James Stout

iOS/Web developer. Tech, crypto, comedy, Hong Kong, hcafc, smashing telly and, of course, the weather

Automate Docker Image Updates on Synology NAS

2 minute read

I can’t believe it’s taken me this long to find Watchtower1 for Docker.

My previous process for updating containers to the latest images was a weekly job that ran a script like this:

logExt="$(date +%Y-%m-%d).log"
LOG_FILE="/var/services/homes/stouty/logs/$(basename "$0").$logExt"

# get list of all image:rev
# not mariadb|redis as they cause issues
for image in $(docker ps --all | grep -Ev 'mariadb|redis|ID' | awk '{ print $2 }' | grep -v '\d+'); do
    echo "$image"
    docker pull "$image" | tee -a "$LOG_FILE" 
done

if [ "$(grep -c newer "$LOG_FILE")" -gt 0 ]; 
then 
    # email me the list of new images
fi

Then I’d go into the the Synology Docker UI, stop all the updated images, export their settings, run a docker rm command then re-import the settings. Quite a faff, and if I wanted to update MariaDB, even more of a faff as is has linked containers.

Enter Watchtower:

Watchtower is an application that will monitor your running Docker containers and watch for changes to the images that those containers were originally started from. If watchtower detects that an image has changed, it will automatically restart the container using the new image.

Watchtower will pull down your new image, gracefully shut down your existing container and restart it with the same options that were used when it was deployed initially.

And the coolest thing?

Watchtower will detect if there are links between any of the running containers and ensures that things are stopped/started in a way that won’t break any of the links. If an update is detected for one of the dependencies in a group of linked containers, watchtower will stop and start all of the containers in the correct order so that the application comes back up correctly.

Alas you can’t use the Synology Docker UI to start to container2, so you have to drop to the command line:

docker run -d \
    --name watchtower \
    -v /var/run/docker.sock:/var/run/docker.sock \
    containrrr/watchtower

Read all the docs to configure how you want things. I ended up with a env file, a bootup job, and this docker command:

docker run  -d \
    --name watchtower \
    --env-file /volume1/homes/james/.docker/env.list \
    -v /var/run/docker.sock:/var/run/docker.sock \
    containrrr/watchtower

My env file:

TZ=Asia/Hong_Kong
WATCHTOWER_DEBUG=false
WATCHTOWER_POLL_INTERVAL=60
WATCHTOWER_NOTIFICATION_URL=pushover://shoutrrr:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx@xxxxxxxxxxxxxxxxxxxxxxxx/?devices=iphone telegram://17849ABCD27658:ccccccccccdsfdsfsfsf@telegram?channels=my_channel
WATCHTOWER_ROLLING_RESTART=true
WATCHTOWER_CLEANUP=true

The notification options are numerous:

  • email to send notifications via electronic mail.
  • slack to send notifications through a Slack webhook.
  • msteams to send notifications via MSTeams webhook.
  • gotify to send notifications via Gotify.

I’m trying out Shoutrrr with Pushover and Telegram bots.

Let’s see if it works in a week or so…

  1. Yes, I tried Portainer, but it wasn’t for me. 

  2. Check out this Reddit thread

You May Also Enjoy