redbean

Actually Portable Executable Web Server

Liberate Your Web Apps

redbean + cosmopolitan libc + ape

• It’s a conventional HTTP/1.1 server�
• Written in conventional style (POSIX ANSI C)�
• Shipped in a radical new polyglot executable format

redbean + cosmopolitan libc + ape

• Self-hosted web apps (doesn’t need the cloud)�
• Multiplatform (uses same binary on all platforms)�
• Zero dependencies (no interpreter or virtual machine)�
• No. 3 top “Show HN” thread of all time (Feb 2021)�https://hn.algolia.com/?query=show%20hn

Installation

�$ wget https://justine.lol/redbean/redbean-1.0.com�$ chmod +x redbean-1.0.com

$ ./redbean-1.0.com

I2021-05-21T02:38:29.808287:tool/net/redbean.c:4706:redbean:10388] LISTEN 0.0.0.0:8080 see http://127.0.0.1:8080

​

​

HTTP Server

redbean default listing page

ZIP File System

You open the redbean.com binary in any zip tool and put your assets in it

Application Server

Files with the extension .lua are dynamically served using with a built-in Lua 5.4 interpreter

HTTP Proxy

redbean can be your own private Internet if you configure your browser to use it as an HTTP proxy server

Use wget to mirror websites

Use zip -r redbean.com www.foo.com/ to add mirror directories to executable

Unbloat Your Tech Stack

Footprint

redbean embeds lua5 plus support for six operating systems yet somehow is orders of magnitudes tinier than other servers built for only a single platform and we don’t even apply tools like upx

Electron App (EXE; Windows only) 120,000 kb

​

OpenJDK Shell Script (Linux-only) 100,000 kb

​

.NET distributable (platform-only) 80,000 kb

​

Go (static http; Linux-only) 6,000 kb

​

NGINX (ELF+DSOs; distro-only) 3,000 kb

​

redbean.com (linux+mac+bsd+win) 446 kb

​

redbean.com.gz 256 kb

Memory

redbean has a vertically-integrated tech stack built with a single vision plus a brand new c standard library

Electron 200,000 kb

​

Python HttpServer 12,000 kb

​

V8 7,000 kb

​

NGINX (worker) 580 kb

​

redbean (worker) 200 kb

​

​

​

​

​

​

​

​

Note: Measuring memory use is more art than science

Latency

redbean only needs one system call to serve a static asset (writev) since ZIP central directory is mapped into RAM

redbean uses perfect hash tables for http headers, a hash table for assets, and parsers are all guaranteed linear even when messages are fragmented

Python HttpServer 12,770µs

​

Go 57µs

​

NGINX 26µs

​

redbean 8µs

Throughput

redbean doesn’t need to do anything to serve compressed responses because zip and gzip both use deflate algorithm

benchmarked on intel core i9-9900 using alpine linux default settings

Python HttpServer w/ gzip 100 qps

​

Python ThreadedHttpServer w/ gzip 1,500 qps

​

NGINX w/ gzip 300,000 qps

​

NGINX 400,000 qps

​

Go 400,000 qps

​

redbean w/ unzip+crc 500,000 qps

​

redbean static w/ gzip 1,000,000 qps

​

redbean dynamic lua hello world 1,000,000 qps

​

./redbean-demo.com -s

wrk -H 'Accept-Encoding: gzip' -t 12 -c 120 http://127.0.0.1:8080/tool/net/demo/index.html

What is an APE Binary?�αcτµαlly pδrταblε εxεcµταblε

APE is a Polyglot Executable Format

• Uses ld script to synthesize PE + SH + ELF + Mach-O + ZIP�
• Statically-linked using standard x86-pc-linux-gnu toolchain�
• Runs on Linux, Mac, Windows, FreeBSD, OpenBSD, NetBSD�
• Boots from BIOS since it embeds its own operating system�
• No interpreter or virtual machine needed (x86 is byte code)

cat -v redbean.com

Windows MZ Executable

UNIX Sixth Edition Shebang

Mac OS X Mach-O Block Copy

UNIX ELF Header Self-Modifier

Code Morphing Executables

• redbean.com overwrites its first 64-byte shell script at startup�
• The executable unmaps itself from memory (avoid ETXTBSY)�
• Maps itself back into memory using O_RDWR�restores canonical MZqFpD ape file header�
• StoreAsset() lets Lua use ZIP EXE as document store

REDBEAN.COM

binary header (1)

Windows MZ Executable

BIOS Bootloader

MacOS Support

UNIX Shell Script�Linux+FreeBSD+OpenBSD+NetBSD

REDBEAN.COM

binary header (2)

Linux PT_GNU_STACK

OpenBSD Note

NetBSD Note

Mac OS X Mach-O Structure

REDBEAN.COM

binary zip footer

PKZIP Central Directory

PKZIP End Of Central Directory

Lua Server Pages

Lua Source Code

Any file named foo.lua is served dynamically using a built-in Lua 5.4 interpreter

redbean .lua files

• Dynamically generated�
• redbean api�94 functions and 1 module�
• redbean api is low-level�mostly parsers, escapers, etc.

redbean api example

SetStatus(200)�SetHeader('Content-Type', 'text/html; charset=utf-8')�Write('<!doctype html>\r\n')�Write("<p>Whatever you do, don't click on ")

Write('<a href="')

Write(EscapeHtml(EscapePath(GetPath()) .. '?magic'))

Write('">')

Write(EscapeHtml(VisualizeControlCodes(GetPath())))

Write('?magic</a>\r\n')

Frameworks

Third Party Web Frameworks

• Apnan (by James Milne)�https://git.sr.ht/~shakna/anpan

Apnan Framework Example

math.randomseed(os.time())

local anpan = load(LoadAsset("/anpan.lua"))()

anpan.route("/", function(request, response)

local r = anpan.HTMLResponse()

r.body:appendChild(

anpan.HTMLElement("h1")

:addText("Home"))

:appendChild(

anpan.HTMLElement("p")

:addText("Hello, World!"))

...

Legal

Legal

redbean is permissive and doesn’t have any gpl code / dependencies

• ISC License�
• Third party: MIT, BSD-2, BSD-3, zlib�
• Legal notices are embedded inside the redbean.com binary by the GNU linker

redbean is the web server with a heart

Thanks!

Contact Info:

Justine Tunney

Milpitas, California

jtunney@gmail.com

https://justine.lol/redbean/

​