mirror of
https://github.com/Luzifer/mercedes-byocar-exporter.git
synced 2024-11-09 14:30:08 +00:00
74 lines
4.4 KiB
Markdown
74 lines
4.4 KiB
Markdown
# Luzifer / mercedes-byocar-exporter
|
|
|
|
This repository contains an Prometheus & InfluxDB exporter for the Mercedes Benz "Bring Your Own Car" (BYOCAR) API products.
|
|
|
|
Features:
|
|
|
|
- Store credentials either in Vault or in a local JSON file
|
|
- Fetch data for all cars in your MercedesME account
|
|
- Prometheus exporter for the metrics
|
|
- InfluxDB exporter avoiding spamming entries to the database by using reported dates from Mercedes API
|
|
|
|
## Usage
|
|
|
|
```console
|
|
# mercedes-byocar-exporter
|
|
Usage of mercedes-byocar-exporter:
|
|
--client-id string Client-ID of Mercedes Developers Console App
|
|
--client-secret string Client-Secret of Mercedes Developers Console App
|
|
--credential-file string Where to store tokens when using client-id from CLI parameters (default "credentials.json")
|
|
--fetch-interval duration How often to ask the Mercedes API for updates (default 15m0s)
|
|
--influx-export string Set to url (http[s]://user:pass@host[:port]/database) to enable Influx exporter
|
|
--listen string Port/IP to listen on (default ":3000")
|
|
--log-level string Log level (debug, info, warn, error, fatal) (default "info")
|
|
--redirect-url string Redirect URL registered in Mercedes Developers Console (default "http://127.0.0.1:3000/store-token")
|
|
--vault-key string Use credentials from and update in Vault
|
|
--vehicle-id strings Vehicle identification number (e.g. WDB111111ZZZ22222)
|
|
--version Prints current version and exits
|
|
```
|
|
|
|
## Setup: Create the Mercedes Developer App
|
|
|
|
- Go to the [Mercedes Benz Developer Portal](https://developer.mercedes-benz.com/) and log in with your Mercedes ID (the same you've registered your car to in Mercedes ME)
|
|
- Create a new project in the console section
|
|
- Add these products ("Get free" -> BYOCAR -> Select your Project)
|
|
- [Vehicle Status BYOCAR](https://developer.mercedes-benz.com/products/vehicle_status)
|
|
- [Pay As You Drive Insurance BYOCAR](https://developer.mercedes-benz.com/products/pay_as_you_drive_insurance)
|
|
- [Electric Vehicle Status BYOCAR](https://developer.mercedes-benz.com/products/electric_vehicle_status)
|
|
- [Vehicle Lock Status BYOCAR](https://developer.mercedes-benz.com/products/vehicle_lock_status)
|
|
- [Fuel Status BYOCAR](https://developer.mercedes-benz.com/products/fuel_status)
|
|
- Note down **Client ID** and **Client Secret** of your project
|
|
- Add the redirect URL you will deploy this exporter to (`https://exporter.example.com/store-token`)
|
|
|
|
## Setup: Deploy the exporter
|
|
|
|
You can
|
|
|
|
- build the Go application by running `go build` in the checkout
|
|
- build the Docker container by running `docker build .` in the checkout
|
|
- get a pre-built image
|
|
|
|
When running with local JSON-file as storage you need to specify the `client-id`, `client-secret` and `credential-file` flags or corresponding environment variables (`CLIENT_ID`, `CLIENT_SECRET`, `CREDENTIAL_FILE`).
|
|
|
|
When running with Vault as storage backend specify the `vault-key` (`VAULT_KEY`), `VAULT_ADDR` and `VAULT_TOKEN` or `VAULT_ROLE_ID` / `VAULT_SECRET_ID` for access to Vault. Inside Vault KV v1 backend store this JSON (set your client-id and secret): `{"client-id": "", "client-secret": ""}` and make sure the process can **write** to that key to store user tokens.
|
|
|
|
In all cases specify one or more `--vehicle-id` (`VEHICLE_ID=WDB111111ZZZ22222,WDB111111ZZZ22223`) to fetch data for. All of those cars **must** be associated to your Mercedes ID.
|
|
|
|
## Setup: Authorize exporter
|
|
|
|
When everything is running you should be able to access the exporter:
|
|
|
|
- `https://exporter.example.com/auth` - Redirect to authorize your project to access your car(s)
|
|
- `https://exporter.example.com/healthz` - Health-Check endpoint
|
|
- `https://exporter.example.com/metrics` - Text-version of exported metrics
|
|
|
|
You need to access the `/auth` route once to fetch access- and refresh-keys. If something wents wrong with those keys you can re-authorize the app using this route.
|
|
|
|
## Setup: Security
|
|
|
|
⚠️ This exporter does **not** have any security measures like access control and will never have them!
|
|
|
|
I strongly advice to put the exporter behind auth or any non-public network and ensure no unauthorized user can access any of the endpoints:
|
|
|
|
- The `/auth` endpoint can be used to mess with the authorization (even though this makes no sense as it will just replace the credentials)
|
|
- The `/metrics` endpoint will expose your VIN/FIN to anyone accessing it
|