2026-01-22 21:25:44 -08:00
|
|
|
# TeslaMate
|
|
|
|
|
|
|
|
|
|
TeslaMate is a self-hosted Tesla data logger that collects and visualizes vehicle data.
|
|
|
|
|
|
|
|
|
|
## Prerequisites
|
|
|
|
|
|
|
|
|
|
### 1. Create 1Password Secrets
|
|
|
|
|
|
|
|
|
|
Create two items in the blumeops 1Password vault:
|
|
|
|
|
|
|
|
|
|
1. **TeslaMate DB Password**
|
|
|
|
|
- Generate a secure password for the teslamate PostgreSQL user
|
|
|
|
|
- Add a field named `password` with the generated value
|
|
|
|
|
|
|
|
|
|
2. **TeslaMate Encryption Key**
|
|
|
|
|
- Generate with: `openssl rand -base64 32`
|
|
|
|
|
- Add a field named `key` with the generated value
|
|
|
|
|
- This encrypts Tesla API tokens at rest in the database
|
|
|
|
|
|
|
|
|
|
### 2. Apply Kubernetes Secrets
|
|
|
|
|
|
|
|
|
|
```bash
|
|
|
|
|
# Create namespace
|
|
|
|
|
kubectl create namespace teslamate
|
|
|
|
|
|
|
|
|
|
# Apply database user secret (for CNPG)
|
|
|
|
|
op inject -i argocd/manifests/databases/secret-teslamate.yaml.tpl | kubectl apply -f -
|
|
|
|
|
|
|
|
|
|
# Apply teslamate secrets
|
|
|
|
|
op inject -i argocd/manifests/teslamate/secret-encryption-key.yaml.tpl | kubectl apply -f -
|
|
|
|
|
op inject -i argocd/manifests/teslamate/secret-db.yaml.tpl | kubectl apply -f -
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
### 3. Create Database
|
|
|
|
|
|
|
|
|
|
After the teslamate user exists in PostgreSQL (sync blumeops-pg first):
|
|
|
|
|
|
|
|
|
|
```bash
|
Doc review: connect-to-postgres, create-release-artifact-workflow, deploy-k8s-service (#191)
## Summary
Review session covering 3 docs, plus a codebase-wide cleanup:
### Docs reviewed
- **connect-to-postgres** — verified end-to-end (psql connection tested), stamped
- **create-release-artifact-workflow** — clarified that `build-blumeops.yaml` is only a version bump example (not a packages API example)
- **deploy-k8s-service** — fixed stale repoURL (`indri:2200` → `forge.ops.eblu.me:2222`), wrong Caddy config keys (`upstream` → `backend`, added missing `host`), updated Homepage group to "Services", added Tailscale tag documentation
### Codebase cleanup
- Migrated all remaining `op item get --fields` calls to `op read` URI syntax across 7 files (docs, READMEs, YAML comments)
- Simplified the `op read` vs `op item get` guidance in CLAUDE.md
## Side findings (not addressed)
- New `immich-pg` CNPG cluster not yet documented in the postgresql reference card
## Test plan
- [x] `psql` connection to `pg.ops.eblu.me` verified
- [x] All pre-commit hooks pass
- [x] `docs-check-links`, `docs-check-index`, `docs-check-frontmatter` pass
Reviewed-on: https://forge.ops.eblu.me/eblume/blumeops/pulls/191
2026-02-15 07:42:01 -08:00
|
|
|
PGPASSWORD=$(op read "op://blumeops/postgres/password") \
|
|
|
|
|
psql -h pg.ops.eblu.me -U eblume -c "CREATE DATABASE teslamate OWNER teslamate;"
|
2026-01-22 21:25:44 -08:00
|
|
|
```
|
|
|
|
|
|
|
|
|
|
## Deployment
|
|
|
|
|
|
|
|
|
|
```bash
|
|
|
|
|
# Sync ArgoCD apps
|
|
|
|
|
argocd app sync apps
|
|
|
|
|
argocd app sync blumeops-pg teslamate grafana grafana-config
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
## Tesla API Setup
|
|
|
|
|
|
|
|
|
|
1. Access TeslaMate UI at https://tesla.tail8d86e.ts.net
|
|
|
|
|
2. Click "Sign in with Tesla"
|
|
|
|
|
3. Complete OAuth flow in browser
|
|
|
|
|
4. Tokens are encrypted and stored in database
|
|
|
|
|
5. Verify vehicle appears and data collection starts
|
|
|
|
|
|
|
|
|
|
## Grafana Dashboards
|
|
|
|
|
|
|
|
|
|
TeslaMate dashboards are available in Grafana at https://grafana.tail8d86e.ts.net
|
|
|
|
|
|
|
|
|
|
They use the "TeslaMate" PostgreSQL datasource (not Prometheus).
|
|
|
|
|
|
|
|
|
|
## Notes
|
|
|
|
|
|
|
|
|
|
- MQTT is disabled (can be enabled later for Home Assistant integration)
|
|
|
|
|
- Timezone is set to America/Los_Angeles
|
|
|
|
|
- Encryption key protects Tesla API tokens at rest
|