jason.woltje/professional-website
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4 Commits 5 Branches 0 Tags
fix/trivy-hardening
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Jason Woltje 0637992723
All checks were successful
ci/woodpecker/pr/web Pipeline was successful
Details
ci/woodpecker/push/web Pipeline was successful
Details
fix(security): remediate Trivy HIGH findings on main image 
- Bump next 16.2.2 -> 16.2.3 (GHSA-q4gf-8mx6-v5v3 RSC DoS)
- pnpm overrides: minimatch>=10.2.3, picomatch>=4.0.4, tar>=7.5.11
  (CVE-2026-27903/27904, 33671, 29786, 31802)
- Dockerfile runner: apk upgrade --no-cache pulls patched openssl 3.5.6-r0
  and zlib 1.3.2-r0 before installing wget (CVE-2026-28390, 22184)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-13 22:38:03 -05:00
.mosaic
chore: bootstrap repo with PRD, tasks, design samples, and Mosaic scaffolding
2026-04-13 21:05:06 -05:00
.woodpecker
feat: Next 16 + Payload 3 scaffold with Kaniko CI and Swarm deploy (#1)
2026-04-14 03:21:17 +00:00
design-samples/stitch_jasonwoltje.com
chore: bootstrap repo with PRD, tasks, design samples, and Mosaic scaffolding
2026-04-13 21:05:06 -05:00
docs
chore: bootstrap repo with PRD, tasks, design samples, and Mosaic scaffolding
2026-04-13 21:05:06 -05:00
images
chore: bootstrap repo with PRD, tasks, design samples, and Mosaic scaffolding
2026-04-13 21:05:06 -05:00
public
fix(docker): add empty public/ so Kaniko COPY succeeds (#2)
2026-04-14 03:30:13 +00:00
src
feat: Next 16 + Payload 3 scaffold with Kaniko CI and Swarm deploy (#1)
2026-04-14 03:21:17 +00:00
.dockerignore
feat: Next 16 + Payload 3 scaffold with Kaniko CI and Swarm deploy (#1)
2026-04-14 03:21:17 +00:00
.env.example
feat: Next 16 + Payload 3 scaffold with Kaniko CI and Swarm deploy (#1)
2026-04-14 03:21:17 +00:00
.gitignore
fix(security): remediate Trivy HIGH findings on main image
2026-04-13 22:38:03 -05:00
docker-compose.swarm.yml
feat: Next 16 + Payload 3 scaffold with Kaniko CI and Swarm deploy (#1)
2026-04-14 03:21:17 +00:00
docker-compose.yml
feat: Next 16 + Payload 3 scaffold with Kaniko CI and Swarm deploy (#1)
2026-04-14 03:21:17 +00:00
Dockerfile
fix(security): remediate Trivy HIGH findings on main image
2026-04-13 22:38:03 -05:00
eslint.config.mjs
feat: Next 16 + Payload 3 scaffold with Kaniko CI and Swarm deploy (#1)
2026-04-14 03:21:17 +00:00
LICENSE
chore: bootstrap repo with PRD, tasks, design samples, and Mosaic scaffolding
2026-04-13 21:05:06 -05:00
next-env.d.ts
feat: Next 16 + Payload 3 scaffold with Kaniko CI and Swarm deploy (#1)
2026-04-14 03:21:17 +00:00
next.config.ts
feat: Next 16 + Payload 3 scaffold with Kaniko CI and Swarm deploy (#1)
2026-04-14 03:21:17 +00:00
package.json
fix(security): remediate Trivy HIGH findings on main image
2026-04-13 22:38:03 -05:00
pnpm-lock.yaml
fix(security): remediate Trivy HIGH findings on main image
2026-04-13 22:38:03 -05:00
postcss.config.js
feat: Next 16 + Payload 3 scaffold with Kaniko CI and Swarm deploy (#1)
2026-04-14 03:21:17 +00:00
README.md
chore: bootstrap repo with PRD, tasks, design samples, and Mosaic scaffolding
2026-04-13 21:05:06 -05:00
tailwind.config.ts
feat: Next 16 + Payload 3 scaffold with Kaniko CI and Swarm deploy (#1)
2026-04-14 03:21:17 +00:00
tsconfig.json
feat: Next 16 + Payload 3 scaffold with Kaniko CI and Swarm deploy (#1)
2026-04-14 03:21:17 +00:00

README.md

jasonwoltje.com — Professional Website

Personal brand + portfolio site for Jason Woltje. Payload CMS 3 on Next.js 16, Postgres 17, deployed to Docker Swarm (w-docker0) behind Traefik.

Stack

Layer Choice
Framework Next.js 16 (App Router)
CMS Payload 3 (Next-integrated, admin at /admin)
DB PostgreSQL 17
Styling Tailwind v3 (ported from stitch design tokens)
Fonts Space Grotesk (display/labels) + Inter (body), self-hosted via next/font
Media Local volume (migratable to S3/MinIO via Payload adapter)
Analytics Umami (self-hosted)
CAPTCHA Cloudflare Turnstile
Registry git.mosaicstack.dev container packages (immutable sha-* tags)
CI Woodpecker CI + Kaniko
Deploy Portainer stack on w-docker0 (Swarm)
Ingress Edge Traefik (TLS) → per-swarm Traefik (entrypoints=web)

Repository layout

professional-website/
├── src/                     # Next.js app + Payload config
├── public/                  # static assets
├── design-samples/          # stitch design reference (HTML + DESIGN.md)
├── images/                  # source headshots (pre-upload originals)
├── docs/
│   ├── PRD.md               # product requirements
│   ├── TASKS.md             # execution tracking
│   └── scratchpads/         # per-task working notes
├── Dockerfile               # multi-stage build
├── docker-compose.swarm.yml # Portainer stack (prod)
├── .woodpecker/web.yml      # CI pipeline
└── .env.example

Local dev

pnpm install
cp .env.example .env        # fill in local values
pnpm dev                    # Next + Payload on http://localhost:3000

Payload admin: http://localhost:3000/admin

Documentation

Deployment

Container images are built by Woodpecker and pushed to git.mosaicstack.dev/jason.woltje/professional-website:sha-<short>. The Portainer stack references immutable tags — latest is never used as a deploy reference.

See docs/PRD.md §Infrastructure for the full deploy runbook.

Reference in New Issue View Git Blame Copy Permalink
Description
Jason Woltje professional website — Payload CMS 3 + Next.js 16
Readme 3.3 MiB
Languages
TypeScript 69.2%
HTML 28.3%
CSS 1.2%
Dockerfile 0.9%
JavaScript 0.2%
Other 0.2%