Why put a webserver in a database, when you can put a database in a webserver? (github.com)

A new Caddy server module turns DuckDB into a secure, production-ready HTTP database service: it exposes a RESTful CRUD API (/duckdb/api/{table}) plus a raw-SQL endpoint (/duckdb/query), supports parameterized queries, and returns results in JSON, CSV, Parquet or Apache Arrow IPC. The module separates a main database (file or in-memory) from a required auth database that stores API keys and role permissions (admin, editor, reader or custom roles). Built-in safety features include API key authentication (X-API-Key), table-level RBAC, transactional writes for atomicity, input validation and parameterized statements to prevent SQL injection, query timeouts, pagination, sorting/filtering, and configurable limits like max rows and memory/thread tuning. For engineers this means you can deploy DuckDB as a lightweight analytics microservice with familiar HTTP semantics and enterprise-friendly controls. It supports performance tuning (threads, memory_limit, object cache, temp directory) and multi-platform builds via the official duckdb-go driver (requires Go 1.24+, CGO and a C compiler). Quickstart is provided (make auth-init; make auth-add-key; make run) and there’s an official Docker image for fast containerized deployment. The design makes DuckDB accessible for internal APIs, prototypes, and edge analytics without adding an external DB server, while preserving SQL power and safety for multi-tenant or production use.