Table of Contents

Useful Links

A curated list of websites and resources used in or relevant to this project.

.NET / ASP.NET

  • ASP.NET — Microsoft's web framework for building modern web apps and APIs
  • Aspire — .NET Aspire documentation and resources
  • Blazor — .NET web framework for building interactive UI with C#
  • LibMan — Lightweight client-side library acquisition tool for ASP.NET Core
  • MailKit — Cross-platform .NET SMTP/IMAP/POP3 client library used for sending mail
  • NodaTime — Date and time library for .NET with explicit timezone handling
  • Npgsql — .NET data provider for PostgreSQL
  • Polly — Resilience and transient fault-handling library for .NET (retries, circuit breakers, timeouts)
  • bUnit — Testing library for Blazor components
  • Reqnroll — BDD test automation framework for .NET (SpecFlow successor)
  • Respawn — Intelligent database cleanup tool for resetting test databases to a known state between tests
  • Scalar — OpenAPI documentation and API client
  • Testcontainers — Library for spinning up real Docker containers in tests (used for PostgreSQL integration tests)
  • TUnit — Modern, async-first test framework for .NET
  • WireMock.Net — HTTP server mock for stubbing and verifying API calls in tests
  • Shouldly — Fluent assertion library for .NET

Infrastructure

  • Docker — Container platform for building and running applications
  • Headlamp — Extensible Kubernetes web UI for browsing and managing cluster resources
  • Helm — Package manager for Kubernetes
  • OpenTelemetry — Observability framework for traces, metrics, and logs
  • Keycloak — Open source identity and access management (authentication, SSO, OAuth2/OIDC)
  • Let's Encrypt — Free, automated TLS certificate authority used for HTTPS in production
  • k3s — Lightweight Kubernetes distribution designed for production on resource-constrained nodes
  • k9s — Terminal-based UI for interacting with and managing Kubernetes clusters
  • Kubernetes — Container orchestration platform
  • LocalStack — Local AWS cloud service emulator (S3, SQS, and more)
  • LocalStack Explorer — Web UI for browsing LocalStack resources
  • OpenVPN install — Simple bash installer for setting up an OpenVPN server on Linux
  • OVHcloud — Cloud hosting provider (servers, managed Kubernetes, object storage)
  • PostgreSQL — Open source relational database
  • Traefik — Cloud-native reverse proxy and ingress controller for Kubernetes

Architecture

Security

  • Hardenize — Comprehensive web security assessment covering TLS, headers, DNS, and email security
  • Open Graph Preview — Preview how Open Graph meta tags render on social media platforms
  • HTTP Security Headers — Scan and grade HTTP response security headers for a given URL
  • OWASP Top 10 — Standard reference for the most critical web application security risks
  • Permissions Policy — Reference and generator for the Permissions-Policy HTTP header
  • security.txt — Standard for defining a security policy and contact information for responsible disclosure (/.well-known/security.txt)
  • SSL Labs — Deep analysis and grading of a server's SSL/TLS configuration
  • ZAP — Open source web application security scanner for finding vulnerabilities

Design

Tooling

  • Homebrew — Package manager for macOS and Linux
  • cdnjs — Free and open source CDN for JavaScript libraries
  • CodeQL — Semantic code analysis engine for security scanning
  • DocFX — Static documentation site generator for .NET projects
  • GitHub Actions — CI/CD automation platform
  • JetBrains Rider — Cross-platform .NET IDE
  • Mailpit — Local SMTP server and web UI for capturing and inspecting emails during development
  • mkcert — Tool for creating locally-trusted TLS certificates for development
  • NuGet — .NET package manager
  • SonarCloud — Cloud-based static code analysis for code quality and security (free for public repositories)
  • SonarQube — Self-hosted version of Sonar's static code analysis platform