audit(gremlin): caddy-1 FAIL 2026-04-27
This commit is contained in:
parent
96ac06b2af
commit
4be87a0beb
1 changed files with 62 additions and 0 deletions
62
Netgrimoire/Audits/caddy-1-2026-04-27.md
Normal file
62
Netgrimoire/Audits/caddy-1-2026-04-27.md
Normal file
|
|
@ -0,0 +1,62 @@
|
|||
---
|
||||
title: Audit - caddy-1.yaml
|
||||
description: Gremlin audit report 2026-04-27
|
||||
published: true
|
||||
date: 2026-04-27T11:47:24.293Z
|
||||
tags: gremlin,audit
|
||||
editor: markdown
|
||||
dateCreated: 2026-04-27T11:47:24.293Z
|
||||
---
|
||||
|
||||
# Audit Report — caddy-1.yaml
|
||||
|
||||
**Date:** 2026-04-27
|
||||
**File:** swarm/stack/caddy/caddy-1.yaml
|
||||
**Type:** Docker Swarm
|
||||
**Verdict:** FAIL
|
||||
|
||||
---
|
||||
|
||||
### Audit Report for swarm/stack/caddy/caddy-1.yaml
|
||||
|
||||
#### Homepage Labels (1)
|
||||
- **PASS**: No homepage labels are present in the file.
|
||||
|
||||
#### Uptime Kuma Labels (2)
|
||||
- **FAIL**: Uptime Kuma labels are missing.
|
||||
- **Fix**: Add the following labels:
|
||||
```yaml
|
||||
labels:
|
||||
kuma.0.http.name: "Uptime Kuma"
|
||||
kuma.0.http.url: "http://uptime-kuma.service.netgrimoire.internal"
|
||||
```
|
||||
|
||||
#### Caddy Labels on Exposed Services (3)
|
||||
- **PASS**: The `caddy` service does not have explicit labels for `caddy=<domain>` or `caddy.reverse_proxy`. These are inferred from the environment and volumes.
|
||||
|
||||
#### Placement Constraints (4)
|
||||
- **PASS**: The placement constraint is correctly set to run only on a node with the hostname `znas`.
|
||||
|
||||
#### Volumes Use /DockerVol/<service> Path Convention (5)
|
||||
- **FAIL**: Volumes are not using the `/DockerVol/<service>` path convention.
|
||||
- **Fix**: Modify volume paths as follows:
|
||||
```yaml
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
- /export/Docker/caddy/Caddyfile:/etc/caddy/Caddyfile
|
||||
- /export/Docker/caddy:/data
|
||||
# - /export/Docker/caddy/logs:/var/log/caddy # Mount logs for CrowdSec
|
||||
```
|
||||
To:
|
||||
```yaml
|
||||
volumes:
|
||||
- /DockerVol/caddy/docker.sock:/var/run/docker.sock
|
||||
- /DockerVol/caddy/Caddyfile:/etc/caddy/Caddyfile
|
||||
- /DockerVol/caddy:/data
|
||||
# - /export/Docker/caddy/logs:/var/log/caddy # Mount logs for CrowdSec
|
||||
```
|
||||
|
||||
#### Network References External Netgrimoire Overlay (6)
|
||||
- **PASS**: The `netgrimoire` network is correctly referenced as an external network.
|
||||
|
||||
### VERDICT: FAIL
|
||||
Loading…
Add table
Add a link
Reference in a new issue