eblume/blumeops
1
1
Fork 0
Code Issues Pull requests Projects Releases 83 Packages Wiki Activity Actions
blumeops/argocd/manifests/teslamate
History
Erich Blume 6bcbca3ca0 wave-1: neutralize minikube paperless/teslamate/mealie (replicas 0, drop ingress) 
These migrated to ringtail. Set replicas: 0 (prevents resurrecting the old
instances and double-writing the now-ringtail-owned databases) and remove the
tailscale Ingress from each (the names tesla/meals/paperless were handed off
to the -ringtail ingresses at cutover; a re-created minikube ingress would
steal them back). Service/PVC/ExternalSecrets retained for rollback. Manifest
deletion + source-DB drop come in a later decommission PR.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-03 10:31:43 -07:00
..
deployment.yaml wave-1: neutralize minikube paperless/teslamate/mealie (replicas 0, drop ingress) 2026-06-03 10:31:43 -07:00
external-secret-db.yaml Switch all ExternalSecrets to creationPolicy: Owner 2026-01-28 20:27:16 -08:00
external-secret-encryption-key.yaml Switch all ExternalSecrets to creationPolicy: Owner 2026-01-28 20:27:16 -08:00
kustomization.yaml wave-1: neutralize minikube paperless/teslamate/mealie (replicas 0, drop ingress) 2026-06-03 10:31:43 -07:00
README.md Doc review: connect-to-postgres, create-release-artifact-workflow, deploy-k8s-service (#191) 2026-02-15 07:42:01 -08:00
service.yaml Add TeslaMate deployment for Tesla Model Y data logging (#47) 2026-01-22 21:25:44 -08:00

README.md

TeslaMate

TeslaMate is a self-hosted Tesla data logger that collects and visualizes vehicle data.

Prerequisites

1. Create 1Password Secrets

Create two items in the blumeops 1Password vault:

  1. TeslaMate DB Password

    • Generate a secure password for the teslamate PostgreSQL user
    • Add a field named password with the generated value

  2. TeslaMate Encryption Key

    • Generate with: openssl rand -base64 32
    • Add a field named key with the generated value
    • This encrypts Tesla API tokens at rest in the database

2. Apply Kubernetes Secrets

# Create namespace
kubectl create namespace teslamate

# Apply database user secret (for CNPG)
op inject -i argocd/manifests/databases/secret-teslamate.yaml.tpl | kubectl apply -f -

# Apply teslamate secrets
op inject -i argocd/manifests/teslamate/secret-encryption-key.yaml.tpl | kubectl apply -f -
op inject -i argocd/manifests/teslamate/secret-db.yaml.tpl | kubectl apply -f -

3. Create Database

After the teslamate user exists in PostgreSQL (sync blumeops-pg first):

PGPASSWORD=$(op read "op://blumeops/postgres/password") \
  psql -h pg.ops.eblu.me -U eblume -c "CREATE DATABASE teslamate OWNER teslamate;"

Deployment

# Sync ArgoCD apps
argocd app sync apps
argocd app sync blumeops-pg teslamate grafana grafana-config

Tesla API Setup

  1. Access TeslaMate UI at https://tesla.tail8d86e.ts.net
  2. Click "Sign in with Tesla"
  3. Complete OAuth flow in browser
  4. Tokens are encrypted and stored in database
  5. Verify vehicle appears and data collection starts

Grafana Dashboards

TeslaMate dashboards are available in Grafana at https://grafana.tail8d86e.ts.net

They use the "TeslaMate" PostgreSQL datasource (not Prometheus).

Notes

  • MQTT is disabled (can be enabled later for Home Assistant integration)
  • Timezone is set to America/Los_Angeles
  • Encryption key protects Tesla API tokens at rest