From db77f648b62083bc91e395e5988b349da0097bbd Mon Sep 17 00:00:00 2001
From: traveler <traveler@wasted-bandwidth.net>
Date: Mon, 13 Apr 2026 06:31:08 -0500
Subject: [PATCH] audit(gremlin): portainer-agent-stack FAIL 2026-04-13

---
 .../portainer-agent-stack-2026-04-13.md       | 44 +++++++++++++++++++
 1 file changed, 44 insertions(+)
 create mode 100644 Netgrimoire/Audits/portainer-agent-stack-2026-04-13.md

diff --git a/Netgrimoire/Audits/portainer-agent-stack-2026-04-13.md b/Netgrimoire/Audits/portainer-agent-stack-2026-04-13.md
new file mode 100644
index 0000000..12d34e5
--- /dev/null
+++ b/Netgrimoire/Audits/portainer-agent-stack-2026-04-13.md
@@ -0,0 +1,44 @@
+---
+title: Audit - portainer-agent-stack.yml
+description: Gremlin audit report 2026-04-13
+published: true
+date: 2026-04-13T11:31:08.685Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-04-13T11:31:08.685Z
+---
+
+# Audit Report — portainer-agent-stack.yml
+
+**Date:** 2026-04-13  
+**File:** swarm/portainer-agent-stack.yml  
+**Type:** Docker Swarm  
+**Verdict:** FAIL
+
+---
+
+**Audit Results:**
+
+1. **Homepage labels: homepage.group, homepage.name, homepage.icon, homepage.href, homepage.description**
+   - **PASS**: All required labels are present and configured.
+
+2. **Uptime Kuma labels: kuma.<n>.http.name, kuma.<n>.http.url**
+   - **FAIL**: No Uptime Kuma labels found in the configuration.
+     - **Fix**: Add Uptime Kuma labels under the `deploy` section of the `portainer` service.
+
+3. **Caddy labels on exposed services: caddy=<domain>, caddy.reverse_proxy**
+   - **PASS**: Caddy labels are present and correctly configured for exposing the Portainer service.
+
+4. **Placement constraints: node.hostname**
+   - **FAIL**: A placement constraint is commented out (`#    constraints: [node.platform.os == linux]`).
+     - **Fix**: Uncomment and modify the constraint if necessary, or remove it if not needed.
+   - **PASS**: An explicit hostname constraint is used for the `portainer` service (`constraints: - node.hostname == znas`).
+
+5. **Volumes use /DockerVol/<service> path convention**
+   - **FAIL**: The volume path `/DockerVol/portainer:/data` does not follow the expected pattern.
+     - **Fix**: Change the volume path to `/DockerVol/portainer/data`.
+
+6. **Network references external netgrimoire overlay**
+   - **PASS**: The `netgrimoire` network is referenced correctly and marked as external.
+
+**VERDICT: FAIL**
\ No newline at end of file