efirestone / version-checker

Runs periodic checks for updated versions of various software and firmware platforms
0 stars 0 forks source link

Version Checker

Summary

This tool allows you to monitor whether or not various firmware and software components (devices) are up to date. It queries the currently installed version of the software on those devices and compares that version to the newest version available from the manufacturer. This information is then published to an MQTT broker where other systems can read and display the information.

The tool supports varying types of components (platforms), such as smart plugs, Docker images, as well as some specific software packages. It is designed so that additional platforms can be added relatively easily.

The tool also has specific support for Home Assistant, and will publish special discovery messages to the MQTT broker which allow the devices to show up automatically, along with two sensors for the currently installed and latest versions of those devices. To use this functionality, make sure that MQTT discovery is enabled in your Home Assistant configuration.

Vocabulary

Configuration

Version Checker is configured using a single YAML file which must be located at ./configuration.yaml.

config section

config:
  # Check every thirty seconds.
  check_interval: 30

mqtt section

mqtt:
  host: mosquitto.example.com
  username: version_check_user
  password: password123

ssh section

The SSH section allows customization of SSH behavior. For most people the default behavior will be fine and this section can be omitted.

ssh:
  fail_on_host_changes: true

version_checks section

The version_checks section lists all of the devices that you want to run version checks on. See the platforms folder for the list of supported platforms, but generally the config will look something like:

version_checks:
  - platform: pfsense
    host: https://pfsense.example.com:900
    topic: software/pfsense
    username: pfsense_user
    password: pfsense_users_password

  - platform: tasmota
    host: washerplug.example.com
    topic: laundry_room/washer

  - platform: tasmota
    host: dryerplug.example.com
    topic: laundry_room/dryer

Debugging

Removing Old Entities

Occasionally sensor entities will get duplicated in Home Assistant. Usually this is the result of changes to the sensors' unique identifiers, either because of a change in Version Checker (sorry, but sometimes it's required), or because you're testing out changes locally.

To clean things up, you'll need to do a few steps:

  1. Stop any instances of Version Checker.
  2. In Home Assistant, go to Configuration -> Entity Registry. Remove all of the entities that are duplicated. Remove both versions of the duplicated sensor (or all if there are more than two).
  3. Stop Home Assistant. This is important, as otherwise it will overwrite the changes we're about to make in Step 3.
  4. In your Home Assistant config folder, edit <config>/.storage/core.device_registry to remove the Version Checker based entries. Save your changes.
  5. Restart Home Assistant and Version Checker.

Q & A

Q: Why build Version Checker as a separate system and not a Home Assistant component?

A: There are two reasons for this: security and flexibility.

Version Checker needs authentication credentials (often including passwordless SSH) to many different systems and devices in your home, and unlike Home Assistant has no need to be exposed publicly in any way as it only communicates through MQTT. By separating Version Checker and Home Assistant we don't give up Version Checker's secrets if someone does manage to infiltrate Home Assistant's rather large attack surface.

Having the two be separate also provides flexibility. Version Checker publishes Home Assistant-specific discovery MQTT messages, but the messages published containing the actual version checks are not Home Assistant-specific in any way and could be read by any system that finds them valuable, such as another home automation platform or home lab dashboard.

Q: Why Ruby and not Python like Home Assistant?

A: No particular reason other than I know Ruby better than Python and it doesn't need to interface with Home Assistant Python APIs directly.