audit(gremlin): library FAIL 2026-05-04

Netgrimoire/Audits/library-2026-05-04.md

@@ -0,0 +1,51 @@
+---
+title: Audit - library.yaml
+description: Gremlin audit report 2026-05-04
+published: true
+date: 2026-05-04T11:22:00.319Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-05-04T11:22:00.319Z
+---
+
+# Audit Report — library.yaml
+
+**Date:** 2026-05-04  
+**File:** swarm/library.yaml  
+**Type:** Docker Swarm  
+**Verdict:** FAIL
+
+---
+
+**Audit Results:**
+
+1. **Homepage labels**: 
+   - `homepage.group`, `homepage.name`, `homepage.icon`, `homepage.href`, and `homepage.description` are all present.
+   - **PASS**
+
+2. **Uptime Kuma labels**:
+   - `kuma.calibre1.http.name` and `kuma.calibre1.http.url` are correctly set.
+   - **PASS**
+
+3. **Caddy labels on exposed services**:
+   - `caddy=books.netgrimoire.com` is present but lacks a domain name resolution check.
+     - **FAIL**: Caddy label should include a valid domain name instead of just `books.netgrimoire.com`.
+     - **Fix**: Ensure the domain is resolvable and update accordingly.
+   - `caddy.reverse_proxy="{{upstreams 8083}}"` is present and correctly configured.
+     - **PASS**
+
+4. **Placement constraints**:
+   - `node.labels.general == true` is set but no explicit node label check.
+     - **FAIL**: Ensure a node with the label `general=true` exists in the swarm.
+     - **Fix**: Label at least one node with `general=true`.
+
+5. **Volumes use /DockerVol/<service> path convention**:
+   - `/data/nfs/Baxter/Docker/Calibre-netgrimoire/Config` and `/data/nfs/Baxter/Data` do not follow the `/DockerVol/<service>` convention.
+     - **FAIL**: Volumes should be placed in a Docker-specific directory following the convention.
+     - **Fix**: Move volumes to a path like `/DockerVol/Calibre-Netgrimoire/config` and `/DockerVol/Calibre-Netgrimoire/data`.
+
+6. **Network references external netgrimoire overlay**:
+   - `netgrimoire` network is correctly referenced as an external network.
+     - **PASS**
+
+**VERDICT: FAIL**