From 1cef80e2c953f5c22354890b5b395d3902e9341b Mon Sep 17 00:00:00 2001
From: traveler <traveler@wasted-bandwidth.net>
Date: Mon, 20 Apr 2026 06:12:31 -0500
Subject: [PATCH] audit(gremlin): filebrowser PASS 2026-04-20

---
 Netgrimoire/Audits/filebrowser-2026-04-20.md | 49 ++++++++++++++++++++
 1 file changed, 49 insertions(+)
 create mode 100644 Netgrimoire/Audits/filebrowser-2026-04-20.md

diff --git a/Netgrimoire/Audits/filebrowser-2026-04-20.md b/Netgrimoire/Audits/filebrowser-2026-04-20.md
new file mode 100644
index 0000000..641c79f
--- /dev/null
+++ b/Netgrimoire/Audits/filebrowser-2026-04-20.md
@@ -0,0 +1,49 @@
+---
+title: Audit - filebrowser.yaml
+description: Gremlin audit report 2026-04-20
+published: true
+date: 2026-04-20T11:12:31.873Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-04-20T11:12:31.873Z
+---
+
+# Audit Report — filebrowser.yaml
+
+**Date:** 2026-04-20  
+**File:** swarm/filebrowser.yaml  
+**Type:** Docker Swarm  
+**Verdict:** PASS
+
+---
+
+**Audit Report for swarm/filebrowser.yaml**
+
+1. **Homepage labels**: All homepage labels are present.
+   - `homepage.group=Jolly Roger`
+   - `homepage.name=FileBrowser`
+   - `homepage.icon=filebrowser.png`
+   - `homepage.href=http://filebrowser.netgrimoire.com`
+   - `homepage.description=Web-based file manager`
+
+2. **Uptime Kuma labels**: Both Uptime Kuma labels are present.
+   - `kuma.filebrowser.http.name="FileBrowser"`
+   - `kuma.filebrowser.http.url=http://filebrowser:80`
+
+3. **Caddy labels on exposed services**:
+   - `caddy=filebrowser.netgrimoire.com`
+   - `caddy.import=authentik`
+   - `caddy.reverse_proxy="{{upstreams 80}}"` – Issue: This label references a variable that is not explicitly defined in the YAML. It should be replaced with the actual upstream service name or IP.
+     **Fix**: Replace `{{upstreams 80}}` with the appropriate upstream service name or IP.
+
+4. **Placement constraints**: The constraint checks for `node.labels.general == true`, but it does not specify a label to check against, which might lead to unintended placement if no such label is set on any node.
+   - **Fix**: Ensure that there is a label set on nodes like `general=true` or modify the constraint to match an existing label.
+
+5. **Volumes use /DockerVol/<service> path convention**:
+   - The volumes are correctly using the `/data/nfs/Baxter/Docker/filebrowser/` directory, which does not follow the `/DockerVol/<service>` convention.
+     **Fix**: Modify the volume paths to conform to the specified convention, for example, `volumes: - /DockerVol/filebrowser/config:/config`.
+
+6. **Network references external netgrimoire overlay**:
+   - The network `netgrimoire` is correctly referenced and is set as external.
+
+**VERDICT**: FAIL
\ No newline at end of file