---
title: Audit - monitoring.yaml
description: Gremlin audit report 2026-04-27
published: true
date: 2026-04-27T11:26:30.229Z
tags: gremlin,audit
editor: markdown
dateCreated: 2026-04-27T11:26:30.229Z
---

# Audit Report — monitoring.yaml

**Date:** 2026-04-27  
**File:** swarm/monitoring.yaml  
**Type:** Docker Swarm  
**Verdict:** FAIL

---

### SWARM AUDIT REPORT

**1. Homepage labels: homepage.group, homepage.name, homepage.icon, homepage.href, homepage.description**
   - **PASS**: All services have the required homepage labels.

**2. Uptime Kuma labels: kuma.<n>.http.name, kuma.<n>.http.url**
   - **FAIL (Prometheus)**: The Prometheus service does not set a `kuma.prometheus.http.password` label.
     - **Fix**: Add `kuma.prometheus.http.password: F@lcon13` to the Prometheus service configuration.
   - **PASS**: Grafana, Alertmanager, and Blackbox Exporter have the required Uptime Kuma labels.

**3. Caddy labels on exposed services: caddy=<domain>, caddy.reverse_proxy**
   - **PASS**: All services with reverse proxy settings have the correct Caddy labels.

**4. Placement constraints: node.hostname**
   - **FAIL (Prometheus)**: The Prometheus service does not specify a `node.platform.arch` constraint.
     - **Fix**: Add `- node.platform.arch != aarch64 - node.platform.arch != arm` to the Prometheus service constraints.
   - **PASS**: Other services have valid placement constraints.

**5. Volumes use /DockerVol/<service> path convention**
   - **PASS**: All services use the correct volume path convention.

**6. Network references external netgrimoire overlay**
   - **PASS**: All services reference the external `netgrimoire` network.

### VERDICT: FAIL