47 lines
No EOL
1.6 KiB
Markdown
47 lines
No EOL
1.6 KiB
Markdown
---
|
|
title: Audit - caddy.yaml
|
|
description: Gremlin audit report 2026-04-03
|
|
published: true
|
|
date: 2026-04-03T03:31:34.043Z
|
|
tags: gremlin,audit
|
|
editor: markdown
|
|
dateCreated: 2026-04-03T03:31:34.043Z
|
|
---
|
|
|
|
# Audit Report — caddy.yaml
|
|
|
|
**Date:** 2026-04-03
|
|
**File:** swarm/stack/caddy/caddy.yaml
|
|
**Type:** Docker Swarm
|
|
**Verdict:** FAIL
|
|
|
|
---
|
|
|
|
**SWARM AUDIT REPORT**
|
|
|
|
1. **Homepage labels**: There are no homepage-related labels in the provided YAML file.
|
|
- **FAIL**: Missing homepage labels.
|
|
|
|
2. **Uptime Kuma labels**: There are no Uptime Kuma-related labels in the provided YAML file.
|
|
- **FAIL**: Missing Uptime Kuma labels.
|
|
|
|
3. **Caddy labels on exposed services**:
|
|
- **PASS**: Caddy service does not have any specific labels as per the provided configuration.
|
|
|
|
4. **Placement constraints**:
|
|
- **PASS**: Both `caddy` and `crowdsec` services are constrained to run on the node with hostname `znas`.
|
|
|
|
5. **Volumes use /DockerVol/<service> path convention**:
|
|
- **FAIL**: The volumes are not using the `/DockerVol/<service>` path convention.
|
|
- `/var/run/docker.sock`
|
|
- `/export/Docker/caddy/Caddyfile`
|
|
- `/export/Docker/caddy:/data`
|
|
- `caddy-logs`
|
|
- `crowdsec-db`
|
|
|
|
6. **Network references external netgrimoire overlay**:
|
|
- **PASS**: The services reference the externally created `netgrimoire` and `vpn` networks.
|
|
|
|
**VERDICT: FAIL**
|
|
|
|
The provided YAML file contains several issues that need to be addressed to meet all the audit criteria, including missing homepage and Uptime Kuma labels, non-conforming volume paths, and lack of use of the external `netgrimoire` overlay network. |