For those of you that use docker, how do you make sure your docker-compose.yml (and possibly .env) files stay current with the project’s ongoing updates? I’m sure there’s an easier way than what I’m doing which is manually getting the latest ones and checking the diffs in vscodium. And I’m sure some git magic already takes care of this but I’ve been slow in learning git beyond the VERY basics. Thanks!
You must log in or # to comment.
I don’t pay any mind to example compose files. My are all quite custom anyway. Only thing that matters is paying attention to changelogs and watching for breaking changes.
Same here.
Read deployment documentation, configure compose to my standards, deploy, update where necessary to align with the update (e.g. remove an environment variable.The editing is done on my PC, then I open WinSCP or ssh into it (depending on my mood and amount of changes) and then apply the changes
This is new:
https://github.com/dkorecko/PatchPanda
Self-hostable Docker Compose stack update manager.
And
when you choose to update, PatchPanda edits compose/.env files and runs
docker compose pullanddocker compose up -dfor the target stack. You can also view live log.Discovered in the latest Self Host Weekly:
https://selfh.st/weekly/2025-11-28/
I have not tried it myself tho.
Hmmm I’ve heard of it but haven’t tried it. I’ll dip my toe, thanks!
PatchPanda
I too saw PatchPanda on selfh.st and it is on my watch list. The only thing holding me back is that it isn’t out of beta yet. So, I’m waiting on other selfhosters to plow that field before I deploy. It does look like it would solve a lot of problems tho.
I have automatic updates through a watchtower fork, so I just leave it alone until it breaks, then I go to the project site to see what changed. This has happened maybe twice in the last couple years.
I use a watchtower fork as well to keep some containers updated but I’m curious how others keep on top of docker-compose.yml files that the project updates over time. As an example, I’ve been using a container for years and noticed today that on the github page they’ve added a section in the compose file for a health check. I never would’ve known that was added if I didn’t stumble upon it due to another issue.
Hope you have backups.
Broke my neck a few times (I currently am waiting out the jellyfin patches and stay on 10.10.7 (i think))Easy, reliable backups are key. I’ve used komodo with automatic updates for over a year and watchtower before that for a couple more. I’ve only had one issue when Nginx Proxy Manager had a release that deleted all of its own data. Didn’t take long to realize that the services were still up and what the problem was. Restored the missing data from Proxmox backups, pinned the Nginx version for a while, then turned auto update on again. I’ll stick to this until checking updates is less work than fixing the occasional problem
Just a few days ago, my docker host upgraded the docker engine from 28 to 29.
Woke up to 10 notifications from my uptime monitoring that they are offline.Funny thing is: The external monitor showed they are down. The internal monitor showed no issues.
But after I went through with the long procrastinated upgrade from debian 11 to debian 13, migrating the data and doing nothing to the compose files, all services worked without any issue.
I don’t know what my old host did or did not but now it works, I guess? Not complaining but the whole routing thing is a bit beyond me
I run changedetection and monitor the samples .yml files projects usually host directly at their git repos
Ah ok cool I’ll check that out. Thanks!!
I set this up a while back (and recently moved to Forgejo, see the update note at the beginning of the article):
Probably a tad overkill honestly but it works amazingly well, and turns every potential upgrade into an approval process so nothing will update when you don’t want it to.
RTFM
I cannot recall a single self-hosted software documentation that mentions how to keep the docker config file up to date. Why bother wasting 5 seconds writing such an unhelpful comment
Tell me you don’t read the manual without saying you don’t read the manual.
I can recall a few! Mastodon. Lemmy. PiHole. Penpot. Mealie. Uptime Kuma.
They all mention required steps to upgrade between releases, including what to do to your docker installations and environment variables.
PLENTY of projects make tiny non-breaking changes to the compose files without any mention that users should update the file. For example, adding a section for a container health check. While these can be no big deal for a while over time they can add up to major changes in the config that users may not catch if they are not comparing yml files.
This is the kind of attitude that drives people away from open source.
Yes, people should read the manual, but at some point they will have questions, and there are a lot of projects that aren’t clear on certain things. Such as YAML changes.
Oh you must mean THE manual. Got it.
You can also interpret it as, “Read their fucking manuals.”
