How to Get Apps Automatically Updating with Watchtower?

I would really like to have my apps (installed using the UI) in TrueNAS Scale 24.10 to be automatically updated at a specific time. Watchtower seemed like the perfect solution, but when I try to mount a host path: “/var/run/docker.sock” → “/var/run/docker.sock” it seems like Watchtower can’t find any new images even when they are available.

msg="Trying to load authentication credentials." container=/ix-plex-plex-1 image="plexinc/pms-docker:plexpass"
msg="No credentials for index.docker.io found" config_file=/config.json
msg="Got image name: plexinc/pms-docker:plexpass"
msg="Checking if pull is needed" container=/ix-plex-plex-1 image="plexinc/pms-docker:plexpass"
msg="Built challenge URL" URL="https://index.docker.io/v2/"
msg="Got response to challenge request" header="Bearer realm=\"https://auth.docker.io/token\",service=\"registry.docker.io\"" status="401 Unauthorized"
msg="Checking challenge header content" realm="https://auth.docker.io/token" service=registry.docker.io
msg="Setting scope for auth token" image=docker.io/plexinc/pms-docker scope="repository:plexinc/pms-docker:pull"
msg="No credentials found."
msg="Parsing image ref" host=index.docker.io image=plexinc/pms-docker normalized=docker.io/plexinc/pms-docker tag=plexpass
msg="Doing a HEAD request to fetch a digest" url="https://index.docker.io/v2/plexinc/pms-docker/manifests/plexpass"
msg="Found a remote digest to compare with" remote="sha256:8aeb4a982ea564ad309861dd251cd9e218aac3f4e4d3da21375568341be1b16f"
msg=Comparing local="sha256:8aeb4a982ea564ad309861dd251cd9e218aac3f4e4d3da21375568341be1b16f" remote="sha256:8aeb4a982ea564ad309861dd251cd9e218aac3f4e4d3da21375568341be1b16f"
msg="Found a match"
msg="No pull needed. Skipping image."
msg="No new images found for /ix-plex-plex-1"

This is an example error I get when I try to update the plex app. Are there credentials in TrueNAS Scale that I need to load into Watchtower to properly access index dot docker dot io? Any help on ways to solve this issue would be greatly appreciated! :heart:

Hey, I just set this up and tested it, and it works perfectly fine. I just have a plain setup of watchtower passing through the docker socket (and setting the RUN_ONCE variable to “true” for testing purposes). Maybe try without the credentials setup you have, you shouldn’t need that for the public Plex images anyway.

I tried setting this up again and the credentials issue doesn’t seem to be happening anymore, but the only apps that get updated are ones set up as custom apps. Any apps installed using the TrueNAS catalog aren’t seen as needing an update by watchtower. :face_with_diagonal_mouth:

Ah I understand what isn’t working now, it isn’t updating apps when they only have an update to the “Version” but the “App Version” is unchanged. I would assume that “Version” is something that is TrueNAS specific. Is there any harm in only updating “App Version” using watchtower?

App version is only the upstream image, but there may be other changes in the TrueNAS catalog that would not be captured by only updating the app version.
My hunch would be that updating the app version seperately from the catalog version would lead to breakages if values in the catalog no longer line up with the app version, for example in app_versions.json like apps/trains/community/dockge/app_versions.json at master · truenas/apps · GitHub

Fyi there is a little more information about these values in Understanding Versions here:

Ah that makes sense, I’ll just label all my custom apps to be updated by watchtower so that the TrueNAS apps don’t get version mismatches. It would be amazing if there was a way to run the “Update All” button from the command line (or even just a “ix-apps-update plex” command) but it doesn’t seem to exist yet.