In order to post a solution for other people who read this, two possible solutions:
1. General approach
Show all used volumes of the teddycloud container:
docker inspect -f '{{range .Mounts}}{{ if eq .Type "volume" }}{{println .Source }}{{ end }}{{end}}' teddycloud
Output:
/var/lib/docker/volumes/teddycloud_content/_data
/var/lib/docker/volumes/884******4bf/_data
/var/lib/docker/volumes/teddycloud_firmware/_data
/var/lib/docker/volumes/teddycloud_library/_data
/var/lib/docker/volumes/teddycloud_certs/_data
/var/lib/docker/volumes/teddycloud_config/_data
/var/lib/docker/volumes/teddycloud_cache/_data
So the certificates of Teddycloud are obviously stored in /var/lib/docker/volumes/teddycloud_certs/_data on the host system in this example (which is the default path on Raspberry Pi OS when setting up docker from scratch and using the provided docker-compose.yaml from Team RevvoX).
We can list the content of the certificate server folder with the following command:
sudo ls -l /var/lib/docker/volumes/teddycloud_certs/_data/server
Output:
-rw-r--r-- 1 root root 1317 Nov 10 18:18 ca.der
-rw------- 1 root root 3243 Nov 10 18:18 ca-key.pem
-rw-r--r-- 1 root root 1838 Nov 10 18:18 ca-root.pem
All of those files belong to the root user, which is why we need sudo. We can copy the certificate to the user folder (in this case user pi) with the following command:
sudo cp /var/lib/docker/volumes/teddycloud_certs/_data/server/ca.der /home/pi/temp/
.
2. Alternative solution
For files which are only available inside a container or if we already know where the needed files are stored in the container, it’s possible to copy the content with a one-liner:
docker cp teddycloud:/teddycloud/certs/server/ca.der .
teddycloud → name of the container
/teddycloud/certs/server/ca.der → file inside the container (source)
. → destination file (target) with no renaming (.)
We could also copy the content of the whole server folder like this:
docker cp teddycloud:/teddycloud/certs/server/. server/