@apocaliss92/scrypted-onvif-rebroadcast 0.0.12 → 0.0.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md CHANGED
@@ -18,17 +18,54 @@ UniFi Protect identifies third-party cameras by MAC address. To add multiple cam
18
18
 
19
19
  ### Prerequisites
20
20
 
21
- - Scrypted running in Docker with the **Rebroadcast plugin** installed
22
- - Docker socket mounted in the Scrypted container (`/var/run/docker.sock`)
23
- - A network interface available for macvlan (e.g. `br0`)
21
+ - The **Rebroadcast plugin** installed in Scrypted
22
+ - Docker installed and the Docker socket accessible at `/var/run/docker.sock`
23
+ - A parent network interface available for macvlan (e.g. `eth0`, `ens3`, `br0`)
24
24
 
25
- ### Docker Socket
25
+ #### Scrypted in Docker (bridge networking - recommended)
26
26
 
27
- The plugin needs access to the Docker socket to create proxy containers. Add this path mapping to your Scrypted container:
27
+ Mount the Docker socket so the plugin can create and manage proxy containers:
28
28
 
29
- | Container Path | Host Path |
30
- |---|---|
31
- | `/var/run/docker.sock` | `/var/run/docker.sock` |
29
+ ```yaml
30
+ # docker-compose.yml
31
+ services:
32
+ scrypted:
33
+ volumes:
34
+ - /var/run/docker.sock:/var/run/docker.sock
35
+ ```
36
+
37
+ Or with `docker run`:
38
+ ```bash
39
+ docker run -v /var/run/docker.sock:/var/run/docker.sock ...
40
+ ```
41
+
42
+ With bridge networking, Scrypted gets a Docker bridge IP (e.g. `172.17.0.2`) in a different subnet from the macvlan cameras. The plugin detects that bridge network and connects each proxy container to it, so ONVIF and RTSP traffic can reach Scrypted without a host-side shim.
43
+
44
+ #### Scrypted in Docker with `--network=host`, or native install
45
+
46
+ When Scrypted shares the host network stack (host networking or bare-metal), it gets the same LAN IP as the host (e.g. `192.168.1.50`). Macvlan containers cannot reach that IP directly due to kernel macvlan-to-host isolation.
47
+
48
+ The plugin detects this automatically when Scrypted's IP is in the same subnet as the macvlan network and tries to create a `macvlan-shim0` interface on the host through a temporary privileged helper container. If your Docker setup does not allow privileged helper containers, create the shim manually with root or `CAP_NET_ADMIN`.
49
+
50
+ **Docker with host networking:**
51
+ ```yaml
52
+ cap_add:
53
+ - NET_ADMIN
54
+ network_mode: host
55
+ volumes:
56
+ - /var/run/docker.sock:/var/run/docker.sock
57
+ ```
58
+
59
+ **Native install:** Docker must still be installed and `/var/run/docker.sock` must be accessible so the plugin can create proxy containers. Manual shim creation requires root or `CAP_NET_ADMIN` on the host.
60
+
61
+ If automatic shim creation fails, check the plugin logs and run manually on the host:
62
+ ```bash
63
+ ip link add macvlan-shim0 link <parent-iface> type macvlan mode bridge
64
+ ip addr add <shim-ip>/<prefix> dev macvlan-shim0
65
+ ip link set macvlan-shim0 up
66
+ ```
67
+
68
+ Use the **Macvlan shim IP** plugin setting to control which IP is assigned. Leave it empty unless the auto-selected address conflicts with another device.
32
69
 
33
70
  ### Plugin Settings
34
71
 
@@ -37,9 +74,10 @@ The plugin needs access to the Docker socket to create proxy containers. Add thi
37
74
  | **Username / Password** | ONVIF authentication credentials | `admin` / `password` |
38
75
  | **Auto-assign unique IPs** | Enable automatic proxy container creation | `true` |
39
76
  | **IP range start** | First IP to assign to cameras | `192.168.1.240` |
40
- | **Network interface** | Parent interface for the macvlan Docker network | `br0` |
41
- | **Subnet prefix length** | CIDR prefix for the macvlan network | `23` |
77
+ | **Network interface** | Parent interface for the macvlan Docker network | `eth0` |
78
+ | **Subnet prefix length** | CIDR prefix for the macvlan network | `24` |
42
79
  | **Gateway** | Default gateway for the macvlan network | `192.168.1.1` |
80
+ | **Macvlan shim IP** | *(Native / host networking only)* IP for the host-side macvlan shim interface. Must be in the same subnet as the IP range and not in use. Leave empty to auto-assign (subnet base + 2). Ignored in Docker bridge mode. | `192.168.1.2` |
43
81
 
44
82
  ### IP Range Selection
45
83
 
@@ -47,14 +85,26 @@ Choose IPs **outside your DHCP pool** on the same subnet as your UniFi controlle
47
85
 
48
86
  ### How It Works
49
87
 
88
+ **Scrypted in Docker (bridge networking):**
89
+ ```
90
+ UniFi Protect macvlan proxy container Scrypted container
91
+ (192.168.1.x) (192.168.1.240, unique MAC) (172.17.0.2 / bridge)
92
+ | | |
93
+ |-- ONVIF (port 8000) --->|-- TCP:18000 over bridge ->| ONVIF server
94
+ |-- RTSP (port 554) --->|-- TCP:42917 over bridge ->| RTSP rebroadcast
95
+ ```
96
+
97
+ **Scrypted on bare metal / VM:**
50
98
  ```
51
- UniFi Protect Docker macvlan proxy Scrypted container
52
- (192.168.1.x) (192.168.1.240, unique MAC) (192.168.4.40)
53
- | | |
54
- |--- ONVIF (port 8000) ---------->|--- TCP proxy (port 18000) --->| ONVIF server
55
- |--- RTSP (port 554) ---------->|--- TCP proxy (port 42917) -->| RTSP rebroadcast
99
+ UniFi Protect macvlan proxy container macvlan-shim0 Scrypted (native)
100
+ (192.168.1.x) (192.168.1.240, unique MAC) (192.168.1.2) (192.168.1.50)
101
+ | | | |
102
+ |-- ONVIF (port 8000) --->|-- TCP:18000 ----------->|-- loopback ------->| ONVIF server
103
+ |-- RTSP (port 554) --->|-- TCP:42917 ----------->|-- loopback ------->| RTSP rebroadcast
56
104
  ```
57
105
 
106
+ The macvlan shim (`macvlan-shim0`) is a host-side macvlan interface that breaks kernel-level macvlan-to-host isolation, allowing proxy containers to reach Scrypted on the same machine.
107
+
58
108
  Each camera gets its own proxy container with:
59
109
  - A unique IP address on your LAN
60
110
  - A unique MAC address (deterministic, based on device ID)
@@ -69,6 +119,19 @@ Each camera gets its own proxy container with:
69
119
  5. Enter each camera's assigned IP with port `8000`
70
120
  6. Enter the ONVIF username/password you configured
71
121
 
122
+ ### Audio in UniFi Protect
123
+
124
+ UniFi Protect audio depends on the RTSP stream codec that Scrypted Rebroadcast serves. This plugin wraps those RTSP URLs in ONVIF and proxies them; it does not transcode audio itself.
125
+
126
+ For third-party camera audio in Protect:
127
+
128
+ 1. In Scrypted's Rebroadcast settings for the camera, choose the stream mode that actually exposes working audio in Protect. Some cameras work better with default rebroadcast audio than Improved Compatibility Mode.
129
+ 2. Reload or refresh this plugin so the updated rebroadcast stream is discovered.
130
+ 3. On the camera's ONVIF Rebroadcast mixin settings, set **Streams to expose via ONVIF** to the working main/sub streams.
131
+ 4. Remove and re-add the camera in UniFi Protect if it was already adopted; Protect caches stream/profile metadata.
132
+
133
+ The plugin logs each discovered stream's audio codec so you can compare modes and select the stream that works best with Protect.
134
+
72
135
  ### Unraid Notes
73
136
 
74
137
  - If your Scrypted container uses `Custom: br0.2` (ipvlan), create the macvlan network on `br0` instead to get unique MACs
package/dist/plugin.zip CHANGED
Binary file
@@ -4,9 +4,9 @@ UniFi Protect identifies third-party ONVIF cameras by **MAC address**. When mult
4
4
 
5
5
  ## Prerequisites
6
6
 
7
- - Scrypted running in Docker with the **Rebroadcast** plugin installed
8
- - Docker socket mounted in the Scrypted container (`/var/run/docker.sock`)
9
- - A network bridge interface available for macvlan (e.g. `br0`)
7
+ - The **Rebroadcast** plugin installed in Scrypted
8
+ - Docker installed and the Docker socket accessible at `/var/run/docker.sock`
9
+ - A parent network interface available for macvlan (e.g. `eth0`, `ens3`, `br0`)
10
10
 
11
11
  ## How It Works
12
12
 
@@ -17,16 +17,20 @@ The plugin creates a **Docker macvlan network** and spawns a lightweight **proxy
17
17
  - TCP proxies for **ONVIF** (port 8000) and **RTSP** (port 554+) traffic
18
18
 
19
19
  ```
20
- UniFi Protect Docker macvlan proxy Scrypted container
21
- (your LAN) (unique IP + MAC) (internal IP)
20
+ UniFi Protect Docker macvlan proxy Scrypted
21
+ (your LAN) (unique IP + MAC) (bridge or shim IP)
22
22
  │ │ │
23
23
  │── ONVIF (port 8000) ───────▶│── TCP proxy ─────────────────▶│ ONVIF server
24
24
  │── RTSP (port 554) ───────▶│── TCP proxy ─────────────────▶│ RTSP rebroadcast
25
25
  ```
26
26
 
27
- ## Step 1: Mount Docker Socket
27
+ ## Step 1: Provide Docker Access
28
28
 
29
- The plugin needs access to Docker to create proxy containers. Add this path mapping to your Scrypted container:
29
+ The plugin needs Docker access to create macvlan networks and proxy containers.
30
+
31
+ ### Docker bridge networking
32
+
33
+ Bridge networking is the preferred setup. Mount the Docker socket into Scrypted:
30
34
 
31
35
  | Container Path | Host Path |
32
36
  |---|---|
@@ -46,6 +50,20 @@ volumes:
46
50
  docker run ... -v /var/run/docker.sock:/var/run/docker.sock ...
47
51
  ```
48
52
 
53
+ The plugin detects Scrypted's Docker bridge network and connects each proxy container to it, so no host-side macvlan shim is needed.
54
+
55
+ ### Docker host networking or native install
56
+
57
+ If Scrypted runs with `--network=host` or directly on the host, Scrypted's IP is usually on the same LAN subnet as the macvlan proxy IPs. Linux macvlan isolation prevents proxy containers from reaching that host IP directly.
58
+
59
+ In that case, the plugin attempts to create a host-side `macvlan-shim0` interface through a temporary privileged helper container. If your Docker setup does not allow that, create the shim manually on the host:
60
+
61
+ ```bash
62
+ ip link add macvlan-shim0 link <parent-iface> type macvlan mode bridge
63
+ ip addr add <shim-ip>/<prefix> dev macvlan-shim0
64
+ ip link set macvlan-shim0 up
65
+ ```
66
+
49
67
  ## Step 2: Configure Plugin Settings
50
68
 
51
69
  Open the ONVIF Rebroadcast plugin settings in Scrypted and configure the **IP Allocation** section:
@@ -57,6 +75,7 @@ Open the ONVIF Rebroadcast plugin settings in Scrypted and configure the **IP Al
57
75
  | **Network interface** | Parent interface for the macvlan Docker network | `br0` |
58
76
  | **Subnet prefix length** | CIDR prefix matching your network | `23` or `24` |
59
77
  | **Gateway** | Your network's default gateway | `192.168.1.1` |
78
+ | **Macvlan shim IP** | Optional shim address for native / host networking. Leave empty to auto-assign. Ignored in Docker bridge mode. | `192.168.1.2` |
60
79
 
61
80
  ### Choosing the Right IP Range
62
81
 
@@ -102,6 +121,19 @@ Repeat for each camera IP. Each will be recognized as a separate device with its
102
121
 
103
122
  > **Note:** UniFi will display the camera's actual model number (e.g. "Reolink CX410") as reported by the ONVIF device information.
104
123
 
124
+ ## UniFi Protect Audio
125
+
126
+ The proxy only forwards Scrypted's RTSP rebroadcast stream. It cannot add or transcode audio after the fact.
127
+
128
+ If UniFi Protect shows video but no audio:
129
+
130
+ - In Scrypted's Rebroadcast settings, try the available stream modes and keep the one that exposes stable audio in Protect. Some cameras work better with default rebroadcast audio than Improved Compatibility Mode.
131
+ - In the ONVIF Rebroadcast mixin settings, click **Refresh streams**.
132
+ - Select the working main/sub streams under **Streams to expose via ONVIF**.
133
+ - Remove and re-add the camera in UniFi Protect so Protect re-reads the ONVIF profile and RTSP audio metadata.
134
+
135
+ Check the ONVIF Rebroadcast logs after refresh. The selected streams should show audio metadata so you can compare which mode Protect handles best.
136
+
105
137
  ## Step 5: Verify
106
138
 
107
139
  You can verify the proxy containers are running:
package/package.json CHANGED
@@ -5,7 +5,7 @@
5
5
  "type": "git",
6
6
  "url": "https://github.com/apocaliss92/scrypted-onvif-rebroadcast"
7
7
  },
8
- "version": "0.0.12",
8
+ "version": "0.0.14",
9
9
  "scripts": {
10
10
  "scrypted-setup-project": "scrypted-setup-project",
11
11
  "prescrypted-setup-project": "scrypted-package-json",