I found this amazing project on Youtube (myDealz video) and started to setup my own TeddyCloud, however, I am not able to connect my Toniebox to it. After searching the forum for almost an hour, I hope someone can help.
My setup:
Toniebox with ESP32 chip
Raspberry Pi 5 with Pi-Hole, Docker and Portainer (used the provided portainer stack)
A macvlan setup because port 443 on host is already taken by another webserver (nextcloud)
A fritz box router
What I did:
Followed video instructions as close as possible
Successfully flashed firmware via teddycloud UI multiple times (-> did not backup original firmware → lost original Boxine Certificates → bad, but not the issue now)
Did not find the box in TC UI
Did a freshness check → got red blinking led and codeword owl
Checked teddy cloud logs, see multiple TLS handshake fails
Checked fritz.box paket capture: see that TLS handshake fails because of unknown CA
I just found out that the box is connecting to the host ip instead of the docker container ip. since there is also a webserver running on host, a wrong certificate is provided. Any ideas what could be done here?
Can anyone help please? Since my box cannot connect to original cloud anymore, would be good if it could at least connect to Teddycloud
Are you sure? This may be this issue, if you would have activated the cloud, you may get similar errors.
And you may only have lost the CA. If you did the extraction during the first run, you may have a backup in the cert/client dir.
Set the right IP in the box firmware before flashing. You may need to do that manually on your firmware, if you have no untouched backup. This can be done using the teddycloud CLI.
I am pretty sure I lost the client CAs because after the first run, I redeployed TC multiple times including deletion of the docker volumes. By the way, is it possible that two boxes use the same certificate? Thinking about getting a second box to connect TC to Boxine.
Is there a guide available for this somewhere? I am rather noobish there.
There is one CA, which gets replaced in the process with the CA of teddyCloud and a client certificate pair, that only gets extracted from the image to connect to boxine.
First is the same for all boxes, later individual for each box.
Here you have an example command for replacing the original hostnames, but you may use help to get more details about that command.
I tried changing hostname and certificates with the teddycloud-cli (and also with the browser UI) but for some reason this does not seem to work. The box always connects to the same wrong IP address. Somewhere in this forum I read that it is not possible to patch an already patched firmeware. Is that true? Is there anything I can do if I do not have an original firmware anymore?
Yes this is true for the default process. The toolset searches for the original hosts by default. But for the CLI you can specify and alternative host to search and replace.
User the help command to get more details about that.
Nice! Thanks to your help, I was able to figure it out. Had to regenerate server certificates and put the CA.DER manually into the binary using the esptool. The box is now connected to my TeddyCloud.
I even found the CLIENT.DER and PRIVATE.DER from the original Boxine firmware (I thought they were overwritten when flashing, but as you told me, only the CA.DER was replaced).
Next step is to connect to Boxine cloud. For this I am now really missing the original CA.DER. As it is identical for all boxes, could someone send this to me or upload it maybe? I would be very thankful!
