I'm in a slightly inconvenient scenario, where I will potentially have hundreds of remote OpenWRT devices located around the world. I will not have access to the networks in which OpenWRT connects to via ethernet. Because of this port forwarding isn't an option to access SSH utilities etc.
I've looked into solutions such as puppetlabs, though I'm not too fond of having a third party dependency. The solution needs to be simple, sustainable and consistent.
My current plan is to have the device hold an array of the updates it has installed, it will then periodically make an API request to get a remote array of all the updates available. If it is missing updates, it will install them in order (order is required of course). The updates will be script files to make the required changes. Thinking of it, could OpenWRT maintain a websocket to my API? That way my API can give it commands without the requirement of port forwarding.
It'd be great to have some guidance/recommendations on this. I just want it to be simple and effective. Nothing fancy.
