Sure.
I assume you were able to create a key pair and created a developer application. Just follow “Hosting a Public/Private Key Pair” and “Setting up the Developer Application” from Tesla Fleet - Home Assistant
I also assume you’ve added the OAuth application credentials details to Home Assistant described in “Linking the Developer Application with Home Assistant”
Basic stuff first
Copy the private key to your Home Assistant, placing it at:
config/tesla_fleet.key
Unraid Containers
Install linuxserver’s nginx container (binhex-nginx dosnt work for reasons) and mgutt’s Nginx-Proxy-Manager-Official, NPM for short.
Both Contains need their own IP by setting Network Type to Custom br0 - in my case NPM got xx.5 and nginx xx.6
Router
On you’re Router you forward Port 443 for HTTPS and 80 for HTTP to the NPM Container. Also, make sure your domain points to you via DynDNS or something similar.
This means when you access your domain, everything is forwarded to NPM, which handles SSL encryption and routes traffic to the correct application based on the subdomain used.
Nginx-Proxy-Manager
Open NPM and add a Proxy Host.
To keep things scalable, I used a subdomain for the key - just in case I want to host more keys later.
- Add the domain name (e.g.,
sub.mydomain.com
).
- Set the Scheme to
http
.
- Enter the IP of the nginx container.
- Keep the port as
80
.
Next, go to the SSL Tab, select “Request a new SSL Certificate”, agree to the ToS, and save.
Switch to Advaanced Tab and add the following:
# Serve the Tesla public key file
location = /.well-known/appspecific/com.tesla.3p.public-key.pem {
proxy_pass http://192.168.167.6:80;
}
# Reject everything else with a 403 (Forbidden)
location / {
deny all;
}
This tells NPM to forward requests for the key to your nginx server and block everything else. Replace the IP with your nginx container’s actual IP.
Setup nginx
Now, we need to actually host the key itself.
- Go to the nginx config folder and create the required directories. Copy the key to this location:
appdata\nginx\www.well-known\appspecific\com.tesla.3p.public-key.pem
- Open the site configuration file:
\appdata\nginx\nginx\site-confs\default.conf
- Add the following block right after the existing
/
location:
# Serve files from your app-specific directory
location /.well-known/appspecific/ {
root /config/www;
autoindex off;
}
Visiting: sub.mydomain.com/.well-known/appspecific/com.tesla.3p.public-key.pem
should just downlaod the key. This means we are good here.
Scripts
Now to the script’s I posted. In order to link the keypair to your account and prove you’re the owner of the domain you have to first get a Partner Token and then use this Partner Token to register your domain where tesla validates the key is accessible.
Copy the first “GetPartnerToken” to a text Editor, add your Client-ID and Client Secret from the Tesla developer website and make sure you use the correct API based on your region. You may need to swap out fleet-api.ord.eu
with fleet-api.ord.na
or something based on https://developer.tesla.com/docs/fleet-api/getting-started/base-urls
I made this to run on Windows Powershell. Go to some folder as the scripts save the responses as .json (like the Partner Token) to the current folder. Open a Terminal/Powershell.
Paste in the GetPatnerToken you’ve edited and wait for stuff to happen. You maybe have to press enter once so the last line where it saves to the .json gets executed.
Do the same with the RegisterDomain. Edit in your domain, make sure the Region is correct and send it. It uses the Token from the saved .json.
Link key to Car
Go to https://www.tesla.com/_ak/sub.mydomain.com
(replace with your domain of cause).
Scan the QR code. The Tesla App should open and ask whether you’d like to add the key. Add it, and that’s it.
Everything works?
Reload Tesla Fleet in Home Assistant. It should work
Hope its at least like 73% clear what to do.