public inbox for [email protected]
help / color / mirror / Atom feedFrom: Merlin Moncure <[email protected]>
To: [email protected] <[email protected]>
Cc: PostgreSQL General <[email protected]>
Subject: Re: Describing the natural architecture for an internet-facing Postgres based app: feedback sought
Date: Fri, 1 May 2026 14:27:30 -0600
Message-ID: <CAHyXU0yNBHF=yJG8-XAasedUagG=+PODje_RXZVuefWqhfuvdQ@mail.gmail.com> (raw)
In-Reply-To: <[email protected]>
References: <[email protected]>
On Mon, Apr 27, 2026 at 9:25 PM [email protected] <[email protected]>
wrote:
> Coming from a Rails/PHP/etc world. All of those communities generally hold
> that the database should be treated as a dumb data bucket with all the
> logic in the middleware.
>
> I’ve long thought someone should write up what the alternative
> architecture using Postgres to its fullest would look like. In order to
> differentiate it, I start from the security advantages and work forward.
>
> I’d love to get some feedback on it. Harsh criticism is most useful… :-)
>
> lydb.xyz/zero-authority-architecture
>
I have been developing in this style for many years. Application requests
in JSON/JSONB, and zero IQ middleware outside of caching, transport
authorization, etc. Prior to JSON, I was doing it with composite types --
postgres has been able to do some variant of this since mid 8.x series. I
can assure you, this style of architecture works, your core assumptions are
mostly correct, although I'd gently suggest taking a broader view on
application architecture vs authorization. Generally speaking, it is a
very fast way to write robust applications quickly, and I've written highly
scalable enterprise applications in this style.
I'm not afraid to take things to the extreme. If you want to see examples
backend rich coding in action, take a look at pgasync
<https://github.com/merlinm/pgasync; and especially pgflow
<https://github.com/merlinm/pgflow;, which is a airflow style orchestrator
written in a stored procedure daemon :-).
merlin
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected]
Subject: Re: Describing the natural architecture for an internet-facing Postgres based app: feedback sought
In-Reply-To: <CAHyXU0yNBHF=yJG8-XAasedUagG=+PODje_RXZVuefWqhfuvdQ@mail.gmail.com>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox