Home
Softono
daptin

daptin

Open source Go
Website GitHub
1.9K
Stars
116
Forks
27
Issues
41
Watchers
3 weeks
Last Commit
Headless CMS NoSQL Databases Backend as a Service

About daptin

Daptin - Backend As A Service - GraphQL/JSON-API Headless CMS

Platforms

Web Self-hosted Cloud

Languages

Go

Links

Website Source Code
d
Published by
daptin
Visit View Profile

README.md

View on GitHub

Daptin

Release License Go Report Discord

Daptin is the batteries-included application server for your next software project.

Most apps need the same backend capabilities: data modeling, APIs, auth, permissions, files, background jobs, integrations, metering, realtime events, and production operations. Daptin gives you those pieces in one server.

Use Daptin as the primary backend for a new app, or run it beside an existing stack as a sidecar for the features you are missing.

schema.yaml -> Daptin -> APIs + Auth + Permissions + Files + Sites + Actions + Integrations + Ops

Build your app. Let Daptin run and enforce the backend.

Why Daptin

Most software projects eventually need the same backend foundation. Daptin keeps that foundation stable:

  • Your data model becomes REST, GraphQL, OpenAPI, metadata, validation, and standard columns.
  • Your users, teams, tenants, and roles become user_account, usergroup, relations, OAuth, and row-level permissions.
  • Your backend logic becomes actions, state machines, scheduled tasks, data exchange, and integration calls.
  • Your product runtime gets files, sites, realtime events, LLM routing, metering, quotas, rate limits, audit trails, caching, TLS, and monitoring.

Use Daptin behind web apps, mobile apps, internal tools, stores, blogs, SaaS products, dashboards, portals, API products, content sites, and AI products.

What You Get

Data Model And APIs

  • Schema-defined entities backed by SQLite, PostgreSQL, or MySQL/MariaDB.
  • Standard columns: internal id, public reference_id, version, created_at, updated_at, and row permission.
  • Relations, joins, default groups, default relations, validations, conformations, composite keys, and column types.
  • JSON:API CRUD endpoints under /api/{entity}.
  • Optional GraphQL endpoint under /graphql.
  • OpenAPI and metadata through /openapi.yaml, /meta, and /jsmodel/{typename}.
  • Import, export, aggregation, filtering, pagination, and generated test data.

Identity, Policy, And Multi-Tenancy

  • Users, usergroups, group membership, and ownership-aware rows.
  • Entity-level and row-level permission checks.
  • Guest, owner, and group permission scopes for peek, read, create, update, delete, refer, and execute.
  • JWT/session authentication, signup/signin, password reset, and OTP/2FA flows.
  • OAuth as a client through oauth_connect and oauth_token.
  • OAuth/OIDC-style provider endpoints through oauth_app, authorization codes, access tokens, refresh tokens, grants, JWKS, UserInfo, introspection, and revocation.
  • Multi-tenant app patterns through usergroups, relations, ownership, default groups, and row permissions.

Backend Logic And Workflows

  • Buildable actions with input fields, validation, conditions, outcomes, and action-level permissions.
  • Action chains for CRUD, performer execution, rendering, file download, response shaping, user switching, and backend-side orchestration.
  • State machines and state transition tracking.
  • Scheduled tasks that execute actions on cron-like schedules.
  • Data exchange and custom business logic hooks.

Files, Storage, Sites, And Templates

  • Encrypted credentials and cloud_store records.
  • rclone-backed local and cloud storage providers.
  • Asset columns for files, images, videos, blobs, markdown, HTML, JSON, and compressed content.
  • Upload routes, direct asset serving, cache headers, ETags, gzip, and optimized static file serving.
  • Static site and subsite hosting from the same runtime.
  • Site creation and site storage sync actions.
  • Template hooks for static sites and app frontends.

Realtime, Protocols, And Collaboration

  • WebSocket endpoint at /live.
  • Create/update/delete events published through Olric PubSub.
  • Optional YJS collaboration support.
  • Streams and RSS/Atom/JSON feeds.
  • Built-in or config-gated SMTP, IMAP, FTP, CalDAV/CardDAV, HTTPS/TLS, CORS, gzip, rate limiting, and language middleware.

LLM, Integrations, Metering, And Product Runtime

  • OpenAI-compatible endpoints:
    • /v1/chat/completions
    • /v1/completions
    • /v1/embeddings
    • /v1/models
  • LLM provider routing through llm_provider and encrypted credentials.
  • OpenAPI-backed third-party integrations under /integration/{provider}/{operation}.
  • OAuth-token and custom-credential execution boundaries for integrations.
  • API plans, members, usage logs, quotas, rate limits, and credit hooks.
  • CRUD, action, and LLM metering for paid AI/API products.

Operations

  • Runtime configuration through /_config.
  • Health and statistics through /ping and /statistics.
  • Optional audit tables and audit rows.
  • Olric-backed cache, PubSub, and clustered rate-limit counters.
  • TLS certificate management, including ACME/self-signed certificate actions.
  • Background mail sync and outbox processing.
  • OpenAPI and metadata endpoints for tools, agents, and client generation.

Quick Start

Download the latest release binary:

# Linux amd64
curl -L -o daptin https://github.com/daptin/daptin/releases/latest/download/daptin-linux-amd64
chmod +x daptin
./daptin -port=6336

Or run the Docker image with the current release tag:

docker run --rm -p 6336:8080 -p 6443:6443 daptin/daptin:v0.12.15

Then open:

http://localhost:6336

Create the first admin user and finish setup using the wiki:

Build Your First Backend

Create a schema file such as schema_product.yaml:

Tables:
  - TableName: product
    Columns:
      - Name: name
        DataType: varchar(200)
        ColumnType: label
        IsIndexed: true
      - Name: price
        DataType: float
        ColumnType: measurement
      - Name: published
        DataType: bool
        ColumnType: truefalse
        DefaultValue: "false"

Start Daptin in the same directory:

./daptin -port=6336

Daptin creates the table and exposes the backend surfaces around it:

GET    /api/product
POST   /api/product
PATCH  /api/product/{reference_id}
DELETE /api/product/{reference_id}
GET    /openapi.yaml
GET    /meta
POST   /graphql              # when GraphQL is enabled

From there, add users, usergroups, relations, permissions, actions, asset columns, state machines, integrations, metering, or site hosting as your app needs them.

For New Projects And Existing Stacks

Daptin works well as the backend foundation for new software and as a sidecar for existing systems:

  • Point frontends, tools, and services at JSON:API, GraphQL, OpenAPI, or metadata endpoints instead of building bespoke backend glue.
  • Use usergroups, relations, and row permissions for access boundaries.
  • Keep secrets in Daptin credentials, OAuth tokens, and integration config instead of application client code.
  • Put backend logic in Daptin actions and state machines.
  • Store uploads through asset columns and cloud stores.
  • Host static frontends, docs, blogs, and sites as Daptin subsites.
  • Route LLM calls through Daptin's OpenAI-compatible /v1 endpoints.
  • Add plans, quotas, usage logs, credits, and rate limits through API metering.
  • Subscribe to data changes through WebSocket events when apps need realtime behavior.

Ecosystem

  • Daptin CLI - manage contexts, CRUD, actions, OAuth, integrations, storage, assets, and discovery from the command line.
  • Daptin JS client - JavaScript and TypeScript client for auth, JSON:API, actions, and uploads.
  • Daptin Go client - Go client for Daptin APIs.
  • Schema samples - reusable schemas for blogs, stores, task lists, FAQs, payments, and more.
  • Daptin LLM demo - contract demo for OpenAI-compatible LLM endpoints.
  • Metering credit demo
    • quotas, usage, credits, LLM metering, and denial paths.
  • Integration auth demo
    • OAuth/custom-credential integration execution and wrong-user denial.
  • OAuth provider demo
    • Daptin as OAuth 2.0 / OpenID Connect provider.
  • Dadadash - larger app proof with file browser, document editor, spreadsheet editor, calendar, and CRUD data tables.

Production Notes

For production deployments:

  • Use PostgreSQL or MySQL/MariaDB instead of development SQLite.
  • Set stable jwt.secret and encryption.secret values.
  • Enable HTTPS/TLS and configure hostnames.
  • Configure backups and restore testing for your database and file storage.
  • Use cloud storage for durable files and media when appropriate.
  • Enable only the protocols your app needs.
  • Configure rate limits, metering, monitoring, and audit behavior for your product.

Useful docs:

Documentation

Community

License

Daptin is licensed under LGPL v3.