Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Dahua and Tapo cameras: two-way not working for Frigate and HA #1464

Open
derekcentrico opened this issue Nov 15, 2024 · 21 comments
Open

Dahua and Tapo cameras: two-way not working for Frigate and HA #1464

derekcentrico opened this issue Nov 15, 2024 · 21 comments
Labels
question Further information is requested

Comments

@derekcentrico
Copy link

I have Tapo and Dahua cameras. I set them up with Frigate based upon their documentation. However, two-way communication doesn't work at all. Dahua shows the mic icon but doesn't transmit. Tapo doesn't even show the mic icon. I am using HTTPS. They referred me here and I've been tinkering ever since.

  • Block domains n-device-api.tplinkcloud.com and security.iot.i.tplinknbu.com

@mofman thank you for the info. Blocked and configured with tapo://.. TAPO C120 now works with 2-way audio in Home Assistant.

@mofman and @rici44 would you be kind enough to provide Frigate go2rtc and camera configs, and maybe any card configuration data from HA?

Anyone else with thoughts I'd be grateful.

This is what I got going currently:

Frigate

go2rtc:
  streams:
    garage:  # Dahua camera
      - rtsp://admin:pass@192.168.1.240:554/cam/realmonitor?channel=1&subtype=0#backchannel=0
      - rtsp://admin:pass@192.168.1.240:554/cam/realmonitor?channel=1&subtype=0
    garage_sub: # Dahua camera
      - rtsp://admin:pass@192.168.1.240:554/cam/realmonitor?channel=1&subtype=2#backchannel=0
      - rtsp://admin:pass@192.168.1.240:554/cam/realmonitor?channel=1&subtype=2

    kitchen: # Tapo C120
      - ffmpeg:rtsp://tapocam:pass@192.168.1.246:554/stream1#audio=aac#video=copy
      - tapo://passhash@192.168.1.246
    kitchen_sub: # Tapo C120
      - ffmpeg:rtsp://tapocam:pass@192.168.1.246:554/stream2#audio=aac#video=copy
      - tapo://passhash@192.168.1.246

cameras:
  garage:
  ....
    ffmpeg:
      output_args:
        record: preset-record-generic-audio-aac
      inputs:
        - path: 
            rtsp://admin:pass@192.168.1.240:554/cam/realmonitor?channel=1&subtype=0
          input_args: preset-rtsp-restream
          roles:
            - record
        - path: 
            rtsp://admin:pass@192.168.1.240:554/cam/realmonitor?channel=1&subtype=2
          input_args: preset-rtsp-restream
          roles:
            - detect
            - audio
      hwaccel_args: preset-vaapi
  ....
  kitchen:
  ....
    ffmpeg:
      output_args:
        record: preset-record-generic-audio-copy
      inputs:
        - path: rtsp://tapocam:pass@192.168.1.246:554/stream2
          roles:
            - detect
          input_args: preset-rtsp-restream-low-latency
        - path: rtsp://127.0.0.1:8554/kitchen
          input_args: preset-rtsp-restream
          roles:
            - record
            - audio
#      hwaccel_args: preset-vaapi
    live:
      stream_name: kitchen
  ....

Home Assistant Card:

type: grid
cards:
  - type: custom:frigate-card
    cameras:
      - camera_entity: camera.kitchen_2
        go2rtc:
          modes: []
        webrtc_card: {}
        live_provider: go2rtc
    view:
      update_force: true
      update_seconds: 0
    menu:
      buttons:
        mute:
          enabled: true
        play:
          enabled: true
        microphone:
          enabled: true
          type: momentary
          alignment: matching
      style: overlay
    live:
      preload: true
      controls:
        thumbnails:
          media: clips
      auto_play: all
      auto_mute: all
      microphone:
        always_connected: true
    media_viewer:
      auto_mute: never
      controls:
        next_previous: {}
    image:
      mode: camera
type: custom:frigate-card
cameras:
  - camera_entity: camera.garage
    live_provider: auto
    go2rtc:
      modes:
        - webrtc
    image:
      refresh_seconds: 2
view:
  default: image
  camera_select: live
  update_seconds: 2
image:
  mode: camera
  refresh_seconds: 2
performance:
  profile: low
dimensions:
  aspect_ratio_mode: dynamic

@mofman
Copy link

mofman commented Nov 15, 2024

Showing you the part of the config which need to get right,

you need admin: and your tapo account password sha256 hashed in upper case (the password you use to login to tapo services)

your ffmpeg line is wrong too

go2rtc:
  streams:
    Kitchen:
      - tapo://admin:XXXB3B88C3CA41847092362896109AC1EA681A2E82ED40BFD25C8E25EEFDFXXX@192.168.0.240
      - ffmpeg:Kitchen#audio=aac#audio=opus

@derekcentrico
Copy link
Author

Showing you the part of the config which need to get right,

you need admin: and your tapo account password sha256 hashed in upper case

your ffmpeg line is wrong too

go2rtc:
  streams:
    Kitchen:
      - tapo://admin:XXXB3B88C3CA41847092362896109AC1EA681A2E82ED40BFD25C8E25EEFDFXXX@192.168.0.240
      - ffmpeg:Kitchen#audio=aac#audio=opus

Thanks, I'll tweak that. How do you have the URL for the actual cameras?

@mofman
Copy link

mofman commented Nov 15, 2024

You mean the ip address?

@rici44
Copy link

rici44 commented Nov 15, 2024

@derekcentrico For this setup I use only go2rtc and Custom: WebRTC Camera card in HA

go2rtc config

cam4: 
  - tapo://admin:AAAAA......................BBBBB@192.168.200.133

Custom: WebRTC Camera

type: custom:webrtc-camera
streams:
  - url: cam4
    mode: webrtc
    media: video,audio,microphone

@derekcentrico
Copy link
Author

derekcentrico commented Nov 15, 2024

You mean the ip address?

@mofman Like the camera section in Frigate config.

cameras:  
kitchen:
  ....
    ffmpeg:
      output_args:
        record: preset-record-generic-audio-copy
      inputs:
        - path: rtsp://tapocam:pass@192.168.1.246:554/stream2
          roles:
            - detect
          input_args: preset-rtsp-restream-low-latency
        - path: rtsp://127.0.0.1:8554/kitchen
          input_args: preset-rtsp-restream

@mofman
Copy link

mofman commented Nov 15, 2024

go2rtc:
  streams:
    Kitchen:
      - tapo://admin:XXXB3B88C3CA41847092362896109AC1EA681A2E82ED40BFD25C8E25EEFDFXXX@192.168.0.240
      - ffmpeg:Kitchen#audio=aac#audio=opus

cameras:
  Kitchen:
    ffmpeg:
      inputs:
        - path: rtsp://127.0.0.1:8554/Kitchen
          roles:
            - detect
      output_args:
        record: preset-record-generic-audio-aac
    detect:
      enabled: true
    objects:
      track:
        - person
        - cat
        - dog
    motion:
      mask: 0,0.046,0.359,0.047,0.358,0,0,0.002

Assuming its running on the location and the dafault port, use rtsp://127.0.0.1:8554/Kitchen - keep the name the same.

@derekcentrico
Copy link
Author

@mofman and @rici44 thank you both.

I revised my cameras. Oddly, I get this error when using the go2rtc URL for the camera:

rtsp://127.0.0.1:8554/kitchen: Invalid data found when processing input

Cloud password is the password that goes to the Tapo app, correct? I tried that one and the tapocam:password from the RTSP setup just for kicks. No go.

2024-11-15 17:56:35.141980187  [2024-11-15 17:56:35] frigate.video                  ERROR   : portable: Unable to read frames from ffmpeg process.
2024-11-15 17:56:35.142058459  [2024-11-15 17:56:35] frigate.video                  ERROR   : portable: ffmpeg process is not running. exiting capture thread...
2024-11-15 17:56:35.157629698  17:56:35.157 WRN [rtsp] error="streams: 401 Unauthorized, exec: rtsp://127.0.0.1:8554/kitchen?audio: Invalid data found when processsing input\n" stream=kitchen
2024-11-15 17:56:35.243087508  [2024-11-15 17:56:35] audio.kitchen                  ERROR   : ffmpeg process is not running, restarting...

I have firmware 1.1.3 flashed to it, using the very last release of 1.1.3 available as a bin.

Did y'all have an issue with a password or anything?

@derekcentrico
Copy link
Author

LOL now I get "2024-11-15 18:31:15.077453990 18:31:15.077 WRN [rtsp] error="streams: Expected StatusCode to be 401, received 200, exec: rtsp://127.0.0.1:8554/kitchen?video&audio: Invalid data found when processing input\n" stream=portable" using "Tapo_C120v1_en_1.1.3_Build_230930_Rel.56236n_up_boot-signed_1697192563556.bin" instead of "Tapo_C120v1_en_1.1.3_Build_230930_Rel.56236n_up_boot-signed_1697194362284.bin"

@mofman
Copy link

mofman commented Nov 15, 2024

Did you block the domains I suggested?

@derekcentrico
Copy link
Author

Did you block the domains I suggested?

Yeah I blocked them via pihole.

My firewalla shows only one domain it's hitting, 5 times. aps1-relay-dcipc-beta.i.tplinknbu.com

@mofman
Copy link

mofman commented Nov 16, 2024

Are you familiar with python?

If so

Can you try this code, install pytapo via pip then create the script below replacing with your values and let me know what your response is when you run it

pip3 install pytapo

from pytapo import Tapo

user = "admin" # leave this variable as 'admin'
password = "XXXXXXXXX" # password for your **tapo account** in plain text (not hashed)
host = "192.168.0.1" # ip of the camera, example: 192.168.1.52

tapo = Tapo(host, user, password)

print(tapo.getBasicInfo())

@derekcentrico
Copy link
Author

@mofman Sure, so here is the resulting matter:

Traceback (most recent call last):
  File "/home/derek/Desktop/pytest", line 7, in <module>
    tapo = Tapo(host, user, password)
  File "/home/derek/.local/lib/python3.10/site-packages/pytapo/__init__.py", line 86, in __init__
    self.basicInfo = self.getBasicInfo()
  File "/home/derek/.local/lib/python3.10/site-packages/pytapo/__init__.py", line 1091, in getBasicInfo
    return self.executeFunction(
  File "/home/derek/.local/lib/python3.10/site-packages/pytapo/__init__.py", line 491, in executeFunction
    data = self.performRequest(
  File "/home/derek/.local/lib/python3.10/site-packages/pytapo/__init__.py", line 532, in performRequest
    self.ensureAuthenticated()
  File "/home/derek/.local/lib/python3.10/site-packages/pytapo/__init__.py", line 108, in ensureAuthenticated
    return self.refreshStok()
  File "/home/derek/.local/lib/python3.10/site-packages/pytapo/__init__.py", line 418, in refreshStok
    return self.refreshStok(loginRetryCount)
  File "/home/derek/.local/lib/python3.10/site-packages/pytapo/__init__.py", line 418, in refreshStok
    return self.refreshStok(loginRetryCount)
  File "/home/derek/.local/lib/python3.10/site-packages/pytapo/__init__.py", line 423, in refreshStok
    raise Exception("Invalid authentication data")
Exception: Invalid authentication data

Seems like I'm stuck in what the other issue thread is about. Hoping @rici44 sends me the blob filename for 1.2.2 so I can download/flash it. 🥇

@mofman
Copy link

mofman commented Nov 16, 2024

1.2.2 is just the latest version available from the app,

Go through this checklist

  • Block domains using pihole
  • Factory reset camera
  • Test using python script, ensure you are using admin and your tapo account password (not password for device)

@derekcentrico
Copy link
Author

Domains blocked. No flows are going through to any of those domains.

Py script started giving results after factory reset:
{'device_info': {'basic_info': {'device_type': 'SMART.IPCAMERA', 'device_info': 'C120 1.0 IPC', 'features': 3, 'barcode': '', 'device_model': 'C120', 'sw_version': '1.1.3 Build 230930 Rel.56236n', 'device_name': 'C120 1.0', 'hw_version': '1.0', 'device_alias': 'portable', 'mobile_access': '0', 'mac': '20-23-51-0F-3E-87', 'dev_id': '80217D748F6B96A0F9EA4CF5B1BE329722B9C457', 'hw_id': 'F0F676D5F47CAFF56B203949B1FAC42C', 'oem_id': 'CDE31B10524EC3E6E74A09A9D7B57FD8', 'hw_desc': '00000000000000000000000000000000', 'manufacturer_name': 'TP-LINK', 'region': 'US', 'ffs': False, 'is_cal': True, 'avatar': 'Cat tree', 'has_set_location_info': 1, 'longitude': -773812, 'latitude': 389611}}}

I tried the tapo:// combinations of plain text password, admin:MD5 and admin:shasum256. None work. Generated those using the same password used in the py script.

@mofman
Copy link

mofman commented Nov 16, 2024

You're really close now that you're successfuly getting authenticated. Try all these combos below, you can try them all at once.

Then go to your go2rtc web client and see if it creates any producers http://192.168.0.XXX:1984/

    Kitchen:
      - tapo://Plaintext@192.168.0.195 #plaintext
      - tapo://XXXX3B88C3CA41847092362896109AC1EA681A2E82ED40BFD25C8E25EEFXXXX4@192.168.0.195  #sha256 UPPERCASE
      - tapo://XXXXXDB5AFBE99D204920348BB56BEEB4@192.168.0.195 #md5 UPPERCASE
      - tapo://admin:XXXX3B88C3CA41847092362896109AC1EA681A2E82ED40BFD25C8E25EEFXXXX4@192.168.0.195 #admin + sha256 UPPERCASE
      - tapo://admin:XXXXXDB5AFBE99D204920348BB56BEEB4@192.168.0.195 #admin + md5 UPPERCASE
      - ffmpeg:Kitchen#audio=aac#audio=opus

@derekcentrico
Copy link
Author

@mofman So, added all those and boom something works because it is in Frigate now. Thanks!!!

@mofman
Copy link

mofman commented Nov 16, 2024

No problem, you should be able to identify which is the working line is using a process of elimination.

@rici44
Copy link

rici44 commented Nov 16, 2024

@derekcentrico proper camera reset and proper blocked domains are necessary steps. I block domains with IP addresses of those domains (nslookup) but IPs changed and I had to reset camera again and block with domain names.

@derekcentrico
Copy link
Author

@rici44 yeah so I used pihole to null route the recommended domains and I monitored the network flows with my Firewalla. All good for 2 cameras. The 3rd one appears to be bricked upon flashing. Blinking red for 30 minutes after the reboot. Siiiigh

@mofman
Copy link

mofman commented Nov 16, 2024

@AlexxIT I’m wondering if it might be worth considering a mechanism where the user could simply enter their Tapo account password, for example:

  • tapo://Plaintext!@192.168.0.1

When go2rtc attempts to connect, it could try various combinations automatically, such as admin:md5, admin:sha256, etc., eliminating the need for users to figure out which combination works.

This should be feasible to implement without disrupting existing setups...

@AlexxIT AlexxIT added the question Further information is requested label Nov 17, 2024
@AlexxIT
Copy link
Owner

AlexxIT commented Nov 17, 2024

@mofman go2rtc supports password as plaint text for tapo source:
https://github.com/AlexxIT/go2rtc?tab=readme-ov-file#source-tapo

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
question Further information is requested
Projects
None yet
Development

No branches or pull requests

4 participants