’ll need that in place to make this work, and have your port tagging in place already, etc.

This requires no additional configuration on the host. In the below, I’ve included two examples — default_lan and vlan5. So if you just want to give a container an IP on your local LAN, you can use default_lan for that. And if you’re looking to create a service on a vlan IP, you can use vlan5 as an example for that.

EDIT: YOU MAY NEED TO modprobe 8021q (and/or add it to /etc/modules)

You do not need to include default_lan in order to use a vlan. This also of course works great in Portainer.

networks:
  default_lan: # the name you'll reference in the service configuration
    driver: ipvlan
    driver_opts:
      parent: enp1s0d1 # the interface on your docker host that it will tunnel through
    ipam:
      config:
        - subnet: 10.1.1.0/24 # your networks subnet
          gateway: 10.1.1.1 # your networks gateway

  vlan5:
    driver: ipvlan
    driver_opts:
      parent: enp1s0d1.5 # I've added '.5' for vlan 5
    ipam:
      config:
        - subnet: 10.1.5.0/24 # the vlans subnet
          gateway: 10.1.5.1 # the vlans gateway

services:
  service_on_lan:
    networks:
      default_lan:
        ipv4_address: 10.1.1.51

  service_on_vlan:
    networks:
      vlan5:
        ipv4_address: 10.1.5.55

I have not tested, but I believe you can also just add another two subnet and gateway lines for ipv6 routing as well, and then specify your ipv6_address in the service.

You can also use macvlan instead, which will give the container a unique MAC address that you can see on your network. I have found the best way to do this is individually per-IP, at least for my needs. Otherwise you can easily run into duplicate IP problems.

networks:
  macvlan5_5: # the name you'll reference in the service configuration, and I give _5 as the IP
    driver: macvlan
    driver_opts:
      parent: enp1s0d1.5 # the interface on your docker host and .# for the vlan #
    ipam:
      config:
        - subnet: 10.1.5.0/24 # your networks subnet
          gateway: 10.1.5.1 # your networks gateway
          ip_range: 10.1.5.5/32 # the static ip you want to assign to this networks container

And then just assign the network in your container:

services:
  service_on_macvlan5:
    networks:
      - macvlan5_5

Unfortunately, the container does not seem to try to register with the defined hostname so my firewall just sees a new ‘unknown’ host on the random MAC address in the arp tables.

Check out the complete Docker Network Drivers Overview page for more examples and usage.

Frigate Docker Compose / Portainer

by

You will need to have Mosquitto MQTT setup before using Frigate — fortunately, I have a guide for that already!

https://itbacon.com/2023/08/01/installing-mosquitto-mqtt-in-portainer/

Once you have confirmed Mosquitto is up and running, we can deploy a Frigate stack. This particular stack has a device mapping for a Google Coral A+E key device, as well as using /dev/dri/renderD128 for onboard graphics (Intel, in this case). You’ll want to adjust some things, such as whatever MQTT username and password you created during MQTT setup/install (see the guide for help!), as well as your camera admin username and password. If you use different usernames and passwords for all your cameras, you can specify them individually in your Frigate configuration file after the stack is deployed.

Also in this stack is a configuration for using a Samba/Windows based NAS as a volume for /media/frigate, which is where recordings and snapshots will be saved to. Basically, what I’m saying is, you’ll need to make some changes to the below code after pasting it, in order to have it suit your needs.

The majority of my configuration file was taken from the Full Reference Configuration File which is an excellent reference with comments about the various options in the configuration file.

I had also initially planned to include my nvidia setup/configuration sections, but the machine I just moved Frigate into can only take one full length card, I have used it for something else.

services:
  frigate:
    container_name: "frigate"
    image: "ghcr.io/blakeblackshear/frigate:stable"
    hostname: "frigate"
    shm_size: 1024mb # increase if getting bus errors
    privileged: true
    restart: unless-stopped
    cap_add:
      - CAP_PERFMON
    devices:
      - /dev/dri/renderD128:/dev/dri/renderD128:ro # onboard video
      - /dev/apex_0:/dev/apex_0:ro # coral
    environment:
      - "TZ=EST5EDT" # your timezone
      - "FRIGATE_RTSP_USERNAME=admin" # camera admin username
      - "FRIGATE_RTSP_PASSWORD=password" # camera admin password
      - "FRIGATE_MQTT_USERNAME=frigate" # mqtt server username
      - "FRIGATE_MQTT_PASSWORD=password" # mqtt server password
    network_mode: host
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - data:/config
      # if you're not using a NAS, change NAS to the path you're using
      # e.g. /mnt/frigate:/media/frigate or /any/path:/media/frigate
      - NAS:/media/frigate
      - type: tmpfs
        target: /tmp/cache
        tmpfs:
          size: 1G

volumes:
  data:
  mqtt_data:
  NAS:
    driver_opts:
      type: cifs
      o: "addr=IP.OF.NAS,username=SAMBA_USERNAME,password=SAMBA_PASSWORD,iocharset=utf8,file_mode=0600,dir_mode=0700"
      device: "//IP.OF.NAS/SharedFolder"

networks:
  frigate:

Here is my Frigate configuration file. It will be in /var/lib/docker/volumes/frigate_data/_data/config.yml

I know it’s kind of a mess, and there’s probably some redundant things in here, but I just felt bad about not having anything up still after so long. So there’s definitely some useful examples in here I imagine, for Amcrest, Reolink, Hikvision cameras. Examples of how to use separate streams for recording and detection, etc. Unfortunately at the time of writing all of this up tonight, I am extremely tired and must just get it out as is at this point.

Now, admittedly, full on support and assistance with configuring your Frigate NVR is vastly out of the scope of this guide. There is plenty of great documentation already available on the Official Frigate Website. Good luck!

mqtt:
  enabled: true
  host: 10.1.1.5 # the IP of the computer running MQTT, or localhost
  port: 1883
  topic_prefix: frigate
  client_id: frigate
  user: '{FRIGATE_MQTT_USERNAME}'
  password: '{FRIGATE_MQTT_PASSWORD}'
  stats_interval: 30

detectors:
  coral:
    type: edgetpu
    device: pci
  #cuda:
  #  type: tensorrt
  #  device: 0
  #openvino:
  #  type: openvino
  #  device: AUTO
  #cpu:
  #  type: cpu
  #  num_threads: 2

database:
  path: /config/frigate.db

logger:
  # Optional: Default log verbosity
  default: warning
  #default: warning
  # Optional: Component specific logger overrides
  #logs:
  #  frigate.nginx: error
  #  frigate.event: error

birdseye:
  enabled: true
  restream: true
  width: 1280
  height: 720
  quality: 7
  # motion (if motion was detected), objects (if it detected an object), or continuous (always on)
  mode: continuous

ffmpeg:
  global_args: -hide_banner -loglevel warning -threads 2
  #hwaccel_args: preset-vaapi
  hwaccel_args: preset-intel-qsv-h264
  #hwaccel_args: preset-nvidia-h264

  #input_args: preset-rtsp-generic
  input_args: preset-rtsp-restream
  output_args:
    record: preset-record-generic-audio-copy

# default detect settings for all cameras
detect:
  enabled: true
  width: 704
  height: 480

  fps: 10
  max_disappeared: 50
  stationary:
    interval: 10
    threshold: 50

# default object tracking for all cameras
objects:
  track:
  - person
  #filters:
  #  person:
  #    min_area: 100
  #    max_area: 75000

motion:
  threshold: 25
  contour_area: 25
  delta_alpha: 0.2
  frame_alpha: 0.2
  frame_height: 75
  improve_contrast: false
  mqtt_off_delay: 30

# default record settings for all cameras
record:
  enabled: true
  expire_interval: 60
  retain:
    days: 15
    mode: all
  events:
    pre_capture: 5
    post_capture: 5
    objects:
    - person
    retain:
      default: 15
      mode: all

snapshots:
  enabled: true
  clean_copy: true
  timestamp: false
  bounding_box: true
  crop: false
  retain:
    default: 15

# configure your cameras here
go2rtc:
  streams:
    # reolink poe doorbell
    doorbell:
    - ffmpeg:rtsp://{FRIGATE_RTSP_USERNAME}:{FRIGATE_RTSP_PASSWORD}@10.1.5.108:554/h264Preview_01_main#video=copy#audio=copy#audio=opus
    doorbell_sub:
    - ffmpeg:rtsp://{FRIGATE_RTSP_USERNAME}:{FRIGATE_RTSP_PASSWORD}@10.1.5.108:554/h264Preview_01_sub#video=copy
    # amcrest
    front:
    - rtsp://{FRIGATE_RTSP_USERNAME}:{FRIGATE_RTSP_PASSWORD}@10.1.5.114:554/cam/realmonitor?channel=1&subtype=0
    - ffmpeg:back#audio=opus
    front_sub:
    - rtsp://{FRIGATE_RTSP_USERNAME}:{FRIGATE_RTSP_PASSWORD}@10.1.5.114:554/cam/realmonitor?channel=1&subtype=1
    # amcrest
    back:
    - rtsp://{FRIGATE_RTSP_USERNAME}:{FRIGATE_RTSP_PASSWORD}@10.1.5.107:554/cam/realmonitor?channel=1&subtype=0
    - ffmpeg:back#audio=opus
    back_sub:
    - rtsp://{FRIGATE_RTSP_USERNAME}:{FRIGATE_RTSP_PASSWORD}@10.1.5.107:554/cam/realmonitor?channel=1&subtype=1
    # amcrest
    porch:
    - rtsp://{FRIGATE_RTSP_USERNAME}:{FRIGATE_RTSP_PASSWORD}@10.1.5.106:554/cam/realmonitor?channel=1&subtype=0
    - ffmpeg:porch#audio=opus
    porch_sub:
    - rtsp://{FRIGATE_RTSP_USERNAME}:{FRIGATE_RTSP_PASSWORD}@10.1.5.106:554/cam/realmonitor?channel=1&subtype=1
    # amcrest wifi camera
    livingroom:
    - rtsp://{FRIGATE_RTSP_USERNAME}:{FRIGATE_RTSP_PASSWORD}@10.1.5.112:554/cam/realmonitor?channel=1&subtype=0&authbasic=64
    - ffmpeg:livingroom#audio=opus
    livingroom_sub:
    - rtsp://{FRIGATE_RTSP_USERNAME}:{FRIGATE_RTSP_PASSWORD}@10.1.5.112:554/cam/realmonitor?channel=1&subtype=1&authbasic=64
    # hikvision
    basement:
    - rtsp://{FRIGATE_RTSP_USERNAME}:{FRIGATE_RTSP_PASSWORD}@10.1.5.104:554/Streaming/Channels/101
    - ffmpeg:basement#video=copy
    #basement_sub:
    #- rtsp://{FRIGATE_RTSP_USERNAME}:{FRIGATE_RTSP_PASSWORD}@10.1.5.104:554/Streaming/Channels/102
    #- ffmpeg:basement#video=copy

# we use localhost because go2rtc is restreaming them locally based on the names we gave them above
cameras:
  doorbell:
    enabled: true
    ffmpeg:
      inputs:
      - path: rtsp://localhost:8554/doorbell
        roles:
        - record
      - path: rtsp://localhost:8554/doorbell_sub
        roles:
        - detect
    detect:
      enabled: true
      width: 640
      height: 480
    objects:
      track:
      - person
    mqtt:
      enabled: true
      timestamp: true
      bounding_box: true
      crop: true
      height: 720
      quality: 92
    live:
      height: 720
      quality: 7
    ui:
      order: 1
    #motion:
    #  mask:
    #  - 640,0,640,309,605,335,482,368,252,366,0,311,0,0
  front:
    enabled: true
    ffmpeg:
      inputs:
      - path: rtsp://localhost:8554/front
        roles:
        - record
    detect:
      enabled: true
    record:
      events:
        #required_zones:
        #- FrontYard
        retain:
          default: 15
    objects:
      track:
      - person
      - cat
    mqtt:
      enabled: true
      timestamp: true
      bounding_box: true
      crop: true
      height: 720
      quality: 92
    live:
      height: 720
      quality: 7
    ui:
      order: 2
    #motion:
    #  mask:
    #  - 704,0,704,202,0,150,0,0
    #zones:
    #  FrontYard:
    #    coordinates: 650,196,82,136,0,228,0,480,704,480
  back:
    enabled: true
    ffmpeg:
      inputs:
      - path: rtsp://localhost:8554/back
        roles:
        - record
      - path: rtsp://localhost:8554/back_sub
        roles:
        - detect
    record:
      events:
        #required_zones:
        #- BackYard
        retain:
          default: 15
    objects:
      track:
      - person
      - cat
    mqtt:
      enabled: true
      timestamp: true
      bounding_box: true
      crop: true
      height: 720
      quality: 92
    live:
      height: 720
      quality: 7
    ui:
      order: 3
    #motion:
    #  mask:
    #  - 291,0,288,41,0,39,0,0
    #zones:
    #  BackYard:
    #    coordinates: 374,0,600,480,0,480,0,0
  porch:
    enabled: true
    ffmpeg:
      inputs:
      - path: rtsp://localhost:8554/porch
        roles:
        - record
      - path: rtsp://localhost:8554/porch_sub
        roles:
        - detect
    record:
      events:
        retain:
          default: 15
    objects:
      track:
      - person
      - cat
    mqtt:
      enabled: true
      timestamp: true
      bounding_box: true
      crop: true
      height: 720
      quality: 92
    live:
      height: 720
      quality: 7
    ui:
      order: 4
    #motion:
    #  mask:
    #  - 261,0,270,104,323,223,367,333,480,348,534,76,640,51,640,480,0,480,0,0
  livingroom:
    enabled: true
    ffmpeg:
      inputs:
      - path: rtsp://localhost:8554/livingroom
        roles:
        - record
      - path: rtsp://localhost:8554/livingroom_sub
        roles:
        - detect
    detect:
      enabled: true
    record:
      events:
        objects:
        - cat
        retain:
          default: 15
    objects:
      track:
      - cat
    mqtt:
      enabled: true
      timestamp: true
      bounding_box: true
      crop: true
      height: 720
      quality: 92
    live:
      height: 720
      quality: 7
    ui:
      order: 5

  basement:
    enabled: true
    ffmpeg:
      inputs:
      - path: rtsp://localhost:8554/basement
        roles:
        - record
        - detect
    record:
      events:
        #required_zones:
        #- BasementStairs
        objects:
        - cat
        retain:
          default: 15
    detect:
      enabled: true
      width: 1280
      height: 720
      fps: 10
    objects:
      track:
      - cat
    mqtt:
      enabled: true
      timestamp: true
      bounding_box: true
      crop: true
      height: 720
      quality: 92
    live:
      height: 720
      quality: 7
    ui:
      order: 6

timestamp_style:
  position: tl
  format: '%m/%d/%Y %H:%M:%S'
  color:
    red: 255
    green: 255
    blue: 255
  thickness: 1
  effect: solid

ui:
  live_mode: webrtc
  timezone: EST5EDT
  use_experimental: false
  time_format: 12hour
  date_style: short
  time_style: medium
  strftime_fmt: '%Y/%m/%d %H:%M'

telemetry:
  version_check: true