Cliff Notes — TL;DR
A single Raspberry Pi running Home Assistant OS now manages security, lighting, and appliance monitoring across multiple properties — all backed by a cloud-synced configuration repository on AWS CodeCommit. Fragmented automations have been consolidated into the Needham Watchman: a unified system that monitors three exterior doors, analyzes camera feeds with Google Gemini, sends presence-aware priority notifications to iOS, and announces activity through Alexa. A bidirectional git sync pipeline keeps the live Pi and the cloud repository permanently in sync — pushing changes every three minutes while AI-assisted updates reach the device in near-real-time.
Background & Business Context
Managing a smart home across multiple properties — with dozens of sensors, lights, cameras, and appliances — quickly outgrows the "set it and forget it" model. What starts as a few automations becomes a sprawling web of overlapping, partially disabled scripts with no audit trail and no recovery path when something breaks.
Two problems drove this project:
- Security coverage was fragmented. Front door motion, side door contacts, and basement entry sensors each triggered separate automations with inconsistent notification behaviour. There was no unified view of who was entering and when.
- Configuration had no version control. Automation edits made through the HA UI had no backup. A single corrupted write could silently break weeks of tuning with no way to roll back.
The goal: consolidate security logic into one intelligent automation, back the entire configuration to a managed cloud repository, and establish a reproducible development workflow — all without requiring cloud-hosted HA or paid services beyond what was already in use.
"A single corrupted write could silently break weeks of tuning — with no way to roll back."
Architecture Overview
The solution is built on three layers:
Three-Layer Stack
- Edge: A Raspberry Pi 4 running Home Assistant OS, connected to Zigbee sensors, smart plugs, RGB lights, IP cameras, and Alexa devices.
- AI: Google Gemini, accessed via the LLM Vision custom integration, analyzes camera snapshots in real time.
- Cloud: AWS CodeCommit serves as the version-controlled configuration store, synced bidirectionally with the Pi.
What We Built
1. The Needham Watchman — Unified Entry Security
The core deliverable is a single YAML automation that replaces three separate, inconsistently behaving automations. It monitors the front door (motion sensor + contact sensor + doorbell), the side kitchen door (contact sensor), and the basement backdoor (contact sensor) — implementing three distinct response modes based on context:
| Mode | Trigger Condition | Response |
|---|---|---|
| Welcome Home | User's device enters the home zone | Exterior lights on, welcome notification |
| Absent Watchman | Any door opens while user is away | Multi-camera snapshot bundle to iOS |
| Night Watchman | Door opens while home + after bedtime | Critical priority iOS alert (overrides silent mode) |
All lighting conditions were updated from a basic after: sunset sun check to a smarter input_select.needham_time_of_day_helper template, enabling lighting to respond to Dusk, Night, and Dawn states configured independently from the sun's position.
2. AI-Powered Camera Analysis
Front door motion triggers a real-time image analysis request to Google Gemini via LLM Vision:
automation.yaml — LLM Vision action
action: llmvision.image_analyzer
data:
message: >-
Describe activity at the front entrance. Look for vehicles,
models, and registration numbers. Limit to 75 words.
image_entity: camera.streetside
response_variable: watchman_analysis
The AI response is delivered via iOS push notification and Alexa TTS announcement during waking hours — giving the homeowner instant, human-readable context rather than a raw camera alert.
3. Kitchen Vent Automation — Bug Fix
A diagnostics review uncovered a long-running issue: the kitchen exhaust fan was running indefinitely. Analysis of live entity states and automation history revealed that the turn-on automation (triggered by temperature or air quality sensors) was active, while the matching turn-off automation had been disabled since September 2025.
Hardcoded 90-second delays in the turn-off branches were replaced with a configurable input_number.turn_off_count_down_minutes helper, giving the homeowner runtime control over fan duration after conditions normalise.
4. AWS CodeCommit — Configuration Version Control
An AWS CodeCommit repository was created and linked to the Pi using HTTPS with the AWS credential helper. The Pi now runs a cron job every three minutes:
git-sync.sh — bidirectional cron job
flock -n /tmp/git-sync.lock -c \ "cd /config && git add -A && \ git diff --cached --quiet || git commit -m 'Auto-backup: $(date)' && \ git pull --rebase origin main && \ git push origin main"
This bidirectional sync ensures GUI changes made in the HA UI are automatically committed and pushed, while AI-assisted development changes reach the Pi within three minutes of being written.
Benefits Realized
| Area | Before | After |
|---|---|---|
| Entry monitoring | 3 separate automations | 1 unified Watchman with 3 modes |
| AI context on alerts | None | Gemini image description on every motion alert |
| Configuration backup | None | Versioned, cloud-synced via AWS CodeCommit |
| Development workflow | Manual UI edits only | AI-assisted editing + automatic push/pull |
| Lighting conditions | Binary (after sunset) | Time-of-day aware (Dusk / Night / Dawn) |
| Vent fan behaviour | Ran indefinitely | Configurable countdown with cause-aware logic |
Future Improvements
The foundation built today opens several natural next steps:
Area-Based Entity Management
Assigning all entities to HA Areas and Floors will enable automations to target entire rooms rather than hardcoded entity lists, dramatically reducing maintenance when devices are added or replaced.
Automated Configuration Deployment
A shell_command integration paired with a file watcher could enable fully automated deployment — changes written to a synced file are automatically loaded by HA without any manual step.
Local AI Inference
Google Gemini currently processes camera images in the cloud. A local model (e.g., Ollama with LLaVA) running on the same network would eliminate external API dependency and ensure camera images never leave the home network.
Multi-Property Dashboard
With three properties managed from one HA instance, a unified dashboard with property-level grouping using the newly established Floors/Areas structure would provide at-a-glance status across all locations.
Predictive Maintenance Alerts
Battery levels, device availability, and sensor health are already tracked. Proactive alerts when batteries drop below a threshold or a device goes unavailable would prevent the silent failures observed today.
Conclusion
In one session, a collection of fragmented, unmaintained automations was replaced with a cohesive, AI-powered security system backed by version-controlled cloud infrastructure. The Needham Watchman now provides presence-aware, priority-tiered security coverage across all entry points — while a bidirectional git sync pipeline ensures that every change, whether made by a developer or through the HA GUI, is permanently recorded and recoverable.
The system is no longer just reactive. It is intelligent, observable, and built to grow.
Built With