audit(gremlin): mealie FAIL 2026-05-04
This commit is contained in:
parent
d119f402ba
commit
fd593a1240
1 changed files with 65 additions and 0 deletions
65
Netgrimoire/Audits/mealie-2026-05-04.md
Normal file
65
Netgrimoire/Audits/mealie-2026-05-04.md
Normal file
|
|
@ -0,0 +1,65 @@
|
||||||
|
---
|
||||||
|
title: Audit - mealie.yaml
|
||||||
|
description: Gremlin audit report 2026-05-04
|
||||||
|
published: true
|
||||||
|
date: 2026-05-04T11:26:48.394Z
|
||||||
|
tags: gremlin,audit
|
||||||
|
editor: markdown
|
||||||
|
dateCreated: 2026-05-04T11:26:48.394Z
|
||||||
|
---
|
||||||
|
|
||||||
|
# Audit Report — mealie.yaml
|
||||||
|
|
||||||
|
**Date:** 2026-05-04
|
||||||
|
**File:** swarm/mealie.yaml
|
||||||
|
**Type:** Docker Swarm
|
||||||
|
**Verdict:** FAIL
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
### SWARM AUDIT REPORT
|
||||||
|
|
||||||
|
1. **Homepage labels**:
|
||||||
|
- **PASS**: `homepage.group`: PNCHarris Apps, `homepage.name`: Mealie, `homepage.icon`: mealie.png, `homepage.href`: https://recipe.netgrimoire.com, `homepage.description`: Recipe Manager.
|
||||||
|
|
||||||
|
2. **Uptime Kuma labels**:
|
||||||
|
- **FAIL**: No Uptime Kuma service is present in the file. Add a Uptime Kuma service to include these labels.
|
||||||
|
```yaml
|
||||||
|
uptime_kuma:
|
||||||
|
image: lscr.io/linuxserver/uptime-kuma:latest
|
||||||
|
ports:
|
||||||
|
- "8081:80"
|
||||||
|
volumes:
|
||||||
|
- /DockerVol/uptime_kuma:/config
|
||||||
|
networks:
|
||||||
|
- netgrimoire
|
||||||
|
deploy:
|
||||||
|
placement:
|
||||||
|
constraints:
|
||||||
|
- node.hostname == docker4
|
||||||
|
labels:
|
||||||
|
kuma.1.http.name: uptime-kuma
|
||||||
|
kuma.1.http.url: http://localhost:8081
|
||||||
|
```
|
||||||
|
|
||||||
|
3. **Caddy labels on exposed services**:
|
||||||
|
- **PASS**: `caddy=recipe.netgrimoire.com`, `caddy.reverse_proxy`: recipe:9000.
|
||||||
|
|
||||||
|
4. **Placement constraints**:
|
||||||
|
- **FAIL**: The constraint `node.hostname == docker4` is overly restrictive and may not be available in all environments. Consider more flexible options like `node.role == manager`.
|
||||||
|
```yaml
|
||||||
|
deploy:
|
||||||
|
placement:
|
||||||
|
constraints:
|
||||||
|
- node.platform.arch != aarch64
|
||||||
|
- node.platform.arch != arm
|
||||||
|
- node.role == manager
|
||||||
|
```
|
||||||
|
|
||||||
|
5. **Volumes use /DockerVol/<service> path convention**:
|
||||||
|
- **PASS**: All volumes follow the `/DockerVol/mealie` path convention.
|
||||||
|
|
||||||
|
6. **Network references external netgrimoire overlay**:
|
||||||
|
- **PASS**: The `netgrimoire` network is correctly referenced as an external network.
|
||||||
|
|
||||||
|
### VERDICT: FAIL
|
||||||
Loading…
Add table
Add a link
Reference in a new issue