audit(gremlin): SQL-mgmt FAIL 2026-04-03

Netgrimoire/Audits/SQL-mgmt-2026-04-03.md

@@ -2,10 +2,10 @@
 title: Audit - SQL-mgmt.yaml
 description: Gremlin audit report 2026-04-03
 published: true
-date: 2026-04-03T01:35:35.874Z
+date: 2026-04-03T01:45:33.627Z
 tags: gremlin,audit
 editor: markdown
-dateCreated: 2026-04-03T01:35:35.874Z
+dateCreated: 2026-04-03T01:45:33.627Z
 ---
 
 # Audit Report — SQL-mgmt.yaml
@@ -17,42 +17,58 @@ dateCreated: 2026-04-03T01:35:35.874Z
 
 ---
 
-### Audit Results
+### SWARM AUDIT CHECKS
 
-1. **Homepage labels**:
+1. **Homepage Labels**:
-   - `homepage.group`, `homepage.name`, `homepage.icon`, `homepage.href`, `homepage.description` are present in both services.
+   - `phpmyadmin`: PASS
-   - **PASS**
+   - `phppgadmin`: PASS
 
-2. **Uptime Kuma labels**:
+2. **Uptime Kuma Labels**:
-   - `kuma.msql.http.name`, `kuma.msql.http.url` for PHPMyadmin and `kuma.mealie.http.url` for PHPPGmyadmin are missing.
+   - `phpmyadmin` does not have any Kuma labels.
-   - **FAIL**: Add the following labels to both services:
+     - **FAIL**: Add the following labels to ensure consistency:
+       ```yaml
+       kuma.msql.http.name="PHPMyadmin"
+       kuma.msql.http.url=http://phpmyadmin:80
+       ```
+   - `phppgadmin`: PASS
+
+3. **Caddy Labels on Exposed Services**:
+   - Both services have the following Caddy labels:
      ```yaml
-     labels:
+     caddy=phpmyadmin.netgrimoire.com
-       - kuma.msql.http.name="PHPMyadmin"
+     caddy.reverse_proxy="{{upstreams 80}}"
-       - kuma.msql.http.url=http://phpmyadmin:80
+     caddy.import=authentik
-       - kuma.mealie.http.url=http://phppgmyadmin:80
      ```
+   - `phpmyadmin`: PASS
+   - `phppgadmin`: PASS
 
-3. **Caddy labels on exposed services**:
+4. **Placement Constraints**:
-   - `caddy=phpmyadmin.netgrimoire.com`, `caddy.reverse_proxy` are present for PHPMyadmin.
+   - No placement constraints are specified.
-   - `caddy=phppgmyadmin.netgrimoire.com`, `caddy.reverse_proxy` are present for PHPPGmyadmin.
+     - **FAIL**: Add a constraint to ensure services run on specific nodes if required.
-   - **PASS**
+       ```yaml
+       deploy:
+         resources:
+           limits:
+             cpus: '0.5'
+             memory: 512M
+         placement:
+           constraints:
+             - node.hostname == "node1"
+       ```
 
-4. **Placement constraints**:
+5. **Volumes Use `/DockerVol/<service>` Path Convention**:
-   - No placement constraints specified (`node.hostname`).
+   - No volumes are specified.
-   - **FAIL**: Add node placement constraints if necessary, e.g.,
+     - **FAIL**: Add volume configurations to ensure data persistence.
-     ```yaml
+       ```yaml
-     deploy:
+       deploy:
-       placement:
+         volumes:
-         constraints: [node.hostname==your-node-name]
+           - type: volume
-     ```
+             source: DockerVol/phpmyadmin
+             target: /var/www/html
+       ```
 
-5. **Volumes use /DockerVol/<service> path convention**:
+6. **Network References External `netgrimoire` Overlay**:
-   - No volumes are specified in the given YAML.
+   - Both services reference the external network.
-   - **PASS** (no action needed)
+     - **PASS**
-
-6. **Network references external netgrimoire overlay**:
-   - `networks: [netgrimoire]` is correctly set with `external: true`.
-   - **PASS**
 
 ### VERDICT: FAIL