trilobiteApr 5

Docker is hard work

https://lemmy.ml/post/45493507

Docker is hard work - Lemmy

Well, after a while in the container world ive come to realise that keeping all these containers up to date is hard work and time consuming with simple docker compose. I’ve recently learnt that portainer may come to hand here. I believe that feeding the yaml file through portainer allows the latter to take control of updates. Correct? I have a Truenas Scale machine with a VM running my containers as i find its the easiest approach for secure backps as i replicate the VM to another small sever just in case. But i have several layers to maintain. I dont like the idea of apps on Truenas as I’m worried i dont have full control of app backup. Is there a simpler way to maintain my containers up to date?

Show threadlukalix98Apr 5
Watchtower exists, but iirc it is not maintained anymore.
Show threadczlApr 5
I’m using Nick Fedor’s version that he’s still maintaining.
Show threadfrongt

github.com/nicholas-fedor/watchtower/

But even without it, I’m not sure why OP thinks updating is difficult. It’s just docker compose pull; docker compose up -d.

Apr 5 at 12:28pmWeb
Show threadLemmchenApr 5

github.com/…/9f73220741a8f07d7d334baf5ef0817bb22f…

Oh nice, this actuall looks like a really useful addition.

Is Nicolas Fedor a known entitiy? Are they trusted by the community? I’d really like to switch from my unmaintained image.

feat: add image cooldown supply-chain defense mechanism (#1495) · nicholas-fedor/watchtower@9f73220

- Enforce minimum image age before applying updates to prevent supply-chain attacks - Fetch image creation timestamps from OCI registries with multi-platform and variant support - Add --cooldown-de...

GitHub