Hi there! I’d like to share my project with you all.
What is this? Vigil is a lightweight, self-hosted dashboard that watches your Docker images and tells you when updates are available. It’s a ready-to-run Docker setup with a simple install scripts. I know most people don’t like scripts, but since I’m a tech noob I find it pretty useful. For all the pros out there, you can check the script by yourself. This is my first “real world” project so it might not be as polished as other apps out there. It’s a hobby that I started cultivating a few months ago and I’m pretty excited with the results. However, it’d only mean something significant, if other people use it and give their own opinions about it.
If you have a few minutes, I’d really appreciate you trying it out and leaving a review or suggestions on the repo or even here. I’d do my best to answer most of the comments.
Edited because the link wasn’t showing up and giving more details about the project. https://github.com/kumucode/vigil.git
This looks fantastic! Great work.
Thanks man, appreciate it!
Copying my comment from the homelab community:
I haven’t tried it yet, but here’s some initial thoughts:
Does it support multiple separate docker-compose.yml files? It would be useful if it could pull the list of containers directly from Docker rather than having to paste the docker-compose.
Does it pull changelogs so that the user can tell if a change is a breaking change that’ll require extra work?
It would be useful to support Webauthn/FIDO2 2FA instead of just TOTP. TOTP is being slowly phased out due to its weaknesses (it’s phishable). Similarly, it’d be useful to support single sign on using OIDC (OpenID Connect) as a lot of self-hosters use Authentik, Authelia, or Keycloak to have one login for all their self hosted services.
Hi Dan, I’m also copying the answer from homelab community.
Thanks for your feedback. Much appreciated. For the first question, you click on add and past the image you’re currently using on your compose so the app creates a card with the current version. It’s a bit manual and tedious at first, but once it’s done, it’s easier to maintain. I think your idea is great to have the app just ¨find your docker-compose and do the work", but I don’t know how to do it yet. I wanted to test it manually first and see how it’d work out.
Vigil tells you if the newer version of the image is a major change or not. If you set it to update your compose automatically it will notify you and create a log, it something goes wrong you can easily revert it from the dashboard. Did I get your question right? Let me know if you meant something else.
Finally, security is an absolute must! I decided to use 2FA because most people won’t need to expose it to the web.They’ll probably use it on LAN. However, I do have adding OIDC (OpenID Connect) in mind, since many people indeed use Authentik, Authelia (these are the ones I’m familiar with). Since this is the early version, I didn’t want to make things too complex and also, I’m vibecoding it, so I’ll certainly need some experts out there to help me out to implement it correctly and safely.
If you have any question, just let me know and I’ll try my best to answer that.
Looks like a cool project. Starred. I’m no tech expert either, so I’ll keep an eye on how the community reacts to it, in terms of security.
Keep up the good work!Thanks brother, I appreciate it. Security is one of my main concerns too, that’s why I’ll rely on the experts around here to point out what could be improved.
Please stop trying to build infrastructure software if you don’t know what you’re doing. Anyone using this probably puts their server at risk.
I won’t stop just because you’re saying it. You can only “know what you’re doing by doing it”. That’s why I made this project public available so anyone interested in looking at it, modifying it, improving it is more than welcome. I’m not selling it or claiming that I’m an expert. Quite the opposite, I’m looking for people who are genuinely interested in exploring new things and helping people out. I’ll rely on the experience and good will of experts of this community.
Sorry, but you have posted only 1 sentence about the project and not even a link to the project.
Additional with the
scripts—basically “em dash” which is really popular among llm generated texts, i get a bad feeling about it.
Well, I’m no tech expert at all so I’m just trying to get things right. I might not be able to answer everything, but I’ll do my best to get you an answer.
Have you vibecoded this?
Absolutelly vibecoding it with Cloude. I understand a bit of python and html but I’m no dev or technical professional at all. I just wanted to see if I could build something useful without much of technical expertise.
I think it’s awesome that you’re trying to get into larger scale software development. Agentic coding can do some amazing stuff, but it takes experience and knowledge to keep it going down good path. I think this can be a good learning opportunity to level up your own skills. Something I would suggest doing is instruct Claude with something like:
You are an experienced Senior Software Engineer that is an expert in web and backend technologies like Python, Typescript, Node and React. You are being brought in to analyze and productionize a prototype application. Please explore this project and plan out a workstream to level up this prototype so that it is production ready. First you should establish some research topics and write them to "docs/research/{date}-{topic-name}.md". After that, launch some FOREGROUND general-purpose agents to handle researching these topics in parallel. Once completed these general-purpose agents should write their findings to their original docs/research/{date}-{topic-name}.md.Once it’s conducted all the research, take a look at the documents that it writes. And if you have questions about the research results/decisions, have Claude explain.
100%, just take a quick look at the repo. I wish there was a rule in this community that requires a label for vibecoded apps.
It’s not a bad idea at all to have a label so we could set expectations right. But don’t be too harsh on me ;) Just being able to pull a functional app without much of experience is already a reasonable accomplishment is it?
Why would this be an accomplishment we need to celebrate? Something else then you wrote that code. If you want to celebrate an accomplishment you could say “I was part of an AI vibe coding project and we created something functional”. What you did now was putting yourself front and center where you have no place to be, you are a supporting actor, at best. Its like a project manager telling everyone they accomplished getting a product out the door, giving people the idea they did that by themselves only. No, you were part of a team where (most probably) the real work was done by others. Same applies here: you used the coding abilities of another/something else to somehow toot your own horn and tell the world you did this. You did not. You never shared any info on the others involved on your team who did all the heavy lifting, only to reveal this info when pressed by others.
I get your point about giving proper credit to the tools involved, and that’s fair. I’m not trying to pass this off as traditional from-scratch coding. Reducing it to “you did nothing” feels a bit excessive. At the same time, there’s still effort in figuring out what to build, iterating, debugging, and getting something functional out. That’s the part I’m happy about.
Even this comment stinks of LLM style. Please stop trying to bring about the dead internet.
Great idea. Automatic updates (e.g. Watchtower) make me a little nervous.
For me, it’s all about finding the right balance. I don’t want to have to manually update for every little bug fix version bump. Most software I find that major.minor version tags, if they exist, are a good compromise with daily auto updates unless it’s a really fast releasing software where just a major version makes sense. I usually just track releases on GitHub or wherever the source is hosted and bump as I need. That takes care of probably 90-95% of the containers I run.
Automatic updates for bug fixes (e.g. 1.0.0 to 1.0.1) are usually fine - it’s major and minor updates that are scarier. I’ve never used Watchtower so I’m not sure if it has an option to only allow bugfixes.
Yeah that’s exactly what I was thinking about when I started this project. I’ve noticed that many home labers are a bit skeptical with automatic updates. I’m glad you liked the idea
Does it offer notifications?
3 of your docker containers have new versions available
Yeah, absolutely. You can set the notifications as you wish.
Can you provide a link to your repo?
Yeah absolutely, my bad. First time publishing things here and I thought it was attached to the post. https://github.com/kumucode/vigil.git
