From 1c34139c66991ed8b9b114312950b96a7f059d5d Mon Sep 17 00:00:00 2001
From: traveler <traveler@wasted-bandwidth.net>
Date: Mon, 20 Apr 2026 06:47:22 -0500
Subject: [PATCH] audit(gremlin): caddy-1 FAIL 2026-04-20

---
 Netgrimoire/Audits/caddy-1-2026-04-20.md | 45 ++++++++++++++++++++++++
 1 file changed, 45 insertions(+)
 create mode 100644 Netgrimoire/Audits/caddy-1-2026-04-20.md

diff --git a/Netgrimoire/Audits/caddy-1-2026-04-20.md b/Netgrimoire/Audits/caddy-1-2026-04-20.md
new file mode 100644
index 0000000..5ce81af
--- /dev/null
+++ b/Netgrimoire/Audits/caddy-1-2026-04-20.md
@@ -0,0 +1,45 @@
+---
+title: Audit - caddy-1.yaml
+description: Gremlin audit report 2026-04-20
+published: true
+date: 2026-04-20T11:47:22.141Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-04-20T11:47:22.141Z
+---
+
+# Audit Report — caddy-1.yaml
+
+**Date:** 2026-04-20  
+**File:** swarm/stack/caddy/caddy-1.yaml  
+**Type:** Docker Swarm  
+**Verdict:** FAIL
+
+---
+
+**SWARM AUDIT - Caddy-1.yaml**
+
+1. **Homepage labels**: Homepage labels are missing from the file.
+   - **Fix**: Add homepage.labels with required keys.
+
+2. **Uptime Kuma labels**: Uptime Kuma labels are not present in the file.
+   - **Fix**: If you intend to use Uptime Kuma, add corresponding labels as specified.
+
+3. **Caddy labels on exposed services**:
+   - The service has `caddy` label set with a value of `domain`, which should be replaced with an actual domain name.
+   - There is no `caddy.reverse_proxy` label specified.
+   - **Fix**: Replace `caddy=<domain>` with the actual domain name and add `caddy.reverse_proxy: "http://example.com"` if applicable.
+
+4. **Placement constraints**:
+   - The service has a placement constraint for node.hostname == znas, which is specific to your infrastructure.
+   - **Pass**: Ensure that `znas` is a valid node hostname in your Swarm setup.
+
+5. **Volumes use /DockerVol/<service> path convention**:
+   - Volumes are mounted at `/export/Docker/caddy` and other paths, not following the `/DockerVol/<service>` convention.
+   - **Fix**: Update volume mounts to follow the `/DockerVol/<service>` convention.
+
+6. **Network references external netgrimoire overlay**:
+   - The service correctly references the `netgrimoire` and `vpn` networks, which are marked as external.
+   - **Pass**: Ensure that these networks are properly set up in your Swarm environment.
+
+**VERDICT: FAIL**
\ No newline at end of file