For You/Us Developers
basebox is a GraphQL API server that connects to a PostgreSQL database. You define the structure of your data and thus the layout of the database, as well as all operations (i.e. CRUD: create, read, update, delete) in a single annotated GraphQL schema file. basebox compiles the schema into an SQL script to create the database, and a set of intermediate files that are later used by basebox to automatically resolve your requests into JSON responses that your client application easily understands.
What's in it for me as a Frontend Developer?
Using basebox, you can create API servers by just describing them. See the basebox tour to learn how such a description (GraphQL schema file) looks. You do not have to know SQL, nor do you have to write server side code to get it up and running.
What's in it for me as a Backend Developer?
Of course, backend developers can write their own backends using one of the system available out there. But it is tedious, time consuming and error prone. Using basebox though, you do not have to write boilerplate resolver functions, since basebox' compiler does it automatically for you. It is quite smart, e.g. it automatically creates SQL JOIN requests to minimize the number of database round trips.
As you know, automation takes away flexibility; that's why you can extend basebox' functionality using your own Microservice, written in whichever server side programming language you fancy.
How Do I Develop With basebox?
You start by installing the basebox distribution on your development machine. Then, you need a PostgreSQL server that can run on the same machine or on a remote host; see our PostgreSQL Primer.
Next, create your app's description (GraphQL schema) as laid out in the basebox compiler guide; to test your schema file, run the compiler with it like this:
basebox Technical Details
In a Nutshell
- basebox is a complete backend for your app, including a GraphQL server, a GraphQL to SQL compiler, a microservice layer for complicated business logic, and a production-grade HTTPS server.
- It uses OpenID Connect for authentication and authorization
- basebox is written in 100% Rust and runs on any 64bit Linux system (MacOS builds for devs available soon).
- It connects to a PostgreSQL database.
- basebox is designed for security and ease of use.
- It is regularly subjected to extensive penetration tests and external audits.
- basebox is self-hosted and can be installed on-premise or in your cloud.
- We just released 1.0 😃
In another Nutshell
Graphical Overview
This is a simplified graphical overview of basebox.
A more detailed graphic can be found on our documentation home page.
basebox Components
basebox consists of mainly three components:
broker - the https API Server
The API server receives and processes GraphQL requests from clients, performs access control, retrieves the requested data from basebox' database proxy server dbproxy and returns it as a JSON response.
dbproxy - the Database Proxy Server
dbproxy connects to a local or remote PostgreSQL database. It compiles incoming requests into SQL, hits the database and returns results to the broker
bbc - GraphQL to SQL Compiler
To improve the security and performance of your application, basebox contains a unique GraphQL to SQL compiler programmed in Rust. The compiler eliminates the need to hand-write boilerplate resolver functions.
3rd Party Components
basebox relies on the following 3rd party dependencies:
PostgreSQL
basebox connects to a (new or already existing) PostgreSQL database. PostgreSQL is a powerful, open source object-relational database system with over 30 years of active development that has earned it a strong reputation for reliability, feature robustness, and performance.
OpenID Connect
basebox uses OpenID Connect (OIDC) for authentication and authorization. OpenID Connect is an official, widely used OAuth 2.0 authorization framework extension. It allows computing clients to verify the identity of an end user based on the authentication performed by an authorization server (e.g. KeyCloak or Auth0).
OpenID Connect is also a widely used single-sign-on solution; most implementations also support Two-Factor-Authorization (2FA).
Security
- 100% Rust - you don't have to know Rust to use basebox, but since basebox is written in 100% Rust, your project benefits from Rust's speed and safety
- Penetration Tests - basebox is regularly subjected to extensive penetration tests (Pentests).
- External Audits - basebox contains thousands of lines of code and developer hours. To avoid operational blindness, we regularly have external auditors from the Johner Institute perform various tests.
- Continuous Updates - We are constantly evolving basebox. Besides new functionality, we implement new developments to increase overall security – without you noticing anything. This is how we respond to new developments in the market, such as innovations in operating systems.
- Threat Modelling - in the context of updates, the threat model of basebox is adapted to prevent new danger points from being created.
- Unit and Integration Tests - basebox contains an extensive set of unit and integration tests. As we further develop basebox, we constantly add new and extend existing tests to ensure high code quality and security.
System Requirements
Any 64bit Linux
basebox runs on virtually all Linux systems. A low-cost and simple server configuration is sufficient for many use cases, e.g.
- Ubuntu 20.04
- 4 GB Ram
- 40 GB hard disk
We will soon also provide MacOS binaries.
Installation
We will provide detailed installation instructions as soon as the beta is available. A Docker based installation for easy setup is also in the making.
Self-Hosted
Install basebox wherever you want.
On your terms. On-premise. In your cloud. It uses hardly any storage space and is powerful and fast, even on small servers.
We do not yet offer basebox as a cloud service. However, if there is enough demand, we will provide that.
For data-sensitive sectors, e.g., Health Tech, self-hosting has several advantages, mainly 100% authority over the data. For some use cases, self-hosting might even be mandatory for policy reasons.
Coming Soon
NoSQL/Multi-DB Support
basebox currently runs with a PostgreSQL database. We plan to add support for more database systems (NoSQL and others) or multiple databases for the same project.
Push Notifications
Push notifications for Android and iOS devices will be integrated into basebox, so you won't need to run a dedicated server.
GraphQL Subscriptions
basebox does currently not support GraphQL subscriptions; we will add them later.
Data migration
Changing your data model requires you to manually recompile basebox's SQL templates, schema, and resolver files. We will add a semi-automatic migration that creates ALTER TABLE ...
statements and updates all required files.