Skip to content
Klutch.sh Docs

Deploying Offen

Introduction

Offen is a privacy-focused, open-source web analytics platform that takes a fundamentally different approach to tracking. Instead of collecting data secretly, Offen treats users as partners by giving them full access to their own data and the ability to delete it at any time.

Built with privacy by design, Offen uses end-to-end encryption so that even the operator cannot access individual user data. This approach makes it naturally GDPR compliant and respects user privacy while still providing valuable analytics insights.

Key highlights of Offen:

  • Privacy by Design: End-to-end encryption protects user data
  • User Access: Users can view and delete their own data
  • GDPR Compliant: Built for privacy regulation compliance
  • Consent-Based: Respects user choice about tracking
  • Lightweight Script: Minimal impact on page performance
  • Fair Data Exchange: Users get value from sharing data
  • Self-Hosted: Complete control over your analytics data
  • Anonymous Insights: Aggregate data without individual tracking
  • Open Source: Apache 2.0 license with transparent development
  • Simple Interface: Clean, focused analytics dashboard

This guide walks through deploying Offen on Klutch.sh using Docker.

Why Deploy Offen on Klutch.sh

Deploying Offen on Klutch.sh provides several advantages:

Simplified Deployment: Klutch.sh handles the Go application deployment automatically.

Persistent Storage: Attach persistent volumes for your analytics database.

HTTPS by Default: Automatic SSL certificates for secure data transmission.

GitHub Integration: Version-controlled deployments through your repository.

Scalable Resources: Allocate CPU and memory based on traffic volume.

Environment Variable Management: Securely store configuration secrets.

Custom Domains: Use your own domain for professional analytics.

Always-On Availability: Your analytics service remains accessible 24/7.

Prerequisites

Before deploying Offen on Klutch.sh, ensure you have:

  • A Klutch.sh account
  • A GitHub account with a repository for your configuration
  • A website where you want to add analytics
  • (Optional) A custom domain for your Offen instance

Understanding Offen Architecture

Offen has a privacy-centric architecture:

Go Backend: Server handling data collection and the dashboard.

SQLite/PostgreSQL: Database storing encrypted analytics data.

JavaScript Client: Lightweight script embedded on tracked websites.

Encryption Layer: Client-side encryption before data leaves the browser.

Consent Management: Built-in consent flow for user control.

Deploying Offen on Klutch.sh

    Create Your GitHub Repository

    Create a new GitHub repository for your Offen deployment configuration.

    Create the Dockerfile

    Create a Dockerfile in your repository root:

    FROM offen/offen:latest
    

    # Set environment
    ENV OFFEN_SERVER_PORT=3000
    ENV OFFEN_DATABASE_DIALECT=sqlite3
    ENV OFFEN_DATABASE_CONNECTIONSTRING=/var/opt/offen/offen.db
    

    # Create data directory
    RUN mkdir -p /var/opt/offen
    

    EXPOSE 3000
    

    CMD ["offen"]

    Create a New Project on Klutch.sh

    Navigate to the Klutch.sh dashboard and create a new project.

    Create a New App

    Within your project, create a new app and connect your GitHub repository.

    Configure HTTP Traffic

    In the deployment settings:

    • Select HTTP as the traffic type
    • Set the internal port to 3000

    Set Environment Variables

    Configure the following environment variables:

    VariableValue
    OFFEN_SECRETGenerate with offen secret
    OFFEN_SERVER_PORT3000
    OFFEN_DATABASE_DIALECTsqlite3
    OFFEN_DATABASE_CONNECTIONSTRING/var/opt/offen/offen.db

    Attach Persistent Volumes

    Add persistent storage:

    Mount PathRecommended SizePurpose
    /var/opt/offen10 GBDatabase and configuration

    Deploy Your Application

    Click Deploy to start the build process.

    Create Admin Account

    After deployment, create your admin account:

    1. Access https://your-app.klutch.sh/setup
    2. Create your admin credentials
    3. Complete the setup process

Initial Configuration

Creating an Account

Set up your first account:

  1. Go to the setup page
  2. Create admin email and password
  3. Choose account name
  4. Complete registration

Adding Your First Website

Create an analytics account:

  1. Log in to the dashboard
  2. Click “Create new account”
  3. Name your account (e.g., “My Website”)
  4. Copy the embed code
  5. Add to your website

Embedding the Script

Add to your website’s HTML:

<script async src="https://your-offen.klutch.sh/script.js"
        data-account-id="your-account-id">
</script>

Using Offen

Dashboard Overview

View your analytics:

  1. Log in to the dashboard
  2. Select an account
  3. View page views and sessions
  4. Analyze referrer sources
  5. See geographic distribution

User Experience

What users see:

  1. Consent banner on first visit
  2. Option to opt-in or opt-out
  3. Access to their own data
  4. Ability to delete their data
  5. Transparent data collection

Data Retention

Configure data lifetime:

  1. Access account settings
  2. Set retention period
  3. Data automatically expires
  4. Respects user deletions

Privacy Features

End-to-End Encryption

How encryption works:

  1. User data encrypted in browser
  2. Keys never leave user’s device
  3. Server stores only encrypted data
  4. Operators cannot access individual data

Consent management:

  1. Users explicitly opt-in
  2. No tracking without consent
  3. Users can withdraw anytime
  4. Clear explanation of data use

Data Transparency

Give users access:

  1. Users visit /auditorium
  2. View their collected data
  3. See what’s being tracked
  4. Delete data if desired

Analytics Metrics

Available Data

What Offen tracks:

  • Page views
  • Sessions
  • Referrer sources
  • Landing pages
  • Exit pages
  • Browser/device info
  • Geographic location (approximate)
  • Session duration

What’s NOT Tracked

Privacy-first design:

  • No personal identification
  • No cross-site tracking
  • No fingerprinting
  • No advertising profiles
  • No third-party data sharing

Production Best Practices

Security Recommendations

  • Generate strong OFFEN_SECRET
  • Use HTTPS exclusively
  • Regular backups
  • Keep software updated

Performance

Optimize for scale:

  • SQLite for small sites
  • PostgreSQL for larger deployments
  • Configure appropriate resources
  • Monitor database size

Backup Strategy

  1. Database Backups: Regular SQLite/PostgreSQL backups
  2. Configuration: Document environment settings
  3. Encryption Keys: Securely store secret

Troubleshooting Common Issues

Script Not Loading

  • Verify embed code is correct
  • Check account ID
  • Confirm HTTPS configuration
  • Review browser console

No Data Appearing

  • Confirm script is loading
  • Check user has consented
  • Verify account configuration
  • Wait for data processing

Login Issues

  • Verify credentials
  • Check OFFEN_SECRET hasn’t changed
  • Review server logs

Comparison with Other Analytics

FeatureOffenGoogle AnalyticsPlausible
Privacy-FirstYesNoYes
User Data AccessYesNoNo
GDPR CompliantNativeDifficultYes
Self-HostedYesNoYes
Open SourceYesNoYes

Additional Resources

Conclusion

Deploying Offen on Klutch.sh provides a truly privacy-respecting analytics solution that treats users as partners rather than products. By giving users access to their own data and using end-to-end encryption, Offen offers a fair exchange: insights for operators, transparency for users. This approach naturally achieves GDPR compliance while building trust with your audience.