From 5c17e52e3b68abf138d4617fbd27404bd17e63b6 Mon Sep 17 00:00:00 2001
From: traveler <traveler@wasted-bandwidth.net>
Date: Mon, 4 May 2026 06:41:09 -0500
Subject: [PATCH] audit(gremlin): vaultwarden FAIL 2026-05-04

---
 Netgrimoire/Audits/vaultwarden-2026-05-04.md | 50 ++++++++++++++++++++
 1 file changed, 50 insertions(+)
 create mode 100644 Netgrimoire/Audits/vaultwarden-2026-05-04.md

diff --git a/Netgrimoire/Audits/vaultwarden-2026-05-04.md b/Netgrimoire/Audits/vaultwarden-2026-05-04.md
new file mode 100644
index 0000000..7a7ab9d
--- /dev/null
+++ b/Netgrimoire/Audits/vaultwarden-2026-05-04.md
@@ -0,0 +1,50 @@
+---
+title: Audit - vaultwarden.yaml
+description: Gremlin audit report 2026-05-04
+published: true
+date: 2026-05-04T11:41:09.381Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-05-04T11:41:09.381Z
+---
+
+# Audit Report — vaultwarden.yaml
+
+**Date:** 2026-05-04  
+**File:** swarm/vaultwarden.yaml  
+**Type:** Docker Swarm  
+**Verdict:** FAIL
+
+---
+
+### Audit Results:
+
+1. **Homepage labels**:
+   - `homepage.group`: "PNCHarris Apps" - **PASS**
+   - `homepage.name`: "Vaultwarden" - **PASS**
+   - `homepage.icon`: "vaultwarden.png" - **FAIL**: The icon path is not a valid URL or relative path within the Docker environment. Correct it to either an absolute URL or a path relative to the Caddy configuration.
+   - `homepage.href`: "https://pass.netgrimoire.com" - **PASS**
+   - `homepage.description`: "Password Manager" - **PASS**
+
+2. **Uptime Kuma labels**:
+   - `kuma.pass.http.name`: "Vaultwarden" - **PASS**
+   - `kuma.pass.http.url`: "http://bitwarden:80" - **FAIL**: The service name should be the actual name of the Uptime Kuma instance, not a generic name. Correct it to match the intended Uptime Kuma service name.
+
+3. **Caddy labels on exposed services**:
+   - `caddy`: "pass.netgrimoire.com" - **PASS**
+   - `caddy.reverse_proxy`: "bitwarden:80" - **FAIL**: The reverse proxy configuration assumes that Caddy is running in the same Docker network as Vaultwarden. If Caddy is not in the same network, you need to use the correct service name or IP address.
+
+4. **Placement constraints**:
+   - `node.hostname`: "docker3" - **PASS**
+
+5. **Volumes use /DockerVol/<service> path convention**:
+   - `/DockerVol/bitwarden:/data` - **PASS**
+
+6. **Network references external netgrimoire overlay**:
+   - `netgrimoire` network is marked as `external: true` - **PASS**
+
+### VERDICT: FAIL
+
+- The icon and Kuma service name labels require correction.
+- The Caddy configuration needs to be adjusted based on the actual networking setup.
+- Fix these issues and re-run the audit.
\ No newline at end of file