@firstname.lastname@example.org I’d probably go with gettext here. That’s what I know and also seems to work quite well. Once I come to the web UI part. At the moment I started out with a REST API only.
We’re using Badger at work and unfortunately it’s the wrong database for us. Badger is well suited for high write workloads but we’re mostly only reading. It’s constantly reorganizing the database and wasting a lot of resources. Currently, we’re trying to understand the details to reconfigure it, but we could not achieve a lot so far. Tomorrow, I have to continue research on that topic. :-( Also with all the other trouble it had caused us so far, I’ll not use Badger in my hobby projects. We also noticed ristretto, the cache, somehow accesses /etc/passwd. No reaction from the developers. Development stalled and then lately continued in a new fork by the same guys but it’s already discontinued for another fork and a lot of stuff they don’t need anymore like vlogs, write transactions, etc. have been removed. A lot of stuff is changing at the moment.
Bolt is a candidate we even did a crude storage implementation with. The idle performance is great, basically zero, but when work has to happen, we obviously don’t hit as good numbers as with Badger. Still good enough from what we’ve seen so far without spending time analyzing it in any detail. We would also have to bolt the data encryption to Bolt ourselves. That’s where Badger really shines. But if you en-/decrypt data in the application, you’re still be able to get some metadata from Bolt, like how many records are there, how big are they etc. From my understanding Badger encrypts the whole database and derives dedicated encryption keys from the master key which are then even rotated automatically.
So Bolt could be something to try. I’ll probably also have a deeper look into Bitcask some day this week. However, with these more “esoteric” databases debugging probably gets harder. For well-hung, more traditional solutions like SQLite etc. there are lots of viewers and tools out there. Not sure if that is the case for the others, too.
Ok, I have to check out IndieAuth. Actually, I have no idea about it.