traveler/Netgrimoire
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Netgrimoire/Netgrimoire/Audits/sonarr-2026-04-20.md

1.7 KiB
Raw Blame History

title description published date tags editor dateCreated
Audit - sonarr.yaml Gremlin audit report 2026-04-20 true 2026-04-20T11:35:49.931Z gremlin,audit markdown 2026-04-20T11:35:49.931Z

Audit Report — sonarr.yaml

Date: 2026-04-20
File: swarm/sonarr.yaml
Type: Docker Swarm
Verdict: FAIL

Audit Report:

  1. Homepage labels:

    • PASS: homepage.group, homepage.name, homepage.icon, homepage.href, and homepage.description are correctly defined.

  2. Uptime Kuma labels:

    • FAIL: The label kuma.sonarr.http.url uses https://sonarr.netgrimoire.com. For security, it should use the internal service name (http://sonarr) instead of the external domain.
      • Fix: Change kuma.sonarr.http.url to http://sonarr.

  3. Caddy labels on exposed services:

    • PASS: The caddy=<domain> and caddy.reverse_proxy labels are correctly set.

  4. Placement constraints:

    • PASS: The node.hostname == docker5 constraint is correctly applied.
    • FAIL: The constraints to exclude arm64 and arm architectures might not be necessary or beneficial depending on the architecture of your cluster nodes. Ensure this aligns with your deployment strategy.
      • Fix: Evaluate if these constraints are strictly needed based on your infrastructure.

  5. Volumes use /DockerVol/ path convention:

    • PASS: All volume paths follow the /DockerVol/Sonarr:/config and /data/nfs/znas/Data/:/data:shared conventions correctly.

  6. Network references external netgrimoire overlay:

    • PASS: The netgrimoire network is referenced as an external overlay network, which is correct.

VERDICT: FAIL