audit(gremlin): firefox FAIL 2026-05-04

Netgrimoire/Audits/firefox-2026-05-04.md

@@ -0,0 +1,43 @@
+---
+title: Audit - firefox.yaml
+description: Gremlin audit report 2026-05-04
+published: true
+date: 2026-05-04T11:12:44.285Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-05-04T11:12:44.285Z
+---
+
+# Audit Report — firefox.yaml
+
+**Date:** 2026-05-04  
+**File:** swarm/firefox.yaml  
+**Type:** Docker Swarm  
+**Verdict:** FAIL
+
+---
+
+**1. Homepage labels:** PASS  
+Labels include `homepage.group`, `homepage.name`, `homepage.icon`, `homepage.href`, and `homepage.description`.
+
+**2. Uptime Kuma labels:** FAIL  
+There are no labels related to Uptime Kuma in this file.
+
+**3. Caddy labels on exposed services:** PASS  
+Caddy labels correctly set: `caddy=firefox.netgrimoire.com` and `caddy.reverse_proxy=firefox:5800`.
+
+**4. Placement constraints:** FAIL  
+The placement constraint is incorrectly using `node.platform.arch`. It should use `node.labels.arch != arm` and `node.labels.arch != aarch64`.
+
+**5. Volumes use /DockerVol/<service> path convention:** FAIL  
+Volumes are set to `/data/nfs/znas/Docker/firefox:/config:rw`, which does not follow the `/DockerVol/<service>` path convention.
+
+**6. Network references external netgrimoire overlay:** PASS  
+The network `netgrimoire` is correctly referenced as an external network.
+
+**VERDICT: FAIL**
+
+Fixes required:
+1. Update placement constraints to use correct labels.
+2. Move volumes to follow the `/DockerVol/<service>` path convention.
+3. Add Uptime Kuma labels if needed.