audit(gremlin): diun FAIL 2026-04-20

Netgrimoire/Audits/diun-2026-04-20.md

@@ -0,0 +1,62 @@
+---
+title: Audit - diun.yaml
+description: Gremlin audit report 2026-04-20
+published: true
+date: 2026-04-20T11:09:24.223Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-04-20T11:09:24.223Z
+---
+
+# Audit Report — diun.yaml
+
+**Date:** 2026-04-20  
+**File:** swarm/diun.yaml  
+**Type:** Docker Swarm  
+**Verdict:** FAIL
+
+---
+
+### Audit Results:
+
+1. **Homepage labels**:
+   - `homepage.group`: Missing.
+   - `homepage.name`: Missing.
+   - `homepage.icon`: Missing.
+   - `homepage.href`: Missing.
+   - `homepage.description`: Missing.
+
+2. **Uptime Kuma labels**:
+   - No Uptime Kuma service defined in the provided YAML.
+
+3. **Caddy labels on exposed services**:
+   - No Caddy service or label found in the provided YAML.
+
+4. **Placement constraints**:
+   - The constraint `node.hostname` is missing from the placement section.
+
+5. **Volumes use /DockerVol/<service> path convention**:
+   - `/var/run/docker.sock` does not follow the `/DockerVol/` path convention.
+   - `/data/nfs/znas/Docker/diun` follows the `/DockerVol/` path convention.
+
+6. **Network references external netgrimoire overlay**:
+   - The `netgrimoire` network is correctly referenced as external.
+
+### Fix Recommendations:
+
+1. **Homepage labels**:
+   - Add homepage labels to provide metadata about the service.
+
+2. **Uptime Kuma labels**:
+   - Define a Uptime Kuma service and add appropriate labels for monitoring.
+
+3. **Caddy labels on exposed services**:
+   - If using Caddy, define it as an external service with reverse proxy configuration.
+
+4. **Placement constraints**:
+   - Add the missing constraint `node.hostname` to ensure correct node placement.
+
+5. **Volumes use /DockerVol/<service> path convention**:
+   - Update `/var/run/docker.sock` to follow the `/DockerVol/` path convention, e.g., `/DockerVol/diun/docker.sock`.
+
+### VERDICT: FAIL