I’ve been refining and refining this for months to get it just how I want it, and it’s now spot on so I thought I’d share. I was inspired by the ideas from @brianjking and @tmatheussen in relation to Github updates,so I went on a mission to make it work the way I wanted.
I wanted to be able to update my configuration from my local machine and push it to Github, or to be able to update my configuration on Github and pull the updates. I wanted to do it all from within HA.
I also wanted to be able to Upgrade HA from the touch of a button, and restart it properly too (I can’t be the only one that ‘restart service’ in the config panel isn’t reliable for, right?)
Firstly, you have to have your Github configured with SSH to negate having to log in each time you push an update.
Secondly, you have to work on the concept that the tracked files that are on Github are the master files. This negates problems with ‘fast-forward’ merges and things getting stuck. Basically every time you ‘pull’ from Github it will overwrite your tracked files on your machine. This has the added bonus that if you balls up your config locally, you can just pull it back to how it was (except for un-tracked things like secrets).
Thirdly, if any of your bash_scripts have ‘sudo’ in them, you have to add entries to your /etc/sudoers file so that HA can run them. You can add specific commands so that only the commands you specify with sudo will work without a password, if anybody tries any funny business using any other commands a password will still be required.
I ended up with this:
Switching on maintenance mode disables various notifications I have for when I reboot the machine and things. There’s an alert so I can’t accidentally leave it on. Restart HA does exactly what it says on the tin, but uses ‘sudo systemctl restart…’ rather than the internal restart mechanism. Reboot Node-zero does a ‘sudo reboot’ (Node-zero is the name of my Pi).
Upgrade HA and restart does a ‘sudo apt-get update && sudo apt-get upgrade -y’ to get the Pi up to date, then it runs the custom_UI script to pull the latest version of that, then it pulls the files from Github that I have reconfigured for any breaking changes, then it updates HA, then reboots the machine.
Pull from Github and restart does exactly what it says on the tin.
If I reconfigure on my local machine, I can type my commit message in to the input text and press Push to Github. It then uploads my current local config to a branch on Github called upload. I get a persistent notification that I am now at this point because this is the most dangerous bit. I now have to go to Github (handy weblink included) and create a pull request from upload in to master. Once that’s done (verified by Travis CI) I can delete the upload branch and hit Pull from Github and restart to sync the two repo’s back together. The script will not run if the commit message is blank because Github won’t accept it - you know if you’ve accidentally done this because you won’t get the persistent notification. The default text is ‘push from local’
My master branch is protected so I can’t edit it for the reasons above - the only way I can change the files on master is to merge a pull request that has been verified with Travis_CI
Then dropbox is configured as per the guide, and pressing Sync Dropbox does exactly that and saves all of my config (secrets and all!) to my dropbox account.
I’m going to put together a full noob-friendly guide for all this at some point, but for those that can work it out all the files are on my Github.
The maintenace package is in packages/virtual_devices/maintenance and the bash_scripts are in extras/bash_scripts).
Hope this helps some people.