From 70e2ec95cab1ecbe6bdf9f9d6ae81d97025e526e Mon Sep 17 00:00:00 2001
From: traveler <traveler@wasted-bandwidth.net>
Date: Mon, 13 Apr 2026 06:39:22 -0500
Subject: [PATCH] audit(gremlin): vaultwarden FAIL 2026-04-13

---
 Netgrimoire/Audits/vaultwarden-2026-04-13.md | 42 ++++++++++++++++++++
 1 file changed, 42 insertions(+)
 create mode 100644 Netgrimoire/Audits/vaultwarden-2026-04-13.md

diff --git a/Netgrimoire/Audits/vaultwarden-2026-04-13.md b/Netgrimoire/Audits/vaultwarden-2026-04-13.md
new file mode 100644
index 0000000..117f6d7
--- /dev/null
+++ b/Netgrimoire/Audits/vaultwarden-2026-04-13.md
@@ -0,0 +1,42 @@
+---
+title: Audit - vaultwarden.yaml
+description: Gremlin audit report 2026-04-13
+published: true
+date: 2026-04-13T11:39:22.333Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-04-13T11:39:22.333Z
+---
+
+# Audit Report — vaultwarden.yaml
+
+**Date:** 2026-04-13  
+**File:** swarm/vaultwarden.yaml  
+**Type:** Docker Swarm  
+**Verdict:** FAIL
+
+---
+
+### SWARM AUDIT
+
+#### 1. Homepage Labels
+- **PASS**: `homepage.group`, `homepage.name`, `homepage.icon`, `homepage.href`, and `homepage.description` are correctly defined.
+
+#### 2. Uptime Kuma Labels
+- **FAIL**: The label key for Uptime Kuma should follow the pattern `kuma.<n>.http.name` and `kuma.<n>.http.url`. No number (`<n>`) is provided, causing a failure.
+    - **Fix**: Add a unique identifier (e.g., `kuma.1.http.name: "Vaultwarden"`).
+
+#### 3. Caddy Labels on Exposed Services
+- **FAIL**: The label `caddy.reverse_proxy` should be correctly formatted as `caddy.<domain>.reverse_proxy`.
+    - **Fix**: Change to `caddy.pass.reverse_proxy: "bitwarden:80"`.
+
+#### 4. Placement Constraints
+- **PASS**: The placement constraint `node.hostname == docker3` is correctly defined.
+
+#### 5. Volumes Use /DockerVol/<service> Path Convention
+- **PASS**: The volume path `/DockerVol/bitwarden:/data` adheres to the convention.
+
+#### 6. Network References External netgrimoire Overlay
+- **PASS**: The network `netgrimoire` is correctly referenced as an external network.
+
+### VERDICT: FAIL
\ No newline at end of file