audit(gremlin): caddy-1 FAIL 2026-04-13
This commit is contained in:
parent
72d7561399
commit
1b7587703f
1 changed files with 70 additions and 0 deletions
70
Netgrimoire/Audits/caddy-1-2026-04-13.md
Normal file
70
Netgrimoire/Audits/caddy-1-2026-04-13.md
Normal file
|
|
@ -0,0 +1,70 @@
|
||||||
|
---
|
||||||
|
title: Audit - caddy-1.yaml
|
||||||
|
description: Gremlin audit report 2026-04-13
|
||||||
|
published: true
|
||||||
|
date: 2026-04-13T11:47:27.558Z
|
||||||
|
tags: gremlin,audit
|
||||||
|
editor: markdown
|
||||||
|
dateCreated: 2026-04-13T11:47:27.558Z
|
||||||
|
---
|
||||||
|
|
||||||
|
# Audit Report — caddy-1.yaml
|
||||||
|
|
||||||
|
**Date:** 2026-04-13
|
||||||
|
**File:** swarm/stack/caddy/caddy-1.yaml
|
||||||
|
**Type:** Docker Swarm
|
||||||
|
**Verdict:** FAIL
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
### SWARM AUDIT RESULTS:
|
||||||
|
|
||||||
|
1. **Homepage labels**:
|
||||||
|
- **FAIL**: Missing homepage labels such as `homepage.group`, `homepage.name`, `homepage.icon`, and `homepage.href`. Add these labels to provide a comprehensive homepage.
|
||||||
|
- **FIX**:
|
||||||
|
```yaml
|
||||||
|
configs:
|
||||||
|
caddy-basic-content:
|
||||||
|
file: ./Caddyfile
|
||||||
|
labels:
|
||||||
|
caddy:
|
||||||
|
homepage.group: "YourGroup"
|
||||||
|
homepage.name: "ServiceName"
|
||||||
|
homepage.icon: "icon_url_here"
|
||||||
|
homepage.href: "http://your_service_url"
|
||||||
|
homepage.description: "Brief description of the service."
|
||||||
|
```
|
||||||
|
|
||||||
|
2. **Uptime Kuma labels**:
|
||||||
|
- **FAIL**: No Uptime Kuma services found.
|
||||||
|
- **FIX**: If you intend to use Uptime Kuma, add its configuration and labels accordingly.
|
||||||
|
|
||||||
|
3. **Caddy labels on exposed services**:
|
||||||
|
- **PASS**: The Caddy service has the label `caddy=<domain>`, but it lacks the `caddy.reverse_proxy` label. Add this label if needed.
|
||||||
|
```yaml
|
||||||
|
services:
|
||||||
|
caddy:
|
||||||
|
image: lucaslorentz/caddy-docker-proxy:ci-alpine
|
||||||
|
labels:
|
||||||
|
caddy: example.com
|
||||||
|
caddy.reverse_proxy: true
|
||||||
|
```
|
||||||
|
|
||||||
|
4. **Placement constraints**:
|
||||||
|
- **PASS**: The placement constraint `node.hostname == znas` is correctly applied.
|
||||||
|
|
||||||
|
5. **Volumes use /DockerVol/<service> path convention**:
|
||||||
|
- **FAIL**: Volumes are using the `/export/Docker/caddy` and `/export/Docker/caddy/logs` paths, which do not follow the `/DockerVol/<service>` convention.
|
||||||
|
- **FIX**: Rename volume paths to follow the convention:
|
||||||
|
```yaml
|
||||||
|
volumes:
|
||||||
|
- /var/run/docker.sock:/var/run/docker.sock
|
||||||
|
- /DockerVol/caddy/Caddyfile:/etc/caddy/Caddyfile
|
||||||
|
- /DockerVol/caddy:/data
|
||||||
|
- /DockerVol/caddy/logs:/var/log/caddy
|
||||||
|
```
|
||||||
|
|
||||||
|
6. **Network references external netgrimoire overlay**:
|
||||||
|
- **PASS**: The `netgrimoire` network is referenced correctly as an external network.
|
||||||
|
|
||||||
|
### VERDICT: FAIL
|
||||||
Loading…
Add table
Add a link
Reference in a new issue