- GPU-aware model loading with CUDA/TensorRT/DirectML when available; CPU fallback is automatic.
- Improved cosine-similarity recognition for better tolerance to slight side profiles.
- Preloaded models and tuned JPEG encoding to reduce latency and memory churn.
- Production-friendly logging with
APP_LOG_LEVEL(INFO by default). - Refreshed NiceGUI layout with clear status chips, directory view, and upload tester.
python -m venv .venv
source .venv/bin/activate # Windows: .venv\Scripts\activate
pip install --upgrade pip
pip install -r requirements.txt-
Install NVIDIA Drivers
- Make sure you have the latest drivers for your GPU:
sudo apt update sudo apt install nvidia-driver-535 # Or latest for your GPU sudo reboot
- Make sure you have the latest drivers for your GPU:
-
Install CUDA Toolkit (11.8 recommended)
- Download from https://developer.nvidia.com/cuda-toolkit-archive
- Follow NVIDIA's instructions for your Ubuntu version.
- Add CUDA to your PATH and LD_LIBRARY_PATH (usually done by the installer):
export PATH=/usr/local/cuda/bin:$PATH export LD_LIBRARY_PATH=/usr/local/cuda/lib64:$LD_LIBRARY_PATH
-
(Optional) Install cuDNN
- Download cuDNN for CUDA 11.x from https://developer.nvidia.com/cudnn
- Extract and copy the files to your CUDA folders as per NVIDIA's instructions.
-
Install ONNX Runtime GPU
- In your Python environment:
pip uninstall -y onnxruntime pip install onnxruntime-gpu
- In your Python environment:
-
Verify GPU is available
- Run:
import onnxruntime print(onnxruntime.get_available_providers())
- You should see
CUDAExecutionProviderin the output.
- Run:
-
(Optional) TensorRT for Advanced Users
- Install TensorRT from https://developer.nvidia.com/tensorrt
- Add the TensorRT
libdirectory (containingnvinfer*.so) to yourLD_LIBRARY_PATH. - Most users do not need TensorRT; CUDA is fast and stable.
Provider selection: By default, this app uses CUDA if available, then CPU. You can change this in config.py via PROVIDER_PRIORITY.
-
Install NVIDIA Drivers
- Get drivers from: https://www.nvidia.com/Download/index.aspx
-
Install CUDA Toolkit
- Install a CUDA toolkit supported by your
onnxruntime-gpuwheel (11.8 or 12.x commonly). - Ensure
cudart64_*.dllis on yourPATH(CUDA installer normally does this).
- Install a CUDA toolkit supported by your
-
Install cuDNN
- Download cuDNN matching your CUDA version from NVIDIA (developer account required).
- Copy
cudnn64_*.dllinto your CUDAbinfolder (for exampleC:\Program Files\NVIDIA GPU Computing Toolkit\CUDA\v11.8\bin) or add the cuDNNbinfolder to yourPATH.
-
Install ONNX Runtime GPU wheel
pip uninstall -y onnxruntime pip install onnxruntime-gpu
-
Verify providers
import onnxruntime print(onnxruntime.get_available_providers())
- If
CUDAExecutionProvideris present, GPU should be usable. If you see errors about missingcudnn64_*.dll, ensure cuDNN is installed and itsbinis onPATH.
- If
If you prefer TensorRT on Windows, install TensorRT and add its bin directory (containing nvinfer_*.dll) to PATH.
python main.pySet via environment variables or edit config.py:
IP_CAMERA_URL(e.g.rtsp://user:pass@host:554/stream; if set, overrides camera index)VIDEO_SOURCES(comma-separated list, supportsid=urivalues, e.g.gate=rtsp://...,desk=0)ACTIVE_SOURCE_ID(optional source id selected at startup)CAMERA_INDEX(default 0)FRAME_WIDTH/FRAME_HEIGHT(default 1280x720)TARGET_FPS(default 10)PROCESS_EVERY_N_FRAMES(default 1)DETECTION_INPUT_SIZE(detector input side length; smaller is faster, default profile-based)DETECTION_SCALE(downscale before detection; smaller is faster, default profile-based)MAX_FACES_PER_FRAME(caps faces processed per frame, default 8)RECOGNITION_THRESHOLD(cosine similarity, default 0.35)FACES_REFRESH_SECONDS(DB sync cadence, default 2s)UNKNOWN_INSERT_COOLDOWN_SECONDS(default 2)UNKNOWN_RETENTION_HOURS(default 72)INFERENCE_BACKEND(pythonordeepstream, defaultpython)DEEPSTREAM_CONFIG_PATH(optional DeepStream app config path)HEALTH_ENABLED/METRICS_ENABLED(default enabled)ACCESS_TOKEN(optional shared token for/video/frame,/health,/metrics)AUTH_SECRET(enables signed expiring tokens and RBAC)AUTH_USERS_FILE(defaultdeploy/users.json, local user/role store)TOKEN_TTL_SECONDS(signed token lifetime in seconds, default 3600)OPERATOR_PIN(optional lock for enroll/promote/delete actions in UI)OPERATOR_SESSION_TIMEOUT_SECONDS(operator unlock session timeout; default 900)WRITE_QUEUE_MAXSIZE/WRITE_TIMEOUT_SECONDS(async write queue tuning)APP_LOG_LEVEL(INFO/DEBUG/WARN)JPEG_QUALITY(default 85)
- Copy
deploy/users.example.jsontodeploy/users.json. - Generate password hashes:
python scripts/make_password_hash.py "your-strong-password"- Replace each
password_hashindeploy/users.json. - Set
AUTH_SECRET(long random string) and optionalTOKEN_TTL_SECONDS. - Restart the app.
When auth is enabled, roles are:
viewer: view streams and statusoperator: viewer + source switch + enroll/promote/delete (with operator lock if enabled)admin: operator + audit trail visibility
# Linux/macOS
export VIDEO_SOURCES="gate=rtsp://user:pass@192.168.1.20:554/stream1,desk=0"
export ACTIVE_SOURCE_ID="gate"
# Windows PowerShell
$env:VIDEO_SOURCES="gate=rtsp://user:pass@192.168.1.20:554/stream1,desk=0"
$env:ACTIVE_SOURCE_ID="gate"The UI includes an "Active source" selector in the Live Monitor tab to switch sources at runtime.
docs/01-architecture.md- system architecture and data flowdocs/02-knowledge-base.md- operational KB and tuning notesdocs/03-similar-projects-research.md- external project research and best strategiesdocs/04-jetson-nano-production-playbook.md- Jetson Nano production optimization guidedocs/05-stream-sources-setup.md- stream onboarding and source config examplesdocs/06-roadmap-and-implementation-status.md- implemented changes and next roadmapdocs/07-production-deployment.md- Linux/systemd deployment guidedocs/08-deepstream-backend.md- DeepStream backend mode and migration notesdocs/09-security-and-auth.md- endpoint security and operator lock controlsdocs/10-monitoring-grafana.md- Prometheus and Grafana setupdocs/11-reverse-proxy-tls.md- Nginx/Caddy TLS reverse proxy templatesdocs/12-deep-hardening-layer.md- summary of deep hardening passdocs/13-project-description-and-architecture-master.md- complete product description, feature matrix, and architecture reference
GET /health- service status, stream status, queue depth, freshness and FPSGET /metrics- Prometheus-style counters for throughput, drops, reconnects, retention cleanupPOST /auth/login- body{ "username": "...", "password": "..." }, returns signed token whenAUTH_SECRETis enabledPOST /auth/logout- stateless logout event endpoint
All protected endpoints accept either:
Authorization: Bearer <token>X-Access-Token: <token>- query
?access_token=<token>
scripts/run_jetson_profile.sh- launches app with Nano-friendly defaults and optional clock boostscripts/install_systemd_service.sh- installs and starts systemd servicedeploy/systemd/visionid.service- service unit templatedeploy/systemd/visionid.env.example- production env templatedeploy/grafana/visionid-dashboard.json- Grafana dashboard import templatedeploy/proxy/nginx.visionid.conf- Nginx TLS reverse proxy exampledeploy/proxy/Caddyfile.visionid- Caddy TLS reverse proxy example
├── main.py # NiceGUI app, camera loop, upload/registration
├── face_utils.py # Provider selection, detection, recognition
├── db.py # SQLite helpers for embeddings
├── config.py # Runtime tunables
├── requirements.txt # Minimal deps; swap onnxruntime for GPU build on Jetson
├── models/ # InsightFace models (auto)
├── storage/ # Saved snapshots (auto)
└── embeddings.db # SQLite store (auto)
- InsightFace downloads the chosen model into
models/if not present. - Recognition uses cosine similarity; keep faces reasonably frontal or with light yaw for best accuracy.
- The UI displays model info and current provider; logs show which provider was selected at startup.