From 22a6dde1c038dc1ce6c2b987b75e77ef6245e033 Mon Sep 17 00:00:00 2001
From: traveler <traveler@wasted-bandwidth.net>
Date: Mon, 4 May 2026 06:49:23 -0500
Subject: [PATCH] audit(gremlin): caddy-1 FAIL 2026-05-04

---
 Netgrimoire/Audits/caddy-1-2026-05-04.md | 43 ++++++++++++++++++++++++
 1 file changed, 43 insertions(+)
 create mode 100644 Netgrimoire/Audits/caddy-1-2026-05-04.md

diff --git a/Netgrimoire/Audits/caddy-1-2026-05-04.md b/Netgrimoire/Audits/caddy-1-2026-05-04.md
new file mode 100644
index 0000000..2c8cf8c
--- /dev/null
+++ b/Netgrimoire/Audits/caddy-1-2026-05-04.md
@@ -0,0 +1,43 @@
+---
+title: Audit - caddy-1.yaml
+description: Gremlin audit report 2026-05-04
+published: true
+date: 2026-05-04T11:49:23.511Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-05-04T11:49:23.511Z
+---
+
+# Audit Report — caddy-1.yaml
+
+**Date:** 2026-05-04  
+**File:** swarm/stack/caddy/caddy-1.yaml  
+**Type:** Docker Swarm  
+**Verdict:** FAIL
+
+---
+
+1. **Homepage labels**: Missing.
+   - **Fix**: Add the necessary homepage labels to provide essential information about the service.
+
+2. **Uptime Kuma labels**: Missing.
+   - **Fix**: Ensure Uptime Kuma's services are properly configured with their respective labels for monitoring and management through Uptime Kuma.
+
+3. **Caddy labels on exposed services**:
+   - The `caddy` label is present but lacks the specific domain name or reverse proxy configuration.
+     - **Fix**: Add a `caddy=<domain>` and `caddy.reverse_proxy=true` label to expose these details effectively.
+
+4. **Placement constraints**:
+   - Correctly set to `node.hostname == znas`.
+     - **PASS**
+
+5. **Volumes use /DockerVol/<service> path convention**:
+   - The volume paths used are `/export/Docker/caddy/*`.
+     - **FAIL**: These paths do not follow the `/DockerVol/<service>` convention.
+       - **Fix**: Change the volume paths to match the convention, e.g., `/DockerVol/caddy/Caddyfile`, `/DockerVol/caddy:/data`.
+
+6. **Network references external netgrimoire overlay**:
+   - Both `netgrimoire` and `vpn` networks are correctly referenced as external.
+     - **PASS**
+
+**VERDICT: FAIL**
\ No newline at end of file