Comments (9)
What about expanding the web interface a bit to support adding accounts to TeslaMate? The username and password could then be stored in PostgreSQL or something like that.
from teslamate.
Theoretically it wouldn't even be necessary to store the credentials. They are only required once to obtain the auth token from the Tesla API. The token would then go into the database.
I think adding a login view to the web interface is a great idea.
from teslamate.
There are two kinds of tokens: access and refresh. At application startup and before the access token expires the refresh token is used to request a new pair of tokens.
from teslamate.
Looks like docker has some built in secrets manager, but I think there will need to be code changes to actually read from the file system (as they are stored in files /run/secrets/
). Let me know what you think, it could still support TESLA_USERNAME and TESLA_PASSWORD, but try to read from the secrets if not provided. I am willing to attempt the change but will probably take me a while to get to it.
from teslamate.
As far as I know, secrets are only available when using a docker swarm.
Note: Docker secrets are only available to swarm services, not to standalone containers. To use this feature, consider adapting your container to run as a service. Stateful containers can typically run with a scale of 1 without changing the container code.
What I've done is use the env_file
value for my username and password vars. I then make the env file's owner root and readable only by root. They are visible via docker inspect
(e.g.available to any user that can run docker commands) but I figure since any user that has access to docker on the host also has root anyway, it's not a completely awful solution.
version: '3'
services:
teslamate:
env_file:
- ./config/teslamate.env
db:
env_file:
- ./config/postgres.env
grafana:
env_file:
- ./config/grafana.env
sudo chown -R root:root config/
sudo chmod -R go-rwx config/
While I still don't like the idea of my password being in plaintext, that's the best I've come up with.
I think another option would be to add some logic into the entrypoint
script that pulls in secrets from somewhere else (vault, credstash, keywhiz, etc...)
from teslamate.
Secret usage was added in docker-compose without swarm as of 1.11 (by using bind mounting)
docker/compose#4368
Yeah, vault was my first thought as well, but then I ran across this which seemed like less dependencies.
from teslamate.
Very cool. I think that would be the way to go. Not having to pick just one external secret storage provider or support multiple would definitely be ideal.
from teslamate.
Oh, I like that idea a lot. Postgres should be able to store encrypted password I would think.
from teslamate.
From what I understand, the auth token's do expire (90 days?). I haven't updated yet, but when they do expire, how will new auth tokens get generated?
from teslamate.
Related Issues (20)
- Docker Install Instructions - Needs improvement HOT 3
- Charges dashboard shows km instead of miles HOT 3
- Dog Mode not longer recognized HOT 4
- Status: 500. Message: db query error: pq: SSL is not enabled on the server HOT 1
- fails to start if dns not up on boot HOT 2
- Limited data in Grafana HOT 3
- Grafana container fails: "Failed to provision dashboards: failed to provision config teslamate_internal: context canceled" after upgrading to 1.28.2 HOT 3
- Where did cost_per_kw in Charges Dashbard go? HOT 1
- Having an issue with PostgreSQL and TeslaMate.Log.get_positions_without_elevation HOT 5
- ci: prevent workflow runs for certain conditions HOT 3
- model misidentification HOT 11
- [Feature Requets] Group Charges in Dashboard by distance driven since last charge HOT 3
- Tesla version 2023.44.30.2 broke Teslamate HOT 17
- postgres warning
- [Feature Request] Sentry State HOT 1
- Some location can't be resolved in China HOT 2
- 因为我服务器上80和443端口已经被其他应用修改,所以我修改80端口为8866端口,但貌似grafana打不开了?
- Battery Health has errors, the battery suddenly becomes healthy HOT 4
- Missing drive data - not exists in TeslaMate, exists in TeslaFi HOT 6
- Import from TeslaFi Does Not Appear to do Anything? HOT 7
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from teslamate.