[belval]

I have ~8 self-hosted services with docker-compose and one with snap (nextcloud). While I get that snap gets some flak for how cavalier it can be with your system, ultimately my nextcloud is always up to date and I've had very little effort to put into it in over 7-8 years, which is not something I can say from my running docker containers. It might not be for everyone, but from a security standpoint it's much less fussy than basically everything else that I've tried.

[schmorptron]

Snaps have some cool use cases, like the one you mentioned. flatpak isn't there yet for CLI apps or hosting stuff from when I last checked, and the snaps for things like nextcloud just work. On a desktop system though, it's clear that everyone should just adopt flatpak for a universal app standard for the time being.

[tapoxi]

Why not just write something (or use a pre-existing tool) to update your docker containers? I know on Kubernetes there's plenty of tooling around Helm.

[XorNot]

I redid my docker stuff with podman and quadlet recently and it's been great. Quadlet turns the containers into behaving like regular systemd services (i.e. you can trigger them with timers), and "auto update" is just setting Pull=true when the container re-runs (there's a heck of a lot of good reasons to also not do this).