traveler/Netgrimoire
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

audit(gremlin): Calibre-web FAIL 2026-04-02

Browse source
This commit is contained in:
traveler 2026-04-01 22:25:20 -05:00
parent a2301ec16f
commit 9500ddc96b
1 changed files with 24 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

51
Netgrimoire/Audits/Calibre-web-2026-04-02.md
View file

@ -2,10 +2,10 @@
title: Audit - Calibre-web.yaml title: Audit - Calibre-web.yaml
description: Gremlin audit report 2026-04-02 description: Gremlin audit report 2026-04-02
published: true published: true
date: 2026-04-02T03:07:32.220Z date: 2026-04-02T03:25:20.427Z
tags: gremlin,audit tags: gremlin,audit
editor: markdown editor: markdown
dateCreated: 2026-04-02T03:07:32.220Z dateCreated: 2026-04-02T03:25:20.427Z
--- ---
# Audit Report — Calibre-web.yaml # Audit Report — Calibre-web.yaml
@ -13,38 +13,35 @@ dateCreated: 2026-04-02T03:07:32.220Z
**Date:** 2026-04-02 **Date:** 2026-04-02
**File:** swarm/Calibre-web.yaml **File:** swarm/Calibre-web.yaml
**Type:** Docker Swarm **Type:** Docker Swarm
**Verdict:** PASS **Verdict:** FAIL
--- ---
**SWARM AUDIT** 1. Homepage labels:
- homepage.group: "PNCHarris Apps" (PASS)
- homepage.name: "Family Library" (PASS)
- homepage.icon: "calibre-web.png" (PASS)
- homepage.href: "https://books.netgrimoire.com" (PASS)
- homepage.description: "Calibre-Web Automated" (PASS)
1. **Homepage labels**: 2. Uptime Kuma labels:
- `homepage.group`: PNCHarris Apps (PASS) - kuma.cwa.http.name: "Calibre-Web Automated" (PASS)
- `homepage.name`: Family Library (PASS) - kuma.cwa.http.url: "http://calibre-web-automated:8083" (PASS)
- `homepage.icon`: calibre-web.png (PASS)
- `homepage.href`: https://books.netgrimoire.com (PASS)
- `homepage.description`: Calibre-Web Automated (PASS)
2. **Uptime Kuma labels**: 3. Caddy labels on exposed services:
- `kuma.cwa.http.name`: Calibre-Web Automated (PASS) - caddy=books.netgrimoire.com , books.pncharris.com (PASS)
- `kuma.cwa.http.url`: http://calibre-web-automated:8083 (PASS) - caddy.reverse_proxy: calibre-web-automated:8083 (PASS)
3. **Caddy labels on exposed services**: 4. Placement constraints:
- `caddy`: books.netgrimoire.com, books.pncharris.com (PASS) - node.hostname == znas (PASS)
- `caddy.reverse_proxy`: calibre-web-automated:8083 (PASS)
4. **Placement constraints**: 5. Volumes use /DockerVol/<service> path convention:
- `node.hostname == znas` (PASS) - /DockerVol/Calibre-web/Config:/config (PASS)
- /data/nfs/znas/Data/media/books/library/Netgrimoire:/calibre-library:shared (FAIL, should not be mounted to host directly; instead, use a volume or bind mount within Docker)
5. **Volumes use /DockerVol/<service> path convention**: 6. Network references external netgrimoire overlay:
- `/DockerVol/Calibre-web/Config:/config` (PASS) - netgrimoire (PASS)
- `/calibre-library:shared` (FAIL) - Volume should be mounted under the `/DockerVol` directory for consistency.
6. **Network references external netgrimoire overlay**: **VERDICT: FAIL**
- `netgrimoire`: External network reference is correct (PASS)
**Fixes**: The issue with the Volumes use /DockerVol/<service> path convention needs to be addressed as it poses security risks and limits portability of the infrastructure. All volumes should be managed within Docker or using bind mounts inside the container, not directly on the host.
- Change volume mapping to follow the `/DockerVol/<service>` convention: `- /DockerVol/calibre-library:/calibre-library:shared`
**VERDICT**: FAIL