Please note if you are using DSM7.2 or higher you should use the Container Manager version of this guide from the menu.
This guide has reached the end of its updates as most people are now on the latest DSM update - This guide is correct as of 08/12/2023 however no further updates will be added.
Important or Recent Updates
| Historic Updates | Date |
|---|---|
| New guide released | 31/12/2021 |
| Added command to only include specific containers (thanks to TimeLord on Discord) | 01/09/2022 |
| Added notes in relation to updating GlueTUN and Torrents | 03/12/2022 |
| Added the missing ‘synobridge’ network | 16/01/2023 |
| Compose version number removed and small wording amendments | 09/04/2023 |
| Amended the path to save the compose file – this is for security, so the container has no access to the file contents. | 14/04/2023 |
| Added labels to GlueTUN container guide so updated information in this one to coincide | 06/05/2023 |
| Added a 3rd option to just exclude specific containers via a label. | 23/11/2023 |
What is Watchtower?
Watchtower is an application that watches for updates for all your containers and automatically updates them for you.
Let’s Begin
Watchtower requires access to the Docker socket, we are unable to set this up via the Synology GUI. This means we will be using Docker-Compose.
Docker Compose
We will be using Docker Compose to set up the container. In a nutshell we will be creating a text file (YAML formatted) which tells Docker exactly how we want to set up a specific container.
The next steps can be done either using a code/text editor such as Notepad++ or to keep things simple for this guide we will be using the Synology Text Editor which can be installed from the Package Center.
Open up Text Editor and click on File then New to start a new file.
We have a couple of different composes available below the first one is configured to update all running containers at 2am daily (UTC).
services:
watchtower:
image: containrrr/watchtower:latest
container_name: watchtower
environment:
- TZ=YOURTIMEZONE
- WATCHTOWER_CLEANUP=true
- WATCHTOWER_INCLUDE_STOPPED=true
- WATCHTOWER_REVIVE_STOPPED=false
- WATCHTOWER_SCHEDULE=0 0 2 * * *
volumes:
- /var/run/docker.sock:/var/run/docker.sock
restart: unless-stoppedAs an addition to the method above you can exclude specific containers from updates by adding this line to their yaml (compose) details. This is likely faster than using method 2
labels:
- com.centurylinklabs.watchtower.enable=falseThe second has an added section where you can specify the names of the containers you would like to update (use the exact name of the container as per the Synology UI)
You can copy and paste the one you wish to use into the new text file, it is important you don’t change the spacing as YAML has to be formatted correctly in order to be read by Docker Compose.
services:
watchtower:
image: containrrr/watchtower:latest
container_name: watchtower
environment:
- TZ=YOURTIMEZONE
- WATCHTOWER_CLEANUP=true
- WATCHTOWER_INCLUDE_STOPPED=true
- WATCHTOWER_REVIVE_STOPPED=false
- WATCHTOWER_SCHEDULE=0 0 2 * * *
command: # add or remove the below as required
- nzbget
- overseerr
- plex
- prowlarr
- radarr
- sonarr
- tautulli
- watchtower
volumes:
- /var/run/docker.sock:/var/run/docker.sock
restart: unless-stoppedEnvironment Variables
We need to make some changes in order for watchtower to know what time it is where you are and what we want it to do. You can amend these based on your preferences.
| Variable | Value | What it does |
|---|---|---|
| TZ | Europe/London | Change this to your own timezone |
| WATCHTOWER_CLEANUP | true or false | We want to clean up the old docker images, if you don’t turn this on over the course of a few months you will find that the images start to eat a lot of space and they are not even being used. (true or false) |
| WATCHTOWER_INCLUDE_STOPPED | true or false | Do you want to update any stopped containers, the container will stay stopped after being updated (true or false) |
| WATCHTOWER_REVIVE_STOPPED | true or false | If a stopped container is updated do you want Watchtower to start it up? (true or false) |
| WATCHTOWER_SCHEDULE | 0 0 2 * * * | Rather than setting the number of seconds to wait between checks you can set a schedule. The default I use is to check at 2am every day, you can work out your own schedule using a cron schedule generator |
Your final file should look similar to the one shown below, depending on which version you used above.
Saving the Compose File
We now need to save this file into our docker share
Click on File then Save As, navigate to the ‘docker’ share and you need to change the ‘File name’ to watchtower.yml and save it in the ‘docker’ folder.
SSH and Docker-Compose
It’s time to get logged into you Diskstation via SSH, you can do this in the same way as when you obtained your IDs in the ‘Setting up a restricted Docker user‘ guide.
Once you have logged in you will need to give 2 commands, you can copy and paste these one at a time — you will need to enter your password for the command starting with ‘sudo’
First we are going to change directory to where the watchtower.yml is located, type the below and then press enter.
cd /volume1/dockerThen we are going to instruct Docker Compose to read the file we created and complete the set-up the container. Again type the below and press enter.
sudo docker-compose -f watchtower.yml up -dWhen the command has completed you should be able to see Watchtower running in the list of containers in the Synology GUI. You can go into the container and within the log you should see that Watchtower is counting down to your next check.
You can now just leave Watchtower running you will never need to manually update your containers again.
FAQ
Q: I keep getting X container has stopped unexpectedly errors!
A: DSM does not know or understand that Watchtower is issuing commands in the background. So it makes the assumption that it was stopped unexpectedly, but we know it was Watchtower doing an update, the same happens if you issue a commands via docker-compose or even Portainer.
Q: Do I need to update Watchtower itself?
A: Nope it updates itself – quite clever really 🙂
Looking for some help, join our Discord community
If you are struggling with any steps in the guides or looking to branch out into other containers join our Discord community!
Buy me a beverage!
If you have found my site useful please consider pinging me a tip as it helps cover the cost of running things or just lets me stay hydrated. Plus 10% goes to the devs of the apps I do guides for every year.
| Historic Updates | Date |
|---|---|
| New guide released | 31/12/2021 |
| Added command to only include specific containers (thanks to TimeLord on Discord) | 01/09/2022 |
| Added notes in relation to updating GlueTUN and Torrents | 03/12/2022 |
| Added the missing ‘synobridge’ network | 16/01/2023 |
| Compose version number removed and small wording amendments | 09/04/2023 |
| Amended the path to save the compose file – this is for security, so the container has no access to the file contents. | 14/04/2023 |
So after reading through all this, do you recommend using Watchtower or not? I have all of my containers (set up with your guides TY!) working perfectly, and I have been manually updating them as needed – no issues. I thought having the process automated would be great, but I am hesitating due to some of your comments here about bugs. It looks like I have watchtower installed properly but I have the container OFF for now.
Was planning to use it to update :
– sabnzbd
– overseerr
– lidarr
– prowlarr
– radarr
– sonarr
– tautulli
– watchtower
The one of the two questions I have on this is HOW does Watchtower know what version of the image to download and install? Most of the containers use “latest” but like Prowlarr uses “develop”….
Also, will Watchtower update Readarr and Whisparr? I did not see them listed in the guide.
TY!!
Hey, so it’s completely personal choice, the only ones I recommend not including is Gluetun and anything attached to its network as it will fall over. Watcher knows what tag you are using for each container so will pull the correct version accordingly.
You can just add whatever containers you would like by there name in the list.
Try it out and see how you get on.
Thanks for the info. One last question and sorry if I missed it. How will I know / will I be notified when Watchtower has updated a container?
Yes there are a number of methods for notifications that can be set by container environment variables. See the documentation here that covers it off – https://containrrr.dev/watchtower/notifications/
I am receiving this email message after watchtower updates Sonarr:
“Docker container sonarr stopped unexpectedly. Please select sonarr on the Container page, click the Details button, and go to the Log tab for details.
From SynologyNAS”
Is there a way to make this message stop being sent? Not sure why I’m even getting this.
Unfortunately not, the way Synology implement the ui means if it didn’t stop the container it makes the assumption that something is wrong. It could do with an independent notifications option for Docker to be honest.
i think the command – container_name function is broken/deprecated?
I am doing some digging in the documentation – they don’t have a specific section saying what is deprecated that I have seen so far. Is it not working for you?
Can you please clarify? Works fine for me.
Thanks for this and some of your other guides, just upgraded to a NAS capable of hosting containers and these have been very useful having only previously dabbled with docker. One thing that might be worth mentioning is that Watchtower can be setup to just give notifications as I was a bit weary of allowing continuous upgrades that may containing breaking changes. In the end i actually opted to use What’s Up Docker – WUD (https://fmartinou.github.io/whats-up-docker/#/configuration/triggers/smtp/) as it has a web UI you can check as well as the ability to trigger events like downloads etc.
Hey Richard. I will definitely be checking out WUD looks cool, I don’t personally use Watchtower on my own setup as I found being on the bleeding edge came with also being on bug watch! 🙂
Periodically by qbittorrent container is stopped and cannot be restarted. I need to recreate it. I cannot verify that wachtower is causing the issue, but it appears to happen when other containers are stopped and started. So I assume they are being updated. What might I look for to remedy this?
You may want to exclude certain containers from being updated, I personally moved away from automated updates as it feels like overkill and caused me to be on the bleeding edge of bugs. I am away at the moment so will need to update the guide, in the interim you can see the docs for how to add labels to containers. However this relies on you having them all being set up via a compose file.
https://containrrr.dev/watchtower/container-selection/
You should be able to match up the stop time to your configured watchtower cron time and the Watchtower logs
You can try to add “WATCHTOWER_TRACE=true” to your “environment” section. It will tell Watchtower to log debug and trace details about when and what exactly it’s doing with your containers.
You could also add “WATCHTOWER_NOTIFICATIONS=email” with additional “WATCHTOWER_NOTIFICATION_EMAIL_*” settings to send yourself an email when it does something with your containers. There are many notification options besides the “email”, if you’d prefer something else than the email:
https://containrrr.dev/watchtower/notifications/
But if you’re OK just to go and check your Watchtower log output and you do not need any notifications, then “WATCHTOWER_TRACE=true” should be enough to figure out whether it’s indeed Watchtower messing up with your containers.
If you want to update only specific list of containers instead of all of them, you can just list those you want to update in your Watchtower docker-compose YAML file via “command”. The following probably won’t survive the comment section formatting, but I hope it’ll give you an idea:
command:
– plex
– watchtower
This will tell Watchtower to only monitor and update plex container and itself (watchtower container). That way you’ll know Watchtower is not touching your qbittorrent container and something else must be an issue if you still see your qbittorrent crashing.
Thanks Timelord I am going to take some of your suggestions and add them to the guide
I would delete the Watchtower container and the associated files in /docker/data at this point as its clearly got that old container image in its logs somehow when it doesn’t actually exist anymore.
This will start you fresh and get rid of the error as the system prune deleted everything unused.