audit(gremlin): library FAIL 2026-04-13

Netgrimoire/Audits/library-2026-04-13.md

@@ -0,0 +1,41 @@
+---
+title: Audit - library.yaml
+description: Gremlin audit report 2026-04-13
+published: true
+date: 2026-04-13T11:20:51.190Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-04-13T11:20:51.190Z
+---
+
+# Audit Report — library.yaml
+
+**Date:** 2026-04-13  
+**File:** swarm/library.yaml  
+**Type:** Docker Swarm  
+**Verdict:** FAIL
+
+---
+
+**1. Homepage labels**
+   - **PASS**: homepage.group, homepage.name, homepage.icon, homepage.href, homepage.description
+
+**2. Uptime Kuma labels**
+   - **FAIL**: The label `kuma.calibre1.http.name` should follow the pattern `kuma.<n>.http.name`. Current usage is not compliant.
+     - **Fix**: Replace `kuma.calibre1.http.name="Calibre-Netgrimoire"` with `kuma.0.http.name="Calibre-Netgrimoire"`.
+
+**3. Caddy labels on exposed services**
+   - **PASS**: caddy=books.netgrimoire.com, caddy.reverse_proxy
+
+**4. Placement constraints**
+   - **FAIL**: The constraint is using `node.labels.general == true`, which might not be appropriate. Ensure it aligns with your infrastructure's labeling scheme.
+     - **Fix**: Verify the label key and value used in `constraints`.
+
+**5. Volumes use /DockerVol/<service> path convention**
+   - **FAIL**: The volumes are not using the `/DockerVol/<service>` format. They should be standardized for consistency.
+     - **Fix**: Rename the volume paths to match the `/DockerVol/<service>` pattern, e.g., `/DockerVol/Calibre-Netgrimoire/Config` and `/DockerVol/Calibre-Netgrimoire/Data`.
+
+**6. Network references external netgrimoire overlay**
+   - **PASS**: The network `netgrimoire` is correctly referenced as an external network.
+
+**VERDICT: FAIL**