audit(gremlin): forgejo FAIL 2026-04-20

Netgrimoire/Audits/forgejo-2026-04-20.md

@@ -0,0 +1,52 @@
+---
+title: Audit - forgejo.yaml
+description: Gremlin audit report 2026-04-20
+published: true
+date: 2026-04-20T11:14:01.487Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-04-20T11:14:01.487Z
+---
+
+# Audit Report — forgejo.yaml
+
+**Date:** 2026-04-20  
+**File:** swarm/forgejo.yaml  
+**Type:** Docker Swarm  
+**Verdict:** FAIL
+
+---
+
+**Audit Results:**
+
+1. **Homepage labels:**  
+   - `homepage.group`: "Applications" - PASS
+   - `homepage.name`: "Forgejo" - PASS
+   - `homepage.icon`: "forgejo.png" - PASS
+   - `homepage.href`: "https://git.netgrimoire.com" - PASS
+   - `homepage.description`: "Git Repository" - PASS
+
+2. **Uptime Kuma labels:**  
+   - `kuma.git.http.name`: "Forgejo" - PASS
+   - `kuma.git.http.url`: "http://forgejo:3000" - PASS
+
+3. **Caddy labels on exposed services:**  
+   - `caddy`: "git.netgrimoire.com" - PASS
+   - `caddy.reverse_proxy`: "forgejo:3000" - PASS
+
+4. **Placement constraints:**  
+   - `node.hostname == znas` - PASS
+
+5. **Volumes use /DockerVol/<service> path convention:**  
+   - `/DockerVol/forgejo:/data` - PASS
+   - `/etc/timezone:/etc/timezone:ro` - FAIL
+     - **Issue**: Volume should follow the path convention `/DockerVol/<service>`.
+     - **Fix**: Change to `/DockerVol/timezone:/etc/timezone:ro`
+   - `/etc/localtime:/etc/localtime:ro` - FAIL
+     - **Issue**: Volume should follow the path convention `/DockerVol/<service>`.
+     - **Fix**: Change to `/DockerVol/localtime:/etc/localtime:ro`
+
+6. **Network references external netgrimoire overlay:**  
+   - `netgrimoire`: PASS
+
+**VERDICT: FAIL**