Back to Blog
team@tinypod.app

Self-Hosting Watchtower: Automatic Container Updates

Watchtower automatically updates your Docker containers. Pull the latest image, recreate the container, clean up the old one — hands-free.

watchtowerdockerupdatesautomation

What Is Watchtower?


Watchtower monitors your running containers and automatically updates them when new images are available.


How It Works


1. Watchtower checks Docker Hub (or your registry) for new images

2. If a new image is available, Watchtower pulls it

3. The running container is stopped

4. A new container is created with the same configuration

5. The old container is removed


Features


Update Options

  • Automatic updates on schedule
  • Monitor-only mode (notify but don't update)
  • Label-based inclusion/exclusion
  • Rolling restarts

    • Notifications

  • Email
  • Slack, Discord
  • Gotify, ntfy
  • Custom webhook

    • Configuration

  • Check interval (default: 24 hours)
  • Cleanup old images
  • Include stopped containers
  • Private registry authentication

    • Should You Use Watchtower?


    Pros

  • Never miss a security update
  • Zero maintenance for container updates
  • Configurable per container

    • Cons

  • Breaking changes can be applied automatically
  • No rollback mechanism
  • No pre-update testing

    • Best Practices


  • Use specific version tags for critical services (not :latest)
  • Use Watchtower for non-critical services
  • Enable notifications to know when updates happen
  • Back up volumes before enabling auto-updates
  • Use monitor-only mode for production-critical containers

    • Deployment


    Deploy on TinyPod. Resources: 1 CPU, 64 MB RAM.


    Watchtower is great for homelab and non-critical services. For production, prefer manual or controlled update processes.