audit(gremlin): filebrowser FAIL 2026-04-03
This commit is contained in:
parent
05a04b8c07
commit
430406db8f
1 changed files with 52 additions and 0 deletions
52
Netgrimoire/Audits/filebrowser-2026-04-03.md
Normal file
52
Netgrimoire/Audits/filebrowser-2026-04-03.md
Normal file
|
|
@ -0,0 +1,52 @@
|
||||||
|
---
|
||||||
|
title: Audit - filebrowser.yaml
|
||||||
|
description: Gremlin audit report 2026-04-03
|
||||||
|
published: true
|
||||||
|
date: 2026-04-03T02:50:18.312Z
|
||||||
|
tags: gremlin,audit
|
||||||
|
editor: markdown
|
||||||
|
dateCreated: 2026-04-03T02:50:18.312Z
|
||||||
|
---
|
||||||
|
|
||||||
|
# Audit Report — filebrowser.yaml
|
||||||
|
|
||||||
|
**Date:** 2026-04-03
|
||||||
|
**File:** swarm/filebrowser.yaml
|
||||||
|
**Type:** Docker Swarm
|
||||||
|
**Verdict:** FAIL
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
### SWARM AUDIT REVIEW
|
||||||
|
|
||||||
|
1. **Homepage labels**:
|
||||||
|
- `homepage.group=Jolly Roger`: PASS
|
||||||
|
- `homepage.name=FileBrowser`: PASS
|
||||||
|
- `homepage.icon=filebrowser.png`: PASS
|
||||||
|
- `homepage.href=http://filebrowser.netgrimoire.com`: PASS
|
||||||
|
- `homepage.description=Web-based file manager`: PASS
|
||||||
|
|
||||||
|
2. **Uptime Kuma labels**:
|
||||||
|
- The document does not provide any Uptime Kuma labels, so this check cannot be verified with the provided YAML.
|
||||||
|
|
||||||
|
3. **Caddy labels on exposed services**:
|
||||||
|
- `caddy=filebrowser.netgrimoire.com`: PASS
|
||||||
|
- `caddy.reverse_proxy="{{upstreams 80}}"`: PASS
|
||||||
|
|
||||||
|
4. **Placement constraints**:
|
||||||
|
- The document specifies a constraint `node.labels.general == true`, which is not provided in the YAML.
|
||||||
|
- **Issue**: The placement constraint refers to a label that may not be present on all nodes.
|
||||||
|
- **Fix**: Ensure that all target nodes have the label `general=true`.
|
||||||
|
|
||||||
|
5. **Volumes use /DockerVol/<service> path convention**:
|
||||||
|
- The volumes are located at `/data/nfs/Baxter/Docker/filebrowser/config` and `/data/nfs/Baxter/Docker/filebrowser/srv`.
|
||||||
|
- **Issue**: These paths do not follow the `/DockerVol/<service>` convention.
|
||||||
|
- **Fix**: Rename the volumes to follow the convention, e.g., `volume: /DockerVol/filebrowser/config`.
|
||||||
|
|
||||||
|
6. **Network references external netgrimoire overlay**:
|
||||||
|
- The network is correctly set as `netgrimoire` with `external: true`.
|
||||||
|
- **PASS**
|
||||||
|
|
||||||
|
### VERDICT: FAIL
|
||||||
|
|
||||||
|
- The placement constraint and volume naming do not meet the specified conventions, which prevents a complete PASS status.
|
||||||
Loading…
Add table
Add a link
Reference in a new issue