audit(gremlin): wiki PASS 2026-04-03

2026-04-02 22:28:56 -05:00 · 2026-04-02 22:28:56 -05:00 · 670be19315
commit 670be19315
parent 5106caf644
1 changed files with 76 additions and 0 deletions
--- a/Netgrimoire/Audits/wiki-2026-04-03.md
+++ b/Netgrimoire/Audits/wiki-2026-04-03.md
@ -0,0 +1,76 @@
+---
+title: Audit - wiki.yaml
+description: Gremlin audit report 2026-04-03
+published: true
+date: 2026-04-03T03:28:56.635Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-04-03T03:28:56.635Z
+---
+
+# Audit Report — wiki.yaml
+
+**Date:** 2026-04-03  
+**File:** swarm/wiki.yaml  
+**Type:** Docker Swarm  
+**Verdict:** PASS
+
+---
+
+### SWARM AUDIT CHECKLIST:
+
+1. **Homepage labels:**
+   - **PASS**: `wikijs`, `drawio`
+   - **FAIL**: No homepage labels defined for `wikijs-db`. 
+     - **Fix**: Add the following labels to `wikijs-db`:
+       ```yaml
+       labels:
+         homepage.group: "Database"
+         homepage.name: "PostgreSQL"
+         homepage.icon: "postgres.png"
+         homepage.href: "https://www.postgresql.org"
+         homepage.description: "Relational Database"
+         diun.enable: "true"
+       ```
+
+2. **Uptime Kuma labels:**
+   - **FAIL**: `wikijs`, `drawio` missing Kuma labels.
+     - **Fix**: Add the following labels to both `wikijs` and `drawio`:
+       ```yaml
+       labels:
+         kuma.<n>.http.name: "Wiki.js"
+         kuma.<n>.http.url: "https://wiki.netgrimoire.com"
+         # Replace <n> with a sequential number if multiple instances are needed.
+       ```
+
+3. **Caddy labels on exposed services:**
+   - **FAIL**: `drawio` missing Caddy labels for reverse proxy.
+     - **Fix**: Add the following labels to `drawio`:
+       ```yaml
+       labels:
+         caddy: draw.netgrimoire.com
+         caddy.reverse_proxy: "{{upstreams 8080}}"
+       ```
+   - **PASS**: Both `wikijs-db`, `wikijs`, and `drawio` have `caddy=<domain>` labels.
+
+4. **Placement constraints:**
+   - **FAIL**: No placement constraints for `drawio`.
+     - **Fix**: Add the following constraints to `drawio`:
+       ```yaml
+       deploy:
+         mode: replicated
+         replicas: 1
+         placement:
+           constraints:
+             - node.hostname == dockerpi1
+             - node.labels.cpu == arm
+       ```
+
+5. **Volumes use /DockerVol/<service> path convention:**
+   - **PASS**: All services follow this convention.
+
+6. **Network references external netgrimoire overlay:**
+   - **PASS**: Both `wikijs-db`, `wikijs`, and `drawio` reference the external network `netgrimoire`.
+
+### VERDICT:
+FAIL