From 8f0de38c36e221e8e8ce70f0acfa872313078404 Mon Sep 17 00:00:00 2001
From: traveler <traveler@wasted-bandwidth.net>
Date: Mon, 20 Apr 2026 06:37:42 -0500
Subject: [PATCH] audit(gremlin): tmm FAIL 2026-04-20

---
 Netgrimoire/Audits/tmm-2026-04-20.md | 65 ++++++++++++++++++++++++++++
 1 file changed, 65 insertions(+)
 create mode 100644 Netgrimoire/Audits/tmm-2026-04-20.md

diff --git a/Netgrimoire/Audits/tmm-2026-04-20.md b/Netgrimoire/Audits/tmm-2026-04-20.md
new file mode 100644
index 0000000..8a68feb
--- /dev/null
+++ b/Netgrimoire/Audits/tmm-2026-04-20.md
@@ -0,0 +1,65 @@
+---
+title: Audit - tmm.yaml
+description: Gremlin audit report 2026-04-20
+published: true
+date: 2026-04-20T11:37:42.787Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-04-20T11:37:42.787Z
+---
+
+# Audit Report — tmm.yaml
+
+**Date:** 2026-04-20  
+**File:** swarm/tmm.yaml  
+**Type:** Docker Swarm  
+**Verdict:** FAIL
+
+---
+
+### SWARM AUDIT RESULTS:
+
+1. **Homepage labels**:
+   - **PASS**: All required homepage labels are present (`homepage.group`, `homepage.name`, `homepage.icon`, `homepage.href`, `homepage.description`).
+
+2. **Uptime Kuma labels**:
+   - **FAIL**: The Uptime Kuma labels are missing.
+     - **Issue**: The `kuma.app.http.name` and `kuma.app.http.url` labels are not defined.
+     - **Fix**: Add the following labels under the `deploy` section:
+       ```yaml
+       kuma.app.http.name: "Tiny Media Manager"
+       kuma.app.http.url: "http://tinymediamanager_service:4000"
+       ```
+
+3. **Caddy labels on exposed services**:
+   - **PASS**: The Caddy labels are correctly defined.
+     ```yaml
+     caddy: "tmm.netgrimoire.com"
+     caddy.import: "authentik"
+     caddy.reverse_proxy: "tinymediamanager_service:4000"
+     ```
+
+4. **Placement constraints**:
+   - **FAIL**: The `node.hostname` constraint is missing.
+     - **Issue**: The `deploy` section does not include a placement constraint for node hostname.
+     - **Fix**: Add the following under the `deploy` section to constrain the service to a specific node:
+       ```yaml
+       placement:
+         constraints:
+           - node.hostname == <node_hostname>
+       ```
+
+5. **Volumes use /DockerVol/<service> path convention**:
+   - **FAIL**: The volume paths do not follow the `/DockerVol/<service>` convention.
+     - **Issue**: Volumes are mounted at `/data/nfs/Baxter/Docker/tinymediamanager` and `/data/nfs/Baxter`.
+     - **Fix**: Rename the volumes to use the `/DockerVol/<service>` path convention:
+       ```yaml
+       volumes:
+         - /DockerVol/tinymediamanager/config:/config:rw
+         - /DockerVol/tinymediamanager/media:/media:rw
+       ```
+
+6. **Network references external netgrimoire overlay**:
+   - **PASS**: The service references the external `netgrimoire` network.
+
+### VERDICT: FAIL
\ No newline at end of file