TeslaMate
Preparation
Tesla API Token
Tesla API Token 可以从以下方式获取:
登录 Tesla 账号保存获取到的 Access Token 和 Refresh Token 供之后使用
请务必妥善保存这些信息,避免泄露,并在使用后及时清除
Installation
Install Docker
# Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
# Add the repository to Apt sources:
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
sudo docker run hello-worldThis command downloads a test image and runs it in a container. When the container runs, it prints a confirmation message and exits.
Install TeslaMate
如果 TeslaMate 部署在本地服务器,参照官方文档的 Docker 安装即可
如果部署在公网服务器上,需要按照 Advanced Guides 里的方式部署,对数据进行加密,并且添加 Web 页面和 Grafana 的密码保护
以下是公网服务器的部署步骤:
创建 TeslaMate 的运行文件夹
mkdir -p apps/teslamate && cd $_创建文件
docker-compose.ymlservices: teslamate: image: teslamate/teslamate:latest restart: always depends_on: - database environment: - ENCRYPTION_KEY=${TM_ENCRYPTION_KEY} - DATABASE_USER=${TM_DB_USER} - DATABASE_PASS=${TM_DB_PASS} - DATABASE_NAME=${TM_DB_NAME} - DATABASE_HOST=database - MQTT_HOST=mosquitto - VIRTUAL_HOST=${FQDN_TM} - CHECK_ORIGIN=true - TZ=${TM_TZ} volumes: - ./import:/opt/app/import labels: traefik.enable: "true" traefik.port: "4000" traefik.http.middlewares.redirect.redirectscheme.scheme: "https" traefik.http.middlewares.teslamate-auth.basicauth.realm: "teslamate" traefik.http.middlewares.teslamate-auth.basicauth.usersfile: "/auth/.htpasswd" traefik.http.routers.teslamate-insecure.rule: "Host(`${FQDN_TM}`)" traefik.http.routers.teslamate-insecure.middlewares: "redirect" traefik.http.routers.teslamate-ws.rule: "Host(`${FQDN_TM}`) && Path(`/live/websocket`)" traefik.http.routers.teslamate-ws.entrypoints: "websecure" traefik.http.routers.teslamate-ws.tls: "" traefik.http.routers.teslamate.rule: "Host(`${FQDN_TM}`)" traefik.http.routers.teslamate.middlewares: "teslamate-auth" traefik.http.routers.teslamate.entrypoints: "websecure" traefik.http.routers.teslamate.tls.certresolver: "tmhttpchallenge" cap_drop: - ALL database: image: postgres:17 restart: always environment: - POSTGRES_USER=${TM_DB_USER} - POSTGRES_PASSWORD=${TM_DB_PASS} - POSTGRES_DB=${TM_DB_NAME} volumes: - teslamate-db:/var/lib/postgresql/data grafana: image: teslamate/grafana:latest restart: always environment: - DATABASE_USER=${TM_DB_USER} - DATABASE_PASS=${TM_DB_PASS} - DATABASE_NAME=${TM_DB_NAME} - DATABASE_HOST=database - GRAFANA_PASSWD=${GRAFANA_PW} - GF_SECURITY_ADMIN_USER=${GRAFANA_USER} - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PW} - GF_AUTH_ANONYMOUS_ENABLED=false - GF_SERVER_DOMAIN=${FQDN_TM} - GF_SERVER_ROOT_URL=%(protocol)s://%(domain)s/grafana - GF_SERVER_SERVE_FROM_SUB_PATH=true volumes: - teslamate-grafana-data:/var/lib/grafana labels: traefik.enable: "true" traefik.port: "3000" traefik.http.middlewares.redirect.redirectscheme.scheme: "https" traefik.http.routers.grafana-insecure.rule: "Host(`${FQDN_TM}`)" traefik.http.routers.grafana-insecure.middlewares: "redirect" traefik.http.routers.grafana.rule: "Host(`${FQDN_TM}`) && (Path(`/grafana`) || PathPrefix(`/grafana/`))" traefik.http.routers.grafana.entrypoints: "websecure" traefik.http.routers.grafana.tls.certresolver: "tmhttpchallenge" mosquitto: image: eclipse-mosquitto:2 restart: always command: mosquitto -c /mosquitto-no-auth.conf ports: - "127.0.0.1:1883:1883" volumes: - mosquitto-conf:/mosquitto/config - mosquitto-data:/mosquitto/data proxy: image: traefik:v2.7 restart: always command: - "--global.sendAnonymousUsage=false" - "--providers.docker" - "--providers.docker.exposedByDefault=false" - "--entrypoints.web.address=:80" - "--entrypoints.websecure.address=:443" - "--certificatesresolvers.tmhttpchallenge.acme.httpchallenge=true" - "--certificatesresolvers.tmhttpchallenge.acme.httpchallenge.entrypoint=web" - "--certificatesresolvers.tmhttpchallenge.acme.email=${LETSENCRYPT_EMAIL}" - "--certificatesresolvers.tmhttpchallenge.acme.storage=/etc/acme/acme.json" ports: - "80:80" - "443:443" volumes: - ./.htpasswd:/auth/.htpasswd - ./acme/:/etc/acme/ - /var/run/docker.sock:/var/run/docker.sock:ro volumes: teslamate-db: teslamate-grafana-data: mosquitto-conf: mosquitto-data:- 如果服务器上只运行了 TeslaMate,可以不需要修改
否则如果同时运行了其他服务提供网页,推荐把
proxy里的端口修改为:然后用 Nginx 创建反向代理:ports: - "8080:80" - "8443:443"apt install nginx vim /etc/nginx/sites-available/<teslamate.domain.com>server { listen 80; server_name <teslamate.domain.com>; location / { proxy_pass http://localhost:8080; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; # WebSocket support proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } } server { listen 443; server_name <teslamate.domain.com>; location / { proxy_pass https://localhost:8443; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; # WebSocket support proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } }从而避免端口冲突ln -s /etc/nginx/sites-available/<teslamate.domain.com> /etc/nginx/sites-enabled/<teslamate.domain.com> nginx -t nginx -s reload
.envTM_ENCRYPTION_KEY=<your secure key to encrypt your Tesla API tokens> TM_DB_USER=teslamate TM_DB_PASS=<your secure password!> TM_DB_NAME=teslamate GRAFANA_USER=<Username> GRAFANA_PW=<Password> FQDN_TM=<teslamate.domain.com> TM_TZ=Asia/Shanghai LETSENCRYPT_EMAIL=<[email protected]>TM_ENCRYPTION_KEY: 加密 Tesla API Token 的密码TM_DB_PASS: 加密数据库的密码GRAFANA_USERGRAFANA_PW: Grafana 面板的用户名和密码LETSENCRYPT_EMAIL: 接收获取域名证书通知的邮箱
.htpasswd按提示设置和确认密码apt install apache2-utils htpasswd -cB .htpasswd <Username>- 保护后台 Web 页面的用户名和密码
启动 TeslaMate
docker compose up -d- 前往
https://<teslamate.domain.com>,输入后台 Web 页面的用户名和密码登录 - 输入
Access Token和Refresh Token登录 Tesla 账号 点击右上角设置,设置 URL:
Web App:https://<teslamate.domain.com>Dashboards:https://<teslamate.domain.com>/grafana
- 前往
访问 TeslaMate
此时,访问
https://<teslamate.domain.com>/grafana,输入Grafana 面板的用户名和密码登录