← Back to Home ☕ Buy Me a Coffee

Watchtower on Raspberry Pi

Watchtower is a lightweight Docker utility that automatically updates running containers when new versions of their images are available. It simplifies container maintenance by monitoring image changes and restarting containers with the latest updates.

🔍 Key Features

Monitors Docker containers: Watchtower watches for updates to the images your containers were built from.
Automates updates: When a new image version is detected, it pulls the updated image, gracefully stops the running container, and restarts it using the same configuration.
Supports multiple registries: Works with Docker Hub and private registries.
Notification support: Integrates with services like Slack, Discord, Email, and Telegram via Shoutrrr for update alerts

🚀 Docker Installation Steps

Update your system
sudo apt update && sudo apt upgrade -y

Install Docker

curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh

Install Docker Compose
sudo apt install docker-compose-plugin
Add your user to the Docker group
sudo usermod -aG docker $USER
Enable Docker at boot
sudo systemctl enable docker
Reboot
sudo reboot
Test Docker
docker run hello-world

📁 Setup Watchtower

mkdir ~/docker
mkdir ~/docker/watchtower

🧾 Docker Compose File

In ~/docker/watchtower create docker-compose.yml

services:
  watchtower:
    image: containrrr/watchtower
    container_name: watchtower
    restart: always
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    command: --cleanup --interval 3600
    environment:
      - WATCHTOWER_NOTIFICATIONS=email
      - WATCHTOWER_NOTIFICATION_EMAIL_FROM=<your email address> # I use my gmail account
      - WATCHTOWER_NOTIFICATION_EMAIL_TO=<where you want the alerts to go> # I use my gmail account
      - WATCHTOWER_NOTIFICATION_EMAIL_SERVER=smtp.gmail.com #assuming you're using gmail
      - WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PORT=587
      - WATCHTOWER_NOTIFICATION_EMAIL_SERVER_USER=<your gmail address> #assuming you're using gmail
      - WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD=<NOT your gmail password> #you generate this at gmail.com
      - WATCHTOWER_NOTIFICATION_EMAIL_SUBJECTTAG=Watchtower Update (Pi)

To generate WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD, go to https://myaccount.google.com/security and enable 2-Step Verification. Once that’s set up, go to https://myaccount.google.com/apppasswords. Name it Watchtower on Pi (or whatever you want), and click Create. It will generate something like abcd efgh ijkl mnop. Use that in the compose file without the spaces (ex. abcdefghijklmnop).

If you don't want email alerts from Watchtower, remove all of this from docker-compose.yml

    environment:
      - WATCHTOWER_NOTIFICATIONS=email
      - WATCHTOWER_NOTIFICATION_EMAIL_FROM=<your email address> # I use my gmail account
      - WATCHTOWER_NOTIFICATION_EMAIL_TO=<where you want the alerts to go> # I use my gmail account
      - WATCHTOWER_NOTIFICATION_EMAIL_SERVER=smtp.gmail.com #assuming you're using gmail
      - WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PORT=587
      - WATCHTOWER_NOTIFICATION_EMAIL_SERVER_USER=<your gmail address> #assuming you're using gmail
      - WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD=<NOT your gmail password> #you generate this at gmail.com
      - WATCHTOWER_NOTIFICATION_EMAIL_SUBJECTTAG=Watchtower Update (Pi)

By default, Watchtower will check for updates every 24 house. This line, command: --cleanup --interval 3600, tells Watchtower to check every hour. You can set it to anything you want. Ex. --interval 21600 sets the interval to every 6 hours

If there are containers that you want Watchtower to skip, add the following to their docker-compose.yml file

 labels:
      - com.centurylinklabs.watchtower.enable=false

▶️ Start Watchtower

From within ~/docker/watchtower run:

docker compose up -d

You should get an email from Watchtower pretty quickly.

📜 View Logs

docker logs watchtower

If you find my content useful, please consider supporting this page:

☕ Buy Me a Coffee