Modern Docker Container Manager - Auto-Update & Health Monitor
2.3K
Modern Docker Container Manager - Auto-Update & Health Monitor
A spiritual successor to Watchtower and Docker Watchdog, actively maintained with modern security practices.
Quick Start • Web UI • Documentation • Docker Hub • Contributing
/metrics)docker run -d \
--name dockwarden \
--restart unless-stopped \
-v /var/run/docker.sock:/var/run/docker.sock \
emon5122/dockwarden
That's it! DockWarden will:
docker run -d \
--name dockwarden \
--restart unless-stopped \
-v /var/run/docker.sock:/var/run/docker.sock \
-p 8080:8080 \
-e DOCKWARDEN_API_ENABLED=true \
emon5122/dockwarden
Access the dashboard at http://localhost:8080
services:
dockwarden:
image: emon5122/dockwarden:latest
container_name: dockwarden
restart: unless-stopped
ports:
- "8080:8080"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
environment:
- DOCKWARDEN_API_ENABLED=true
- DOCKWARDEN_NOTIFICATION_URL=https://discord.com/api/webhooks/...
- TZ=Asia/Dhaka
services:
dockwarden:
image: emon5122/dockwarden:latest
container_name: dockwarden
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock
secrets:
- registry_auth
environment:
- DOCKWARDEN_REGISTRY_SECRET=/run/secrets/registry_auth
secrets:
registry_auth:
file: ./secrets/registry-auth.json
DockWarden includes a beautiful, real-time web dashboard built with modern technologies:
Enable with --api-enabled flag or DOCKWARDEN_API_ENABLED=true environment variable.
| Topic | Description |
|---|---|
| Configuration | Environment variables and options |
| Container Labels | Per-container configuration |
| Private Registries | Authentication setup |
| Security Guide | Best practices and socket proxy |
| Notifications | Setting up alerts |
| API Reference | REST API documentation |
| Metrics | Prometheus integration |
| Migration Guide | Moving from Watchtower/Watchdog |
DockWarden comes with sensible defaults:
| Setting | Default | Description |
|---|---|---|
| Interval | 1 minute | Time between update checks |
| Cleanup | true | Automatically remove old images |
| Health Watch | true | Monitor and restart unhealthy containers |
| Max Restart Attempts | 5 | Give up after 5 restart failures |
| Timezone | Asia/Dhaka | Default timezone |
| Variable | Default | Description |
|---|---|---|
DOCKWARDEN_INTERVAL | 1m | Check interval (e.g., 1m, 5m, 1h) |
DOCKWARDEN_SCHEDULE | - | Cron expression (e.g., 0 0 4 * * *) |
DOCKWARDEN_CLEANUP | true | Remove old images after update |
DOCKWARDEN_LABEL_ENABLE | false | Only manage labeled containers |
DOCKWARDEN_HEALTH_WATCH | true | Enable health monitoring |
DOCKWARDEN_HEALTH_ACTION | restart | Action on unhealthy: restart or notify |
DOCKWARDEN_API_ENABLED | false | Enable web UI and REST API |
DOCKWARDEN_API_PORT | 8080 | Web UI and API port |
DOCKWARDEN_METRICS | false | Enable Prometheus metrics |
DOCKWARDEN_NOTIFICATION_URL | - | Discord/Slack/Telegram webhook URL |
DOCKWARDEN_LOG_LEVEL | info | Log level (debug/info/warn/error) |
TZ | Asia/Dhaka | Timezone |
labels:
- "dockwarden.enable=true"
- "dockwarden.update.enable=true"
- "dockwarden.watch.enable=true"
- "dockwarden.stop-signal=SIGTERM"
- "dockwarden.stop-timeout=30"
- "dockwarden.scope=production"
See full configuration documentation for all options.
DockWarden supports multiple notification providers:
DOCKWARDEN_NOTIFICATION_URL=https://discord.com/api/webhooks/xxx/yyy
Sends rich embeds with container info, update status, and health alerts.
DOCKWARDEN_NOTIFICATION_URL=https://hooks.slack.com/services/xxx/yyy/zzz
DOCKWARDEN_NOTIFICATION_URL=telegram://BOT_TOKEN@telegram?chats=CHAT_ID
Any URL will receive a JSON payload:
{
"source": "dockwarden",
"type": "container_updated",
"message": "Container nginx has been updated",
"container_name": "nginx",
"image": "nginx:latest",
"timestamp": "2026-01-31T14:30:00Z"
}
For enhanced security, use a socket proxy to limit DockWarden's access:
services:
dockwarden:
image: emon5122/dockwarden:latest
environment:
- DOCKER_HOST=tcp://socket-proxy:2375
depends_on:
- socket-proxy
socket-proxy:
image: tecnativa/docker-socket-proxy
privileged: true
environment:
- CONTAINERS=1
- IMAGES=1
- POST=1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
❌ Old way (Watchtower):
volumes:
- /root/.docker/config.json:/config.json # Exposes credentials!
✅ New way (DockWarden):
secrets:
- registry_auth
environment:
- DOCKWARDEN_REGISTRY_SECRET=/run/secrets/registry_auth
Enable metrics with DOCKWARDEN_METRICS=true:
Available metrics:
dockwarden_containers_total - Total number of containersdockwarden_containers_running - Running containersdockwarden_containers_unhealthy - Unhealthy containersdockwarden_updates_total - Total updates performeddockwarden_update_failures_total - Failed updatesdockwarden_restarts_total - Health-triggered restartsdockwarden_check_duration_seconds - Check durationDockWarden is designed as a drop-in replacement:
# Replace this:
image: containrrr/watchtower
# With this:
image: emon5122/dockwarden:latest
Key differences:
--api-enabledEnvironment variable mapping:
WATCHTOWER_CLEANUP → DOCKWARDEN_CLEANUP
WATCHTOWER_SCHEDULE → DOCKWARDEN_SCHEDULE
WATCHTOWER_POLL_INTERVAL → DOCKWARDEN_INTERVAL
WATCHTOWER_LABEL_ENABLE → DOCKWARDEN_LABEL_ENABLE
See the Migration Guide for detailed instructions.
# Clone the repository
git clone https://github.com/emon5122/dockwarden.git
cd dockwarden
# Build
go build -o dockwarden ./cmd/dockwarden
# Build Docker image
docker build -t emon5122/dockwarden:local -f build/Dockerfile .
Contributions are welcome! Please see our Contributing Guide for details.
git checkout -b feature/amazing-feature)git commit -m 'Add amazing feature')git push origin feature/amazing-feature)This project is licensed under the MIT License - see the LICENSE file for details.
DockWarden builds upon the excellent work of:
Special thanks to all contributors of these projects!
Content type
Image
Digest
sha256:c435a3fcb…
Size
8.9 MB
Last updated
25 days ago
docker pull emon5122/dockwarden