audit(gremlin): library FAIL 2026-04-03
This commit is contained in:
parent
c726785fe3
commit
5d9ab51200
1 changed files with 64 additions and 0 deletions
64
Netgrimoire/Audits/library-2026-04-03.md
Normal file
64
Netgrimoire/Audits/library-2026-04-03.md
Normal file
|
|
@ -0,0 +1,64 @@
|
|||
---
|
||||
title: Audit - library.yaml
|
||||
description: Gremlin audit report 2026-04-03
|
||||
published: true
|
||||
date: 2026-04-03T03:00:59.147Z
|
||||
tags: gremlin,audit
|
||||
editor: markdown
|
||||
dateCreated: 2026-04-03T03:00:59.147Z
|
||||
---
|
||||
|
||||
# Audit Report — library.yaml
|
||||
|
||||
**Date:** 2026-04-03
|
||||
**File:** swarm/library.yaml
|
||||
**Type:** Docker Swarm
|
||||
**Verdict:** FAIL
|
||||
|
||||
---
|
||||
|
||||
**SWARM AUDIT REPORT**
|
||||
|
||||
1. **Homepage labels:**
|
||||
- `homepage.group=Library`
|
||||
- `homepage.name=Netgrimoire Library`
|
||||
- `homepage.icon=calibre-web.png`
|
||||
- `homepage.href=http://books.netgrimoire.com`
|
||||
- `homepage.description=Curated Library`
|
||||
|
||||
**PASS**: All homepage labels are correctly configured.
|
||||
|
||||
2. **Uptime Kuma labels:**
|
||||
- `kuma.calibre1.http.name="Calibre-Netgrimoire"`
|
||||
- `kuma.auth.http.url=http://calibre-netgrimoire:8083`
|
||||
|
||||
**PASS**: Uptime Kuma labels are correctly configured for the Calibre service.
|
||||
|
||||
3. **Caddy labels on exposed services:**
|
||||
- `caddy=books.netgrimoire.com`
|
||||
- `caddy.reverse_proxy="{{upstreams 8083}}"`
|
||||
|
||||
**PASS**: Caddy labels are correctly configured to reverse proxy to the Calibre service.
|
||||
|
||||
4. **Placement constraints:**
|
||||
- `node.labels.general == true`
|
||||
|
||||
**FAIL**: The placement constraint should use `node.hostname` instead of `node.labels.general`.
|
||||
|
||||
5. **Volumes use /DockerVol/<service> path convention:**
|
||||
- `/data/nfs/Baxter/Docker/Calibre-netgrimoire/Config:/config`
|
||||
- `/data/nfs/Baxter/Data:/data:shared`
|
||||
|
||||
**FAIL**: Volumes are not using the recommended `/DockerVol/<service>` path convention. They should be mounted under `/DockerVol/Calibre-Netgrimoire`.
|
||||
|
||||
6. **Network references external netgrimoire overlay:**
|
||||
- `networks:`
|
||||
- `- netgrimoire`
|
||||
|
||||
**PASS**: The service is correctly using an external network.
|
||||
|
||||
**VERDICT: FAIL**
|
||||
|
||||
Fixes required:
|
||||
1. Update the placement constraint to use `node.hostname`.
|
||||
2. Update volume paths to follow the `/DockerVol/<service>` convention.
|
||||
Loading…
Add table
Add a link
Reference in a new issue