search

containrrr / watchtower

A process for automating Docker container base image updates.
https://containrrr.dev/watchtower/
Apache License 2.0
18.22k stars 829 forks source link

Synology: Use WebAPI to start/stop containers #1425

Open peschmae opened 1 year ago

peschmae commented 1 year ago

Is your feature request related to a problem? Please describe.

As mentioned in #923 in newer DSM versions, Synology throws an exception if a container is stopped by Watchtower.

I've digged a bit into what causes the notification and ways around that, and the only way to avoid the message is through the Synology UI and WebAPI.

If Watchtower wants to support the weird behaviour of Synology, I think it would make sense to implement the interaction through the WebAPI and hide it behind a configuration variable (as you will need credentials as well). I think this behaviour is a bug on Synologies side and how they implement the docker notifications, but it's unclear if they ever intend to fix it, and having a workaround in Watchtower would be nice.

Describe the solution you'd like

My proposed implementation would be to add a configuration options synology-web-api (as well as synology-username / synology-password ) and use these flags to switch the code that starts/stops a container.

The API is described in this document: https://global.download.synology.com/download/Document/Software/DeveloperGuide/Os/DSM/All/enu/DSM_Login_Web_API_Guide_enu.pdf

There are different examples of scripts using the webapi (or rather the synology binary for the web api), to start/stop container automatically (eg. https://github.com/jboxberger/synology-gitlab-jboxberger/blob/master/src/scripts/import-syno-cert ), so this seems to work.

Describe alternatives you've considered

If Watchtower would run as a binary on the NAS (and not in a docker container) it would be possible to use the Synology binary at /usr/syno/bin/synowebapi and circumvent the authentication, but that would entail building a synology package, and publish it through syno-community.

Additional context

If Watchtower would like to have this feature implemented, I would be open to start an implementation as I have a synology NAS that I could use for development, and also would like to improve on my Go know-how.

github-actions[bot] commented 1 year ago

Hi there! 👋🏼 As you're new to this repo, we'd like to suggest that you read our code of conduct as well as our contribution guidelines. Thanks a bunch for opening your first issue! 🙏

piksel commented 1 year ago

I personally don't think such a solution belongs inside watchtower, especially since it's interacting with a closed down proprietary system.

It should be possible to accomplish with #1231 though...

pcjmfranken commented 1 year ago

Just this likely won't cut it as it's very common for container properties to be modified or removed by the system. The only way to (mostly) avoid this, is to only create and manage containers with docker-compose and from the CLI, and not ever even opening their Docker GUI.

The GUI simply removes any container properties it doesn't or only partially supports. Containers created with a run command are recreated by DSM on system (re)boot, often ending up entirely borked. The GUI also likes to randomly set container environment variables to empty strings.

Their entire Docker implementation is super weird and unreliable. It's also very much outdated (v20.10.3 from February 2021), entirely unsupported, and all the weird and broken parts are closed source.

robinhood-code commented 7 months ago

If watchtower is using the following command to stop a container, then Synology will not throw an excemption:

synowebapi --exec api=SYNO.Docker.Container method="stop" version=1 name="CONTAINER_NAME"

Can we have option to indicate if Synology is used and if yes then stop a container using the command above?