Skip to content
Klutch.sh Docs

Deploying a Yopass App

Introduction

Yopass is a minimal secret sharing service that encrypts data in the browser and stores it temporarily server-side. This guide shows how to package Yopass with a Dockerfile and deploy it to Klutch.sh over HTTP with sensible security defaults.

Prerequisites

  • GitHub repository containing your Dockerfile.
  • Optional Redis instance if you prefer Redis-backed storage; otherwise, Yopass uses in-memory storage.
  • Klutch.sh project ready in klutch.sh/app.

Project structure

.
└── Dockerfile

Sample Dockerfile

FROM jotptr/yopass:latest


# Default Yopass HTTP port
ENV PORT=80
EXPOSE 80
  • PORT=80 – internal port for the HTTP server.
  • YOPASS_MAX_FILE_SIZE=5242880 – limit file uploads (5 MB example).
  • YOPASS_MAX_MESSAGE_LENGTH=10000 – max message size.
  • YOPASS_EXPIRATION=24h – default expiration for secrets.
  • Optional Redis:
    • YOPASS_STORAGE=redis
    • YOPASS_REDIS=redis://:PASSWORD@HOST:6379/0

Persistence

Yopass is designed for ephemeral secret storage. No local volume is required unless you customize logging.

Networking

  • Protocol: HTTP
  • Internal port: 80
  • Users reach https://example-app.klutch.sh while Klutch.sh routes to port 80 inside the container.
Terminal window
curl -I http://localhost

Deployment on Klutch.sh

  1. Push your Dockerfile to GitHub.
  2. In klutch.sh/app, create a new app and select GitHub as the source.
  3. Klutch.sh automatically detects the Dockerfile in the repository root.
  4. Select HTTP traffic and set the internal port to 80.
  5. Add environment variables for limits (YOPASS_MAX_FILE_SIZE, YOPASS_MAX_MESSAGE_LENGTH, YOPASS_EXPIRATION). If using Redis, set YOPASS_STORAGE=redis and YOPASS_REDIS. Mark secrets as sensitive.
  6. Deploy. Once live, share the public URL for secure, time-limited secret links.

Verification

  • UI: open https://example-app.klutch.sh and confirm the Yopass form loads.

  • Quick check:

    Terminal window
    curl -I https://example-app.klutch.sh

Next steps

  • Restrict access to trusted users via your edge controls.
  • Tune expiration and size limits to match your security policies.
  • If using Redis, enable backups or snapshots according to your retention needs.