Hoister 🏗
Deploy Docker images automatically with rollback support.
Add the label hoister.enable=true to your Docker Compose service.
Hoister checks if a new version of the image (under the same tag) is available.
It will download and start the updated container with the same settings, volumes, and networks as before.
In case of failure, it will automatically roll back to the last working state.
⚙️ Setup
Add the hoister.enable=true label to any service you want to manage:
services: example: image: emrius11/example:latest labels: - "hoister.enable=true" # <- Add this label to your service
If you want hoister to also manage a containers' named volumes add hoister.backup-volumes=true as a label. On each
container update, the volumes will be backed up and restored if an update fails.
Then, either download the latest release that matches your OS or add the Hoister container alongside your services:
services: hoister: image: emrius11/hoister:latest volumes: - /var/run/docker.sock:/var/run/docker.sock security_opt: - no-new-privileges:true depends_on: - example
Finally, push a new image to your registry using the same tag, and Hoister will automatically update the container.
📬 Notifications and Configuration
Define the following environment variables to schedule checks and receive updates and rollback notifications via Telegram, Slack, Discord or Email:
HOISTER_REGISTRY_SLACK_WEBHOOK="https://hooks.slack.com/services/XXXXXXXXX/XXXXXXXXXXXXXXXXXXXXXX" # Webhook URL HOISTER_REGISTRY_SLACK_CHANNEL="#my-update-channel" HOISTER_REGISTRY_TELEGRAM_TOKEN="12345656789:XXXXXXXXXX-XXXXXXXXX-XXXXXXXXX" # Bot token HOISTER_REGISTRY_TELEGRAM_CHAT="9999999999" # Chat ID HOISTER_REGISTRY_DISCORD_TOKEN="soijf23JASDFOIJ@.Gj7gl8.sdfoij234sdf_sdfijoij23lijasdASDF" # Bot token HOISTER_REGISTRY_DISCORD_CHANNEL="12334556898709812334" # Channel ID HOISTER_DISPATCHER_GOTIFY_TOKEN="A2SlasiSDLJ1sd" HOISTER_DISPATCHER_GOTIFY_SERVER="http://localhost:8090" HOISTER_DISPATCHER_EMAIL_SMTP_PASSWORD="My_secret-email-password" # SMTP password HOISTER_DISPATCHER_EMAIL_SMTP_SERVER="smtp.foomail.com" # SMTP server HOISTER_DISPATCHER_EMAIL_SMTP_USER="my-email-user@somedomain.com" # SMTP user HOISTER_DISPATCHER_EMAIL_RECIPIENT="foo.bar@gmail.com" # Email address to send updates to HOISTER_REGISTRY_CONTROLLER_URL="http://hoister-controller:3033" # if you want to use the front end HOISTER_REGISTRY_SCHEDULE_INTERVAL=60 # sleep in seconds between checks HOISTER_REGISTRY_SCHEDULE_CRON="0 * * * * * *" # cron expression to schedule the checks (precedence over interval)
Check the docker-compose.yaml example.
Private Registries
github registry using a classic PAT
HOISTER_REGISTRY_GHCR_USERNAME="your-github-username"
HOISTER_REGISTRY_GHCR_TOKEN="ghp_DW1.............."
Global configuration
As a fallback you can use these environment variables to authenticate against a private registry:
HOISTER_REGISTRY_USERNAME
HOISTER_REGISTRY_PASSWORD
HOISTER_REGISTRY_AUTH
HOISTER_REGISTRY_EMAIL
HOISTER_REGISTRY_SERVERADDRESS
HOISTER_REGISTRY_IDENTITYTOKEN
HOISTER_REGISTRY_REGISTRYTOKEN
Frontend (optional)
While the Hoister can be used as a standalone container, you can also deploy the optional frontend to manage and monitor your container updates. Add the following service to your docker-compose.yaml:
hoister-controller: image: emrius11/hoister-controller:latest hoister-frontend: image: emrius11/hoister-frontend:latest ports: - "3000:3000" environment: HOISTER_CONTROLLER_URL: "http://hoister-controller:3033" HOISTER_AUTH_USERNAME: admin HOISTER_AUTH_PASSWORD: !a-super-secure-password! # This can be clear text (for simplicity) or hashed using bcrypt (better)
Also make sure to set the HOISTER_CONTROLLER_URL environment variable in the Hoister container to point to the controller service.
Troubleshooting
Permission denied on the socket
[...] dial unix /var/run/docker.sock: connect: permission denied
This error usually indicates that the calling user isn't a member of the docker user group. You can add a user foo to that group with:
sudo usermod -aG docker foo