Automatically Update Docker Containers With Watch-Tower
Watchtower
will automatically keep all of your running Docker containers up to date. This can be useful if you run all of your self-hosted services or apps with Docker. Every few minutes, Watchtower will pull the latest image for your application and compare it to the one used to run the container. Suppose there are any changes to the image. In that case, Watchtower will automatically restart the container using the new image, and the same docker run
or docker-compose
configuration initially used to start it.
This setup uses telegram api for notifications whenever watchtower
scans, updates or prunes old containers. This is completely optional, and watchtower will work great without this. However, if you prefer to get updates or notfications for your docker containers, follow this guide to setup telegram bot.
Really easy to set it up
Now create the docker-compose.yaml
file and paste this:
services:
watchtower:
container_name: watchtower
hostname: watchtower
environment:
#- WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PORT=${SMTP_PORT:-587}
#- WATCHTOWER_NOTIFICATION_EMAIL_SERVER_USER=${SMTP_USER:-smtpuser}
#- WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD=${SMTP_PASS:-smtppass}
#- WATCHTOWER_NOTIFICATION_EMAIL_FROM=${SMTP_MAIL_FROM:[email protected]}
#- WATCHTOWER_NOTIFICATION_EMAIL_TO=${SMTP_MAIL_TO:[email protected]}
#- WATCHTOWER_NOTIFICATION_EMAIL_SERVER=${SMTP_SERVER:-smtp.google.com}
- WATCHTOWER_HTTP_API_TOKEN=${API_TOKEN:-SecureApiToken}
#- WATCHTOWER_NOTIFICATIONS=email
- WATCHTOWER_DEBUG=true
#- DOCKER_HOST=tcp://socketproxy:2375
- WATCH_TOWER_HTTP_API_METRICS=true
#- WATCH_TOWER_HTTP_API_TOKEN="mytoken"
#new- TZ=$TZ
- WATCHTOWER_MONITOR_ONLY=false
- WATCHTOWER_CLEANUP=true
- WATCHTOWER_NOTIFICATIONS=shoutrrr
- WATCHTOWER_NOTIFICATION_URL=telegram://$TELEGRAM_AUTH_TOKEN@telegram?channels=$TELEGRAM_CHAT_ID&parseMode=HTML
- WATCHTOWER_NOTIFICATION_TEMPLATE=📊🔔⚡️ <b>Server:</b> <code>Update</code>{{println}}{{range .}}{{.Message}}{{println}}{{end}}
- WATCHTOWER_NOTIFICATION_SKIP_TITLE=true
- WATCHTOWER_SCHEDULE=0 0 6 * * * # requires a go cron syntax of 6 space-separated fields; see https://containrrr.dev/watchtower/arguments/#scheduling
#- WATCHTOWER_CLEANUP=true # remove unused images afterwards
image: containrrr/watchtower:latest
networks:
- traefik
labels:
- "traefik.enable=true"
- "traefik.docker.network=traefik"
- "traefik.http.routers.watchtower-http.entrypoints=http"
- "traefik.http.routers.watchtower-http.middlewares=redir-https"
- "traefik.http.routers.watchtower-http.rule=Host(`watchtower.linuxpad.blog`)"
- "traefik.http.routers.watchtower-http.service=noop@internal"
- "traefik.http.routers.watchtower-https.entrypoints=https"
- "traefik.http.routers.watchtower-https.tls=true"
- "traefik.http.routers.watchtower-https.middlewares=gzip"
- "traefik.http.routers.watchtower-https.rule=Host(`watchtower.linuxpad.blog`)"
- "traefik.http.services.watchtower-backend.loadbalancer.server.scheme=http"
- "traefik.http.services.watchtower-backend.loadbalancer.server.port=9080"
- "traefik.http.routers.watchtower-https.middlewares=authelia@docker"
restart: always
#network_mode: "host"
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro # Disable for socket proxy
ports:
- 9080:8080
working_dir: /
networks:
traefik:
external: true
Finally, create the .env
file and paste this:
SMTP_PORT=587
SMTP_USER=replace_with_email_address
SMTP_PASS=replace_with_password
[email protected]
[email protected]
SMTP_SERVER=smtp.google.com
API_TOKEN=My-HTTP-API-Token
DEFAULT_NETWORK="traefik"
#TZ="Europe/Madrid"
TELEGRAM_AUTH_TOKEN="superBotSecret"
TELEGRAM_CHAT_ID="myChatID"
This .env
file can be used for the notifications I explained earlier, and the good thing is you can also use your email to get updates if you do not want telegram. However, this guide will not cover the process and you can find great resources online for that.
If everthing goes well start the container with docker compose up -d
!
