I am working on a smart home project that requires privacy I am using balena os and balena io for development. How can I set up balena to be able to pull container updates without being managed ie no ssh or vpn access.
Welcome to the balena forums! It sounds like what you’re looking to do is what we call image preloading. This places your container(s) in the application .img so when it’s burned to an SD card and booted, the application is running.
To make updates, you can use local mode, but this is restricted to Development images.
You can disable VPN from the balenaCloud application dashboard, and Production images disable passwordless root access, and an SSH key must be added to config.json to access a production image using a direct SSH connection. Other differences between Production and Development images can be found here.
Do these address what you’re looking to do?
In talking with a colleague, your use case (pretty much an air-gapped set up) is something we see regularly. When you disable the VPN from the balenaCloud dashboard, that also disables ssh. When you do a
balena push <app-name> those updates will still happen, but with the VPN off, the update will not happen immediately because the VPN connection provides a real-time “listener”. Instead, updates rely on the on-device supervisor default interval (every 15 minutes) to check for updates that you’ve pushed.
So, this would look like this:
- You create an app and provision a device in the normal way
- You disable VPN in the balenaCloud dashboard configuration menu
- You make edits to your project/app and do a
balena push <app-name>
- Wait up to 15 minutes for the device to check in with the balena servers and download updates.
Is there any way to make sure that vpn access is disabled on the device image without the ability to re enable it using the dashboard. To ensure that users of the smart home device can be assured that i do not have the ability to re enable vpn and log into the device.
This VPN connection can be disabled to conserve bandwidth or to remove the option of outside device control through the balena dashboard or API. When disabled, the VPN connection is not established from the device and no traffic will be transmitted or received through this channel. If desired, the VPN can be enabled and disabled programmatically so that it is turned on only when in active use (e.g. for interactive debugging) and disabled normally.
More info and caveats are available here: https://www.balena.io/docs/learn/welcome/security/#vpn and here https://www.balena.io/docs/reference/supervisor/bandwidth-reduction/