From fdf260902821361187f9996ee970ee20a0296282 Mon Sep 17 00:00:00 2001
From: traveler <traveler@wasted-bandwidth.net>
Date: Mon, 27 Apr 2026 06:19:18 -0500
Subject: [PATCH] audit(gremlin): kopia FAIL 2026-04-27

---
 Netgrimoire/Audits/kopia-2026-04-27.md | 43 ++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)
 create mode 100644 Netgrimoire/Audits/kopia-2026-04-27.md

diff --git a/Netgrimoire/Audits/kopia-2026-04-27.md b/Netgrimoire/Audits/kopia-2026-04-27.md
new file mode 100644
index 0000000..b9ce4f3
--- /dev/null
+++ b/Netgrimoire/Audits/kopia-2026-04-27.md
@@ -0,0 +1,43 @@
+---
+title: Audit - kopia.yaml
+description: Gremlin audit report 2026-04-27
+published: true
+date: 2026-04-27T11:19:18.771Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-04-27T11:19:18.771Z
+---
+
+# Audit Report — kopia.yaml
+
+**Date:** 2026-04-27  
+**File:** swarm/kopia.yaml  
+**Type:** Docker Swarm  
+**Verdict:** FAIL
+
+---
+
+**SWARM AUDIT RESULTS**
+
+1. **Homepage labels**: 
+   - **PASS**: homepage.group, homepage.name, homepage.icon, homepage.href, homepage.description are all correctly configured.
+
+2. **Uptime Kuma labels**:
+   - **PASS**: kuma.kopia.http.name and kuma.kopia.http.url are correctly set.
+
+3. **Caddy labels on exposed services**:
+   - **PASS**: caddy=kopia.netgrimoire.com and caddy.reverse_proxy are properly configured for the exposed service.
+
+4. **Placement constraints**:
+   - **FAIL**: The constraint `node.hostname == znas` should be reconsidered as it limits the service to a single node (znas). It may not be ideal if you want redundancy or failover capabilities.
+     **Fix**: Consider using more flexible placement constraints that ensure the service is scheduled on suitable nodes without being tied to a specific hostname.
+
+5. **Volumes use /DockerVol/<service> path convention**:
+   - **PASS**: All volumes follow the convention, e.g., `/DockerVol/kopia/config`, `/DockerVol/kopia/cache`, etc.
+
+6. **Network references external netgrimoire overlay**:
+   - **PASS**: The service is correctly referencing an external network named `netgrimoire`.
+
+**VERDICT: FAIL**
+
+The primary issue identified is the placement constraint that limits the service to a single node, which may hinder redundancy and failover capabilities.
\ No newline at end of file