Overview — HTMQL Documentation

Overview

HTMQL Server is a batteries-included, cross-platform, web application platform. It is designed for rapid development of business-grade web applications by anyone comfortable with basic HTML and SQL, or who uses AI tools to bridge the gap.

At its core is the HTMQL page format: a single .htmql file that combines SQL commands, authorization rules, and HTML layout. Built-in capabilities like PDF generation, email, file handling, and redirects are accessed through the same format, keeping everything in one place.

The entire application deploys as a single compiled binary and a folder of plain-text files - no runtime to install, no containers, no package manager - running as a system service on Windows or Linux. And nothing about it locks you in: your data lives in a standard SQL database you control, your page files are plain text and your own IP, and the platform's source code is public under Apache 2.0. There is no subscription, and no vendor you can't walk away from.

HTMQL is well-suited for:

  • Modernizing legacy interfaces by connecting to existing SQL databases
  • Greenfield business applications with data entry and reporting requirements
  • Developers who want a productive starting point without committing to a heavy framework

It ships with a curated set of frontend libraries and a sensible default styling, but works with any JavaScript and CSS libraries. Beyond the built-in features, pages can call server-side external executables or web APIs.

Feature Summary

Developer Experience

  • Single-file page format: HTML and SQL/data commands combined in one .htmql file
  • Requires only basic HTML, SQL, and Go's standard HTML template syntax - no framework-specific language to learn
  • AI-assistant friendly by design; includes an AGENTS.md file for AI coding tools

Database

  • Supports SQLite, Microsoft SQL Server, and PostgreSQL
  • Automatic SQL transaction wrapping with commit/rollback control
  • Named SQL parameters (@name) with automatic type handling
  • Database schema migrations run automatically on startup

Security

  • OIDC/OAuth2 single sign-on (Microsoft Entra, Auth0, Okta, Keycloak, and others)
  • Local form-based logins using SQL authentication (Microsoft SQL Server and PostgreSQL only) or tables.
  • Role-based page authorization, assigned by OIDC or SQL tables

Layout & UI

  • Sensible default styling and layout with configurable header, footer, and dynamic menu
  • Built-in unsaved-changes detection: the standard header includes a simple opt-in script that warns before leaving a form with unsaved edits and can disable specific buttons until changes are saved
  • Bundled third-party libraries: HTMX, Hyperscript, Missing.css, Leaflet, Toast UI Editor (Markdown WYSIWYG)
  • Tablekit.js, an interactive data table library with sorting, filtering, pagination, loading indicator
  • Compatible with any standard HTML and JavaScript libraries

Built-in Capabilities

  • Render page contents as PDF files
  • Emailing with SMTP or Microsoft 365 (Outlook draft or direct send via the Graph API)
  • File uploads and downloads stored in the database, local file system, SFTP, or S3 bucket
  • External applications can be executed as part of page processing (blocking and non-blocking)
  • Render GitHub Flavored Markdown as HTML
  • Configurable system-wide formatting for dates, numbers, and currency to ensure consisteny between pages

Deployment

  • Single compiled binary, no runtime dependencies
  • Cross-platform: Windows, Linux, macOS
  • Runs as a system service or standalone application
  • Structured logging with automatic file rotation

Future Features

  • Email attachments sourced from file systems (currently only server-fetched URLs are supported)
  • Scheduled task runner to automatically trigger pages, external executables, and plugins at set intervals or upon events (e.g. pages can call events and tasks respond to events, check for SQL query to return a condition, etc)
  • Plugin architecture to allow advanced server-side actions (allow for bi-directional interaction with external executables called from a page, allow for long-running executables not tied to a page which are accessed by special aliases)
  • Page data can be rendered as JSON (makes SQL query results accessible to frontend libraries)
  • Server-side data queries and actions against JSON and GraphQL web APIs (currently web API calls can only be made from the user's browser with JavaScript or an external executable/script called from the page)
  • Reading and writing PDF Acroform fields (PDF form data can be available as template data or SQL parameters, can write to PDF form fields and render or save the file)
  • SharePoint document libraries as file storage location type
  • Oracle database support
  • Google Workspace integration for creating email drafts and sending without SMTP
  • Mobile client app with offline page caching