From dc78fb5df0518f0915ff856fc13acdc65627305a Mon Sep 17 00:00:00 2001
From: traveler <traveler@wasted-bandwidth.net>
Date: Thu, 2 Apr 2026 20:49:46 -0500
Subject: [PATCH] audit(gremlin): beszel FAIL 2026-04-03

---
 Netgrimoire/Audits/beszel-2026-04-03.md | 51 ++++++++++++-------------
 1 file changed, 25 insertions(+), 26 deletions(-)

diff --git a/Netgrimoire/Audits/beszel-2026-04-03.md b/Netgrimoire/Audits/beszel-2026-04-03.md
index 5617e8e..479a6ca 100644
--- a/Netgrimoire/Audits/beszel-2026-04-03.md
+++ b/Netgrimoire/Audits/beszel-2026-04-03.md
@@ -2,10 +2,10 @@
 title: Audit - beszel.yaml
 description: Gremlin audit report 2026-04-03
 published: true
-date: 2026-04-03T01:40:22.839Z
+date: 2026-04-03T01:49:45.885Z
 tags: gremlin,audit
 editor: markdown
-dateCreated: 2026-04-03T01:40:22.839Z
+dateCreated: 2026-04-03T01:49:45.885Z
 ---
 
 # Audit Report — beszel.yaml
@@ -17,34 +17,33 @@ dateCreated: 2026-04-03T01:40:22.839Z
 
 ---
 
-### Audit Report for `swarm/beszel.yaml`
+**SWARM AUDIT RESULTS**
 
-1. **Homepage Labels**:
-   - `homepage.group`: **PASS**
-   - `homepage.name`: **PASS**
-   - `homepage.icon`: **PASS**
-   - `homepage.href`: **PASS**
-   - `homepage.description`: **PASS**
+1. **Homepage labels**:  
+   - `homepage.group`: Monitoring (PASS)
+   - `homepage.name`: Beszel (PASS)
+   - `homepage.icon`: beszel.png (PASS)
+   - `homepage.href`: https://beszel.netgrimoire.com (PASS)
+   - `homepage.description`: Beszel Service (PASS)
 
-2. **Uptime Kuma Labels**:
-   - `kuma.beszel.http.name`: **PASS**
-   - `kuma.beszel.http.url`: **PASS**
+2. **Uptime Kuma labels**:  
+   - Not applicable as there are no Uptime Kuma services deployed in this configuration (PASS)
 
-3. **Caddy Labels on Exposed Services**:
-   - `caddy=beszel.netgrimoire.com`: **PASS**
-   - `caddy.reverse_proxy={{upstreams 8090}}`: **PASS**
+3. **Caddy labels on exposed services**:  
+   - `caddy=beszel.netgrimoire.com` (PASS)
+   - `caddy.reverse_proxy="{{upstreams 8090}}"` (PASS)
 
-4. **Placement Constraints**:
-   - `node.labels.general == true`: **FAIL**
-     - **Issue**: The placement constraint refers to a node label (`general`) that is not explicitly defined in the constraints section.
-     - **Fix**: Define a specific label on nodes or correct the label name if it should be another predefined one.
+4. **Placement constraints**:  
+   - The constraint `node.labels.general == true` should be `node.role == 'manager'` for better security and control (FAIL). Update the placement block accordingly.
 
-5. **Volumes Use /DockerVol/<service> Path Convention**:
-   - `/data/nfs/znas/Docker/beszel:/beszel_data`: **FAIL**
-     - **Issue**: The volume path does not follow the expected convention (`/DockerVol/<service>`).
-     - **Fix**: Change the volume path to use the standard convention, e.g., `/DockerVol/beszel:/beszel_data`.
+5. **Volumes use /DockerVol/<service> path convention**:  
+   - `/data/nfs/znas/Docker/beszel:/beszel_data` does not follow the `/DockerVol/<service>` path convention (FAIL). Rename the volume to `/DockerVol/beszel`.
 
-6. **Network References External Netgrimoire Overlay**:
-   - `netgrimoire`: **PASS**
+6. **Network references external netgrimoire overlay**:  
+   - The `netgrimoire` network is correctly referenced as an external network (PASS)
 
-### VERDICT: FAIL
\ No newline at end of file
+**VERDICT: FAIL**
+
+Fixes required:
+1. Update placement constraint to `node.role == 'manager'`.
+2. Rename the volume to `/DockerVol/beszel`.
\ No newline at end of file