Today we are going to be installing Watchtower using a watchtower docker compose stack in Portainer. This is episode 19 in our Raspberry Pi Series.
Watchtower enables you to monitor all your docker containers for updates. We will be configuring it to notify you of any new updates via your SMTP server to an email address of your choice.
Alternatively, you can also set Watchtower to just auto-update your containers. Although this is not advised on a Live server. If anything goes wrong with any of the updates, it can make troubleshooting the problem harder if multiple containers have been automatically updated.
- A Raspberry Pi with Raspberry Pi OS installed. We recommend using an SSD.
- Secured Raspberry Pi.
- Openmediavault, Docker and Portainer Installed.
- You will need to have an account with an SMTP server provider and know your account and server details. If you would like to use Gmail’s free SMTP server watch today’s video episode above or on Youtube.
Step 1 – Create the Watchtower Container Using Portainer & A Docker Compose Stack
Navigate to your Portainer dashboard and log in.
From the left hand menu click on “Stacks“.
Now in the Stacks dashboard click on “Add a stack“.
In the “Name” field enter “watchtower“
Now Copy and paste the following docker-compose data into the “Web editor” field.
Watchtower Docker Compose Stack
version: '2.1' services: watchtower: image: containrrr/watchtower container_name: watchtower volumes: - /var/run/docker.sock:/var/run/docker.sock environment: - TZ=Europe/London - WATCHTOWER_MONITOR_ONLY=true - WATCHTOWER_CLEANUP=true - WATCHTOWER_SCHEDULE= 0 0 04 ? * FRI #At 04:00 AM, only on Friday Change to suit - WATCHTOWER_NOTIFICATIONS=email - WATCHTOWER_NOTIFICATION_EMAIL_FROM=FromEmail - WATCHTOWER_NOTIFICATION_EMAIL_TO=ToEmail - WATCHTOWER_NOTIFICATION_EMAIL_SERVER=smtp.server.com - WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD=password - WATCHTOWER_NOTIFICATION_EMAIL_SUBJECTTAG=Watchtower Alert - Container Updates - WATCHTOWER_NOTIFICATION_EMAIL_SERVER_USER=FromEmail - WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PORT=587 restart: unless-stopped
Edit and replace the fields after the “=“with your “SMTP server data“.
NOTICE: The WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD will not work correctly if you use special characters in your SMTP account password.
Just run the stack leaving the default password which is “password”. Then once the container is deployed stop it then go into the “watchtower” container’s “ENV” section and change it manually then recreate the container. See below for instructions on how to do it.
If your password does not use special characters you can safely ignore step 3.
Once you have completed that you are ready to click “Deploy the stack“.
If you navigate to “Containers” in the left menu
You should now see your “watchtower” container in the list.
Step 3 – Fixing The Password
(Only if you have a password with special characters and have used the default).
If you left the password as default and need to change it.
Click on the container’s check box and stop the container.
Once it has been stopped.
Double click on the the watchtower container to enter the “Actions” menu.
Click on “Duplicate/Edit“.
and then click the “ENV” tab.
Under WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD replace “password” with your correct password
Click on “Deploy the stack“.
Then click on “Replace“.
This will fix the password bug with special characters.
Alternative – Install Watchtower with a single command. (Not advised).
Step 1 – SSH Into Your Raspberry Pi.
Connect to your Raspberry Pi over SSH (Secure Shell) and log in. You can use PUTTY if you are on Windows or a Terminal if you are on Mac or Linux.
ssh [email protected]
Enter your “user name” and “password“.
Step 2 – Run The Command
If you just want to install Watchtower and have it automatically update your containers you can run one single command in your terminal.
However, it would be better to install Watchtower using the above method (a stack) as this gives you more control and options over the container.
There are also limits on the number of container images that can be downloaded from repositories like Dockerhub. These limits if reached will prevent any new image pulls from your IP address. This is another good reason to control the schedule using a docker compose stack.
If you are happy and except the risks then here is the command to run in a SSH terminal session.
$ docker run -d \ --name watchtower \ -v /var/run/docker.sock:/var/run/docker.sock \ containrrr/watchtower
We need your support.
We hope you enjoyed this episode and that it was helpful and you got benefit out of it.
If you did, please consider supporting our channel by Subscribing to our YouTube channel, and liking and sharing our content.
You can also make a donation via Paypal or become a Patreon if you wish to do so.
You can also follow us on Facebook or Twitter.
If you have any questions or any requests please ask in the comments below or on YouTube.
works like a charm
These guides are brilliant
to get around google security you know need to generate a app password to allow watchtower to use the Gmail account
following the guide I was getting username and password error an as soon as I turned on app passwords on my google account a generated a new one for watchtower The logs in portioner were correct and first email was sent and received.
keep up the good work on these guides
time=”2023-02-20T22:28:42Z” level=info msg=”Watchtower 1.5.3″
time=”2023-02-20T22:28:42Z” level=info msg=”Using notifications: smtp”
time=”2023-02-20T22:28:42Z” level=info msg=”Checking all containers (except explicitly disabled with label)”
time=”2023-02-20T22:28:42Z” level=info msg=”Scheduling first run: 2023-02-24 04:00:00 +0000 GMT”
time=”2023-02-20T22:28:42Z” level=info msg=”Note that the first check will be performed in 77 hours, 31 minutes, 17 seconds”