Documentation
¶
Overview ¶
Package quicsql is the quicSQL server: a SQLite network server / multiplexer that owns local databases (plain files, in-memory, and vfs/vault containers) and fans many network clients into ONE long-lived open handle per database — the single-owner discipline that makes a vault file safely shareable.
quicSQL is its own module, quicsql.net, built on gosqlite (gosqlite.org) — the CGo-free SQLite engine it embeds. During co-development it resolves gosqlite from the sibling checkout via the replaces in go.mod.
Live today (Phases 0-7): the config/backend/registry/engine core, the native-JSON and libSQL Hrana protocols (execute/batch/interactive transactions over baton sessions), the full transport matrix — HTTP/1.1, cleartext h2c, h2 over TLS, HTTP/3 over QUIC, and Unix sockets, all serving one http.Handler — authentication + authorization (a principal/capability model with per-database grants and read-only enforced in depth, across no-auth, Unix peer credentials, bearer token, HTTP-basic password, mTLS, and an ed25519 challenge/response reusing crypto/keyring), every open mode through config (plain file, read-only, private and shared in-memory, vfs/mvcc and vfs/memdb, and vfs/vault plain / compressed / encrypted / multi-recipient / authenticated-writer), a control plane at /_admin (runtime create / detach / list databases and vault maintenance — offline compact, online reclaim, trim, snapshot — with a meta store and audit log), and observability + safety rails: a /_metrics OpenMetrics endpoint, /_admin introspection (info / stats / sessions / kill), a slow-query log (driver TraceProfile, params redacted by default — logging.expand_params opts into expanded SQL), a per-principal rate limit and per-database concurrency cap, and statement / transaction timeouts that interrupt a runaway or disconnected query.
Directories
¶
| Path | Synopsis |
|---|---|
|
Package admin is the control plane: the /_admin HTTP surface for runtime database lifecycle (create / detach / list) and vault maintenance (offline compact, online reclaim, snapshot).
|
Package admin is the control plane: the /_admin HTTP surface for runtime database lifecycle (create / detach / list) and vault maintenance (offline compact, online reclaim, snapshot). |
|
Package auth authenticates a request into an authz.Principal.
|
Package auth authenticates a request into an authz.Principal. |
|
Package authz is the principal + capability model: it maps an authenticated principal to a per-database access Level.
|
Package authz is the principal + capability model: it maps an authenticated principal to a per-database access Level. |
|
Package backend maps a configured database to a concrete open: each backend knows how to build a sqlite.Config (and, for vault, vault.Options) and open the single shared handle the registry fans clients through.
|
Package backend maps a configured database to a concrete open: each backend knows how to build a sqlite.Config (and, for vault, vault.Options) and open the single shared handle the registry fans clients through. |
|
Package client is a small Go client for the quicSQL native-JSON API (POST /<db>/query).
|
Package client is a small Go client for the quicSQL native-JSON API (POST /<db>/query). |
|
sqldriver
Package sqldriver registers a database/sql driver named "quicsql" that speaks to a quicSQL server, so ordinary database/sql code connects to a remote database the same way it opens a local one:
|
Package sqldriver registers a database/sql driver named "quicsql" that speaks to a quicSQL server, so ordinary database/sql code connects to a remote database the same way it opens a local one: |
|
cmd
|
|
|
quicsql
command
Command quicsql is the quicSQL server daemon.
|
Command quicsql is the quicSQL server daemon. |
|
Package config is the typed, YAML-backed configuration surface for the quicSQL server.
|
Package config is the typed, YAML-backed configuration surface for the quicSQL server. |
|
Package engine runs statements against a database handle and encodes results into the transport-agnostic Value/Result shape shared by every protocol.
|
Package engine runs statements against a database handle and encodes results into the transport-agnostic Value/Result shape shared by every protocol. |
|
examples
|
|
|
auth
command
Command auth is a runnable demonstration of every quicSQL authentication method and every authorization level.
|
Command auth is a runnable demonstration of every quicSQL authentication method and every authorization level. |
|
charged-server
command
Command quicsql-charged-server is a deployable, fully-charged quicSQL server: an encrypted + compressed vault database, a plain file DB and a shared in-memory DB; the standard extension bundle plus a custom server-registered SQL function; every auth method and authz level; TLS h2 + HTTP/3 as the primary secure transports (with cleartext h1/h2c and a Unix socket as dev extras); the control plane; rate/concurrency limits; a slow-query log; and a vault-backed meta store.
|
Command quicsql-charged-server is a deployable, fully-charged quicSQL server: an encrypted + compressed vault database, a plain file DB and a shared in-memory DB; the standard extension bundle plus a custom server-registered SQL function; every auth method and authz level; TLS h2 + HTTP/3 as the primary secure transports (with cleartext h1/h2c and a Unix socket as dev extras); the control plane; rate/concurrency limits; a slow-query log; and a vault-backed meta store. |
|
demo
command
Command demo is a fully self-contained, runnable quicSQL example: it starts an in-process server (via serverd) with several databases across every transport, runs real-life operations against each database through the Go client, shows a Hrana interactive transaction, and then benchmarks request throughput (RPS / RPM) on each protocol.
|
Command demo is a fully self-contained, runnable quicSQL example: it starts an in-process server (via serverd) with several databases across every transport, runs real-life operations against each database through the Go client, shows a Hrana interactive transaction, and then benchmarks request throughput (RPS / RPM) on each protocol. |
|
internal/showcase
Package showcase holds the fixed DEV credentials shared by the charged-server and the remote-tour examples.
|
Package showcase holds the fixed DEV credentials shared by the charged-server and the remote-tour examples. |
|
remote-tour
command
Command remote-tour is a pure remote client that walks every quicSQL-reachable feature against a charged server, over TLS with mTLS.
|
Command remote-tour is a pure remote client that walks every quicSQL-reachable feature against a charged server, over TLS with mTLS. |
|
Package extensions is the quicSQL server's standard extension bundle.
|
Package extensions is the quicSQL server's standard extension bundle. |
|
Package httpapi is the transport-neutral HTTP surface for quicSQL.
|
Package httpapi is the transport-neutral HTTP surface for quicSQL. |
|
internal
|
|
|
httpjson
Package httpjson writes the server's uniform JSON responses and error envelopes.
|
Package httpjson writes the server's uniform JSON responses and error envelopes. |
|
raceskip
Package raceskip exposes a single Enabled bool constant whose value reflects whether the build was produced with -race.
|
Package raceskip exposes a single Enabled bool constant whose value reflects whether the build was produced with -race. |
|
Package limits enforces the runtime safety rails that bound one client's or one database's share of the server: a per-principal request rate limit (token bucket) and a per-database concurrency cap (so one hot database can't starve the others).
|
Package limits enforces the runtime safety rails that bound one client's or one database's share of the server: a per-principal request rate limit (token bucket) and a per-database concurrency cap (so one hot database can't starve the others). |
|
Package meta is the server-owned meta store: a small SQLite database (a vault container by default, so it can be encrypted at rest) under data_dir that records runtime state the YAML config cannot — the databases created through the control plane, and the admin audit log.
|
Package meta is the server-owned meta store: a small SQLite database (a vault container by default, so it can be encrypted at rest) under data_dir that records runtime state the YAML config cannot — the databases created through the control plane, and the admin audit log. |
|
Package obs is the observability seam.
|
Package obs is the observability seam. |
|
Package registry owns exactly ONE open handle per logical database and fans every session through it — the single-owner invariant that makes a vault file safely shareable.
|
Package registry owns exactly ONE open handle per logical database and fans every session through it — the single-owner invariant that makes a vault file safely shareable. |
|
Package secret resolves "source:name" references to key material.
|
Package secret resolves "source:name" references to key material. |
|
Package serverd assembles and runs a quicSQL server from a validated config: secrets → meta store → reconcile (config ∪ meta) → backends → registry (warm, fail-fast) → sessions → auth/authz → metrics + limiter → HTTP handler → transports.
|
Package serverd assembles and runs a quicSQL server from a validated config: secrets → meta store → reconcile (config ∪ meta) → backends → registry (warm, fail-fast) → sessions → auth/authz → metrics + limiter → HTTP handler → transports. |
|
Package session implements Hrana's interactive-transaction streams: a Session pins one *sql.Conn for the life of a BEGIN…COMMIT spanning multiple pipeline requests, addressed by an unforgeable, server-signed *baton*.
|
Package session implements Hrana's interactive-transaction streams: a Session pins one *sql.Conn for the life of a BEGIN…COMMIT spanning multiple pipeline requests, addressed by an unforgeable, server-signed *baton*. |
|
Package transport starts the quicSQL HTTP handler on every wire — HTTP/1.1, cleartext HTTP/2 (h2c), HTTP/2 over TLS, HTTP/3 over QUIC, and Unix sockets — all serving the identical http.Handler.
|
Package transport starts the quicSQL HTTP handler on every wire — HTTP/1.1, cleartext HTTP/2 (h2c), HTTP/2 over TLS, HTTP/3 over QUIC, and Unix sockets — all serving the identical http.Handler. |