Deploy JobSync — job search tracker on ringtail k3s #288

Merged

eblume merged 20 commits from mikado/jobsync into main 2026-03-08 11:02:06 -07:00

Conversation 0 Commits 20 Files changed 15 +459

eblume commented 2026-03-07 20:29:18 -08:00

Owner

Copy link

Summary

C2 Mikado chain to deploy JobSync — a self-hosted job application tracker — to ringtail's k3s cluster.

Mikado Graph

deploy-jobsync (goal)
├── build-jobsync-container
│   └── mirror-jobsync
└── integrate-jobsync-ollama

What is JobSync?

Next.js app with SQLite for tracking job applications. Features resume management, application pipeline tracking, and AI-powered resume review/job matching.

Key Decisions

• Ringtail k3s (not minikube-indri) — colocates with Ollama for zero-latency AI
• Nix container via buildLayeredImage — no Dockerfile, mirrors upstream source on forge
• Ollama for AI — uses existing deployment, no API keys needed for AI features
• No upstream fork — vanilla JobSync, Anthropic AI deferred to future work if needed

Current Status

Planning phase — cards committed, ready for review before implementation begins.

## Summary C2 Mikado chain to deploy [JobSync](https://github.com/Gsync/jobsync) — a self-hosted job application tracker — to ringtail's k3s cluster. ### Mikado Graph ``` deploy-jobsync (goal) ├── build-jobsync-container │ └── mirror-jobsync └── integrate-jobsync-ollama ``` ### What is JobSync? Next.js app with SQLite for tracking job applications. Features resume management, application pipeline tracking, and AI-powered resume review/job matching. ### Key Decisions - **Ringtail k3s** (not minikube-indri) — colocates with Ollama for zero-latency AI - **Nix container** via `buildLayeredImage` — no Dockerfile, mirrors upstream source on forge - **Ollama for AI** — uses existing deployment, no API keys needed for AI features - **No upstream fork** — vanilla JobSync, Anthropic AI deferred to future work if needed ### Current Status Planning phase — cards committed, ready for review before implementation begins.

eblume added 1 commit 2026-03-07 20:29:19 -08:00

C2(jobsync): plan — Mikado cards for JobSync deployment ... d479bc3140

Cards:
- deploy-jobsync (goal): Deploy JobSync to ringtail k3s via ArgoCD
- build-jobsync-container: Nix container build (buildLayeredImage)
- mirror-jobsync: Mirror upstream to forge
- integrate-jobsync-ollama: Wire up existing Ollama for AI features

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

eblume force-pushed mikado/jobsync from d479bc3140 to 9d8afbc743 2026-03-07 20:48:05 -08:00 Compare

eblume added 2 commits 2026-03-07 21:28:39 -08:00

C2(jobsync): impl — build-jobsync-container ... 4d145d5e22

Nix derivation for JobSync v1.1.4 container using buildLayeredImage.
Prefetches Prisma engines as Fixed-Output Derivations to avoid network
access in the nix sandbox. Patches Google Fonts import to system font
fallback. Verified building successfully on ringtail.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

C2(jobsync): close build-jobsync-container ... 6ae9194823

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

eblume added 3 commits 2026-03-07 21:39:55 -08:00

C2(jobsync): close integrate-jobsync-ollama ... a263271226

Ollama verified running on ringtail k3s (ollama.ollama.svc.cluster.local:11434)
with all documented models available. Integration is env var config in the
deployment manifest, handled by the root deploy-jobsync card.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

C2(jobsync): impl — deploy-jobsync manifests and routing ... 07c74189d8

ArgoCD app, k8s manifests (deployment, service, PVC, ExternalSecret,
Tailscale ingress), and Caddy route for jobsync.ops.eblu.me.

1Password item "JobSync" created with auth_secret and encryption_key.
Container build v1.1.4 in progress.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

C2(jobsync): close deploy-jobsync ... 9c395b4514

All manifests created: ArgoCD app, deployment, service, PVC, ExternalSecret,
Tailscale ingress, and Caddy route. 1Password secrets provisioned.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

eblume added 1 commit 2026-03-07 21:42:44 -08:00

C2(jobsync): impl — set jobsync image tag to v1.1.4-9c395b4-nix ... f42b8f39d6

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

eblume added 1 commit 2026-03-07 21:49:04 -08:00

C2(jobsync): impl — fix entrypoint cd /app for nix container ... f29ddc16f9

The nix container has no /app directory — the app lives at
/nix/store/<hash>/app/ and the container's WorkingDir is set
to that path. Remove the cd /app that caused @prisma/engines
to not be found.

Also add jobsync to service-versions.yaml.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

eblume added 1 commit 2026-03-07 21:50:57 -08:00

C2(jobsync): impl — update image tag to v1.1.4-f29ddc1-nix ... f0aef1f4c6

Rebuilt with fixed entrypoint (no cd /app).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

eblume force-pushed mikado/jobsync from f0aef1f4c6 to 60507ee719 2026-03-07 22:00:27 -08:00 Compare

eblume added 1 commit 2026-03-07 22:01:12 -08:00

C2(jobsync): close mirror-jobsync ... 92f0b190b8

Mirror already exists at forge.ops.eblu.me/mirrors/jobsync from
previous cycle.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

eblume added 1 commit 2026-03-07 22:08:47 -08:00

C2(jobsync): impl — nix container derivation and entrypoint ... 874a967000

Add containers/jobsync/default.nix (buildNpmPackage + dockerTools) and
entrypoint.sh (prisma migrate + node server.js). Hashes are empty
placeholders — will be filled from first build attempt on ringtail.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

eblume added 1 commit 2026-03-08 08:24:44 -07:00

C2(jobsync): impl — fix nix derivation for ringtail build ... b1616bc96b

Use nixpkgs prisma-engines to avoid network downloads in nix sandbox.
Patch out Google Fonts import (Inter) since sandbox blocks network;
falls back to system sans-serif font stack.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

eblume added 2 commits 2026-03-08 08:33:39 -07:00

C2(jobsync): close build-jobsync-container, integrate-jobsync-ollama ... 5b71bb2398

build-jobsync-container: Updated with lessons learned (prisma-engines
from nixpkgs, Google Fonts sandbox workaround, arm64 vs x86_64).
integrate-jobsync-ollama: Configuration-only card, env var will be
set in the deployment manifest.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

C2(jobsync): impl — ArgoCD app, k8s manifests, Caddy route ... 2220944a15

ArgoCD Application targeting ringtail k3s cluster.
Manifests: Deployment, Service, Tailscale Ingress, PVC (local-path),
ExternalSecret (1Password auth_secret + encryption_key).
Caddy route: jobsync.ops.eblu.me -> jobsync.tail8d86e.ts.net.
Ollama integration via OLLAMA_BASE_URL env var in deployment.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

eblume added 1 commit 2026-03-08 08:39:51 -07:00

C2(jobsync): impl — fix entrypoint to use local prisma binary ... 27039e7fe7

npx is not available in the nix container. Call prisma directly via
node node_modules/prisma/build/index.js instead.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

eblume added 1 commit 2026-03-08 08:46:08 -07:00

C2(jobsync): impl — update image tag to v1.1.4-27039e7-nix ... 8d272eee83

Point kustomization at the container with the fixed entrypoint.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

eblume added 1 commit 2026-03-08 09:00:28 -07:00

C2(jobsync): impl — fix @prisma/engines copy in installPhase ... 846d879b40

The cp -r of @prisma/ into an existing node_modules/@prisma/ nested
incorrectly. Use cp -rn with glob to merge contents instead.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

eblume added 1 commit 2026-03-08 09:06:19 -07:00

C2(jobsync): impl — update image tag to v1.1.4-846d879-nix ... 6187ade18f

Container with fixed @prisma/engines copy and local prisma binary.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

eblume added 1 commit 2026-03-08 09:10:14 -07:00

C2(jobsync): impl — add /tmp and /data directories to nix container ... fdac2e3699

Prisma's get-platform module requires /tmp for temp files. Nix
containers don't create standard directories by default.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

eblume added 1 commit 2026-03-08 09:14:44 -07:00

C2(jobsync): impl — update image tag to v1.1.4-fdac2e3-nix ... 2384a15cbf

Container with /tmp directory fix for prisma get-platform.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

eblume added 1 commit 2026-03-08 09:23:33 -07:00

C2(jobsync): impl — skip npm prune, copy prisma transitive deps ... 87930e5e31

Prisma CLI (devDep) has a deep transitive dependency tree that must
be present at runtime for `migrate deploy`. Skip npm prune entirely
and explicitly copy all prisma packages and their transitive deps
into the output.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

eblume added 1 commit 2026-03-08 09:26:19 -07:00

C2(jobsync): impl — simplify: use npx -y for runtime prisma migrate ... 6b36d53bab

Instead of bundling prisma CLI and its deep dependency tree in the nix
image, use `npx -y prisma@6.19.0 migrate deploy` like upstream does.
npx downloads prisma at container startup — network is available at
runtime, only blocked during nix build.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

eblume added 1 commit 2026-03-08 09:40:28 -07:00

C2(jobsync): impl — update image tag to v1.1.4-6b36d53-nix ... 1124b07870

Simplified container with npx -y for prisma migrations.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

eblume added 1 commit 2026-03-08 09:44:40 -07:00

C2(jobsync): impl — add /usr/bin/env symlink for npx-installed scripts ... e51ec83c41

npx-downloaded prisma has `#!/usr/bin/env node` shebang. Nix containers
lack FHS paths; create the symlink in extraCommands.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

eblume added 1 commit 2026-03-08 09:45:53 -07:00

C2(jobsync): impl — update image tag to v1.1.4-e51ec83-nix ... c42d219cb6

Container with /usr/bin/env symlink for npx shebang resolution.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

eblume added 2 commits 2026-03-08 11:00:25 -07:00

C2(jobsync): close — deploy-jobsync ... 9d1e7eff12

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

C2(jobsync): finalize — rework cards into standalone docs ... ae72092ed7

Delete mirror-jobsync and integrate-jobsync-ollama (no standalone
value). Rework build-jobsync-container and deploy-jobsync into
operational reference documentation. Add changelog fragment.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

eblume merged commit 3a811fb188 into main 2026-03-08 11:02:06 -07:00

eblume referenced this pull request from a commit 2026-03-08 11:02:08 -07:00

Deploy JobSync — job search tracker on ringtail k3s (#288)

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

eblume/blumeops!288

No description provided.