From f1b494638db806dae6b68f0964c5911b3e23b2a1 Mon Sep 17 00:00:00 2001 From: traveler Date: Mon, 27 Apr 2026 06:38:30 -0500 Subject: [PATCH] audit(gremlin): vault PASS 2026-04-27 --- Netgrimoire/Audits/vault-2026-04-27.md | 49 ++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 Netgrimoire/Audits/vault-2026-04-27.md diff --git a/Netgrimoire/Audits/vault-2026-04-27.md b/Netgrimoire/Audits/vault-2026-04-27.md new file mode 100644 index 0000000..87cd9b7 --- /dev/null +++ b/Netgrimoire/Audits/vault-2026-04-27.md @@ -0,0 +1,49 @@ +--- +title: Audit - vault.yaml +description: Gremlin audit report 2026-04-27 +published: true +date: 2026-04-27T11:38:30.820Z +tags: gremlin,audit +editor: markdown +dateCreated: 2026-04-27T11:38:30.820Z +--- + +# Audit Report — vault.yaml + +**Date:** 2026-04-27 +**File:** swarm/vault.yaml +**Type:** Docker Swarm +**Verdict:** PASS + +--- + +### Audit Results + +1. **Homepage labels**: + - `homepage.group`: PASS (Backup) + - `homepage.name`: PASS (Vault) + - `homepage.icon`: PASS (kopia.png) + - `homepage.href`: PASS (https://vault.netgrimoire.com) + - `homepage.description`: PASS (Snapshot backup and deduplication) + +2. **Uptime Kuma labels**: + - `kuma.kopia.http.name`: PASS (Kopia Web) + - `kuma.kopia.http.url`: PASS (http://vault:51515) + +3. **Caddy labels on exposed services**: + - `caddy=vault.netgrimoire.com`: PASS + - `caddy.reverse_proxy=https://kopia-server-vault:51516`: PASS + +4. **Placement constraints**: + - `node.hostname == znas`: PASS (Vault service will only run on the node with hostname 'znas') + +5. **Volumes use /DockerVol/ path convention**: + - `/DockerVol/vault/config`: PASS + - `/DockerVol/vault/cache`: PASS + - `/DockerVol/vault/cert`: PASS + - `/DockerVol/vault/logs`: PASS + +6. **Network references external netgrimoire overlay**: + - `netgrimoire`: PASS (External network 'netgrimoire' is referenced correctly) + +### VERDICT: PASS \ No newline at end of file