Micha/homelab-infra
1
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Remove legacy monitoring stacks

Browse Source
This commit is contained in:
Micha
2026-05-26 15:27:37 +02:00
parent ff5991cec8
commit 45bae13aa0
28 changed files with 80 additions and 591 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ops/policy-checks/exceptions.json
-5
View File
@@ -21,9 +21,6 @@
"gitea": [
"222:22"
],
"influxdb3-core": [
"${INFLUXDB_BIND_IP:-127.0.0.1}:8181:8181"
],
"monitoring-influxdb3-core": [
"${INFLUXDB_BIND_IP:-127.0.0.1}:8181:8181"
],
@@ -33,8 +30,6 @@
]
},
"allowed_root_identities": [
"grafana",
"influxdb3-core",
"monitoring-influxdb3-core"
],
"allowed_privileged_identities": [
ops/policy-checks/last-report.md
+3 -6
View File
@@ -1,10 +1,10 @@
# Policy Check Report
## Summary
- Compose files checked: 31
- Compose files checked: 29
- Critical findings: 0
- Warnings: 7
- Info findings: 10
- Warnings: 5
- Info findings: 9
## Critical
- none
@@ -14,8 +14,6 @@
- [IMAGE001] infra\ddns-updater\docker-compose.yml :: ddns-updater: Image uses a latest tag. Prefer a concrete version tag, even when a digest is present.
- [USER001] monitoring\docker-compose.yml :: influxdb3-core: Runs as user 0. Documented exception, keep visible for hardening.
- [IMAGE001] ops\glances\docker-compose.yml :: glances: Image uses a latest tag. Prefer a concrete version tag, even when a digest is present.
- [USER001] ops\grafana-influxdb\docker-compose.yml :: grafana: Runs as user 0. Documented exception, keep visible for hardening.
- [USER001] ops\grafana-influxdb\docker-compose.yml :: influxdb3-core: Runs as user 0. Documented exception, keep visible for hardening.
- [IMAGE001] ops\scrutiny\docker-compose.yml :: scrutiny: Image uses a latest tag. Prefer a concrete version tag, even when a digest is present.
## Info
@@ -25,7 +23,6 @@
- [PORT001] host-services\Adguard\docker-compose.yml :: adguard: Allowed host port mapping: 100.80.98.33:8082:80
- [HOSTNET001] host-services\tailscale\docker-compose.yml :: tailscale: network_mode: host is a documented exception.
- [PORT001] monitoring\docker-compose.yml :: influxdb3-core: Allowed host port mapping: ${INFLUXDB_BIND_IP:-127.0.0.1}:8181:8181
- [PORT001] ops\grafana-influxdb\docker-compose.yml :: influxdb3-core: Allowed host port mapping: ${INFLUXDB_BIND_IP:-127.0.0.1}:8181:8181
- [PRIV001] ops\scrutiny\docker-compose.yml :: scrutiny: Privileged mode is a documented exception.
- [PORT001] traefik\docker-compose.yml :: traefik: Allowed host port mapping: 80:80
- [PORT001] traefik\docker-compose.yml :: traefik: Allowed host port mapping: 443:443