Watchtower is also capable of connecting to Docker endpoints which are protected by SSL/TLS. If you've used docker-machine to provision your remote Docker host, you simply need to volume mount the certificates generated by docker-machine into the watchtower container and optionally specify
The docker-machine certificates for a particular host can be located by executing the
docker-machine env command for the desired host (note the values for the
DOCKER_CERT_PATH environment variables that are returned from this command). The directory containing the certificates for the remote host needs to be mounted into the watchtower container at /etc/ssl/docker.
With the certificates mounted into the watchtower container you need to specify the
--tlsverify flag to enable verification of the certificate:
docker run -d \ --name watchtower \ -e DOCKER_HOST=$DOCKER_HOST \ -e DOCKER_CERT_PATH=/etc/ssl/docker \ -v $DOCKER_CERT_PATH:/etc/ssl/docker \ containrrr/watchtower --tlsverify