Drop bundled Watchtower; rely on the host's global Watchtower
ripper already runs a single global nickfedor/watchtower (label-enabled) that watches every stack; the bundled containrrr/watchtower was redundant and crash-looped (its Docker API client is too old for Docker 29). Keep the watchtower.enable labels on backend/frontend so the host instance auto-deploys them; remove the per-stack service and profile. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Signed-off-by: Justin Paul <justin@jpaul.me>
This commit is contained in:
+3
-3
@@ -31,9 +31,9 @@ S3_REGION=us-east-1
|
|||||||
PROVENANCE_SITE_ADDRESS=:80
|
PROVENANCE_SITE_ADDRESS=:80
|
||||||
|
|
||||||
# --- Deploy-host services (optional, selected via COMPOSE_PROFILES) ---
|
# --- Deploy-host services (optional, selected via COMPOSE_PROFILES) ---
|
||||||
# 'tunnel' -> cloudflared connector (needs CLOUDFLARE_TUNNEL_TOKEN; public hostname -> http://caddy:80)
|
# 'tunnel' -> cloudflared connector (needs CLOUDFLARE_TUNNEL_TOKEN; public hostname -> http://caddy:80)
|
||||||
# 'watchtower' -> auto-pull updated backend/frontend images every 2 min (needs `docker login git.jpaul.io` on the host)
|
# Auto-deploy is handled by the host's global Watchtower (watches the
|
||||||
# Combine with commas. On the lab host: COMPOSE_PROFILES=tunnel,watchtower
|
# watchtower-enabled backend/frontend labels) — no profile needed here.
|
||||||
CLOUDFLARE_TUNNEL_TOKEN=
|
CLOUDFLARE_TUNNEL_TOKEN=
|
||||||
COMPOSE_PROFILES=
|
COMPOSE_PROFILES=
|
||||||
|
|
||||||
|
|||||||
@@ -108,20 +108,11 @@ services:
|
|||||||
profiles:
|
profiles:
|
||||||
- tunnel
|
- tunnel
|
||||||
|
|
||||||
# Auto-deploy: watch the label-enabled app containers (backend, frontend),
|
# Auto-deploy is handled by the host's global Watchtower (a single
|
||||||
# poll the registry every 2 minutes, and recreate on a new :test-main digest.
|
# nickfedor/watchtower instance watches every container labelled
|
||||||
# Scoped by label so it never touches Postgres/MinIO/Caddy. Registry creds come
|
# `com.centurylinklabs.watchtower.enable=true` across all stacks). The backend
|
||||||
# from the host docker config (the `docker login git.jpaul.io` on the host).
|
# and frontend carry that label above, so a new :test-main image is pulled and
|
||||||
# Opt-in via the "watchtower" profile.
|
# the container recreated automatically — no per-stack Watchtower needed.
|
||||||
watchtower:
|
|
||||||
image: containrrr/watchtower:latest
|
|
||||||
restart: unless-stopped
|
|
||||||
command: --label-enable --cleanup --interval 120
|
|
||||||
volumes:
|
|
||||||
- /var/run/docker.sock:/var/run/docker.sock
|
|
||||||
- ${HOME:-/root}/.docker/config.json:/config.json:ro
|
|
||||||
profiles:
|
|
||||||
- watchtower
|
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
pgdata:
|
pgdata:
|
||||||
|
|||||||
Reference in New Issue
Block a user