How to update to 2.1 in Docker?

Hi,
I have a lot of Duplicati-instances running on Synology NAS-Systems. They run on a docker image from linuxserver/duplicati with Duplicati 2.0.8.1_beta_2024-05-07.
This docker image shows an available update. But after applying that update, the Duplicati instance isn’t usable anymore. The instances have a password for the web gui, so this can’t be the problem. I am told to add an encryption key for the settings-file. But adding a key via a docker environment variable does not solve the problem.
I had to recreate the whole instance from scratch, my luck I had a backup of the backup configuration.

Before updating the other instances:
What is the save way to update docker instances of duplicati to the latest version 2.1.x.x?
Many thanks in advance

There is a slight glitch here, in that the current 2.1.0.2 beta is not tagged “latest”, and the beta builds used to be tagged “latest”. This may explain why you get a notification inside Duplicati but not outside.

This is a bit unspecific. Can you elaborate on what does not work? Crashing instance? No connection? Backups fail?

Not sure how linuxserver images deal with it, but it is technically not required to set an encryption key (but highly recommended).

The configuration database and local databases should be stored outside of Docker, so updating the image should not cause any problems. It will update the databases though, so downgrading requires a bit of work.

Hi kenkendk,
I don’t want to downgrade, I just want to have a save way of upgrading the other instances without the need to recreate all backups from scratch.
I was forced to create an entry for an encryption key for the settings file, which wasn’t needed for 2.0.8-instances.

The upgrade was shown in the running 2.0.8-duplicati-instance, but as “manual download”.
The docker image also shows an update available. After updating the image, duplicati did not start (encryption key for settings file needed), but the key needs to be added before creating the docker-instance. Adding the key after updating did not work.

I’d note that Duplicati team does not make LinuxServer images. Duplicati made their own.

Some general questions probably apply to both though, but there are some differences…

Are you talking about the Duplicati image plan? LinuxServer latest looks like 2.1.0.2 to me:

Was there a complaint? @OecherWolke do you use an external notifier for such updates?
Image updates used to show up soon after Duplicati releases until tag schemes diverged.

Without an image notifier, I guess you’d wait for Duplicati notifier then grab its new image.
Problem with that plan is described below though – what if you grab Duplicati, not image?

How? Duplicati such as 2.0.8.1 had an autoupdater, but for containers the usual advice was updating at the container level instead. Container should preserve persistent data externally.

https://hub.docker.com/r/linuxserver/duplicati says the same thing. I don’t use Docker myself.

With some exceptions (noted in the relevant readme.md), we do not recommend or support updating apps inside the container.

    volumes:
      - /path/to/duplicati/config:/config
      - /path/to/backups:/backups
      - /path/to/source:/source

2.1.0.2 drops its autoupdater in favor of a typical OS level install, but container update is best.
Or so people seem to think. The problem is Duplicati’s notifier in Docker prompts users to use autoupdater (before) or OS level install (now). So did you use docker exec to do an update?

I think they took that advice: [FEAT] Prepare for default encrypted setting with Docker #81

It’s documented on their dockerhub page too:

[!NOTE] Unless a parameter is flaged as ‘optional’, it is mandatory and a value must be provided.

- SETTINGS_ENCRYPTION_KEY=

-e SETTINGS_ENCRYPTION_KEY= \

If you go far enough back, did you get the popup announcing 2.0.8.1. Did you let it update?

Is that a manual look, a Synology tool, a Docker tool that everyone has, if you know? I don’t.

Maybe that was done as per the linuxserver page I’ve been citing?

As I don’t know Docker (or new encryption scheme) well, I just drop hints for expert followup.

That sounds specific for the linuxserver image. There is nothing in Duplicati that would prevent you from adding it later.

Ok, I guess they updated it even though the 2.1.0.2 Duplicati image is not tagged “latest”.

That is because the plan for 2.0.9.105 was to have a forced encryption key, and I was communicating with them to add a mechanism to avoid using an autogenerated key that was then wiped on Docker rebuilds.

After it turned out that the key quality was too low, we reverted to a warning if no key was provided. I think the linuxserver way of handling it is better, but that is not applicable to all Duplicati instances.