From faf95ea216f5007afbbd7f6eb6acd82f099ddbe9 Mon Sep 17 00:00:00 2001 From: traveler Date: Thu, 2 Apr 2026 21:47:44 -0500 Subject: [PATCH] audit(gremlin): dozzle FAIL 2026-04-03 --- Netgrimoire/Audits/dozzle-2026-04-03.md | 47 +++++++++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 Netgrimoire/Audits/dozzle-2026-04-03.md diff --git a/Netgrimoire/Audits/dozzle-2026-04-03.md b/Netgrimoire/Audits/dozzle-2026-04-03.md new file mode 100644 index 0000000..23d2f4b --- /dev/null +++ b/Netgrimoire/Audits/dozzle-2026-04-03.md @@ -0,0 +1,47 @@ +--- +title: Audit - dozzle.yaml +description: Gremlin audit report 2026-04-03 +published: true +date: 2026-04-03T02:47:44.863Z +tags: gremlin,audit +editor: markdown +dateCreated: 2026-04-03T02:47:44.863Z +--- + +# Audit Report — dozzle.yaml + +**Date:** 2026-04-03 +**File:** swarm/dozzle.yaml +**Type:** Docker Swarm +**Verdict:** FAIL + +--- + +1. **Homepage labels**: + - **PASS**: homepage.group=Management + - **PASS**: homepage.name=Dozzle + - **FAIL**: homepage.icon is missing. + - **PASS**: homepage.href=http://dozzle.netgrimoire.com + - **PASS**: homepage.description=Docker logs + +2. **Uptime Kuma labels**: + - No Uptime Kuma service found in the configuration. + +3. **Caddy labels on exposed services**: + - No Caddy services found in the configuration. + +4. **Placement constraints**: + - No placement constraints defined. + +5. **Volumes use /DockerVol/ path convention**: + - **FAIL**: Volumes should follow the /DockerVol/dozzle path convention, but they are set to /var/run/docker.sock. + +6. **Network references external netgrimoire overlay**: + - **PASS**: Network dozzle references an external netgrimoire overlay. + +**VERDICT: FAIL** + +Reasons for failure: +- Missing homepage.icon. +- Volumes are not using the recommended path convention. +- The /var/run/docker.sock volume is exposed directly, which might pose security risks. \ No newline at end of file