From 94bac36624445d0b6a39d4525710890cb4bae2c1 Mon Sep 17 00:00:00 2001 From: traveler Date: Thu, 2 Apr 2026 20:45:33 -0500 Subject: [PATCH] audit(gremlin): SQL-mgmt FAIL 2026-04-03 --- Netgrimoire/Audits/SQL-mgmt-2026-04-03.md | 80 ++++++++++++++--------- 1 file changed, 48 insertions(+), 32 deletions(-) diff --git a/Netgrimoire/Audits/SQL-mgmt-2026-04-03.md b/Netgrimoire/Audits/SQL-mgmt-2026-04-03.md index a6a8dad..5176c26 100644 --- a/Netgrimoire/Audits/SQL-mgmt-2026-04-03.md +++ b/Netgrimoire/Audits/SQL-mgmt-2026-04-03.md @@ -2,10 +2,10 @@ title: Audit - SQL-mgmt.yaml description: Gremlin audit report 2026-04-03 published: true -date: 2026-04-03T01:35:35.874Z +date: 2026-04-03T01:45:33.627Z tags: gremlin,audit editor: markdown -dateCreated: 2026-04-03T01:35:35.874Z +dateCreated: 2026-04-03T01:45:33.627Z --- # Audit Report — SQL-mgmt.yaml @@ -17,42 +17,58 @@ dateCreated: 2026-04-03T01:35:35.874Z --- -### Audit Results +### SWARM AUDIT CHECKS -1. **Homepage labels**: - - `homepage.group`, `homepage.name`, `homepage.icon`, `homepage.href`, `homepage.description` are present in both services. - - **PASS** +1. **Homepage Labels**: + - `phpmyadmin`: PASS + - `phppgadmin`: PASS -2. **Uptime Kuma labels**: - - `kuma.msql.http.name`, `kuma.msql.http.url` for PHPMyadmin and `kuma.mealie.http.url` for PHPPGmyadmin are missing. - - **FAIL**: Add the following labels to both services: +2. **Uptime Kuma Labels**: + - `phpmyadmin` does not have any Kuma labels. + - **FAIL**: Add the following labels to ensure consistency: + ```yaml + kuma.msql.http.name="PHPMyadmin" + kuma.msql.http.url=http://phpmyadmin:80 + ``` + - `phppgadmin`: PASS + +3. **Caddy Labels on Exposed Services**: + - Both services have the following Caddy labels: ```yaml - labels: - - kuma.msql.http.name="PHPMyadmin" - - kuma.msql.http.url=http://phpmyadmin:80 - - kuma.mealie.http.url=http://phppgmyadmin:80 + caddy=phpmyadmin.netgrimoire.com + caddy.reverse_proxy="{{upstreams 80}}" + caddy.import=authentik ``` + - `phpmyadmin`: PASS + - `phppgadmin`: PASS -3. **Caddy labels on exposed services**: - - `caddy=phpmyadmin.netgrimoire.com`, `caddy.reverse_proxy` are present for PHPMyadmin. - - `caddy=phppgmyadmin.netgrimoire.com`, `caddy.reverse_proxy` are present for PHPPGmyadmin. - - **PASS** +4. **Placement Constraints**: + - No placement constraints are specified. + - **FAIL**: Add a constraint to ensure services run on specific nodes if required. + ```yaml + deploy: + resources: + limits: + cpus: '0.5' + memory: 512M + placement: + constraints: + - node.hostname == "node1" + ``` -4. **Placement constraints**: - - No placement constraints specified (`node.hostname`). - - **FAIL**: Add node placement constraints if necessary, e.g., - ```yaml - deploy: - placement: - constraints: [node.hostname==your-node-name] - ``` +5. **Volumes Use `/DockerVol/` Path Convention**: + - No volumes are specified. + - **FAIL**: Add volume configurations to ensure data persistence. + ```yaml + deploy: + volumes: + - type: volume + source: DockerVol/phpmyadmin + target: /var/www/html + ``` -5. **Volumes use /DockerVol/ path convention**: - - No volumes are specified in the given YAML. - - **PASS** (no action needed) - -6. **Network references external netgrimoire overlay**: - - `networks: [netgrimoire]` is correctly set with `external: true`. - - **PASS** +6. **Network References External `netgrimoire` Overlay**: + - Both services reference the external network. + - **PASS** ### VERDICT: FAIL \ No newline at end of file