audit(gremlin): vaultwarden FAIL 2026-05-04
This commit is contained in:
parent
20a0f0c396
commit
5c17e52e3b
1 changed files with 50 additions and 0 deletions
50
Netgrimoire/Audits/vaultwarden-2026-05-04.md
Normal file
50
Netgrimoire/Audits/vaultwarden-2026-05-04.md
Normal file
|
|
@ -0,0 +1,50 @@
|
||||||
|
---
|
||||||
|
title: Audit - vaultwarden.yaml
|
||||||
|
description: Gremlin audit report 2026-05-04
|
||||||
|
published: true
|
||||||
|
date: 2026-05-04T11:41:09.381Z
|
||||||
|
tags: gremlin,audit
|
||||||
|
editor: markdown
|
||||||
|
dateCreated: 2026-05-04T11:41:09.381Z
|
||||||
|
---
|
||||||
|
|
||||||
|
# Audit Report — vaultwarden.yaml
|
||||||
|
|
||||||
|
**Date:** 2026-05-04
|
||||||
|
**File:** swarm/vaultwarden.yaml
|
||||||
|
**Type:** Docker Swarm
|
||||||
|
**Verdict:** FAIL
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
### Audit Results:
|
||||||
|
|
||||||
|
1. **Homepage labels**:
|
||||||
|
- `homepage.group`: "PNCHarris Apps" - **PASS**
|
||||||
|
- `homepage.name`: "Vaultwarden" - **PASS**
|
||||||
|
- `homepage.icon`: "vaultwarden.png" - **FAIL**: The icon path is not a valid URL or relative path within the Docker environment. Correct it to either an absolute URL or a path relative to the Caddy configuration.
|
||||||
|
- `homepage.href`: "https://pass.netgrimoire.com" - **PASS**
|
||||||
|
- `homepage.description`: "Password Manager" - **PASS**
|
||||||
|
|
||||||
|
2. **Uptime Kuma labels**:
|
||||||
|
- `kuma.pass.http.name`: "Vaultwarden" - **PASS**
|
||||||
|
- `kuma.pass.http.url`: "http://bitwarden:80" - **FAIL**: The service name should be the actual name of the Uptime Kuma instance, not a generic name. Correct it to match the intended Uptime Kuma service name.
|
||||||
|
|
||||||
|
3. **Caddy labels on exposed services**:
|
||||||
|
- `caddy`: "pass.netgrimoire.com" - **PASS**
|
||||||
|
- `caddy.reverse_proxy`: "bitwarden:80" - **FAIL**: The reverse proxy configuration assumes that Caddy is running in the same Docker network as Vaultwarden. If Caddy is not in the same network, you need to use the correct service name or IP address.
|
||||||
|
|
||||||
|
4. **Placement constraints**:
|
||||||
|
- `node.hostname`: "docker3" - **PASS**
|
||||||
|
|
||||||
|
5. **Volumes use /DockerVol/<service> path convention**:
|
||||||
|
- `/DockerVol/bitwarden:/data` - **PASS**
|
||||||
|
|
||||||
|
6. **Network references external netgrimoire overlay**:
|
||||||
|
- `netgrimoire` network is marked as `external: true` - **PASS**
|
||||||
|
|
||||||
|
### VERDICT: FAIL
|
||||||
|
|
||||||
|
- The icon and Kuma service name labels require correction.
|
||||||
|
- The Caddy configuration needs to be adjusted based on the actual networking setup.
|
||||||
|
- Fix these issues and re-run the audit.
|
||||||
Loading…
Add table
Add a link
Reference in a new issue