Tag: Final

---

Maintaining Docker containers is easy—in theory. In practice, keeping your stack up-to-date with the latest images can be tedious and time-consuming. Here’s a solution: Watchtower can update containers automatically, and with Ntfy, you get real-time notifications right on your phone or desktop whenever an update occurs!

Best of all: you can set it all up through Portainer’s GUI. In this tutorial, I’ll walk you through a complete setup: no command line required.

---

Why automate Docker updates?

Manual container updates aren’t just inconvenient, they can lead to missed security patches and downtime. Watchtower eliminates this pain, pulling new images and restarting containers automatically, all on a schedule you control.

But automation can be a little scary—how do you know what’s happening? That’s where Ntfy comes in. With just a few lines of configuration, Watchtower can send push notifications to your phone or browser. You’re always in the loop, wherever you are.

---

What you need

• Docker running on your server.
• Portainer set up for easy container management.
• (Optional) Ntfy self-hosted or use ntfy.sh free public service.

---

Step 1: Pick (or create) your ntfy topic

Think of a topic as a notification channel. For this setup, I’ll use watchtower-notify as my topic. You can pick whatever you like. If you want privacy, choose a hard-to-guess topic or set up authentication (see ntfy docs).

---

Step 2: Build your Watchtower stack

In Portainer:

1. Go to “Stacks” and click “Add Stack”.
2. Give your stack a name, e.g., watchtower.
3. Enter the following Docker Compose configuration, replacing the topic with yours:
   yaml version: "3" services: watchtower: image: containrrr/watchtower container_name: watchtower restart: unless-stopped environment: - WATCHTOWER_WATCHDOG=true - WATCHTOWER_CLEANUP=true - WATCHTOWER_NOTIFICATIONS=ntfy - WATCHTOWER_NOTIFICATION_NTFY_TOPIC=watchtower-notify - WATCHTOWER_NOTIFICATION_NTFY_URL=https://ntfy.sh volumes: - /var/run/docker.sock:/var/run/docker.sock

• If using a private ntfy topic with token:
  Add
  - WATCHTOWER_NOTIFICATION_NTFY_TOKEN=your-ntfy-token
  under environment.

1. Click Deploy the stack.

---

Step 3: Subscribe to your notifications

You’re almost done! To receive updates:

• On your phone: Install the Ntfy app (iOS or Android), and subscribe to your topic, e.g. watchtower-notify.
• In your browser: Visit ntfy.sh/your-topic-name.

When Watchtower pulls an updated image and restarts your containers, you’ll get a message right away!

---

What does a notification look like?

Example:

watchtower
The container xyz was updated and restarted.

You can fine-tune both your notification topic and Watchtower’s update schedule in your docker-compose.yml file.

---

Extras and Security

• Self-host ntfy for privacy (ntfy docs). Then change WATCHTOWER_NOTIFICATION_NTFY_URL in your stack.
• Keep your topic secret (long random strings) or enable access control.
• Use Watchtower’s environment variables to control its behavior (e.g., update interval, target containers, etc).

---

Conclusion

With Watchtower, Docker containers stay up-to-date, and with Ntfy, you’re always up-to-speed on every change. Combine both with Portainer’s user-friendly interface, and managing containers becomes almost effortless.

Did you try it? Have tips or questions? Let me know in the comments!

---

Resources:

• Watchtower Docs
• Ntfy Docs
• Portainer Docs

---

Happy automating! 🚀

I am using Ntfy for my SSH alert and watchtower update. It is pretty cool to have this feature, so I can know who is accessing my server without my authorization. And know my docker needs to be updated as well.

SSH Alert Example

Command this to open code,

nano /etc/pam.d/sshd

Please add this code to the bottom of the page.

session optional pam_exec.so /usr/local/bin/ntfy-ssh-login.sh

You should create a script file called /usr/local/bin/ntfy-ssh-login.sh

nano /usr/local/bin/ntfy-ssh-login.sh

Here code, make sure you change the server URL and username and password for nginx auth.

#!/bin/bash
# This is a PAM script hook that shows how to notify you when
# somebody logs into your server. Place at /usr/local/bin/ntfy-ssh-login.sh (with chmod +x!).

TOPIC_URL=yourntfydomain
NGINXUSER=yourusername
NGINXPASSWORD=yourpassword

if [ "${PAM_TYPE}" = "open_session" ]; then
  curl -u ${NGINXUSER}:${NGINXPASSWORD} -H tags:warning -H prio:high -d "SSH login to $(hostname): ${PAM_USER} from ${PAM_RHOST}" "${TOPIC_URL}"
fi

Then Now you save Ctrl +x then yes

Make sure you have chmod permissions. Here is the command.

chmod +x /usr/local/bin/ntfy-ssh-login.sh

Go try logging into another terminal and see if it notifications you, then try logging in again and see if it notifications you. 🙂

It works well. It shows the username and IP address, so the IT team can protect the account if they don’t have permission to access our server.

Step by step:

1. Download the Android apps “Bitwarden Password Manager” and for apple “Bitwarden Password Manager”
2. Open Bitwarden password app
3. Login in on → self-hosted
4. Server URL is Https://bitwarden.richardapplegate.io
5. Login to your account. If you don’t have one, ask Richard Applegate to open a registration. I have to close the register to be more secure and stay away from bots.

Building a Dockerfile on Windows 11 is a common workflow for containerized development. Here’s how you can do it—step by step:

---

1. Install Docker Desktop for Windows

• Go to the Docker Desktop download page.
• Download the Windows installer and run it.
• Follow the prompts (ensure “WSL2” support is selected, if available).
• NOTE: Windows 11 works best with WSL2.

---

2. Write Your Dockerfile

• Use a code editor (e.g., VS Code, Notepad++).
• Save your Dockerfile as simply named: Dockerfile (no extension).
• Example (Python app):

FROM python:3.11-slim
WORKDIR /app
COPY . .
RUN pip install -r requirements.txt
CMD ["python", "app.py"]

---

3. Open a Terminal

• On Windows, you can use:
• Windows Terminal (wt command)
• Command Prompt (cmd)
• PowerShell
• WSL2 Terminal (Recommended)

---

4. Navigate to the Dockerfile Location

Use the cd command to go to your project directory:

cd path\to\your\project

---

5. Build the Docker Image

Use the docker build command. For example:

docker build -t my-app:latest .

• -t my-app:latest gives your image a name and tag (latest).
• The final . means “use the Dockerfile in the current directory”.

---

6. Run the Docker Container (Optional)

Test your image:

docker run --rm -it my-app:latest

---

7. Troubleshooting

• If Docker commands aren’t recognized, make sure Docker Desktop is running.
• Check Windows Terminal settings if using WSL2, and ensure file sharing is set up for your code folders.

---

Summary Table

Step	Command/Action
Install Docker	Download & install Docker Desktop
Write Dockerfile	Use text editor, save as Dockerfile
Open Terminal	PowerShell, CMD, WSL or Windows Terminal
Go to directory	cd path\to\project
Build image	docker build -t my-app:latest .
Run container	docker run --rm -it my-app:latest

---

Tip: You can use Docker Desktop’s GUI to see your images and containers as well!