valknar/stacks
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(_update): replace watchtower with custom nightly update script

Browse Source 
Removes the watchtower container in favour of a host-side script that
runs daily at 2:00 AM via systemd timer.  Mirrors the _backup pattern:
auto-discovers stacks, pulls images, recreates changed containers,
prunes dangling images, and notifies via n8n → Telegram.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Sebastian Krüger
2026-06-09 19:42:25 +02:00
parent cb241c9696
commit 4c522961a9
15 changed files with 102 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+26 -5
View File
@@ -10,7 +10,6 @@ Each stack is independently deployable with its own `compose.yml` and `.env`. Al
|---|---|---|
| `traefik` | Reverse proxy, TLS termination | traefik |
| `mailpit` | SMTP relay (no web UI) | mailpit |
| `watchtower` | Automatic container updates | watchtower |
| `umami` | Web analytics | umami, db |
| `immich` | Photo & video management | immich, ml, redis, db |
| `affine` | Collaborative workspace & notes | affine, redis, db |
@@ -24,6 +23,7 @@ Each stack is independently deployable with its own `compose.yml` and `.env`. Al
| Directory | Description |
|---|---|
| `_backup` | Daily restic backups to HiDrive (host script + systemd timer) |
| `_update` | Nightly image update check + prune (host script + systemd timer) |
## Deployment
@@ -68,15 +68,36 @@ ssh vps 'systemctl status stacks-backup.timer'
ssh vps 'source ~/stacks/_backup/.env && restic -r /mnt/hidrive/users/valknar/Backup/stacks snapshots'
```
## Updates
The `_update` script runs nightly at 2:00 AM. It pulls the latest image for every stack, recreates any containers whose image changed, prunes dangling images, and sends a Telegram notification via n8n.
```bash
# Deploy update stack
rsync -avz _update/ vps:~/stacks/_update/
ssh vps 'chmod +x ~/stacks/_update/update.sh'
# Install systemd units
ssh vps 'ln -sf ~/stacks/_update/stacks-update.service /etc/systemd/system/ && \
ln -sf ~/stacks/_update/stacks-update.timer /etc/systemd/system/ && \
systemctl daemon-reload && systemctl enable --now stacks-update.timer'
# Manual test run
ssh vps '~/stacks/_update/update.sh'
# Check timer status
ssh vps 'systemctl status stacks-update.timer'
```
## Notifications
Watchtower and the backup script both POST to an n8n webhook, which forwards messages to Telegram.
The update script and the backup script both POST to an n8n webhook, which forwards messages to Telegram.
The webhook URL is set in two places:
The webhook URL is set in:
- `_backup/.env``WEBHOOK_URL`
- `watchtower/.env``NOTIFICATION_URL` (uses `generic+https://` shoutrrr scheme)
- `_update/.env``WEBHOOK_URL`
Both point to the same n8n workflow at `https://n8n.pivoine.art`. The workflow accepts `{ "message": "..." }` from both senders and forwards it to Telegram.
Both point to the same n8n workflow at `https://n8n.pivoine.art`. The workflow accepts `{ "message": "..." }` and forwards it to Telegram.
## Data