Use stunnel for TLS. A benefit is that if you properly sandbox the daemon behind it, a compromise in the daemon behind TLS does not result in the server key being compromised.

A GUI could be done in SDL+Nuklear, GTK+ or others.

Database access from C is easy, since the databases are written in C and provide C APIs for access.

Can you use those libraries without a bunch of arcane compiler flags? Because that's what the argument was about.

stunnel is not a library and linking to C libraries is easy.