I’m new to OTA and I’ve been researching options to keep a few raspberry pi 5 updated by running a deployment on Mender UI.
The idea is basically creating a .sh file every time I have something to update on those Raspberry Pi 5. One example would be:
#!/bin/bash
# Simple script to update Firefox ESR on Raspberry Pi OS
# For use with Mender or standalone execution
# Log file location
LOG_FILE="/var/log/firefox-update.log"
# Function to log messages
log_message() {
echo ">> $(date): $1" | tee -a "$LOG_FILE"
# Log to system log if available
if [ -w /dev/kmsg ]; then
echo ">> $(date): $1" >> /dev/kmsg
fi
}
# Create log directory if it doesn't exist
mkdir -p "$(dirname "$LOG_FILE")"
log_message "Starting Firefox ESR update process on Raspberry Pi"
# Update system package lists
log_message "Updating system package lists"
apt-get update -y
# Install/Update Firefox ESR
log_message "Installing/Updating Firefox ESR"
apt-get install -y firefox-esr
# Verify installation
FIREFOX_VERSION=$(firefox-esr --version 2>/dev/null)
if [ $? -eq 0 ]; then
log_message "Firefox ESR updated successfully: $FIREFOX_VERSION"
else
log_message "Error: Firefox ESR update failed"
exit 1
fi
log_message "Firefox ESR update process completed"
exit 0
I named this file ArtifactInstall_Enter_00.sh and gave the right permissions by running chmod +x ArtifactInstall_Enter_00.sh.
After creating this release, I triggered a deployment to my Raspberry Pi 5 devices. It ended up successfuly, but when I tried to see the logs, the update didn’t run. I can see just the message that the artifact started… then a few updates and a sucess message.
I read a lot about creating the artifact locally with mender-artifact, but as my updates will be simple as executing a .sh file, I would like to keep it simple.
But generally, I’d consider your approach a really bad practice. What’s the point of rolling out an update which then relies on an additional mechanism - hopes for it not to fail - and leaves out most of the system?
So in a nutshell, if you want up keep your system current including the latest Firefox maintenance release, why don’t you just do a full system update?
Thank you so much for your quick reply. I appreciate your honesty. As I said, I’m really new to this subject and I’m into this project which I need to make sure I will be able to update whatever is necessary on my raspberry pi 5 network, but most of the time will be something like sudo apt upgrade, or updating an app in particular.
I followed the tutorial you sent about the “Update Module: Script”. Created the mender artifact, sent to Mender UI creating a release, then deploy it. Got the logs below:
2025-04-09 14:54:13.216 +0000 UTC info: Running Mender client 5.0.1
2025-04-09 14:54:13.216 +0000 UTC info: Deployment with ID 69c24718-7761-4c0d-ac04-439a7619d4f3 started.
2025-04-09 14:54:13.217 +0000 UTC info: Sending status update to server
2025-04-09 14:54:13.758 +0000 UTC info: Installing artifact...
2025-04-09 14:54:13.788 +0000 UTC error: Process returned non-zero exit status: ProvidePayloadFileSizes: Process exited with status 1
2025-04-09 14:54:13.788 +0000 UTC error: Operation canceled: GET https://c271964d41749feb10da762816c952ee.r2.cloudflarestorage.com/mender-artifacts-us/67dadb12f454a4b9f4345b38/093e65be-3e4a-4fa1-8fad-bf2ee3d90d13?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=ace3860eb96d0bd1e2bde018753f931e%2F20250409%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250409T185413Z&X-Amz-Expires=86400&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3D%22my-update-1.1.mender%22&response-content-type=application%2Fvnd.mender-artifact&x-id=GetObject&X-Amz-Signature=2fe2a9deec34097b5e75ad6ab8f762a78583ff11620eeb631dad6cca09df1af8: HTTP request cancelled
2025-04-09 14:54:13.792 +0000 UTC error: Process returned non-zero exit status: Cleanup: Process exited with status 1
2025-04-09 14:54:13.792 +0000 UTC info: Sending status update to server
What would you recommend to solve this need but keeping it simple? Imagine that I will run a deployment every 3 months, basically updating a few, if not all, apps/system.
@thiagonzalez It doesn’t sound like what you’re trying to do is in keeping with the mender philosopy.
You mentioned that you have a few raspberry pi 5 and that you only need to update them every three months… Instead of using mender could you set up remote access to the pi’s with something like tailscale and manually do the updates every three months? For your situation that seems like it would require minimal effort to set up and manage.
@thiagonzalez yes, it depends definitely on your use case. If the mission is to run a script on a handful of devices (say, less than 10) periodically then then semi-manual approach using Tailscale might be a viable option.
The key question is: what will you do if something goes wrong? If the answer is: “then I reflash an SD card, walk to my basement, and change it” then I’d say you’re good to go. If the answer is “then the device is bricked and reviving it will cause a lot of trouble or cost $$$”, then I’d advise to understand full system upgrades as Mender does them.
Concerning your log:
It seems that the script you shipped returned a non-0 return code so something went wrong. What exactly, I don’t know. In any case it’s a prime example why canning stuff like that into shell scripts is, let’s call it… “brittle”, mkay?
