Janus Updater Service
Problem
Keeping Docker containers up to date with the latest image versions requires manual intervention or external orchestration. For standalone Docker hosts (not Kubernetes), there's no built-in mechanism to automatically detect and apply image updates - leaving deployments running stale images with potential security implications.
Approach
Built a label-driven Docker container updater that scans all running containers every 30 seconds for those with janus.autoupdate.enable=true. For each enabled container, it periodically pulls the configured image, compares image IDs, and if changed: stops the old container, renames it as a rollback anchor, creates and starts a new container preserving all original configuration (labels, mounts, networks, resource limits), and removes the old container on success - or rolls back automatically on failure. Auto-prunes dangling images after updates.
Outcome
Provides automatic, safe container image updates with rollback for any Docker host. Supports monitor-only mode, configurable concurrency, and comprehensive structured JSON logging. Self-update exclusion prevents the service from updating itself. Published under the Twingate-Solutions organization.