disable automatic updates by Watchtower by adding some labels

roles/authentik_docker/templates/authentik-db-docker.service.j2

@@ -8,6 +8,7 @@ ExecStartPre=-/usr/bin/docker rm --force {{ container_names.authentik.db }}
 ExecStart=/usr/bin/docker run --rm --name {{ container_names.authentik.db }} --network authentik_net \
           --env-file {{ docker_volumes_dir }}/authentik/authentik.env --expose 5432 \
           -v {{ docker_volumes_dir }}/authentik/database:/var/lib/postgresql/data \
+          --label=com.centurylinklabs.watchtower.enable=false \
           docker.io/library/postgres:{{ authentik_postgres_version }}
 ExecStop=-/usr/bin/docker stop {{ container_names.authentik.db }}
 Restart=always

roles/authentik_docker/templates/authentik-redis-docker.service.j2

@@ -8,6 +8,7 @@ ExecStartPre=-/usr/bin/docker rm --force {{ container_names.authentik.redis }}
 ExecStart=/usr/bin/docker run --rm --name {{ container_names.authentik.redis }} \
           --network authentik_net --expose 6379 \
           -v {{ docker_volumes_dir }}/authentik/redis:/data \
+          --label=com.centurylinklabs.watchtower.enable=false \
           docker.io/library/redis:alpine --save 60 1 --loglevel warning
 ExecStop=-/usr/bin/docker stop {{ container_names.authentik.redis }}
 Restart=always

roles/authentik_docker/templates/authentik-server-docker.service.j2

@@ -15,6 +15,7 @@ ExecStart=/usr/bin/docker run --rm --name {{ container_names.authentik.server }}
           --env-file {{ docker_volumes_dir }}/authentik/authentik.env \
           -v {{ docker_volumes_dir }}/authentik/media:/media \
           -v {{ docker_volumes_dir }}/authentik/custom-templates:/templates \
+          --label=com.centurylinklabs.watchtower.enable=false \
           ghcr.io/goauthentik/server:{{ version.authentik }} server
 ExecStartPost=/usr/bin/bash -c "/bin/sleep 120 && /usr/bin/docker network connect traefik {{ container_names.authentik.server }}"
 ExecStop=-/usr/bin/docker stop {{ container_names.authentik.server }}

roles/authentik_docker/templates/authentik-worker-docker.service.j2

@@ -13,6 +13,7 @@ ExecStart=/usr/bin/docker run --rm --name {{ container_names.authentik.worker }}
           -v {{ docker_volumes_dir }}/authentik/media:/media \
           -v {{ docker_volumes_dir }}/authentik/certs:/certs \
           -v {{ docker_volumes_dir }}/authentik/custom-templates:/templates \
+          --label=com.centurylinklabs.watchtower.enable=false \
           ghcr.io/goauthentik/server:{{ version.authentik }} worker
 ExecStartPost=/usr/bin/bash -c "/bin/sleep 120 && /usr/bin/docker network connect nginx_net {{ container_names.authentik.worker }}"
 ExecStop=-/usr/bin/docker stop {{ container_names.authentik.worker }}

roles/pretix_docker/templates/pretix-db.service.j2

@@ -5,7 +5,7 @@ Requires=docker.service
 
 [Service]
 ExecStartPre=-/usr/bin/docker rm --force {{ pretix_db_container_name }}
-ExecStart=/usr/bin/docker run --name {{ pretix_db_container_name }} --network pretix --label com.centurylinklabs.watchtower.enable={WATCHTOWER_ENABLED} \
+ExecStart=/usr/bin/docker run --name {{ pretix_db_container_name }} --network pretix --label com.centurylinklabs.watchtower.enable=false \
          -v {{ docker_volumes_dir }}/pretix/postgres-db:/var/lib/postgresql/data --env-file {{ docker_volumes_dir }}/pretix/pretix-db.env postgres:15
 ExecStop=/usr/bin/docker stop {{ pretix_db_container_name }}
 Restart=always

roles/pretix_docker/templates/pretix-redis.service.j2

@@ -5,7 +5,7 @@ Requires=docker.service
 
 [Service]
 ExecStartPre=-/usr/bin/docker rm --force {{ pretix_redis_container_name }}
-ExecStart=/usr/bin/docker run --name {{ pretix_redis_container_name }} --network pretix --label com.centurylinklabs.watchtower.enable={WATCHTOWER_ENABLED} redis
+ExecStart=/usr/bin/docker run --name {{ pretix_redis_container_name }} --network pretix --label com.centurylinklabs.watchtower.enable=false redis
 ExecStop=/usr/bin/docker stop {{ pretix_redis_container_name }}
 Restart=always
 RestartSec=15s

roles/pretix_docker/templates/pretix.service.j2

@@ -8,7 +8,7 @@ Requires=pretix-redis.service
 [Service]
 ExecStartPre=-/usr/bin/docker rm --force {{ pretix_container_name }}
 ExecStart=/usr/bin/docker run --rm --name {{ pretix_container_name }} --network pretix \
-          --label com.centurylinklabs.watchtower.enable={WATCHTOWER_ENABLED} --env-file {{ docker_volumes_dir }}/pretix/pretix.env \
+          --label com.centurylinklabs.watchtower.enable=false --env-file {{ docker_volumes_dir }}/pretix/pretix.env \
           -v {{ docker_volumes_dir }}/pretix/data:/data \
           -v {{ docker_volumes_dir }}/pretix/conf:/etc/pretix \
           pretix/standalone:stable

roles/traefik_docker/templates/traefik.service.j2

@@ -8,7 +8,7 @@ ExecStartPre=-/usr/bin/docker rm --force {{ traefik_container_name }}
 ExecStart=/usr/bin/docker run --rm --name {{ traefik_container_name }} \
           -v /var/run/docker.sock:/var/run/docker.sock  -v {{ docker_volumes_dir }}/traefik/traefik.yml:/traefik.yml \
           -v {{ docker_volumes_dir }}/traefik/traefik_dynamic.yml:/traefik_dynamic.yml -v {{ docker_volumes_dir }}/traefik/letsencrypt/:/letsencrypt \
-          -p 80:80 -p 443:443 -p 8448:8448 --network traefik traefik:v2.10.5
+          -p 80:80 -p 443:443 -p 8448:8448 --network traefik --label=com.centurylinklabs.watchtower.enable=false traefik:v2.10.5
 ExecStop=/usr/bin/docker stop {{ traefik_container_name }}
 Restart=always
 RestartSec=15s