audit(gremlin): kopia FAIL 2026-04-27

2026-04-27 06:19:18 -05:00 · 2026-04-27 06:19:18 -05:00 · fdf2609028
commit fdf2609028
parent e517b8bfe0
1 changed files with 43 additions and 0 deletions
--- a/Netgrimoire/Audits/kopia-2026-04-27.md
+++ b/Netgrimoire/Audits/kopia-2026-04-27.md
@ -0,0 +1,43 @@
 ---
 title: Audit - kopia.yaml
 description: Gremlin audit report 2026-04-27
 published: true
 date: 2026-04-27T11:19:18.771Z
 tags: gremlin,audit
 editor: markdown
 dateCreated: 2026-04-27T11:19:18.771Z
 ---
 # Audit Report — kopia.yaml
 **Date:** 2026-04-27  
 **File:** swarm/kopia.yaml  
 **Type:** Docker Swarm  
 **Verdict:** FAIL
 ---
 **SWARM AUDIT RESULTS**
 1. **Homepage labels**: 
   - **PASS**: homepage.group, homepage.name, homepage.icon, homepage.href, homepage.description are all correctly configured.
 2. **Uptime Kuma labels**:
   - **PASS**: kuma.kopia.http.name and kuma.kopia.http.url are correctly set.
 3. **Caddy labels on exposed services**:
   - **PASS**: caddy=kopia.netgrimoire.com and caddy.reverse_proxy are properly configured for the exposed service.
 4. **Placement constraints**:
   - **FAIL**: The constraint `node.hostname == znas` should be reconsidered as it limits the service to a single node (znas). It may not be ideal if you want redundancy or failover capabilities.
     **Fix**: Consider using more flexible placement constraints that ensure the service is scheduled on suitable nodes without being tied to a specific hostname.
 5. **Volumes use /DockerVol/<service> path convention**:
   - **PASS**: All volumes follow the convention, e.g., `/DockerVol/kopia/config`, `/DockerVol/kopia/cache`, etc.
 6. **Network references external netgrimoire overlay**:
   - **PASS**: The service is correctly referencing an external network named `netgrimoire`.
 **VERDICT: FAIL**
 The primary issue identified is the placement constraint that limits the service to a single node, which may hinder redundancy and failover capabilities.