audit(gremlin): homepage FAIL 2026-04-13

2026-04-13 06:15:08 -05:00 · 2026-04-13 06:15:08 -05:00 · 1438168279
commit 1438168279
parent 9aacaccea6
1 changed files with 52 additions and 0 deletions
--- a/Netgrimoire/Audits/homepage-2026-04-13.md
+++ b/Netgrimoire/Audits/homepage-2026-04-13.md
@ -0,0 +1,52 @@
+---
+title: Audit - homepage.yaml
+description: Gremlin audit report 2026-04-13
+published: true
+date: 2026-04-13T11:15:08.063Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-04-13T11:15:08.063Z
+---
+
+# Audit Report — homepage.yaml
+
+**Date:** 2026-04-13  
+**File:** swarm/homepage.yaml  
+**Type:** Docker Swarm  
+**Verdict:** FAIL
+
+---
+
+**Audit Results for swarm/homepage.yaml**
+
+1. **Homepage Labels**:
+   - `homepage.group`: Missing.
+   - `homepage.name`: Present (`"Homepage"`).
+   - `homepage.icon`: Missing.
+   - `homepage.href`: Missing.
+   - `homepage.description`: Missing.
+
+2. **Uptime Kuma Labels**:
+   - Missing.
+
+3. **Caddy Labels on Exposed Services**:
+   - `caddy=homepage.netgrimoire.com`: Present.
+   - `caddy.reverse_proxy="{{upstreams 3000}}"`: Present.
+
+4. **Placement Constraints**:
+   - `node.hostname == znas`: Present.
+
+5. **Volumes Use /DockerVol/<service> Path Convention**:
+   - `/DockerVol/homepage/config`: Pass.
+   - `/DockerVol/homepage/images`: Pass.
+   - `/var/run/docker.sock`: FAIL. Using a host path, which is not recommended for production environments as it can lead to security issues.
+
+6. **Network References External netgrimoire Overlay**:
+   - Present (`netgrimoire`).
+
+**Fixes Needed**:
+- Add `homepage.group`, `homepage.icon`, `homepage.href`, and `homepage.description` labels.
+- Ensure all Uptime Kuma labels are properly defined.
+- Replace `/var/run/docker.sock` with a bind mount to avoid potential security risks.
+
+**VERDICT: FAIL**