audit(gremlin): dozzle FAIL 2026-04-03

Netgrimoire/Audits/dozzle-2026-04-03.md

@@ -0,0 +1,47 @@
+---
+title: Audit - dozzle.yaml
+description: Gremlin audit report 2026-04-03
+published: true
+date: 2026-04-03T02:47:44.863Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-04-03T02:47:44.863Z
+---
+
+# Audit Report — dozzle.yaml
+
+**Date:** 2026-04-03  
+**File:** swarm/dozzle.yaml  
+**Type:** Docker Swarm  
+**Verdict:** FAIL
+
+---
+
+1. **Homepage labels**:
+   - **PASS**: homepage.group=Management
+   - **PASS**: homepage.name=Dozzle
+   - **FAIL**: homepage.icon is missing.
+   - **PASS**: homepage.href=http://dozzle.netgrimoire.com
+   - **PASS**: homepage.description=Docker logs
+
+2. **Uptime Kuma labels**:
+   - No Uptime Kuma service found in the configuration.
+
+3. **Caddy labels on exposed services**:
+   - No Caddy services found in the configuration.
+
+4. **Placement constraints**:
+   - No placement constraints defined.
+
+5. **Volumes use /DockerVol/<service> path convention**:
+   - **FAIL**: Volumes should follow the /DockerVol/dozzle path convention, but they are set to /var/run/docker.sock.
+
+6. **Network references external netgrimoire overlay**:
+   - **PASS**: Network dozzle references an external netgrimoire overlay.
+
+**VERDICT: FAIL**
+
+Reasons for failure:
+- Missing homepage.icon.
+- Volumes are not using the recommended path convention.
+- The /var/run/docker.sock volume is exposed directly, which might pose security risks.