Skip to content

GitOps & Portainer Workflow

The homelab uses a GitOps methodology. Infrastructure is stored as code in a private GitHub repository, and Portainer automatically polls for changes.

Why Polling over Webhooks?

Because the server is secured behind Cloudflare Zero Trust, GitHub cannot send inbound webhook "pings" to Portainer without opening security holes. We use a 5-minute Polling method where Portainer securely reaches out to GitHub.

Setup Instructions

  1. Created a private GitHub repository (homelab-docker).
  2. Generated a GitHub Personal Access Token (Classic) with the repo scope.
  3. In Portainer, stacks are deployed via the Repository tab instead of the Web Editor.
  4. Authentication: Uses the GitHub Username and PAT.
  5. Automatic Updates: Set to Polling (5m).

To update any container, edit the docker-compose.yml file on GitHub and commit. Portainer will sync the changes within 5 minutes.