audit(gremlin): vaultwarden FAIL 2026-04-13

2026-04-13 06:39:22 -05:00 · 2026-04-13 06:39:22 -05:00 · 70e2ec95ca
commit 70e2ec95ca
parent 9b0a0a81c8
1 changed files with 42 additions and 0 deletions
--- a/Netgrimoire/Audits/vaultwarden-2026-04-13.md
+++ b/Netgrimoire/Audits/vaultwarden-2026-04-13.md
@ -0,0 +1,42 @@
+---
+title: Audit - vaultwarden.yaml
+description: Gremlin audit report 2026-04-13
+published: true
+date: 2026-04-13T11:39:22.333Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-04-13T11:39:22.333Z
+---
+
+# Audit Report — vaultwarden.yaml
+
+**Date:** 2026-04-13  
+**File:** swarm/vaultwarden.yaml  
+**Type:** Docker Swarm  
+**Verdict:** FAIL
+
+---
+
+### SWARM AUDIT
+
+#### 1. Homepage Labels
+- **PASS**: `homepage.group`, `homepage.name`, `homepage.icon`, `homepage.href`, and `homepage.description` are correctly defined.
+
+#### 2. Uptime Kuma Labels
+- **FAIL**: The label key for Uptime Kuma should follow the pattern `kuma.<n>.http.name` and `kuma.<n>.http.url`. No number (`<n>`) is provided, causing a failure.
+    - **Fix**: Add a unique identifier (e.g., `kuma.1.http.name: "Vaultwarden"`).
+
+#### 3. Caddy Labels on Exposed Services
+- **FAIL**: The label `caddy.reverse_proxy` should be correctly formatted as `caddy.<domain>.reverse_proxy`.
+    - **Fix**: Change to `caddy.pass.reverse_proxy: "bitwarden:80"`.
+
+#### 4. Placement Constraints
+- **PASS**: The placement constraint `node.hostname == docker3` is correctly defined.
+
+#### 5. Volumes Use /DockerVol/<service> Path Convention
+- **PASS**: The volume path `/DockerVol/bitwarden:/data` adheres to the convention.
+
+#### 6. Network References External netgrimoire Overlay
+- **PASS**: The network `netgrimoire` is correctly referenced as an external network.
+
+### VERDICT: FAIL