From 4bfa04ed5707ec88053919b106aa17505f4ba8a4 Mon Sep 17 00:00:00 2001
From: Anish Sarkar <104695310+AnishSarkar22@users.noreply.github.com>
Date: Sat, 6 Jun 2026 01:45:27 +0530
Subject: [PATCH] feat(docker): add interactive Watchtower update preference to
 installation scripts

---
 docker/scripts/install.ps1                    | 22 ++++++++++++++++++
 docker/scripts/install.sh                     | 23 ++++++++++++++++++-
 .../docker-installation/install-script.mdx    |  6 +++--
 3 files changed, 48 insertions(+), 3 deletions(-)

diff --git a/docker/scripts/install.ps1 b/docker/scripts/install.ps1
index b44e17ef3..0bdda95e1 100644
--- a/docker/scripts/install.ps1
+++ b/docker/scripts/install.ps1
@@ -64,6 +64,28 @@ function Invoke-NativeSafe {
     }
 }
 
+function Resolve-WatchtowerPreference {
+    if ($NoWatchtower -or $Quiet -or -not [Environment]::UserInteractive) {
+        return
+    }
+
+    Write-Host ""
+    Write-Host "Automatic updates" -ForegroundColor Cyan
+    $choice = Read-Host "Enable automatic daily updates with Watchtower? (may download several GB in the background) [Y/n]"
+
+    switch ($choice) {
+        "" { $script:SetupWatchtower = $true }
+        { $_ -match '^(?i)y(es)?$' } { $script:SetupWatchtower = $true }
+        { $_ -match '^(?i)n(o)?$' } { $script:SetupWatchtower = $false }
+        default {
+            Write-Warn "Unrecognized choice '$choice'; enabling Watchtower by default. Use -NoWatchtower to skip it."
+            $script:SetupWatchtower = $true
+        }
+    }
+}
+
+Resolve-WatchtowerPreference
+
 # ── Pre-flight checks ──────────────────────────────────────────────────────
 
 Write-Step "Checking prerequisites"
diff --git a/docker/scripts/install.sh b/docker/scripts/install.sh
index 8d53519d9..84570d5f6 100644
--- a/docker/scripts/install.sh
+++ b/docker/scripts/install.sh
@@ -40,6 +40,7 @@ MIGRATION_MODE=false
 SETUP_WATCHTOWER=true
 WATCHTOWER_INTERVAL=86400
 WATCHTOWER_CONTAINER="watchtower"
+WATCHTOWER_EXPLICIT=false
 REQUESTED_VARIANT=""
 VARIANT_EXPLICIT=false
 GPU_COUNT=""
@@ -48,7 +49,7 @@ QUIET=false
 # ── Parse flags ─────────────────────────────────────────────────────────────
 for arg in "$@"; do
     case "$arg" in
-        --no-watchtower) SETUP_WATCHTOWER=false ;;
+        --no-watchtower) SETUP_WATCHTOWER=false; WATCHTOWER_EXPLICIT=true ;;
         --watchtower-interval=*) WATCHTOWER_INTERVAL="${arg#*=}" ;;
         --variant=*) REQUESTED_VARIANT="${arg#*=}"; VARIANT_EXPLICIT=true ;;
         --gpu) REQUESTED_VARIANT="cuda"; VARIANT_EXPLICIT=true ;;
@@ -80,6 +81,26 @@ if [[ -n "${GPU_COUNT}" && ! "${GPU_COUNT}" =~ ^([0-9]+|all)$ ]]; then
     error "Invalid --gpu-count='${GPU_COUNT}'. Use a number or 'all'."
 fi
 
+resolve_watchtower_preference() {
+    if $WATCHTOWER_EXPLICIT || $QUIET || [[ ! -r /dev/tty || ! -w /dev/tty ]]; then
+        return 0
+    fi
+
+    local choice
+    echo "" > /dev/tty
+    printf "${BOLD}${CYAN}Automatic updates${NC}\n" > /dev/tty
+    printf "Enable automatic daily updates with Watchtower? (may download several GB in the background) [Y/n]: " > /dev/tty
+    read -r choice < /dev/tty || choice=""
+
+    case "$choice" in
+        ""|[Yy]|[Yy][Ee][Ss]) SETUP_WATCHTOWER=true ;;
+        [Nn]|[Nn][Oo]) SETUP_WATCHTOWER=false ;;
+        *) warn "Unrecognized choice '${choice}', enabling Watchtower by default. Use --no-watchtower to skip it." >&2; SETUP_WATCHTOWER=true ;;
+    esac
+}
+
+resolve_watchtower_preference
+
 # ── Pre-flight checks ────────────────────────────────────────────────────────
 
 step "Checking prerequisites"
diff --git a/surfsense_web/content/docs/docker-installation/install-script.mdx b/surfsense_web/content/docs/docker-installation/install-script.mdx
index 8b42c1962..9f8acf9e5 100644
--- a/surfsense_web/content/docs/docker-installation/install-script.mdx
+++ b/surfsense_web/content/docs/docker-installation/install-script.mdx
@@ -21,7 +21,9 @@ irm https://raw.githubusercontent.com/MODSetter/SurfSense/main/docker/scripts/in
 
 This creates a `./surfsense/` directory with `docker-compose.yml`, `docker-compose.gpu.yml`, and `.env`, then runs `docker compose up -d --wait`.
 
-If an NVIDIA GPU and NVIDIA Container Toolkit are detected, the installer prompts for the backend variant. Non-interactive installs default to CPU unless you pass an explicit flag.
+If an NVIDIA GPU and NVIDIA Container Toolkit are detected, the installer asks whether to use GPU acceleration and chooses the compatible backend image automatically. Non-interactive installs default to CPU unless you pass an explicit flag.
+
+Interactive installs also ask whether to enable automatic daily updates with Watchtower, noting that updates may download several GB in the background.
 
 ### GPU options
 
@@ -48,7 +50,7 @@ PowerShell:
 
 The installer writes the same `.env` settings you would configure manually: `SURFSENSE_VARIANT` selects the backend image and `COMPOSE_FILE` enables the GPU overlay.
 
-To skip Watchtower (e.g. in production where you manage updates yourself):
+To skip Watchtower (e.g. in production where you manage updates yourself, or to avoid large background image downloads):
 
 ```bash
 curl -fsSL https://raw.githubusercontent.com/MODSetter/SurfSense/main/docker/scripts/install.sh | bash -s -- --no-watchtower