Documentation menu

Build less runtime. Keep more control.

Bunfork is a Linux-first Rust binary with two serving modes: native MiniJinja pages with encrypted data, or verified static browser artifacts without data state.

Choose a serving path

Native Rust application

Use file-routed MiniJinja pages, public assets, SQLCipher, and the authenticated vector API.

Set up native mode

Static framework export

Build with your framework, admit the immutable output, then serve it without database keys or tokens.

Prepare an export

Start with the repository check

The project pins Rust through rust-toolchain.toml. A locked release build plus Bunfork's own test command exercises both unit tests and the native runtime smoke path.

cargo build --release --locked
./target/release/bunfork test

The smoke check discovers routes and verifies an encrypted migration, vector search, and backup in temporary storage; the locked Rust tests cover restore behavior.

Documentation map

Getting started
Build, create separate secrets, migrate, run, and probe the native server.
Framework exports
Known output directories and manifest settings for six verified producers.
CLI & operations
The full command surface, global options, and public health endpoints.
SQLite & vectors
Encrypted storage, exact migrations, scoped records, API calls, and hard limits.
Deploy & recover
Digest-owned bundles, hardened systemd units, verified backups, and restore order.
Security
Trust boundaries, production checklist, and deliberate non-features.