Is this a replacement for Watchtower?
this post was submitted on 09 Dec 2025
154 points (99.4% liked)
Selfhosted
53730 readers
457 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
-
No low-effort posts. This is subjective and will largely be determined by the community member reports.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 2 years ago
MODERATORS
This question is usually asked a lot.
This started as a project to prove that you could check for updates without first pulling every new image to compare against, while that's not why it kept get getting traction my original answer to this question still seems true:
From Watchtower Docs - Arguments
Due to Docker API limitations the latest image will still be pulled from the registry.
And:
Do not pull new images. When this flag is specified, watchtower will not attempt to pull new images from the registry. Instead it will only monitor the local image cache for changes
It's also a different approach. With dockcheck you'd run it and then make the choice what you'll update there and then. Selectively choosing exactly what containers to update at the moment. Or have it completely unattended auto update a selection of images.
With the notifications, you can get notified and then have a sitdown and auto-update what you choose.
It's just different workflows and options.
The upcoming release will also add a new option to backup the image being updated and then autoprune old backups after N days. To allow for easy rollback if a new image breaks.
Thanks for the detailed explanation. Will try to see how it fits my setup when I get a chance, but I have been wanting to move away from Watchtower as it is no longer maintained. Good to know there is an alternative, and from what you describe I like your approach. Having to opt-out of updates in Watchtower never really sat right with me- Watchtower clutter is okay in compose files that actually want something to do with Watchtower...
Thank you. I hope you can find some usefulness in it. You can also do things by compose labels. As well as dynamically at runtime. Either interactively or as arguments.
Watchtower as it is no longer maintained
Not to take away anything from the OP, but there is a fork of Watchtower that is maintained and works a lot better than the OG Watchtower. The original Watchtower would screw up the update fairly regularly. So, if you want to just yolo your updates, that'd be the way to go. If you want a bit more control, DockCheck seems to have that covered. It's always good to have choices.
Watchtower hadn't been updated in like 3 years or something. It's a dead project.
What more does it need to do
It works prefectly
Stopped working for me with a recent docker cli update. That's how I even found out it's totally abandoned.
I'm not a big fan of running software that has access to the internet once it's abandoned like this.
Sorry for spamming in this thread, but if you rely on Watchtower, there's a maintained fork I recommend: https://github.com/nicholas-fedor/watchtower
Is used by literal millions. I'm sure if there was a security issue or would be reported.
Changes for the reason of making changes doesn't make sense either
Anyway, I use podman now. It had this functionality built in
How many people use it makes no difference if there is no devs fixing security bugs.
I switched to DIUN, but it doesn't do updates only notifications. That's why I'm excited to look at OP's library.
Are there security issues reported? Is open source
Not for the latest and future versions of Docker.
This fork works, though: https://github.com/nicholas-fedor/watchtower
Your point being that I am not currently using it? Or that I should be looking for alternatives since I am currently using it?
I used to use it and switched away because it's not maintained and I had errors with recent docker cli
I absolutely adore dockcheck. Thank you for your work.
Oh that's neat, really liking the matrix notifications. Now to make it a systemd service on all my hosts.
Oh nice, yeah I havn't thought about suggesting a systemd-service thats neat! If you'd like you could contribute it as a discussion/suggestion/PR if you land on liking it, thatd be lovely.
With the image backups in the next release you could maybe even build some kind of auto rollback functionality.
Sure I can do that. I make packages too, would you think your project could use AUR, deb, rpm and/or snap packages?
Oh that's very kind of you! There's an AUR package and a brew already, don't know if other packages is necessary tbh :)
Though some people have suggested they'd like a docker container - which I should try to spend some time on in the future.
Perfect and just what I needed!
Does this check for version tags as well or only updates to the current tag?
Like the current container uses an image with the tag :0.1.0 or :v0.1.0 but :0.2.0 is available on the registry.
If you want automatic updates over major versions most containers will use the :latest tag for that.
I don't really want automatic updates, I want a notification once a month with all images that have a newer :latest available or if versionised, when a image with a newer version is available.