Kubernetes
HitKeep requires Persistent Storage for the database file. We recommend using a StatefulSet to ensure the persistent volume claim (PVC) stays attached to the pod.
Minimal Manifest
Section titled “Minimal Manifest”This configuration uses a K8s Secret for the JWT key to ensure security.
Save this as hitkeep.yaml:
apiVersion: v1kind: Secretmetadata: name: hitkeep-secretstype: OpaquestringData: # Change this to a real random string jwt-secret: "change-me-in-production-to-something-long"---apiVersion: v1kind: PersistentVolumeClaimmetadata: name: hitkeep-pvcspec: accessModes: [ "ReadWriteOnce" ] resources: requests: storage: 10Gi---apiVersion: apps/v1kind: Deploymentmetadata: name: hitkeep labels: app: hitkeepspec: replicas: 1 selector: matchLabels: app: hitkeep template: metadata: labels: app: hitkeep spec: containers: - name: hitkeep image: ghcr.io/pascalebeier/hitkeep:latest ports: - containerPort: 8080 # Inject sensitive data via Environment Variables env: - name: HITKEEP_JWT_SECRET valueFrom: secretKeyRef: name: hitkeep-secrets key: jwt-secret # Use args for non-sensitive configuration args: - "-public-url=https://analytics.example.com" volumeMounts: - mountPath: /var/lib/hitkeep/data name: data volumes: - name: data persistentVolumeClaim: claimName: hitkeep-pvc---apiVersion: v1kind: Servicemetadata: name: hitkeepspec: selector: app: hitkeep ports: - protocol: TCP port: 80 targetPort: 8080