audit(gremlin): caddy-1 FAIL 2026-05-04

Netgrimoire/Audits/caddy-1-2026-05-04.md

@@ -0,0 +1,43 @@
+---
+title: Audit - caddy-1.yaml
+description: Gremlin audit report 2026-05-04
+published: true
+date: 2026-05-04T11:49:23.511Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-05-04T11:49:23.511Z
+---
+
+# Audit Report — caddy-1.yaml
+
+**Date:** 2026-05-04  
+**File:** swarm/stack/caddy/caddy-1.yaml  
+**Type:** Docker Swarm  
+**Verdict:** FAIL
+
+---
+
+1. **Homepage labels**: Missing.
+   - **Fix**: Add the necessary homepage labels to provide essential information about the service.
+
+2. **Uptime Kuma labels**: Missing.
+   - **Fix**: Ensure Uptime Kuma's services are properly configured with their respective labels for monitoring and management through Uptime Kuma.
+
+3. **Caddy labels on exposed services**:
+   - The `caddy` label is present but lacks the specific domain name or reverse proxy configuration.
+     - **Fix**: Add a `caddy=<domain>` and `caddy.reverse_proxy=true` label to expose these details effectively.
+
+4. **Placement constraints**:
+   - Correctly set to `node.hostname == znas`.
+     - **PASS**
+
+5. **Volumes use /DockerVol/<service> path convention**:
+   - The volume paths used are `/export/Docker/caddy/*`.
+     - **FAIL**: These paths do not follow the `/DockerVol/<service>` convention.
+       - **Fix**: Change the volume paths to match the convention, e.g., `/DockerVol/caddy/Caddyfile`, `/DockerVol/caddy:/data`.
+
+6. **Network references external netgrimoire overlay**:
+   - Both `netgrimoire` and `vpn` networks are correctly referenced as external.
+     - **PASS**
+
+**VERDICT: FAIL**