traveler/Netgrimoire
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

audit(gremlin): Calibre-web FAIL 2026-04-02

Browse source
This commit is contained in:
traveler 2026-04-01 22:25:20 -05:00
parent a2301ec16f
commit 9500ddc96b
1 changed files with 24 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

51
Netgrimoire/Audits/Calibre-web-2026-04-02.md
View file

@ -2,10 +2,10 @@
title: Audit - Calibre-web.yaml
description: Gremlin audit report 2026-04-02
published: true
date: 2026-04-02T03:07:32.220Z
date: 2026-04-02T03:25:20.427Z
tags: gremlin,audit
editor: markdown
dateCreated: 2026-04-02T03:07:32.220Z
dateCreated: 2026-04-02T03:25:20.427Z
---
# Audit Report — Calibre-web.yaml
@ -13,38 +13,35 @@ dateCreated: 2026-04-02T03:07:32.220Z
**Date:** 2026-04-02
**File:** swarm/Calibre-web.yaml
**Type:** Docker Swarm
**Verdict:** PASS
**Verdict:** FAIL
---
**SWARM AUDIT**
1. Homepage labels:
- homepage.group: "PNCHarris Apps" (PASS)
- homepage.name: "Family Library" (PASS)
- homepage.icon: "calibre-web.png" (PASS)
- homepage.href: "https://books.netgrimoire.com" (PASS)
- homepage.description: "Calibre-Web Automated" (PASS)
1. **Homepage labels**:
- `homepage.group`: PNCHarris Apps (PASS)
- `homepage.name`: Family Library (PASS)
- `homepage.icon`: calibre-web.png (PASS)
- `homepage.href`: https://books.netgrimoire.com (PASS)
- `homepage.description`: Calibre-Web Automated (PASS)
2. Uptime Kuma labels:
- kuma.cwa.http.name: "Calibre-Web Automated" (PASS)
- kuma.cwa.http.url: "http://calibre-web-automated:8083" (PASS)
2. **Uptime Kuma labels**:
- `kuma.cwa.http.name`: Calibre-Web Automated (PASS)
- `kuma.cwa.http.url`: http://calibre-web-automated:8083 (PASS)
3. Caddy labels on exposed services:
- caddy=books.netgrimoire.com , books.pncharris.com (PASS)
- caddy.reverse_proxy: calibre-web-automated:8083 (PASS)
3. **Caddy labels on exposed services**:
- `caddy`: books.netgrimoire.com, books.pncharris.com (PASS)
- `caddy.reverse_proxy`: calibre-web-automated:8083 (PASS)
4. Placement constraints:
- node.hostname == znas (PASS)
4. **Placement constraints**:
- `node.hostname == znas` (PASS)
5. Volumes use /DockerVol/<service> path convention:
- /DockerVol/Calibre-web/Config:/config (PASS)
- /data/nfs/znas/Data/media/books/library/Netgrimoire:/calibre-library:shared (FAIL, should not be mounted to host directly; instead, use a volume or bind mount within Docker)
5. **Volumes use /DockerVol/<service> path convention**:
- `/DockerVol/Calibre-web/Config:/config` (PASS)
- `/calibre-library:shared` (FAIL) - Volume should be mounted under the `/DockerVol` directory for consistency.
6. Network references external netgrimoire overlay:
- netgrimoire (PASS)
6. **Network references external netgrimoire overlay**:
- `netgrimoire`: External network reference is correct (PASS)
**VERDICT: FAIL**
**Fixes**:
- Change volume mapping to follow the `/DockerVol/<service>` convention: `- /DockerVol/calibre-library:/calibre-library:shared`
**VERDICT**: FAIL
The issue with the Volumes use /DockerVol/<service> path convention needs to be addressed as it poses security risks and limits portability of the infrastructure. All volumes should be managed within Docker or using bind mounts inside the container, not directly on the host.