audit(gremlin): web FAIL 2026-04-13

Netgrimoire/Audits/web-2026-04-13.md

@@ -0,0 +1,73 @@
+---
+title: Audit - web.yaml
+description: Gremlin audit report 2026-04-13
+published: true
+date: 2026-04-13T11:42:48.707Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-04-13T11:42:48.707Z
+---
+
+# Audit Report — web.yaml
+
+**Date:** 2026-04-13  
+**File:** swarm/web.yaml  
+**Type:** Docker Swarm  
+**Verdict:** FAIL
+
+---
+
+### Audit Report for swarm/web.yaml
+
+#### 1. Homepage labels:
+- **PASS**: `homepage.name=www.netgrimoire.com`
+- **FAIL**: Missing `homepage.icon`, `homepage.href`, and `homepage.description`
+
+**Fix**: Add the missing labels.
+
+```yaml
+homepage.icon=mdi:web
+homepage.href=http://www.netgrimoire.com
+homepage.description=A comprehensive website for NetGrimoire.
+```
+
+#### 2. Uptime Kuma labels:
+- **FAIL**: Missing `kuma.web.http.name` and `kuma.web.http.url`
+
+**Fix**: Add the missing labels.
+
+```yaml
+kuma.web.http.name=www.netgrimoire.com
+kuma.web.http.url=http://web:80
+```
+
+#### 3. Caddy labels on exposed services:
+- **FAIL**: Missing `caddy.reverse_proxy` and `caddy.import`
+
+**Fix**: Add the missing labels.
+
+```yaml
+caddy.reverse_proxy=web:80
+caddy.import=authentik,crowdsec
+```
+
+#### 4. Placement constraints:
+- **PASS**: `node.labels.cpu == amd`
+
+#### 5. Volumes use /DockerVol/<service> path convention:
+- **FAIL**: Volume paths do not follow the convention.
+
+**Fix**: Update volume paths to follow the `/DockerVol/<service>` convention.
+
+```yaml
+volumes:
+  - /DockerVol/web/pages:/var/www/html:rw
+  - /DockerVol/web/apache:/etc/apache2/sites-enabled:ro
+```
+
+#### 6. Network references external netgrimoire overlay:
+- **PASS**: `netgrimoire` network is referenced as an external network.
+
+### Final VERDICT
+
+VERDICT: FAIL