SShortSingh.
Back to feed

Developer builds lean HTML-to-PDF API using Postgres, Chromium, and no extra services

0
·1 views

A solo developer built DocPenny, an HTML-to-PDF generation service, over twelve weeks using SvelteKit, Hono, PostgreSQL, pg-boss, Chromium, and S3-compatible storage — deliberately avoiding Redis, Kafka, or Kubernetes. The system uses pg-boss, a job queue built on top of Postgres, to handle traffic bursts, allowing the API to accept around 5,900 documents per second while workers render at roughly 63 PDFs per second. To manage memory efficiently, PDFs are streamed in 1 MB chunks directly from Chrome to S3 via multipart upload, keeping per-document memory usage at a fixed ~20 MB regardless of file size. Sensitive template data is encrypted with AES-256-GCM using HKDF-derived keys at render time and never persisted, while signed webhooks and short-lived artifacts further reduce security exposure. The developer notes that businesses for whom PDFs are a byproduct rather than a core product may be better served by managed APIs, but shares the full architecture as a blueprint for those who choose to build.

Read the full story at DEV Community

This is an AI-generated summary. ShortSingh links to the original source for the complete article.

Discussion (0)

Log in to join the discussion and vote.

Log in

Related stories

0
ProgrammingDEV Community ·

Git Worktrees Offer a Practical Fix for Parallel Claude Code Agent Conflicts

Running multiple Claude Code AI agents simultaneously on the same codebase often leads to file conflicts, where one agent's changes overwrite another's. Git worktrees address this by giving each agent its own isolated working directory linked to the same repository but on a separate branch, preventing mid-run file collisions. The setup is straightforward: a new branch and worktree are created for each task before an agent is launched, so changes remain isolated until an explicit merge. However, worktrees defer rather than eliminate merge conflicts, meaning overlapping code changes still require manual review once agents finish. A further challenge is that each agent operates within its own context window, meaning independent agents may make inconsistent design decisions without any awareness of each other.

0
ProgrammingDEV Community ·

Building AI code generation into a no-code platform: why longevity beats generation

A no-code platform has integrated AI-powered code generation to fill gaps when its pre-built component catalog falls short of a user's needs. The team found that producing code with an AI model in 2026 is straightforward, but making that code reliably fit and persist within a live app proved far more challenging. To address this, they built a narrow, server-side-checked API surface so generated sections can only access explicitly declared platform capabilities, preventing scope creep that tends to break over time. The system runs a generate-validate-correct loop, feeding errors back to the model automatically rather than shipping broken output. Together, these guardrails prioritise long-term maintainability and stability over raw generation speed, bridging the gap between a working demo and production-ready code.

0
ProgrammingDEV Community ·

How AgentGateway Uses RFC 8693 Token Exchange to Secure AI Agent Identity

In agentic AI systems, passing a user's broad-scoped identity token across multiple downstream services creates serious security risks, including over-privileged access and potential impersonation. RFC 8693, the OAuth 2.0 Token Exchange standard, addresses this by allowing a gateway to swap the original user token for a fresh, scoped, short-lived credential tailored to each downstream service. AgentGateway, a Rust-based AI proxy from the AI Agent Infrastructure Foundation, implements this pattern via its built-in backendAuth.oauthTokenExchange policy. The setup involves authenticating users through Keycloak, after which AgentGateway handles all token exchanges so upstream services never receive the original credential. The tutorial also covers token caching for performance, delegation with actor claims, and support for additional grant types such as JWT Bearer and Microsoft Entra On-Behalf-Of flows.

0
ProgrammingDEV Community ·

Reverse Proxy, Load Balancer, and API Gateway: Key Structural Differences Explained

A technical article published on DEV Community on July 13 by Folasayo Samuel Olayemi breaks down the structural differences between three commonly confused system design components. The piece focuses on Reverse Proxies, Load Balancers, and API Gateways, clarifying that despite frequent overlap in usage, they are not the same thing. The article is categorized under system design, architecture, and API topics and is estimated to be a seven-minute read. It aims to help developers better understand when and why to use each component in software architecture.

Developer builds lean HTML-to-PDF API using Postgres, Chromium, and no extra services · ShortSingh