Last updated on 28 January 2024
Important or Recent Updates
| Historic Updates | Date |
|---|---|
| New guide update for DSM7.2 and Container Manager | 30/04/2023 |
| Added labels to GlueTUN container guide so updated information in this one to coincide | 06/05/2023 |
| Added a 3rd option to just exclude specific containers via a label. | 23/11/2023 |
What is Watchtower?
Watchtower requires access to the Docker socket, we are unable to set this up via the Synology GUI. This means we will be using Docker-Compose.
Let’s Begin
We will be setting up Watchtower using the Project functionality in Container Manager. This uses a compose file to tell Docker how to set up the container and also define some preferences.
Folder Setup
Let’s start by getting a folder set up for the container to use. Open up File Station create the following.
/docker/projects/watchtower-compose
Container Manager
Next we are going to set up a ‘Project’ in Container Manager. Open up Container Manager and click on Project then on the right-hand side click ‘Create’.
In the next screen we will set up our General Settings, enter the following:
| Section | Setting |
|---|---|
| Project Name: | watchtower |
| Path: | /docker/projects/watchtower-compose |
| Source: | Create docker-compose.yml |
We have a couple of different composes available below, the first one is configured to update all running containers at 2am daily.
services:
watchtower:
image: containrrr/watchtower:latest
container_name: watchtower
environment:
- TZ=YOURTIMEZONE
- WATCHTOWER_CLEANUP=true
- WATCHTOWER_INCLUDE_STOPPED=true
- WATCHTOWER_REVIVE_STOPPED=false
- WATCHTOWER_SCHEDULE=0 0 2 * * *
volumes:
- /var/run/docker.sock:/var/run/docker.sock
restart: unless-stoppedAs an addition to the method above you can exclude specific containers from updates by adding this line to their yaml (compose) details. This is likely faster than using method 2
labels:
- com.centurylinklabs.watchtower.enable=falseThe second has an added section where you can specify the names of the containers you would like to update (use the exact name of the container as per the Synology UI)
services:
watchtower:
image: containrrr/watchtower:latest
container_name: watchtower
environment:
- TZ=YOURTIMEZONE
- WATCHTOWER_CLEANUP=true
- WATCHTOWER_INCLUDE_STOPPED=true
- WATCHTOWER_REVIVE_STOPPED=false
- WATCHTOWER_SCHEDULE=0 0 2 * * *
command: # add or remove the below as required
- overseerr
- plex
- prowlarr
- radarr
- sonarr
- tautulli
- watchtower
volumes:
- /var/run/docker.sock:/var/run/docker.sock
restart: unless-stoppedYou can copy and paste the one you wish to use into the blank section in Container Manager.
Environment Variables
We need to make some changes in order for watchtower to know what time it is where you are and what we want it to do. You can amend these in the compose based on your preferences.
| Variable | Value | What it does |
|---|---|---|
| TZ | Europe/London | Change this to your own timezone |
| WATCHTOWER_CLEANUP | true or false | We want to clean up the old docker images, if you don’t turn this on over the course of a few months you will find that the images start to eat a lot of space, and they are not even being used. (true or false) |
| WATCHTOWER_INCLUDE_STOPPED | true or false | Do you want to update any stopped containers, the container will stay stopped after being updated (true or false) |
| WATCHTOWER_REVIVE_STOPPED | true or false | If a stopped container is updated do you want Watchtower to start it up? (true or false) |
| WATCHTOWER_SCHEDULE | 0 0 2 * * * | Rather than setting the number of seconds to wait between checks you can set a schedule. The default I use for the guide is 2am every day, you can work out your own schedule using a cron schedule generator. |
Click ‘Next’
You do not need to enable anything on the ‘Web portal settings’ screen click ‘Next’ again
On the final screen click Done which will begin the download of the container images and once downloaded they will be launched!
The image will now be downloaded and extracted. You should see ‘Code 0’ when it has finished.
You will now see your watchtower project running it should have a green status on the left-hand side.
You can now just leave Watchtower running you will never need to manually update your containers again.
FAQ
I keep getting X container has stopped unexpectedly errors!
DSM does not know or understand that Watchtower is issuing commands in the background. So it makes the assumption that a container was stopped unexpectedly, but we know it was Watchtower doing an update.
Do I need to update Watchtower itself?
Nope it updates itself – quite clever really 🙂
Buy Me a Coffee or a Beer
If you have found my site useful please consider pinging me a tip as it helps cover the cost of running things or just lets me get the odd beverage. Plus 10% goes to the devs of the apps I do guides for every year.
Since this does not use the synobridge, do we need to add the watchtower_default bridge to firewall exception?
It likely is not needed as Watchtower is asking Docker to do the checks etc.
What are the alternatives to hardcoding env variables in docker-compose?
Locally, I can run my project with docker compose –env-file ./.env.dev up –build via the terminal but I don’t have that option in the container manager and I would like to avoid putting passwords etc. in the file.
Hey, you will either need to manually use Docker Compose via SSH, or setup Portainer.
https://paste.drfrankenstein.co.uk/?0b2bd7a6accbcd7b#69tPDZHS9QCJ9Dqu4fsV2wgXjJer8uoeazVQVjasA1AN
Good Evening Dr. !
Getting error response from daemon on https://registry-1.docker.io/v2/
maybe an old link ?
Sounds like a temporary issue with the connection
Hi Doc, love your guides. Thanks so much for the effort you put in.
When I put “0 0 2 * * *” into that handy crontab generator link, it says: “At 12:00 AM, on day 3 of the month”
For a 2am schedule, should it not be: “0 2 * * *”
Watchtower uses a 6 digit cron so use this site
https://crontab.cronhub.io/
I see watchtower (I am re-installing everything here) does not use the synobridge network, and the installation creates a watch_tower default network in container manager (DSM 7.2). Is this expected behavior, or do I include a synobridge network_mode statement in the compose file?
Hey,it doesn’t need access to the synobridge network so it is not added. It can sit on its own.