Skip to main content
Deprecated — v1.x chartThis page documents configuration for the v1.x inline-template Helm chart, which is in maintenance mode. For the v2.x chart, see Helm configuration. To migrate, see the Upgrade guide.
This guide covers configuration options for ClickStack Helm deployments. For basic installation, see the main Helm deployment guide.

API key setup

After successfully deploying ClickStack, configure the API key to enable telemetry data collection:
  1. Access your HyperDX instance via the configured ingress or service endpoint
  2. Log into the HyperDX dashboard and navigate to Team settings to generate or retrieve your API key
  3. Update your deployment with the API key using one of the following methods:

Method 1: Update via Helm upgrade with values file

Add the API key to your values.yaml:
Then upgrade your deployment:

Method 2: Update via Helm upgrade with —set flag

Restart pods to apply changes

After updating the API key, restart the pods to pick up the new configuration:
The chart automatically creates a Kubernetes secret (<release-name>-app-secrets) with your API key. No additional secret configuration is needed unless you want to use an external secret.

Secret management

For handling sensitive data such as API keys or database credentials, use Kubernetes secrets.

Using pre-configured secrets

The Helm chart includes a default secret template located at charts/clickstack/templates/secrets.yaml. This file provides a base structure for managing secrets. If you need to manually apply a secret, modify and apply the provided secrets.yaml template:
Apply the secret to your cluster:

Creating a custom secret

Create a custom Kubernetes secret manually:

Referencing a secret in values.yaml

Ingress setup

To expose the HyperDX UI and API via a domain name, enable ingress in your values.yaml.

General ingress configuration

Important configuration notehyperdx.frontendUrl should match the ingress host and include the protocol (e.g., https://hyperdx.yourdomain.com). This ensures that all generated links, cookies, and redirects work correctly.

Enabling TLS (HTTPS)

To secure your deployment with HTTPS: 1. Create a TLS secret with your certificate and key:
2. Enable TLS in your ingress configuration:

Example ingress configuration

For reference, here’s what the generated ingress resource looks like:

Common ingress pitfalls

Path and rewrite configuration:
  • For Next.js and other SPAs, always use a regex path and rewrite annotation as shown above
  • Don’t use just path: / without a rewrite, as this will break static asset serving
Mismatched frontendUrl and ingress.host:
  • If these don’t match, you may experience issues with cookies, redirects, and asset loading
TLS misconfiguration:
  • Ensure your TLS secret is valid and referenced correctly in the ingress
  • Browsers may block insecure content if you access the app over HTTP when TLS is enabled
Ingress controller version:
  • Some features (like regex paths and rewrites) require recent versions of nginx ingress controller
  • Check your version with:

OTEL collector ingress

If you need to expose your OTEL collector endpoints (for traces, metrics, logs) through ingress, use the additionalIngresses configuration. This is useful for sending telemetry data from outside the cluster or using a custom domain for the collector.
  • This creates a separate ingress resource for the OTEL collector endpoints
  • You can use a different domain, configure specific TLS settings, and apply custom annotations
  • The regex path rule allows you to route all OTLP signals (traces, metrics, logs) through a single rule
If you don’t need to expose the OTEL collector externally, you can skip this configuration. For most users, the general ingress setup is sufficient.

Troubleshooting ingress

Check ingress resource:
Check ingress controller logs:
Test asset URLs: Use curl to verify static assets are served as JS, not HTML:
Browser DevTools:
  • Check the Network tab for 404s or assets returning HTML instead of JS
  • Look for errors like Unexpected token < in the console (indicates HTML returned for JS)
Check for path rewrites:
  • Ensure the ingress isn’t stripping or incorrectly rewriting asset paths
Clear browser and CDN cache:
  • After changes, clear your browser cache and any CDN/proxy cache to avoid stale assets

Customizing values

You can customize settings by using --set flags:
Alternatively, create a custom values.yaml. To retrieve the default values:
Example configuration:
Apply your custom values:

Next steps

Last modified on June 19, 2026