diff --git a/Netgrimoire/Audits/portainer-agent-stack-2026-04-27.md b/Netgrimoire/Audits/portainer-agent-stack-2026-04-27.md new file mode 100644 index 0000000..d39312e --- /dev/null +++ b/Netgrimoire/Audits/portainer-agent-stack-2026-04-27.md @@ -0,0 +1,49 @@ +--- +title: Audit - portainer-agent-stack.yml +description: Gremlin audit report 2026-04-27 +published: true +date: 2026-04-27T11:31:02.057Z +tags: gremlin,audit +editor: markdown +dateCreated: 2026-04-27T11:31:02.057Z +--- + +# Audit Report — portainer-agent-stack.yml + +**Date:** 2026-04-27 +**File:** swarm/portainer-agent-stack.yml +**Type:** Docker Swarm +**Verdict:** FAIL + +--- + +**SWARM AUDIT** + +1. **Homepage labels: homepage.group, homepage.name, homepage.icon, homepage.href, homepage.description** + - **PASS**: All labels are present and correctly formatted. + +2. **Uptime Kuma labels: kuma..http.name, kuma..http.url** + - **FAIL**: There are no Uptime Kuma labels defined in the file. + - **FIX**: Add the necessary labels as per your requirement. + +3. **Caddy labels on exposed services: caddy=, caddy.reverse_proxy** + - **PASS**: The `caddy` and `caddy.reverse_proxy` labels are present for the Portainer service. + +4. **Placement constraints: node.hostname** + - **FAIL**: The placement constraint is commented out. + - **FIX**: Uncomment the line to ensure that the portainer service is placed on a specific node, e.g., + ```yaml + placement: + constraints: + - node.hostname == znas + ``` + +5. **Volumes use /DockerVol/ path convention** + - **PASS**: The volumes are correctly using the `/DockerVol/portainer` path. + +6. **Network references external netgrimoire overlay** + - **PASS**: The network `netgrimoire` is referenced correctly and is marked as external. + +**VERDICT: FAIL** + +The audit has identified two critical issues that need to be addressed before the Swarm stack can be considered fully compliant with the guidelines provided. \ No newline at end of file