Last updated on 23 November 2023
Please note if you are using DSM7.2 or higher you should use the Container Manager version of this guide from the menu.
This guide has reached the end of its updates as most people are now on the latest DSM update - This guide is correct as of 08/12/2023 however no further updates will be added.
Important or Recent Updates
| Historic Updates | Date |
|---|---|
| New guide released | 31/12/2021 |
| Added command to only include specific containers (thanks to TimeLord on Discord) | 01/09/2022 |
| Added notes in relation to updating GlueTUN and Torrents | 03/12/2022 |
| Added the missing ‘synobridge’ network | 16/01/2023 |
| Compose version number removed and small wording amendments | 09/04/2023 |
| Amended the path to save the compose file – this is for security, so the container has no access to the file contents. | 14/04/2023 |
| Added labels to GlueTUN container guide so updated information in this one to coincide | 06/05/2023 |
| Added a 3rd option to just exclude specific containers via a label. | 23/11/2023 |
What is Watchtower?
Watchtower is an application that watches for updates for all your containers and automatically updates them for you.
Let’s Begin
Watchtower requires access to the Docker socket, we are unable to set this up via the Synology GUI. This means we will be using Docker-Compose.
Docker Compose
We will be using Docker Compose to set up the container. In a nutshell we will be creating a text file (YAML formatted) which tells Docker exactly how we want to set up a specific container.
The next steps can be done either using a code/text editor such as Notepad++ or to keep things simple for this guide we will be using the Synology Text Editor which can be installed from the Package Center.
Open up Text Editor and click on File then New to start a new file.
We have a couple of different composes available below the first one is configured to update all running containers at 2am daily (UTC).
services:
watchtower:
image: containrrr/watchtower:latest
container_name: watchtower
environment:
- TZ=YOURTIMEZONE
- WATCHTOWER_CLEANUP=true
- WATCHTOWER_INCLUDE_STOPPED=true
- WATCHTOWER_REVIVE_STOPPED=false
- WATCHTOWER_SCHEDULE=0 0 2 * * *
volumes:
- /var/run/docker.sock:/var/run/docker.sock
restart: unless-stoppedAs an addition to the method above you can exclude specific containers from updates by adding this line to their yaml (compose) details. This is likely faster than using method 2
labels:
- com.centurylinklabs.watchtower.enable=falseThe second has an added section where you can specify the names of the containers you would like to update (use the exact name of the container as per the Synology UI)
You can copy and paste the one you wish to use into the new text file, it is important you don’t change the spacing as YAML has to be formatted correctly in order to be read by Docker Compose.
services:
watchtower:
image: containrrr/watchtower:latest
container_name: watchtower
environment:
- TZ=YOURTIMEZONE
- WATCHTOWER_CLEANUP=true
- WATCHTOWER_INCLUDE_STOPPED=true
- WATCHTOWER_REVIVE_STOPPED=false
- WATCHTOWER_SCHEDULE=0 0 2 * * *
command: # add or remove the below as required
- nzbget
- overseerr
- plex
- prowlarr
- radarr
- sonarr
- tautulli
- watchtower
volumes:
- /var/run/docker.sock:/var/run/docker.sock
restart: unless-stoppedEnvironment Variables
We need to make some changes in order for watchtower to know what time it is where you are and what we want it to do. You can amend these based on your preferences.
| Variable | Value | What it does |
|---|---|---|
| TZ | Europe/London | Change this to your own timezone |
| WATCHTOWER_CLEANUP | true or false | We want to clean up the old docker images, if you don’t turn this on over the course of a few months you will find that the images start to eat a lot of space and they are not even being used. (true or false) |
| WATCHTOWER_INCLUDE_STOPPED | true or false | Do you want to update any stopped containers, the container will stay stopped after being updated (true or false) |
| WATCHTOWER_REVIVE_STOPPED | true or false | If a stopped container is updated do you want Watchtower to start it up? (true or false) |
| WATCHTOWER_SCHEDULE | 0 0 2 * * * | Rather than setting the number of seconds to wait between checks you can set a schedule. The default I use is to check at 2am every day, you can work out your own schedule using a cron schedule generator |
Your final file should look similar to the one shown below, depending on which version you used above.
Saving the Compose File
We now need to save this file into our docker share
Click on File then Save As, navigate to the ‘docker’ share and you need to change the ‘File name’ to watchtower.yml and save it in the ‘docker’ folder.
SSH and Docker-Compose
It’s time to get logged into you Diskstation via SSH, you can do this in the same way as when you obtained your IDs in the ‘Setting up a restricted Docker user‘ guide.
Once you have logged in you will need to give 2 commands, you can copy and paste these one at a time — you will need to enter your password for the command starting with ‘sudo’
First we are going to change directory to where the watchtower.yml is located, type the below and then press enter.
cd /volume1/dockerThen we are going to instruct Docker Compose to read the file we created and complete the set-up the container. Again type the below and press enter.
sudo docker-compose -f watchtower.yml up -dWhen the command has completed you should be able to see Watchtower running in the list of containers in the Synology GUI. You can go into the container and within the log you should see that Watchtower is counting down to your next check.
You can now just leave Watchtower running you will never need to manually update your containers again.
FAQ
Q: I keep getting X container has stopped unexpectedly errors!
A: DSM does not know or understand that Watchtower is issuing commands in the background. So it makes the assumption that it was stopped unexpectedly, but we know it was Watchtower doing an update, the same happens if you issue a commands via docker-compose or even Portainer.
Q: Do I need to update Watchtower itself?
A: Nope it updates itself – quite clever really 🙂
Buy Me a Coffee or a Beer
If you have found my site useful please consider pinging me a tip as it helps cover the cost of running things or just lets me get the odd beverage. Plus 10% goes to the devs of the apps I do guides for every year.
| Historic Updates | Date |
|---|---|
| New guide released | 31/12/2021 |
| Added command to only include specific containers (thanks to TimeLord on Discord) | 01/09/2022 |
| Added notes in relation to updating GlueTUN and Torrents | 03/12/2022 |
| Added the missing ‘synobridge’ network | 16/01/2023 |
| Compose version number removed and small wording amendments | 09/04/2023 |
| Amended the path to save the compose file – this is for security, so the container has no access to the file contents. | 14/04/2023 |
Thanks for posting this! I ended up using Portainer to deploy this container but it was still nice to see the YAML definition to do it.
Good stuff – The new Container package for DSM7.2 is going to make all the compose elements to my guides much easier for anyone wanting to stick with the Syno UI
I set this up a few days ago and everything is updating but pihole. I verified the container names lineup. What am I missing?
Pihole generally receives monthly updates on the Latest channel you can see in the hub it was 23 days ago. https://hub.docker.com/r/pihole/pihole/tags
Hi,
Thanks for all your amazing tutorials which helped a lot in setting up all the containers.
Although I went through all the steps (incl second version of the YML file) and got the Watchtower container running, it doesn’t see any updates. Prowlarr and Readarr had new versions but were not seen. All my containers are running ‘latest’ except Readarr which runs ‘develop’. So I have more or less the same issue as Dan M had, but I do not understand quite well how to solve it. For setting up the containers (except Whachtower) I’ve use the easy way (not the Docker Compose way).
If there are updates it will pull them, see what it does on the next run, while Prowlarr is reporting a new version of Prowlarr it may not result in a new container being created immediately by LinuxServer. You can see on Docker Hub the date of the latest container.
https://hub.docker.com/r/linuxserver/prowlarr/tags
Just to add to what Dr_Frankenstein has already mentioned – if there are updates watchtower will pull them in the next run. If you do not specify WATCHTOWER_POLL_INTERVAL or WATCHTOWER_SCHEDULE, watchtower will run the update every 24 hrs. If you want to just run the update on-demand, add –run-once to your watchtower docker command. For example,
to update everything:
sudo docker run -v /var/run/docker.sock:/var/run/docker.sock containrrr/watchtower –run-once
to update only selected images (prowlarr and readarr):
sudo docker run -v /var/run/docker.sock:/var/run/docker.sock containrrr/watchtower –run-once prowlarr readarr
Please make sure that prowlarr and readarr are the actual names of your containers:
sudo docker ps –format ‘{{.Names}}’
Thank you both for your responds. Problem solved now. Issue was that container names were written with capital letter like Readarr while in the YML file only lowercase.
Hi, Thanks for your guides, they are very helpful. I followed this guide for Watchtower on my Syno920+, I used the second version to create my YAML file and got Watchtower installed and running. I only enabled it for a few *.arr containers that I currently run nightly versions. I know there are new nightly versions available, and I will use Readarr in this example. Watchtower is never finding the updated nightly version, the log always says “no pull needed” Not sure what I need to change or what I am doing wrong?
“Checking if pull is needed” container=/Readarr image=”linuxserver/readarr:nightly-version-0.1.1.1527″
Hey Dan
I took a quick look at the LinuxServer Readarr dockerhub below. The last nightly was 4 days ago, so it’s functioning correctly – which is good news. 🙂
https://hub.docker.com/r/linuxserver/readarr/tags
I have removed the log above just for tidyness.
Assuming you’re using docker-compose, what exactly is your “image” line for readarr in docker-compuse YML file? Your log shows you’re trying to pull specifically “linuxserver/readarr:nightly-version-0.1.1.1527”, instead of “linuxserver/readarr:nightly”.
“linuxserver/readarr:nightly-version-0.1.1.1527” is 10 days old as of today
“linuxserver/readarr:nightly” is 4 days old as of today
Ahh good spot – back to the coffee for me!
Thanks for your quick response. So I now know what the problem is and why I am having the problem. I set up all my docker containers using the default synology docker management tool. It worked fine for up up until this point in time.
So I can think of two possible options:
Recreated my containers using docker compose which is probably what y’all would recommend, or
(and not sure if this is even possible) add a variable or something(?) to my existing Synology docker configs.
At any rate, I have learned enough that I shouldn’t have a problem recreating my containers using docker-compose
As Timelord correctly pointed out you will need to recreate them with the pure ‘nightly’ tag no version numbers, you can do this in the ui if you want. And then Watchtower will work as expected.
This is awesome! You may want to note that if you edit your YML file to add or delete containers to update, you need to run the “SSH and Docker-Compose” steps again. 😉