audit(gremlin): phpipam PASS 2026-04-03

Netgrimoire/Audits/phpipam-2026-04-03.md

@@ -0,0 +1,57 @@
+---
+title: Audit - phpipam.yaml
+description: Gremlin audit report 2026-04-03
+published: true
+date: 2026-04-03T03:08:37.768Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-04-03T03:08:37.768Z
+---
+
+# Audit Report — phpipam.yaml
+
+**Date:** 2026-04-03  
+**File:** swarm/phpipam.yaml  
+**Type:** Docker Swarm  
+**Verdict:** PASS
+
+---
+
+1. **Homepage labels**: 
+   - `homepage.group`: Management
+   - `homepage.name`: phpIPAM
+   - `homepage.icon`: ipam.png
+   - `homepage.href`: http://ipam.netgrimoire.com
+   - `homepage.description`: IP Address Management
+
+   **PASS**: All homepage labels are correctly set.
+
+2. **Uptime Kuma labels**:
+   - `kuma.<n>.http.name`
+   - `kuma.<n>.http.url`
+
+   **FAIL**: No Uptime Kuma service is defined in the YAML file, so these labels do not apply.
+
+3. **Caddy labels on exposed services**:
+   - `caddy=ipam.netgrimoire.com`
+   - `caddy.reverse_proxy="{{upstreams 80}}"`
+
+   **PASS**: Caddy labels are correctly set for the phpIPAM-web service.
+
+4. **Placement constraints**:
+   - `node.hostname == docker3`
+
+   **FAIL**: The placement constraint is applied to all services, but it should be verified that `docker3` node exists and is available. Additionally, consider using a more dynamic constraint if possible (e.g., based on resource availability).
+
+5. **Volumes use /DockerVol/<service> path convention**:
+   - `/DockerVol/phpipam/phpipam-logo:/phpipam/css/images/logo`
+   - `/DockerVol/phpipam/mariadb:/var/lib/mysql`
+
+   **PASS**: All volumes follow the specified path convention.
+
+6. **Network references external netgrimoire overlay**:
+   - `netgrimoire` network is referenced by all services.
+
+   **PASS**: The `netgrimoire` network is correctly referenced as an external overlay network.
+
+**VERDICT: PASS**