记录一下使用阿里云部署teslamate的历程

teslamate 介绍

服务器购买(可选)

如果你没有服务器,推荐阿里云99一年的服务器 2c2g够用了
点我购买

建议使用ubuntu 镜像

服务器准备(必须)

必要依赖安装

sudo apt-get update -y
sudo apt-get upgrade -y
sudo timedatectl set-timezone Asia/Shanghai 
sudo apt-get install nginx -y
sudo apt-get install docker -y
sudo apt-get install apache2-utils -y

docker registry(科学上网)

由于docker hub 被墙了,默认可能拉取不到正确的镜像。阿里云的镜像是过时的。因此最好使用科学上网,或者能正确代理到dockerhub的镜像地址,这里提供一个 dk.magichouse.top
我使用的是podman 因此编辑 vim /etc/containers/registries.conf

[[registry]]
location = "docker.io"
prefix = "docker.io"
[[registry.mirror]]
location = "dk.magichouse.top"

teslamate安装(必须)

使用docker 安装

vim docker-compose.yml

services:
  teslamate:
    image: teslamate/teslamate:latest
    restart: always
    environment:
      - ENCRYPTION_KEY=secretkey #replace with a secure key to encrypt your Tesla API tokens
      - DATABASE_USER=teslamate
      - DATABASE_PASS=password #insert your secure database password!
      - DATABASE_NAME=teslamate
      - DATABASE_HOST=database
      - MQTT_HOST=mosquitto
    ports:
      - 4000:4000
    volumes:
      - ./import:/opt/app/import
    cap_drop:
      - all

  database:
    image: postgres:17
    restart: always
    environment:
      - POSTGRES_USER=teslamate
      - POSTGRES_PASSWORD=password #insert your secure database password!
      - POSTGRES_DB=teslamate
    volumes:
      - teslamate-db:/var/lib/postgresql/data

  grafana:
    image: teslamate/grafana:latest
    restart: always
    environment:
      - DATABASE_USER=teslamate
      - DATABASE_PASS=password #insert your secure database password!
      - DATABASE_NAME=teslamate
      - DATABASE_HOST=database
    ports:
      - 3000:3000
    volumes:
      - teslamate-grafana-data:/var/lib/grafana

  mosquitto:
    image: eclipse-mosquitto:2
    restart: always
    command: mosquitto -c /mosquitto-no-auth.conf
    # ports:
    #   - 1883:1883
    volumes:
      - mosquitto-conf:/mosquitto/config
      - mosquitto-data:/mosquitto/data

volumes:
  teslamate-db:
  teslamate-grafana-data:
  mosquitto-conf:
  mosquitto-data:

docker compose up -d

使用teslamate

登录

nginx(可选)

如果你有域名,可以使用nginx转发,可以不用记忆端口。使用https增加安全性。

1. acme 证书

  1. 安装acme.sh

  2. 在域名托管商那里将域名指向服务器地址

  3. 生成证书

acme.sh --issue --dns dns_ali -d tesla.yourdomain.com --force
acme.sh --issue --dns dns_ali -d grafana.yourdomain.com --force

2. nginx 配置文件

需要新增两个配置文件

2.1. teslamate

vim /etc/nginx/conf.d/tesla.conf

# 替换yourdomain.com 为你的域名
server {
        listen      80;
        server_name tesla.yourdomain.com ;
        return 301 https://$server_name$request_uri;
    }
    server {
        listen      443 ssl;
        server_name tesla.yourdomain.com ;
        access_log /var/log/nginx/tesla.access.log;
        ssl_certificate    "/root/.acme.sh/tesla.yourdomain.com_ecc/fullchain.cer";
        ssl_certificate_key  "/root/.acme.sh/tesla.yourdomain.com_ecc/tesla.yourdomain.com.key";
        ssl_session_timeout 5s;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
        ssl_prefer_server_ciphers on;
         location ~ \.php$ {
        return 404;
    }

location / {
    auth_basic "Restricted Access";
    auth_basic_user_file /etc/nginx/.htpasswd;
    proxy_pass http://localhost:4000/ ;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header Host $host;
    proxy_read_timeout 10s;
    proxy_set_header Remote_Addr $remote_addr;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

        error_page   500 502 503 504  /50x.html;
        error_page   404  /404tesla.html;
    }

2.2. grafana

vim /etc/nginx/conf.d/grafana.conf

# 替换yourdomain.com 为你的域名
server {
        listen      80;
        server_name grafana.yourdomain.com ;
        return 301 https://$server_name$request_uri;
    }
    server {
        listen      443 ssl;
        server_name grafana.yourdomain.com ;
        access_log /var/log/nginx/grafana.access.log;
        ssl_certificate    "/root/.acme.sh/grafana.yourdomain.com_ecc/fullchain.cer";
        ssl_certificate_key  "/root/.acme.sh/grafana.yourdomain.com_ecc/grafana.yourdomain.com.key";
        ssl_session_timeout 5s;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
        ssl_prefer_server_ciphers on;
         location ~ \.php$ {
        return 404;
    }

location / {
    proxy_pass http://localhost:3000/ ;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header Host $host;
    proxy_read_timeout 10s;
    proxy_set_header Remote_Addr $remote_addr;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

        error_page   500 502 503 504  /50x.html;
        error_page   404  /404grafana.html;
    }

tesla basic auth

生成验证文件 sudo htpasswd -c /etc/nginx/.htpasswd myuser

验证域名

其他插件