Hetzner was something I already used, so I just doubled down. I have a single OVH instance where I ma playing with Openclaw, but that was because I was having issues with Hetzner that day on their new instance page (was fixed the next day)
I use Bunny for my CDN, I just wish they have the capabilityt to route IPv4 and IPv6 traffic to IPv6 only origins. If your origin doesn't have IPv4, it wont route IPv4 to an IPv6 origin. Something Cloudflare could do. Still a shame its not a high priority.
For Domains, I am still on porkbun, but i have like 20 domains, and moving them to EU registrars would be pricey. I will do it, just not looking forward to it. Also there are few registrars tht handle all the TLDs i have, nothing like Porkbun. I use dot.bs to optimize my registrars and keep track of them.
I self-host a lot, but I haven't done github. I have a Forgejo instance with working CI/CD, but there are some painpoints mirroring 100s of repos and updating PATs. Also I minimize how much critical infra I host. I do it as my day job. Don't want to do it so much at home, and I still do some between NAS and self-hosted services I do run.
I do plan to try out Hanko and Nebius, those sound good. and Hit up scaleway to see if there is stuff I want to use there. I know Scaleway can be pricey.
How has your experience with Bunny been? I'm quite split on it.
I used to work for a business in a pretty competitive area, where tactics like fake DMCA requests and abuse cases are routinely used to attempt to take down information, be it from Google, or from the CDN/hosting provider. While at first Bunny support seemed understanding of it, later they unceremoniously blocked the account on the basis of too many complaints having been filed, despite all of them being responded to in due time and being proven false.
OTOH, their support staff would respond lightning-fast, which was a breath of fresh air compared to other CDNs we used before.
I could see myself using Bunny for personal projects, or some non-vital business, but probably not for anything with lots of competition.
From a practical standpoint, would you consider "Google Germany GmbH" to essentially be just a reference to Google, beholden to everything that matters to Alphabet headquartered in the United States?
If so, Nebius is just a fancy name for Yandex, beholden to everything that matters to Yandex LLC headquartered in Russia. They just chose a distinctly different name, presumably to avoid the association. When we were doing a deep-dive into cloud GPU providers, legal counsel veto'd them for this reason.
Like the author, we self-host our git repos at work with Gitea, and it's working very well and brings a rather large set of features you'd expect from a GH alternative.
> For Domains, I am still on porkbun, but i have like 20 domains, and moving them to EU registrars would be pricey. I will do it, just not looking forward to it. Also there are few registrars tht handle all the TLDs i have, nothing like Porkbun.
For .com domains, if the rationale is data sovereignty, GDPR simplicity, avoiding dependence on a handful of American hyperscalers, then from an operational standpoint I don’t see much value in using European-based registrars. Ultimately, these domains remain under U.S. control regardless.
If the focus is 'stubbornness' [one of the points in the article], then of course you have other priorities.
Personally I am all for data sovereignty etc, but very seldom for country boycotts.
For domains i find Openprovider.eu is pretty cheap imo, especially if you have a lot and buy in a package it is nearly costprice. Their DNS isn't great though, good enough for personal projects but not for business, would set that somewhere else.
Thank you for this. I'm in Europe with an established SaaS that's been running in production for years and I've converged on a similar stack (OVHCloud instead of Hetzner). However, I've realized you can stay sovereign and independent in any jurisdiction (not just Europe) just by simplifying your stack and running a few baremetal servers in-house.
Just buy a few Mac Studios and run them in-house with power supply backup and networking redundancy and you're good to go to serve more than 10k - 100k requests/second which is good enough to serve a million customers. You don't need VMs: a single Mac Studio gets you 2–4x the power of m7i.2xlarge on AWS, and pays for itself within a few months of AWS bills. You can do local AI inference and get Claude Opus-level performance (Kimi K2.5) over a cluster of Mac Studios with Exo.Labs (an unofficial Apple partner). You get free S3-compatible object storage with zero ongoing storage costs with MinIO (yes it's redundant even if you lose a server, and your hosting provider can't hold your data hostage by charging for egress). Postgres runs like a beast and is incredibly easy to setup - you get zero latency DB because it runs on the same machine, has access to lots of RAM and you're not paying per-GB or per-core. Managed databases are a scam. You don't need an Auth provider, just do passkeys yourself. And the great thing about Apple Silicon hardware is that it is amazingly quiet, reliable, and efficient - you can do thing like run headless browsers 3x faster and cheaper than on standard server hardware because of the unified memory and GPU acceleration, so you're not paying for CI/CD compute by-the-minute or headless browsers either.
This entire stack could give you computing power equivalent to a 25k euro/month AWS bill for the cost of electricity (same electricity cost as running a few fridges 24/7) plus about 50k euros one-time to set it up (about 4 Mac Studios). And yes, it's redundant, scalable, and even faster (in terms of per-request latency) than standard AWS/GCP cloud bloat. Not only is it cheaper and you own everything, but your app will work faster because all services are local (DB, Redis cache, SSD, etc.) without any VM overhead, shared cores, or noisy neighbours.
When you say "baremetal servers in-house", are you talking about colocation in a european cloud provider like Hetzner, or are you talking about actually self hosting at home in your garage like some hobbyist do ?
If you're talking about self hosting in your garage, I wonder how you handle networking, I mean, even if you have a good optic fiber with 1 or 10gbps, if you start getting real significant traffic, wouldn't you end up getting emails from your provider asking you why you are using 10000x more bandwith than your neighbors, and eventually be cut off ?
I, too, once believed this. Then I had the displeasure of watching a $10,000 server fail during Christmas travel (about 20 years ago now). A single RAID drive failed. Then, during the rebuild, a second drive failed. Then the RAID controller itself failed catastrophically, losing all the RAID volume metadata. When we restored from backup, we discovered that the sysadmin who had just quit a few weeks before had lied to us about the backup system, and we had no backups.
This is the sort of black swan event that happens every 5-10 years. It's an unusually bad event, even by black swan standards, but stuff like this happens.
The fundamental problem of self-hosted databases is that you test the happy path every day, but you only test true disaster recovery every 5-10 years. And in practice, this means that disaster recovery will usually fail.
With a managed database service, most of what you're paying goes to making sure that disaster recovery works. And in my experience, it does. I've seen RDS database servers fail catastrophically, and completely rebuild in under 15 minutes with virtually no data loss, with almost no human intervention at all.
If you care about your customers' data, I think that a reputable managed database is the right move until roughly the point that you can pay for a full time database administrator. At that point, sure, roll your own. But do regular disaster recovery tests, lest you discover that a recently departed DBA has been lying to you.
>However, I've realized you can stay sovereign and independent in any jurisdiction (not just Europe) just by simplifying your stack and running a few baremetal servers in-house.
Only if you have physical offices and staff in every jurisdiction you're serving.
Great post, and interesting setup - harkens to days of old, when this was simply how things were done in the first place - but one question that I have, apropos:
>.. serve more than 10k - 100k requests/second which is good enough to serve a million customers.
What is your network connectivity like for this setup? Presumably you operate in a building capable of giving you fiber, with a fixed IP, or something like that?
I have been self hosting since couple of years, yes I got very very interested in self hosting my apps, away from the cloud overlords, but the major issue is the network.
You'll need business internet plans with redundancy and based on locations that might be prohibitively expensive. Some startups might even require their own AS numbers.
Also the connectivity to the data centers or cloud infra like WAF , CDNs etc will be definitely worse compared to cloud instances. Then comes firewalls, their configuration and their redundancy.
These things will matter if you're serious about your SaaS.You could definitely co-locate, but that's another cost, then comes the redundancy of everything, from servers, to disks to network (routers and switches etc).
I personally believe that modern hardware is pretty reliable and doesn't need redundancy in every layer, but most people won't agree with and when startups have enough money, this doesn't matter to them.
I think the only reason the common public is unable to start SaaS is handling and managing these problems. Redundancy costs a lot. And many startups don't want to deal with it even if it'll help them in long run. They just gather enough cash and throw at the overlords.
I do hope that the general infra should improve so that can properly host their own.
Nevertheless I'm still trying to start something in SaaS space and self host from my home...
Are you actually using Exo for local clustered AI inference? I’ve considered it a few times and keep finding horror stories. Never seen someone report it’s actually working well for them.
Ah yes, MinIO, that open source S3 alternative that got archived last week.
To me that's the biggest problem when self-hosting services.
On day to day operations, some times it just breaks and the time to get it back varies from a couple of hours to a couple of days.
And for the longer term you regularly have to upgrade things yourself which takes time and energy and is stressing for stateful deployment.
And then you have it, at some point maintainers are just exhausted and the project is gone.
> Your users expect "Sign in with Google" and "Sign in with Apple."
You can add email/password and passkeys, but removing social logins entirely is a conversion killer.
I know this is true, but I genuinely don't understand it. I want email/password and passkey, I will always go out of my way to avoid "Sign in with ...". I just don't get why people love this.
You really don't? It's just a ton easier for most users: it's (almost) like already having an account. Just click a couple times and you're in, no typing at all, no email confirmation or anything like that.
I also avoid it because I'm concerned about being over-reliant on google (what if they close my account?) and I know how to use a password manager, but I easily understand how 90-99% of the population doesn't care enough and goes the low-friction route.
I assume your circle is mostly tech people? Outside that bubble, it's pretty obvious. People just want easy, don't understand security in many cases, it's the simplest path.
Even absent the above. Imagine a signup flow. I can either click <Sign Up With Google> or I can go through a manual flow with input fields. The former is much faster than the latter. It surprises you people choose the path of least resistance?
HN is going to skew towards people with password managers & concerns about vendors locking you out. I think most people just want low friction - be that 'Sign in with', or passwordless-based authentication like 404media (you want to sign in? You've been emailed a code)
Something I didn't see in the other comments is users who are using the startup's service for work, as an employee.
Why wouldn't you choose the simplicity of "sign in with Google" if your work email is on Google Workspace, using the entire Google suite of business tools for everything (gmail, chat, meet, docs, drive, auth, etc) any everything you do at work is known to Google anyway?
Making an email/password account with your work Gmail is just extra steps, one more password to store, and perhaps the inconvenience of one more 2FA thing. Google gets the same information either way.
Similarly why wouldn't you choose the "sign in Microsoft" if your work is all in on the Microsoft suite of business tools (teams, office, onedrive, auth, etc.) and everything you do at work is known to Microsoft anyway?
For a single personal user it's only a small bit of friction but if you're in charge of 30 people SSO is a godsend for boring compliance work and managing groups of people. You want to change a domain in the company not a big deal. Don't have to rotate passwords every quarter, need to restrict an employee from a service etc. You aren't imagining other challenges other than your own here.
It's a few things (source: I've worked on some large online B2B systems and seen signup flow funnel data for some even larger B2C systems):
1. Ease/laziness as others have mentioned. Even for a service that answers a real need, many users will bail out of the signup flow and just ... leave that need unsatisfied when they see a web form.
2. Underreported: google/apple sign-in buttons make it feel like you already have an account. The fact that the "grant access" new-signup request is a second screen and that "sign up" and "sign in" (with Google/Apple/Github/Facebook/etc.) are the same buttons to enter the funnel is huge. It's not that users are confused/forgetting whether they already have accounts (though some are); rather, it's psychological momentum created by the ambiguous language.
3. Trust and consistency. Nontechnical users just trust the recognizable brand buttons more. They don't necessarily know why/know how auth works, but they know that a lot of data breaches happen and are scared. The fact that the embed button almost always looks the same/familiar is massive. I suspect that it would also be a conversion killer if the "sign in with apple/google" buttons were styled to look totally different and not contain logos.
4. A lot of semi-technical folks don't like remembering passwords (and password managers--even good device-integrated ones--aren't as reliable at autofilling as a lot of casual users would like). Others know that it's a bad idea to reuse passwords. As a result, people use the button that doesn't require them to pick a password they'd have to remember.
5. Impression of privacy. Some (especially older) nontechnical users have a significant aversion to typing in their personal info (name/address/CC number) into online forms, so they pick the option that doesn't require that.
6. Technical people who prefer SSO because it gives (on the SSO provider side) a list of every integrated account; better permissions control (for services that integrate with e.g. Google for more than just login); a marginal chance of a little less data being stored on a service's servers versus the regular make-an-account option; somewhat fewer opportunities for a service to screw up auth by building it themselves wrong. This demographic is small compared to less technical users.
That's all presented without comment. Some of those points are based on exploitative provider behavior, or user ignorance. I'm just explaining the decisionmaking factors, not defending them.
Add all those up, and you definitely get a conversion killer.
I may start to create an account, but after about 30 seconds of effort, I'll start asking myself if it's really a service I care about. Send me an email? If it's not there by the time I click my email tab, odds are pretty good I won't wait around unless it's a truly compelling offering. Want me to fill out a form? If it's anything more than just an email and a password field my password manager can complete for, again, I'll question whether I want you to have that info about me.
So no, I may not leave, but each tiny bit of friction increases the possibility of abandonment. From the perspective of conversion, abandonment is the same as "just leaving".
> In fact a decent % of people stops shopping on your site if there's a few ms lag.
While it's still true, I have read that the accepted lag today is higher than 10-15 years ago, because they have lower expectations due to a general decline in page load speed. (React pages with spinners/placeholders, newsletter popups, higher page weights etc.)
Good, honest write up! As users we need to make more efforts to move out of the American ecosystems. Cloudflare is just so convenient to take only one example.
OT, about the finished product (hank.parts): the French translation and tone is a little rude. For one, it uses "tu" instead of "vous", which does have become customary on Social networks but is still a little bit agressive on a regular website. And "bagnole" or "balance une photo" is more than casual.
Maybe the target are young people but I wouldn't bet on it. Average car ownership in Europe is 53, and 55 in France. Share of new vehicle registrations by adults aged 18-34 is below 10% in Europe.
I’ve found Scaleway really good, I’m surprised it doesn’t come up more often here.
If it matters, I didn’t go to them because they were specifically an EU org either - when Packet became Equinix Metal and then that got shut down, SCW were the most equivalent in terms of cost / hardware specifications and I often used them in parallel when Packet was still around so as to not have all my eggs in one basket.
Super timely - thank you! Im in the process of moving the entire stack of my SaaS* fully in EU as well. Hetzner bare-metal, Talos k8s, OVH Object Storage for backups, self-hosted (for now) image repo. For now im still on Cloudflare for CDN, but bunny looks interesting. Using GitOps (FluxCD) as deployment strategy enables no dependencies on e.g. GitHub Actions.
For one thing running on bare-metal @ Hetzner is insane value for money versus GCP GKE. Im a third of the running costs and get ~50x resources.
The only aspect im struggling with is full-disk encryption. Although customer data is still encrypred with envelope encryption in the database, i want to migrate to fully encrypted disks (LUKS + TPM) sooner rather than later. If anyone has any resources and/or experience with this, please let know :)
* Scaleway is totally painful/scary on data encryption at rest and in transit, does not feel like your infra/data is isolated from other customers
* OVHCloud is good if you deploy your production in HA fashion with higher tiers or do multi-region yourself using a vRack, real issue that they made the news with burning DCs, the fact that the customer base has been originally a gazillion cheap web servers does not help big companies going in, they are going somewhere on the SaaS
On most European cloud providers I feel like IAM is crap: workload identity is almost non-existent, API keys management is usually hellish. Same goes for encryption/isolation. I want to hear more technical feedback on most of them, devil is in the details !
> Google Ads and Apple's Developer Program. If you want to acquire users and distribute a mobile app, you're paying the toll to Mountain View and Cupertino.
If you said Play Store, then sure, though at least distribution on there is free. But you said Google Ads, which you really do not need to acquire users. Returns on Google Ads were already low, and have only continued getting worse and worse. I'm sure someone here claims to be a magician at it and believes they can get a fantastic RoI out of it, and I'm sure some can. But the huge majority doesn't. It's very much like day trading stocks.
There's a huge number of other, better avenues for paid marketing if you want to do it.
Domain TLD is the one administratively completely entangled into USA system while playing a major role on the internet working as it does. ICANN should definitely be an international entity, like UNESCO.
Truth be told if you're a European business, U.S. cloud providers weren't a good deal for a long time. Not since the advent of NVMe's and cheap 100G NIC's, well, that's for sure. Let's have a look at AWS R8 class, which is their most recent native instance type with real, modern I/O. Now, these are ostensibly powered by AWS Nitro 6th-gen networking, which is a 600G NIC. However, if you fancy NVMe drives (R8gd) which you do normally, you won't be getting more than 50G full-duplex. If you want to hit 100G+, you will need R8gn instances which don't offer ANY storage. So if your idea of data engineering is not calling from the 90s, well, you're stuck between a rock and a hard place mate!
Good news is you can get PCIe 5.0 servers, I/O gear, and host it yourself for a mere fraction of semi-capable AWS bill.
Bad news it doesn't matter if you don't get enough uplink bandwidth, no control over the routing table in the core routing infrastructure leading up to your WAN, or actual routers capable of hardware-filtering 100 gigabits worth of line rate per link. And you will need all these things if you want to at least try and match what Cloudflare/Cloudfront is doing from routing standpoint. (It will be much harder though to match them from the CDN standpoint...) DDoS protection is overrated, but it's not for reasons people commonly think.
Here in Norway (and probably Sweden, too) BankID is a widely used authentication system, and most domestic services will use that as a auth / login. Only "drawback" is that it requires 2FA, which is quite trivial today. But there are still tons of users that want their "login with FB / Google / etc.".
And a last but: If using such auth systems, one would have to account for all the different systems unique to countries.
Maybe some larger EU-specific ID / auth system would make sense?
Its a really good sign that this worked out at all. And the takeaways are enlightening
- EU domain registrars might have some bullshit under the hood making the same TLDs more expensive. Might need to investigate
- eu needs its own mobile app ecosystem, easy auth, and genAI offerings
- - but interested to see why mistral wasnt feasible
- other things need to be scaled up to have the community and maturity to function well. This come with time and adoption
Id love if this took off. If more and more people did this
I tried buying a domain on OVH and the experience was shitty was forwarded between different versions of the page GB etc and could not finish the checkout
All of those considerations are driven by politics, not technical matters. What if in Germany next election will be won by AfD, in France by Lepenists (Jordan Bardella is going for the win in 2027 election). And next US election will be won by Democrats. What's then? Moving back to the USA?
For anyone looking for non-US transactional email, I found https://mailpace.com via HN a while back and can recommend. Can't remember who the HN user behind it is, but they've done a great job.
I've built gethly.com entirely on my own VPSs, so i was concerned only with VPS providers. People actually might not know that Europe has orders of magnitude more developed IT infrastructure than USA, or China(Asia is actually quite a joke). For every one VPS provider in North America, Europe has 10. Not only that but there are all necessary services one might need - cdn, domains, dns, storage, payments... nothing is missing. I don't see why people think they "need" american companies, except the big three of cloud providers with their gazillion useless services. But 99% of projects don't really need cloud services at all.
I’m trying to do my part with Domain Chief. Becoming a registrar is pretty gnarly especially without very deep pockets (ICANN very expensive) but some great reseller companies (also Dutch) make it possible to enter the market.
I’m not perfect yet and tiny parts use Fly/Cloudflare (Anycast / Turnstile) and Stripe for payments but the core runs on own hardware in a Dutch datacenter provided by Dutch companies.
Can confirm on Hetzner. I'm building a SaaS on it right now and had to request a VPS limit increase. I was so worried and carefully crafted my request message. I was bracing for a multi-day back-and-forth but they just... did it in like 10 minutes lol
> The pricing is almost absurdly good compared to AWS, and the performance is solid. If you've never spun up a Hetzner box, you're overpaying for cloud compute.
Does anybody know whether there are any European alternatives for Github that allow you to host private/commercial repositories without using self-hosting?
The article does not mention payments. I would be especially interested in a European Stripe alternative - this is what I find really difficult to replace.
We also switched to Europe it's now 5x cheaper and the servers are 4x more powerful.
I recommend switching to European cloud if only to not have to think twice about getting 3x redundant servers with 32gb ram. Trivial for anything you'd buy yourself but it costs 20 cars on AWS.
My European stack:
- OVH for object storage, domain names and simple Wordpress websites
- Scalingo/3DS Outscale for PaaS (looking for alternatives here!)
- Mailjet used to be EU but they've been acquired by Mailgun - don't know if that's an issue. Brevo is okay as an email service provider but they could be way better.
Enjoyable article, thanks.
I'd like to see a section on "layer 8" (or 9? whatever we are calling it). The regulatory layer. There seem to be so many uncertainties in Europe (and to a slightly lesser extent, the UK) now. I think if starting another company I'd have to give it some serious consideration.
This clown couldn't be bothered to write their own blog post about the suitability of European infrastructure and instead, ironically, outsourced it to a US-based AI giant, Claude/Anthropic.
If you dig one step beyond hetzner you should start to see that the whole thing is unavoidably global. There is no truly dominant monopoly holder anywhere. Who makes the photolithography machines? What about those weird Japanese companies that make chemicals and substrates that no one else can?
It's also difficult to find providers for competetive large-scale non-transactional emails, i.e. marketing and newsletter mails.
None comes close to AWS, closest comes are messageflow (PL), elasticemail (PL), brevo (FR). Other players like Scaleway TEM (FR) and Lettermint (NL) don't offer non-transactional.
We use bunny.net dns for Geo DNS with their dns based load balancing for my websocket infra. They have awesome community and support is top-notch. Getting a response from Cloudflare community is like taking a lottery if you are free plan.
Authentik would fit very nicely there and eliminate that one large bit that the author says he can't avoid putting on US infra. I am only saying this because he's already self hosting a bunch of things.
Now how bulletproof it is in practice will be tested in years to come, I'm sure. But it seems to be using the same model as AWS in China where a local company licenses and operates the software from AWS.
There is an ongoing lobbying push for "Made in EU" [0] which is unrelated to OPs article. The winds sure are blowing towards European sovereignty. Thanks, Trump!
I was kind of interested in the content, but I am so overloaded with AI slop by now, that reading this generated text gives me nausea.
I was looking to see why they landed on this stack, but there are no alternatives or evaluation criteria listed - given the generated article, I wonder how much of the infra was selected by an LLM.
Ehm sorry but no. Sovereignty means you own the stack not that you just choose other suppliers. Build on EU infra means owning a machine room with some servers, having fiber optic good enough for your traffic and that's is.
What the author describe is just a supplier switch still owning next to nothing.
Their direct internet connections rarely go down, but links between servers in their internal network suffer from intermittent failures. if you make your service reliable enough to be able to run on a single node, you could have built a monolith in the first place.
I've witnessed quite a few attempts in this regard, and they're truly admirable. Although Gitea's trademark and domain are controlled by China.
From a geopolitical perspective, such attempts don't hold much significance. The EU's future doesn't lie here either. It lies more in media control, profiting from balancing between the US, China, and Russia, and even continuing to extract raw materials from former colonies through low prices or unfair contracts. This may not be glorious, but it's what's been happening all along. A vast consumer market, the influence of values, comprehensive soft power, cultural control and integration of large numbers of immigrants, and so on. "Made in EU" will never succeed.
A lot of people are over romanticizing on Hetzner. The hard truth is that Hetzner is a great provider for bare metal machines and extremely competitive pricing, but it's extremely demanding to run production workloads there without a dedicated infra guy. Claude won't wake up in the middle of the night solving the things helped you provision in an acceptable timeframe. If you are serious about your product SLOs, hyperscales shine, and you can only accept the "cloud tax".
In conclusion from the `What you realistically can't avoid` section is that running entirely on non american services will never happen.
Unless some entity pours hundreds of billions (trillions?) of euros into solving this over multiple decades there will be no way to replace google ads and sign in with google/apple. The AI part seems to be the easiest thing to solve in the list, that says something.
> Let’s say every company gets about three innovation tokens. You can spend these however you want, but the supply is fixed for a long while... If you choose to write your website in NodeJS, you just spent one of your innovation tokens. If you choose to use MongoDB, you just spent one of your innovation tokens. If you choose to use service discovery tech that’s existed for a year or less, you just spent one of your innovation tokens. If you choose to write your own database, oh god, you’re in trouble.
From my POV, the author spent their innovation tokens on a political commitment. I would not recommend this path to someone starting a company. It's hard enough already.
Also, many American companies that might have been useful to the author were founded by Europeans, e.g. GitLab. There's plenty of European talent for making widely adopted infrastructure. If those companies aren't in Europe, it's worth asking why [1].
Great post, I did a similar switch mid last year.
Hetzner was something I already used, so I just doubled down. I have a single OVH instance where I ma playing with Openclaw, but that was because I was having issues with Hetzner that day on their new instance page (was fixed the next day)
I use Bunny for my CDN, I just wish they have the capabilityt to route IPv4 and IPv6 traffic to IPv6 only origins. If your origin doesn't have IPv4, it wont route IPv4 to an IPv6 origin. Something Cloudflare could do. Still a shame its not a high priority.
For Domains, I am still on porkbun, but i have like 20 domains, and moving them to EU registrars would be pricey. I will do it, just not looking forward to it. Also there are few registrars tht handle all the TLDs i have, nothing like Porkbun. I use dot.bs to optimize my registrars and keep track of them.
I self-host a lot, but I haven't done github. I have a Forgejo instance with working CI/CD, but there are some painpoints mirroring 100s of repos and updating PATs. Also I minimize how much critical infra I host. I do it as my day job. Don't want to do it so much at home, and I still do some between NAS and self-hosted services I do run.
I do plan to try out Hanko and Nebius, those sound good. and Hit up scaleway to see if there is stuff I want to use there. I know Scaleway can be pricey.
How has your experience with Bunny been? I'm quite split on it.
I used to work for a business in a pretty competitive area, where tactics like fake DMCA requests and abuse cases are routinely used to attempt to take down information, be it from Google, or from the CDN/hosting provider. While at first Bunny support seemed understanding of it, later they unceremoniously blocked the account on the basis of too many complaints having been filed, despite all of them being responded to in due time and being proven false.
OTOH, their support staff would respond lightning-fast, which was a breath of fresh air compared to other CDNs we used before.
I could see myself using Bunny for personal projects, or some non-vital business, but probably not for anything with lots of competition.
From a practical standpoint, would you consider "Google Germany GmbH" to essentially be just a reference to Google, beholden to everything that matters to Alphabet headquartered in the United States?
If so, Nebius is just a fancy name for Yandex, beholden to everything that matters to Yandex LLC headquartered in Russia. They just chose a distinctly different name, presumably to avoid the association. When we were doing a deep-dive into cloud GPU providers, legal counsel veto'd them for this reason.
Like the author, we self-host our git repos at work with Gitea, and it's working very well and brings a rather large set of features you'd expect from a GH alternative.
A great thing is that it's almost fully compatible with Github actions, so migrating an existing CI/CD should not be too painful. If you plan to move, make sure to read this first: https://docs.gitea.com/usage/actions/comparison#missing-feat...
For sure, it requires a bit of maintenance, mainly for updates, but that's all.
For CDN, you can try CDN77, they have servers all around the world. No affil, just they are based in Europe (Prague) :)
> For Domains, I am still on porkbun, but i have like 20 domains, and moving them to EU registrars would be pricey. I will do it, just not looking forward to it. Also there are few registrars tht handle all the TLDs i have, nothing like Porkbun.
For .com domains, if the rationale is data sovereignty, GDPR simplicity, avoiding dependence on a handful of American hyperscalers, then from an operational standpoint I don’t see much value in using European-based registrars. Ultimately, these domains remain under U.S. control regardless. If the focus is 'stubbornness' [one of the points in the article], then of course you have other priorities.
Personally I am all for data sovereignty etc, but very seldom for country boycotts.
For domains i find Openprovider.eu is pretty cheap imo, especially if you have a lot and buy in a package it is nearly costprice. Their DNS isn't great though, good enough for personal projects but not for business, would set that somewhere else.
Why do you need to move from Porkbun though? I don't get it.
How does dot.bs make money? The about page and FAQ don’t explain what they’re monetizing.
[flagged]
Thank you for this. I'm in Europe with an established SaaS that's been running in production for years and I've converged on a similar stack (OVHCloud instead of Hetzner). However, I've realized you can stay sovereign and independent in any jurisdiction (not just Europe) just by simplifying your stack and running a few baremetal servers in-house.
Just buy a few Mac Studios and run them in-house with power supply backup and networking redundancy and you're good to go to serve more than 10k - 100k requests/second which is good enough to serve a million customers. You don't need VMs: a single Mac Studio gets you 2–4x the power of m7i.2xlarge on AWS, and pays for itself within a few months of AWS bills. You can do local AI inference and get Claude Opus-level performance (Kimi K2.5) over a cluster of Mac Studios with Exo.Labs (an unofficial Apple partner). You get free S3-compatible object storage with zero ongoing storage costs with MinIO (yes it's redundant even if you lose a server, and your hosting provider can't hold your data hostage by charging for egress). Postgres runs like a beast and is incredibly easy to setup - you get zero latency DB because it runs on the same machine, has access to lots of RAM and you're not paying per-GB or per-core. Managed databases are a scam. You don't need an Auth provider, just do passkeys yourself. And the great thing about Apple Silicon hardware is that it is amazingly quiet, reliable, and efficient - you can do thing like run headless browsers 3x faster and cheaper than on standard server hardware because of the unified memory and GPU acceleration, so you're not paying for CI/CD compute by-the-minute or headless browsers either.
This entire stack could give you computing power equivalent to a 25k euro/month AWS bill for the cost of electricity (same electricity cost as running a few fridges 24/7) plus about 50k euros one-time to set it up (about 4 Mac Studios). And yes, it's redundant, scalable, and even faster (in terms of per-request latency) than standard AWS/GCP cloud bloat. Not only is it cheaper and you own everything, but your app will work faster because all services are local (DB, Redis cache, SSD, etc.) without any VM overhead, shared cores, or noisy neighbours.
When you say "baremetal servers in-house", are you talking about colocation in a european cloud provider like Hetzner, or are you talking about actually self hosting at home in your garage like some hobbyist do ?
If you're talking about self hosting in your garage, I wonder how you handle networking, I mean, even if you have a good optic fiber with 1 or 10gbps, if you start getting real significant traffic, wouldn't you end up getting emails from your provider asking you why you are using 10000x more bandwith than your neighbors, and eventually be cut off ?
> Managed databases are a scam.
I, too, once believed this. Then I had the displeasure of watching a $10,000 server fail during Christmas travel (about 20 years ago now). A single RAID drive failed. Then, during the rebuild, a second drive failed. Then the RAID controller itself failed catastrophically, losing all the RAID volume metadata. When we restored from backup, we discovered that the sysadmin who had just quit a few weeks before had lied to us about the backup system, and we had no backups.
This is the sort of black swan event that happens every 5-10 years. It's an unusually bad event, even by black swan standards, but stuff like this happens.
The fundamental problem of self-hosted databases is that you test the happy path every day, but you only test true disaster recovery every 5-10 years. And in practice, this means that disaster recovery will usually fail.
With a managed database service, most of what you're paying goes to making sure that disaster recovery works. And in my experience, it does. I've seen RDS database servers fail catastrophically, and completely rebuild in under 15 minutes with virtually no data loss, with almost no human intervention at all.
If you care about your customers' data, I think that a reputable managed database is the right move until roughly the point that you can pay for a full time database administrator. At that point, sure, roll your own. But do regular disaster recovery tests, lest you discover that a recently departed DBA has been lying to you.
Thanks for the post. How do you currently deal with HD failures/redundancy? That’s my main concern leaving a managed database provider.
>However, I've realized you can stay sovereign and independent in any jurisdiction (not just Europe) just by simplifying your stack and running a few baremetal servers in-house.
Only if you have physical offices and staff in every jurisdiction you're serving.
You say no VMs and are using Apple hardware. Are you running this all directly on macOS?
> Just buy a few Mac Studios and run them in-house
I fail to see the point of this when the system you've to decided to run "yourself" is entirely owned and dependent on another American company.
Great post, and interesting setup - harkens to days of old, when this was simply how things were done in the first place - but one question that I have, apropos:
>.. serve more than 10k - 100k requests/second which is good enough to serve a million customers.
What is your network connectivity like for this setup? Presumably you operate in a building capable of giving you fiber, with a fixed IP, or something like that?
How do you handle anti-DDOS, zero-trust and WAF duties to a cloudflare-esque equivalency (e.g. a reverse-proxy style setup)?
While I definitely concur with your conclusions re VMs and GCP hosting overhead, did you benchmark a container based setup in GKE or similar?
I have been self hosting since couple of years, yes I got very very interested in self hosting my apps, away from the cloud overlords, but the major issue is the network.
You'll need business internet plans with redundancy and based on locations that might be prohibitively expensive. Some startups might even require their own AS numbers.
Also the connectivity to the data centers or cloud infra like WAF , CDNs etc will be definitely worse compared to cloud instances. Then comes firewalls, their configuration and their redundancy.
These things will matter if you're serious about your SaaS.You could definitely co-locate, but that's another cost, then comes the redundancy of everything, from servers, to disks to network (routers and switches etc).
I personally believe that modern hardware is pretty reliable and doesn't need redundancy in every layer, but most people won't agree with and when startups have enough money, this doesn't matter to them.
I think the only reason the common public is unable to start SaaS is handling and managing these problems. Redundancy costs a lot. And many startups don't want to deal with it even if it'll help them in long run. They just gather enough cash and throw at the overlords.
I do hope that the general infra should improve so that can properly host their own.
Nevertheless I'm still trying to start something in SaaS space and self host from my home...
> You can do local AI inference and get Claude Opus-level performance (Kimi K2.5) over a cluster of Mac Studios with Exo.Labs
Does it do distributed inference? What kinda token speeds do you get?
Are you actually using Exo for local clustered AI inference? I’ve considered it a few times and keep finding horror stories. Never seen someone report it’s actually working well for them.
I have no idea how to setup something like this. How hard is to hire somebody competent enough to set a system like this in-house?
What does your networking redundancy setup look like?
Ah yes, MinIO, that open source S3 alternative that got archived last week. To me that's the biggest problem when self-hosting services. On day to day operations, some times it just breaks and the time to get it back varies from a couple of hours to a couple of days. And for the longer term you regularly have to upgrade things yourself which takes time and energy and is stressing for stateful deployment. And then you have it, at some point maintainers are just exhausted and the project is gone.
> Your users expect "Sign in with Google" and "Sign in with Apple." You can add email/password and passkeys, but removing social logins entirely is a conversion killer.
I know this is true, but I genuinely don't understand it. I want email/password and passkey, I will always go out of my way to avoid "Sign in with ...". I just don't get why people love this.
You really don't? It's just a ton easier for most users: it's (almost) like already having an account. Just click a couple times and you're in, no typing at all, no email confirmation or anything like that.
I also avoid it because I'm concerned about being over-reliant on google (what if they close my account?) and I know how to use a password manager, but I easily understand how 90-99% of the population doesn't care enough and goes the low-friction route.
I assume your circle is mostly tech people? Outside that bubble, it's pretty obvious. People just want easy, don't understand security in many cases, it's the simplest path.
Even absent the above. Imagine a signup flow. I can either click <Sign Up With Google> or I can go through a manual flow with input fields. The former is much faster than the latter. It surprises you people choose the path of least resistance?
People usually have either one or the other account already, because it came with their smartphone. It is friction less from their point of view.
HN is going to skew towards people with password managers & concerns about vendors locking you out. I think most people just want low friction - be that 'Sign in with', or passwordless-based authentication like 404media (you want to sign in? You've been emailed a code)
Something I didn't see in the other comments is users who are using the startup's service for work, as an employee.
Why wouldn't you choose the simplicity of "sign in with Google" if your work email is on Google Workspace, using the entire Google suite of business tools for everything (gmail, chat, meet, docs, drive, auth, etc) any everything you do at work is known to Google anyway?
Making an email/password account with your work Gmail is just extra steps, one more password to store, and perhaps the inconvenience of one more 2FA thing. Google gets the same information either way.
Similarly why wouldn't you choose the "sign in Microsoft" if your work is all in on the Microsoft suite of business tools (teams, office, onedrive, auth, etc.) and everything you do at work is known to Microsoft anyway?
> I just don't get why people love this.
For a single personal user it's only a small bit of friction but if you're in charge of 30 people SSO is a godsend for boring compliance work and managing groups of people. You want to change a domain in the company not a big deal. Don't have to rotate passwords every quarter, need to restrict an employee from a service etc. You aren't imagining other challenges other than your own here.
That is an interesting take, but it's off topic.
The post says that if you don't have the SSO, it's a conversion killer. I.e. users just won't log in if they cannot do it with an SSO.
Of course companies use SSO because it gives them more control over the employees accounts. I understand why company do it.
It's a few things (source: I've worked on some large online B2B systems and seen signup flow funnel data for some even larger B2C systems):
1. Ease/laziness as others have mentioned. Even for a service that answers a real need, many users will bail out of the signup flow and just ... leave that need unsatisfied when they see a web form.
2. Underreported: google/apple sign-in buttons make it feel like you already have an account. The fact that the "grant access" new-signup request is a second screen and that "sign up" and "sign in" (with Google/Apple/Github/Facebook/etc.) are the same buttons to enter the funnel is huge. It's not that users are confused/forgetting whether they already have accounts (though some are); rather, it's psychological momentum created by the ambiguous language.
3. Trust and consistency. Nontechnical users just trust the recognizable brand buttons more. They don't necessarily know why/know how auth works, but they know that a lot of data breaches happen and are scared. The fact that the embed button almost always looks the same/familiar is massive. I suspect that it would also be a conversion killer if the "sign in with apple/google" buttons were styled to look totally different and not contain logos.
4. A lot of semi-technical folks don't like remembering passwords (and password managers--even good device-integrated ones--aren't as reliable at autofilling as a lot of casual users would like). Others know that it's a bad idea to reuse passwords. As a result, people use the button that doesn't require them to pick a password they'd have to remember.
5. Impression of privacy. Some (especially older) nontechnical users have a significant aversion to typing in their personal info (name/address/CC number) into online forms, so they pick the option that doesn't require that.
6. Technical people who prefer SSO because it gives (on the SSO provider side) a list of every integrated account; better permissions control (for services that integrate with e.g. Google for more than just login); a marginal chance of a little less data being stored on a service's servers versus the regular make-an-account option; somewhat fewer opportunities for a service to screw up auth by building it themselves wrong. This demographic is small compared to less technical users.
That's all presented without comment. Some of those points are based on exploitative provider behavior, or user ignorance. I'm just explaining the decisionmaking factors, not defending them.
Add all those up, and you definitely get a conversion killer.
My email goes to the same company I can login with so might as well tap the button.
But if there is no Google/Apple button, will you just leave? Like not even create an account? That's what "conversion killer" means.
I may start to create an account, but after about 30 seconds of effort, I'll start asking myself if it's really a service I care about. Send me an email? If it's not there by the time I click my email tab, odds are pretty good I won't wait around unless it's a truly compelling offering. Want me to fill out a form? If it's anything more than just an email and a password field my password manager can complete for, again, I'll question whether I want you to have that info about me.
So no, I may not leave, but each tiny bit of friction increases the possibility of abandonment. From the perspective of conversion, abandonment is the same as "just leaving".
I won't but a decent % of people do ye.
In fact a decent % of people stops shopping on your site if there's a few ms lag.
At every step a few percent of revenue is lost your competitor takes in.
> In fact a decent % of people stops shopping on your site if there's a few ms lag.
While it's still true, I have read that the accepted lag today is higher than 10-15 years ago, because they have lower expectations due to a general decline in page load speed. (React pages with spinners/placeholders, newsletter popups, higher page weights etc.)
Good, honest write up! As users we need to make more efforts to move out of the American ecosystems. Cloudflare is just so convenient to take only one example.
OT, about the finished product (hank.parts): the French translation and tone is a little rude. For one, it uses "tu" instead of "vous", which does have become customary on Social networks but is still a little bit agressive on a regular website. And "bagnole" or "balance une photo" is more than casual.
Maybe the target are young people but I wouldn't bet on it. Average car ownership in Europe is 53, and 55 in France. Share of new vehicle registrations by adults aged 18-34 is below 10% in Europe.
My two cents.
I’ve found Scaleway really good, I’m surprised it doesn’t come up more often here.
If it matters, I didn’t go to them because they were specifically an EU org either - when Packet became Equinix Metal and then that got shut down, SCW were the most equivalent in terms of cost / hardware specifications and I often used them in parallel when Packet was still around so as to not have all my eggs in one basket.
Super timely - thank you! Im in the process of moving the entire stack of my SaaS* fully in EU as well. Hetzner bare-metal, Talos k8s, OVH Object Storage for backups, self-hosted (for now) image repo. For now im still on Cloudflare for CDN, but bunny looks interesting. Using GitOps (FluxCD) as deployment strategy enables no dependencies on e.g. GitHub Actions.
For one thing running on bare-metal @ Hetzner is insane value for money versus GCP GKE. Im a third of the running costs and get ~50x resources.
The only aspect im struggling with is full-disk encryption. Although customer data is still encrypred with envelope encryption in the database, i want to migrate to fully encrypted disks (LUKS + TPM) sooner rather than later. If anyone has any resources and/or experience with this, please let know :)
* Gatana AI MCP gateway: https://www.gatana.ai/
* Scaleway is totally painful/scary on data encryption at rest and in transit, does not feel like your infra/data is isolated from other customers
* OVHCloud is good if you deploy your production in HA fashion with higher tiers or do multi-region yourself using a vRack, real issue that they made the news with burning DCs, the fact that the customer base has been originally a gazillion cheap web servers does not help big companies going in, they are going somewhere on the SaaS
On most European cloud providers I feel like IAM is crap: workload identity is almost non-existent, API keys management is usually hellish. Same goes for encryption/isolation. I want to hear more technical feedback on most of them, devil is in the details !
Codeberg would make a better choice if we speak about EU source code forges. And Forgejo instead of Gitea, which is nowadays controversial project.
What do American colleagues think when they read about this trend among Europeans to abandon their platforms?
> Google Ads and Apple's Developer Program. If you want to acquire users and distribute a mobile app, you're paying the toll to Mountain View and Cupertino.
If you said Play Store, then sure, though at least distribution on there is free. But you said Google Ads, which you really do not need to acquire users. Returns on Google Ads were already low, and have only continued getting worse and worse. I'm sure someone here claims to be a magician at it and believes they can get a fantastic RoI out of it, and I'm sure some can. But the huge majority doesn't. It's very much like day trading stocks.
There's a huge number of other, better avenues for paid marketing if you want to do it.
Domain TLD is the one administratively completely entangled into USA system while playing a major role on the internet working as it does. ICANN should definitely be an international entity, like UNESCO.
All other points are "mere" technical gaps.
Truth be told if you're a European business, U.S. cloud providers weren't a good deal for a long time. Not since the advent of NVMe's and cheap 100G NIC's, well, that's for sure. Let's have a look at AWS R8 class, which is their most recent native instance type with real, modern I/O. Now, these are ostensibly powered by AWS Nitro 6th-gen networking, which is a 600G NIC. However, if you fancy NVMe drives (R8gd) which you do normally, you won't be getting more than 50G full-duplex. If you want to hit 100G+, you will need R8gn instances which don't offer ANY storage. So if your idea of data engineering is not calling from the 90s, well, you're stuck between a rock and a hard place mate!
Good news is you can get PCIe 5.0 servers, I/O gear, and host it yourself for a mere fraction of semi-capable AWS bill.
Bad news it doesn't matter if you don't get enough uplink bandwidth, no control over the routing table in the core routing infrastructure leading up to your WAN, or actual routers capable of hardware-filtering 100 gigabits worth of line rate per link. And you will need all these things if you want to at least try and match what Cloudflare/Cloudfront is doing from routing standpoint. (It will be much harder though to match them from the CDN standpoint...) DDoS protection is overrated, but it's not for reasons people commonly think.
Currently migrating from Digital Ocean to Scaleway as well, found this article informative.
To assist others:
https://european-alternatives.eu/
Here in Norway (and probably Sweden, too) BankID is a widely used authentication system, and most domestic services will use that as a auth / login. Only "drawback" is that it requires 2FA, which is quite trivial today. But there are still tons of users that want their "login with FB / Google / etc.".
And a last but: If using such auth systems, one would have to account for all the different systems unique to countries.
Maybe some larger EU-specific ID / auth system would make sense?
Its a really good sign that this worked out at all. And the takeaways are enlightening
- EU domain registrars might have some bullshit under the hood making the same TLDs more expensive. Might need to investigate - eu needs its own mobile app ecosystem, easy auth, and genAI offerings - - but interested to see why mistral wasnt feasible - other things need to be scaled up to have the community and maturity to function well. This come with time and adoption
Id love if this took off. If more and more people did this
I tried buying a domain on OVH and the experience was shitty was forwarded between different versions of the page GB etc and could not finish the checkout
Cool post, thanks. Though I would want to know how much cheaper Hetzner actually is compared to AWS?
We looked at StackIT at my company and they were twice as expensive... Which was a bit surprising to me.
I currently rent a full, dedicated AMD Ryzen 5 64GB ram server for €35 a month. Its amazing how much you can actually run on a dedicated machine
All of those considerations are driven by politics, not technical matters. What if in Germany next election will be won by AfD, in France by Lepenists (Jordan Bardella is going for the win in 2027 election). And next US election will be won by Democrats. What's then? Moving back to the USA?
For anyone looking for non-US transactional email, I found https://mailpace.com via HN a while back and can recommend. Can't remember who the HN user behind it is, but they've done a great job.
I've built gethly.com entirely on my own VPSs, so i was concerned only with VPS providers. People actually might not know that Europe has orders of magnitude more developed IT infrastructure than USA, or China(Asia is actually quite a joke). For every one VPS provider in North America, Europe has 10. Not only that but there are all necessary services one might need - cdn, domains, dns, storage, payments... nothing is missing. I don't see why people think they "need" american companies, except the big three of cloud providers with their gazillion useless services. But 99% of projects don't really need cloud services at all.
I’m trying to do my part with Domain Chief. Becoming a registrar is pretty gnarly especially without very deep pockets (ICANN very expensive) but some great reseller companies (also Dutch) make it possible to enter the market.
I’m not perfect yet and tiny parts use Fly/Cloudflare (Anycast / Turnstile) and Stripe for payments but the core runs on own hardware in a Dutch datacenter provided by Dutch companies.
Can confirm on Hetzner. I'm building a SaaS on it right now and had to request a VPS limit increase. I was so worried and carefully crafted my request message. I was bracing for a multi-day back-and-forth but they just... did it in like 10 minutes lol
> The pricing is almost absurdly good compared to AWS, and the performance is solid. If you've never spun up a Hetzner box, you're overpaying for cloud compute.
Yep!
Thanks for the writeup.
Does anybody know whether there are any European alternatives for Github that allow you to host private/commercial repositories without using self-hosting?
The article does not mention payments. I would be especially interested in a European Stripe alternative - this is what I find really difficult to replace.
Surprisingly sober take. I enjoyed the honesty. Thanks!
Would love to hear about the same but in Canada - As far as I know we don't have any Hetzner-like providers here.
We also switched to Europe it's now 5x cheaper and the servers are 4x more powerful.
I recommend switching to European cloud if only to not have to think twice about getting 3x redundant servers with 32gb ram. Trivial for anything you'd buy yourself but it costs 20 cars on AWS.
My European stack: - OVH for object storage, domain names and simple Wordpress websites - Scalingo/3DS Outscale for PaaS (looking for alternatives here!) - Mailjet used to be EU but they've been acquired by Mailgun - don't know if that's an issue. Brevo is okay as an email service provider but they could be way better.
Enjoyable article, thanks. I'd like to see a section on "layer 8" (or 9? whatever we are calling it). The regulatory layer. There seem to be so many uncertainties in Europe (and to a slightly lesser extent, the UK) now. I think if starting another company I'd have to give it some serious consideration.
This clown couldn't be bothered to write their own blog post about the suitability of European infrastructure and instead, ironically, outsourced it to a US-based AI giant, Claude/Anthropic.
I flagged his submission for being AI.
If you dig one step beyond hetzner you should start to see that the whole thing is unavoidably global. There is no truly dominant monopoly holder anywhere. Who makes the photolithography machines? What about those weird Japanese companies that make chemicals and substrates that no one else can?
It's also difficult to find providers for competetive large-scale non-transactional emails, i.e. marketing and newsletter mails.
None comes close to AWS, closest comes are messageflow (PL), elasticemail (PL), brevo (FR). Other players like Scaleway TEM (FR) and Lettermint (NL) don't offer non-transactional.
We use bunny.net dns for Geo DNS with their dns based load balancing for my websocket infra. They have awesome community and support is top-notch. Getting a response from Cloudflare community is like taking a lottery if you are free plan.
Happy to see Bugsink mentioned here as a solution for Error Tracking _and_ to not see it show up as one of the "harder parts" :-)
Just as a FYI: if self-hosting ever turns out to be too much work, it's also available Hosted.
> Your users expect "Sign in with Google" and "Sign in with Apple."
And then they cry when they lose access to everything because their Google/Apple account got blocked for some obscure violation of ToS.
Authentik would fit very nicely there and eliminate that one large bit that the author says he can't avoid putting on US infra. I am only saying this because he's already self hosting a bunch of things.
My EU stack, works well and is cheap!
Hosting and storage: Hetzner and Netcup
Domain: ClouDNS with Failover
Transactional email: Lettermint
CDN: Bunny
Seems this page is not eu compliant anyway since there is no info who owns it
Nice reading but what you built is impossible to use without registration. I'm not going to register if can't find what I'm looking for.
Inspiring! I'll likely pursue the same thing.
AWS does have a European sovereign cloud now: https://aws.amazon.com/blogs/aws/opening-the-aws-european-so...
Now how bulletproof it is in practice will be tested in years to come, I'm sure. But it seems to be using the same model as AWS in China where a local company licenses and operates the software from AWS.
For domains I am very happy with ClouDNS. Anycast DNS provider with failover functionality. It's from Bulgaria.
There are EU ad tech exists, wondering if one can leverage them?
Mobile apps, can you try those alt stores?
Why is there no European alternative to Apple app store? It's rather strange to me.
Using self-hosted Mox for transactional emails.
I wonder what author uses for payments.
There is an ongoing lobbying push for "Made in EU" [0] which is unrelated to OPs article. The winds sure are blowing towards European sovereignty. Thanks, Trump!
[0]: https://www.euronews.com/business/2026/02/19/made-in-europe-...
I just signed up up Hetzner
Their menu has:
- Console
- konsoleH
- Robot
- DNS
When I click into Console I get an additional option called "Website"
I have no idea what Robot and konsoleH are.
Is it a prerequisite if you make a cloud platform to make your offering as confusing as possible?
I was kind of interested in the content, but I am so overloaded with AI slop by now, that reading this generated text gives me nausea.
I was looking to see why they landed on this stack, but there are no alternatives or evaluation criteria listed - given the generated article, I wonder how much of the infra was selected by an LLM.
Ehm sorry but no. Sovereignty means you own the stack not that you just choose other suppliers. Build on EU infra means owning a machine room with some servers, having fiber optic good enough for your traffic and that's is.
What the author describe is just a supplier switch still owning next to nothing.
[dead]
[dead]
[dead]
[dead]
[flagged]
What exactly is your goal in doing this? What has it brought you?
Did you use a European LLM to write this article? Or was it an American one in the end? :)
EDIT: Looks like it's an American one in the end, oh well. https://news.ycombinator.com/item?id=47085756
Running microservices on Hetzner is a risky move.
Their direct internet connections rarely go down, but links between servers in their internal network suffer from intermittent failures. if you make your service reliable enough to be able to run on a single node, you could have built a monolith in the first place.
I've witnessed quite a few attempts in this regard, and they're truly admirable. Although Gitea's trademark and domain are controlled by China.
From a geopolitical perspective, such attempts don't hold much significance. The EU's future doesn't lie here either. It lies more in media control, profiting from balancing between the US, China, and Russia, and even continuing to extract raw materials from former colonies through low prices or unfair contracts. This may not be glorious, but it's what's been happening all along. A vast consumer market, the influence of values, comprehensive soft power, cultural control and integration of large numbers of immigrants, and so on. "Made in EU" will never succeed.
A lot of people are over romanticizing on Hetzner. The hard truth is that Hetzner is a great provider for bare metal machines and extremely competitive pricing, but it's extremely demanding to run production workloads there without a dedicated infra guy. Claude won't wake up in the middle of the night solving the things helped you provision in an acceptable timeframe. If you are serious about your product SLOs, hyperscales shine, and you can only accept the "cloud tax".
In conclusion from the `What you realistically can't avoid` section is that running entirely on non american services will never happen.
Unless some entity pours hundreds of billions (trillions?) of euros into solving this over multiple decades there will be no way to replace google ads and sign in with google/apple. The AI part seems to be the easiest thing to solve in the list, that says something.
Per "Choose Boring Technology" [0]:
> Let’s say every company gets about three innovation tokens. You can spend these however you want, but the supply is fixed for a long while... If you choose to write your website in NodeJS, you just spent one of your innovation tokens. If you choose to use MongoDB, you just spent one of your innovation tokens. If you choose to use service discovery tech that’s existed for a year or less, you just spent one of your innovation tokens. If you choose to write your own database, oh god, you’re in trouble.
From my POV, the author spent their innovation tokens on a political commitment. I would not recommend this path to someone starting a company. It's hard enough already.
Also, many American companies that might have been useful to the author were founded by Europeans, e.g. GitLab. There's plenty of European talent for making widely adopted infrastructure. If those companies aren't in Europe, it's worth asking why [1].
[0] https://mcfunley.com/choose-boring-technology
[1] https://worksinprogress.co/issue/why-europe-doesnt-have-a-te...