Vish/homelab-optimized
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5c2fcfeb21ba05340e91595d58d33bf5c97c5fb6
homelab-optimized/docs/guides/diun-image-notifications.md
Gitea Mirror Bot 5c2fcfeb21
Some checks failed
Documentation / Build Docusaurus (push) Failing after 5m1s
Details
Documentation / Deploy to GitHub Pages (push) Has been skipped
Details
Sanitized mirror from private repository - 2026-03-28 12:26:38 UTC
2026-03-28 12:26:38 +00:00

2.8 KiB
Raw Blame History

Diun — Docker Image Update Notifications

Diun (Docker Image Update Notifier) watches all containers on a host and sends an ntfy notification when an upstream image's digest changes — meaning a new version has been published.

Notifications arrive at: https://ntfy.vish.gg/diun

Schedule: Mondays at 09:00 (weekly check, 30s random jitter to spread load).

Hosts

Host Compose file
homelab-vm hosts/vms/homelab-vm/diun.yaml
atlantis hosts/synology/atlantis/diun.yaml
calypso hosts/synology/calypso/diun.yaml
setillo hosts/synology/setillo/diun.yaml
concord-nuc hosts/physical/concord-nuc/diun.yaml
pi-5 hosts/edge/rpi5-vish/diun.yaml
seattle hosts/vms/seattle/diun.yaml
matrix-ubuntu hosts/vms/matrix-ubuntu-vm/diun.yaml

Deployment

Portainer GitOps (Synology + homelab-vm)

For each Synology host and homelab-vm, add a Portainer stack pointing to the compose file in this repo.

Portainer Edge Agents (concord-nuc, pi-5)

Deploy via the appropriate edge endpoint in Portainer.

SSH deploy (seattle, matrix-ubuntu)

# Copy compose to host and bring up
scp hosts/vms/seattle/diun.yaml seattle:/home/vish/diun.yaml
ssh seattle "docker compose -f /home/vish/diun.yaml up -d"

scp hosts/vms/matrix-ubuntu-vm/diun.yaml matrix-ubuntu:/home/test/diun.yaml
ssh matrix-ubuntu "docker compose -f /home/test/diun.yaml up -d"

Setillo (root SSH required)

ssh setillo-root
# Copy file to setillo first, then:
docker compose -f /root/diun.yaml up -d

Validation

# List all watched images and their current digest
docker exec diun diun image list

# Trigger an immediate check (without waiting for Monday)
docker exec diun diun image check

# Check logs
docker logs diun --tail 30

Expected log on startup:

time="..." level=info msg="Starting Diun..."
time="..." level=info msg="Found 12 image(s) to watch"

Expected ntfy notification when an image updates:

Title: [diun] Update found for image ...
Body:  docker.io/amir20/dozzle:latest (...)

Per-image Opt-out

To exclude a specific container from Diun watching, add a label to its compose service:

services:
  myservice:
    labels:
      - "diun.enable=false"

Troubleshooting

No notifications received → Verify ntfy is reachable from the container: docker exec diun wget -q -O /dev/null https://ntfy.vish.gg/diun → Check DIUN_NOTIF_NTFY_ENDPOINT and DIUN_NOTIF_NTFY_TOPIC env vars

"permission denied" on docker.sock (Synology) → Run the container via Portainer (which runs as root) rather than the vish user directly

Diun watches too many images (registry rate limits) → Reduce DIUN_WATCH_WORKERS or set DIUN_PROVIDERS_DOCKER_WATCHBYDEFAULT: "false" and opt-in with diun.enable=true labels

Reference in New Issue View Git Blame Copy Permalink