trilobiteApr 5

Docker is hard work

https://lemmy.ml/post/45493507

Docker is hard work - Lemmy

Well, after a while in the container world ive come to realise that keeping all these containers up to date is hard work and time consuming with simple docker compose. I’ve recently learnt that portainer may come to hand here. I believe that feeding the yaml file through portainer allows the latter to take control of updates. Correct? I have a Truenas Scale machine with a VM running my containers as i find its the easiest approach for secure backps as i replicate the VM to another small sever just in case. But i have several layers to maintain. I dont like the idea of apps on Truenas as I’m worried i dont have full control of app backup. Is there a simpler way to maintain my containers up to date?

Show threadlukalix98Apr 5
Watchtower exists, but iirc it is not maintained anymore.
Show threadczl
I’m using Nick Fedor’s version that he’s still maintaining.
Apr 5 at 8:32amWeb
Show threadJunkernaught6d ago
Ooh, thanks! Have been using the non maintained version, will switch.
Show threadbdonvr6d ago

I’m pretty sure that stopped working months ago…

You’ve probably been running out of date containers.

Show threadBuck6d ago
I changed versions recently to be safe, but the old watchtower was still working when I gave it up. Just because it’s unmaintained doesn’t mean it stops working from one day to the next.
Show threadbdonvr6d ago
It broke on me which is how I found out about the depreciation, but I don’t remember the details to be fair.
Show threaddditty6d ago
I’m still using the unsupported version of Watchtower and it still works perfectly
Show threadfrongt6d ago

github.com/nicholas-fedor/watchtower/

But even without it, I’m not sure why OP thinks updating is difficult. It’s just docker compose pull; docker compose up -d.

Show threadLemmchen6d ago

github.com/…/9f73220741a8f07d7d334baf5ef0817bb22f…

Oh nice, this actuall looks like a really useful addition.

Is Nicolas Fedor a known entitiy? Are they trusted by the community? I’d really like to switch from my unmaintained image.

feat: add image cooldown supply-chain defense mechanism (#1495) · nicholas-fedor/watchtower@9f73220

- Enforce minimum image age before applying updates to prevent supply-chain attacks - Fetch image creation timestamps from OCI registries with multi-platform and variant support - Add --cooldown-de...

GitHub