diff --git a/common/docker_watchtower/tasks/main.yml b/common/docker_watchtower/tasks/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..c7caa58065d66f1e7bea9ef6a3bc0faec865cf32
--- /dev/null
+++ b/common/docker_watchtower/tasks/main.yml
@@ -0,0 +1,29 @@
+---
+
+- include_tasks: ../functions/get_secret.yml
+ with_items:
+ - { path: "{{ basedir }}/matrix_notification_access_token", length: -1 }
+
+
+- name: "create folder struct for {{ servicename }}"
+ file:
+ path: "{{ item }}"
+ state: "directory"
+ with_items:
+ - "{{ basedir }}"
+
+
+- name: Konfig-Dateien erstellen (base,graphite)
+ template:
+ src: "{{ item }}"
+ dest: "{{ basedir }}/{{ item }}"
+ with_items:
+ - docker-compose.yml
+ register: dockerconfig
+
+
+- name: "start {{ servicename }} docker"
+ docker_compose:
+ project_src: "{{ basedir }}"
+ state: present
+ build: "{{ dockerconfig.changed }}"
diff --git a/common/docker_watchtower/templates/docker-compose.yml b/common/docker_watchtower/templates/docker-compose.yml
new file mode 100644
index 0000000000000000000000000000000000000000..1a47da1c870097e5809a922315c970ef0d4e1adf
--- /dev/null
+++ b/common/docker_watchtower/templates/docker-compose.yml
@@ -0,0 +1,48 @@
+
+
+version: "2.4"
+
+services:
+
+ app:
+
+ image: containrrr/watchtower:latest
+ restart: always
+ volumes:
+ - /var/run/docker.sock:/var/run/docker.sock
+ environment:
+ TZ: "Europe/Berlin"
+ #WATCHTOWER_RUN_ONCE: "true"
+ WATCHTOWER_MONITOR_ONLY: "true"
+ WATCHTOWER_NOTIFICATION_REPORT: "true"
+ WATCHTOWER_NOTIFICATION_URL: >
+ matrix://:{{ matrix_notification_access_token }}@{{ matrix.domain }}/?rooms={{ matrix.notifications_room_id }}
+ WATCHTOWER_NOTIFICATION_TEMPLATE: |
+ Watchtower @ {{ inventory_hostname }} {% raw %} {{"\n"}}
+ {{- if .Report -}}
+ {{- with .Report -}}
+ {{len .Scanned}} Scanned, {{len .Updated}} Updated, {{len .Failed}} Failed
+ {{- range .Updated}}
+ - {{.Name}} ({{.ImageName}}): {{.CurrentImageID.ShortID}} updated to {{.LatestImageID.ShortID}}
+ {{- end -}}
+ {{- range .Fresh}}
+ - {{.Name}} ({{.ImageName}}): {{.State}}
+ {{- end -}}
+ {{- range .Skipped}}
+ - {{.Name}} ({{.ImageName}}): {{.State}}: {{.Error}}
+ {{- end -}}
+ {{- range .Failed}}
+ - {{.Name}} ({{.ImageName}}): {{.State}}: {{.Error}}
+ {{- end -}}
+ {{- end -}}
+ {{- else -}}
+ {{range .Entries -}}{{.Message}}{{"\n"}}{{- end -}}
+ {{- end -}}
+ {% endraw %}
+
+
+
+
+
+
+
diff --git a/group_vars/prod b/group_vars/prod
index 12f44120820c3c9a88c53a1fa892774f4357788c..6689d75819bb5cb350de6c2963a7ee40444c59fa 100644
--- a/group_vars/prod
+++ b/group_vars/prod
@@ -88,6 +88,7 @@ matrix:
domain: matrix.warpzone.ms
public_url: https://matrix.warpzone.ms
identity_server: https://matrix.warpzone.ms
+ notifications_room_id: "!iYefxbySFEfFQfUGEK:matrix.warpzone.ms"
# Monitoring
monitoring:
diff --git a/host_vars/verwaltung b/host_vars/verwaltung
index b6ca5b649270b51c712416d55a7ec00a2e277842..5603af519c92f57e895d40ff6f5ec567565d2c93 100644
--- a/host_vars/verwaltung
+++ b/host_vars/verwaltung
@@ -78,6 +78,7 @@ alert:
- { name: "nextcloud_redis_1" }
- { name: "nextcloud_webcron_1" }
- { name: "traefik_app_1" }
+ - { name: "watchtower_app_1" }
disks:
- { mountpoint: "/", warn: "5 GB", crit: "1 GB" }
- { mountpoint: "/srv", warn: "5 GB", crit: "1 GB" }
diff --git a/host_vars/webserver b/host_vars/webserver
index d0500026bd7a6bbbc986d853cd22aa975a1a0e79..d5f3ffc92a5c0387ea44abc8d2f9464c88452a67 100644
--- a/host_vars/webserver
+++ b/host_vars/webserver
@@ -112,6 +112,7 @@ alert:
- { name: "traefik_app_1" }
- { name: "vpnserver_app_1" }
- { name: "warpapi_app_1" }
+ - { name: "watchtower_app_1" }
- { name: "wordpress_app_1" }
- { name: "wordpress_db_1" }
- { name: "workadventure_back_1" }
diff --git a/site.yml b/site.yml
index 5b4b23058b64ca021c605d41163fea0af30eec18..813938bfa5262a43307896c3c1918445e0499c30 100644
--- a/site.yml
+++ b/site.yml
@@ -161,6 +161,11 @@
domain_default: "www.warpzone.ms",
matrix_federation: true
}
+ - {
+ role: common/docker_watchtower, tags: watchtower,
+ servicename: watchtower,
+ basedir: /srv/watchtower,
+ }
- {
role: webserver/docker_coturn, tags: coturn,
servicename: "coturn",
@@ -265,6 +270,11 @@
basedir: /srv/traefik,
domain: "warpzone.ms",
}
+ - {
+ role: common/docker_watchtower, tags: watchtower,
+ servicename: watchtower,
+ basedir: /srv/watchtower,
+ }
- {
role: verwaltung/docker_gitea, tags: gitea,
servicename: "gitea",