Updating & Lifecycle

Updating to the latest image

docker compose pull
docker compose up -d

docker compose pull fetches the newer cysecurity/darwis-taka:latest image; up -d recreates the container using it. Your taka_data volume is preserved, so scans, reports, and saved API keys survive the upgrade.

Pinning a specific version

Using :latest in production makes redeploys non-deterministic. Pin to a tagged release instead:

services:
  taka:
    image: cysecurity/darwis-taka:1.0.0   # pin to a specific tag

Check Docker Hub for available tags.

Starting and stopping

docker compose start   # start an existing, stopped container
docker compose stop    # stop the container but keep it
docker compose restart # stop + start

Tearing down

docker compose down         # stop and remove the container, keep data
docker compose down -v      # stop, remove the container, and delete the data volume

Warning

docker compose down -v permanently deletes scan history, findings, reports, and saved API keys. Make a backup first if any of that matters to you.

Watching logs

docker compose logs -f taka

Logs are written to Docker’s default JSON log driver. On long-running hosts, add log-rotation limits to docker-compose.yml:

services:
  taka:
    # ...
    logging:
      driver: json-file
      options:
        max-size: "10m"
        max-file: "5"

Shell access inside the container

docker compose exec taka sh

From the shell, /data contains the database and reports; the Taka binary is on PATH. This is mostly useful for troubleshooting. Normal operation never requires it.

Rollback

If a new version behaves badly, roll back to a previously known-good tag:

services:
  taka:
    image: cysecurity/darwis-taka:1.0.0   # previous good tag

docker compose up -d

The SQLite schema is backward compatible within a minor series. Between major releases, check the release notes; a rollback may require restoring a backup of /data.