Moving away from US cloud services

> Git repos (it's too difficult)

Sourcehut

> Startpage uses Google's index.

If they have enough users/make enough money, they'll make their own. Ecosia and Qwant (both european search engines) are working together to make their own index.

In any case, even if a european is a proxy for an american service, you need to prove that there is a market for an european equivalent for change to happen.

I agree that some of the hard parts were glanced over. Besides that, everyone seems to talk about the cloud and nobody about the other big, if not bigger, dependency. Our use of Windows and macOS (and Google Android and iOS if you will) on the vast majority of client devices.

If

Time and time again, data-sharing agreements between the EU and the US get busted, showing there's just no legal compatibility between EU privacy rights and US spying laws. [...] With the current political situation in the US, it's also starting to become clear that our entire digital infrastructure is at the mercy of US policies. It is no longer safe to rely on US clouds for our governments and societies, as the US government can shut it down at will.

are your worries, rolling out government-required backdoors, lockouts, etc. in operating systems is going to be a huge issue. To shut down a large portion of Europe's infrastructure, the US government only has to order three companies to do so.

he mentioned also Quad9 - Cloudflare DNS replacement. I didn't know about and will probably switch to it. My other picks:

SEARCH: qwant (france)

LLM: mistral (france), librechat.ai, openwebui

VPN: mullvad (sweden), protonVPN (swiss)

AUTH: OpenID (sadly seems like not many sevices implement it)

CLOUD: Hetzner (germany), OVHCloud (france)

MAPS: here wego, openstreetmap

EMAIL: protonMail (swiss), fastmail (australia)

DNS: mullvad (sweden), quand9 (swiss), nextDNS

TRANSLATE: DeepL (germany)

BROWSER: zen-browser, vivaldi (norway)

SOCIAL: nostr, mastadon (germany)

IM: elements (uk), matrix (uk)

EDIT: correction that fastmail is australian

> It feels like there's a real opportunity here for European companies to step up and make a big play, but will they?

I think that this will depend a lot on expectations about politics in the USA in the medium/long term. Making this kind of investments makes sense if you expect the aggressive hostility that the current administration brought against Europe (and all other US traditional allies) to continue for a long time, and not just a couple years.

That is only the case if you think of migrating as an all-or-nothing. The services that he did manage to migrate went quite smoothly. If he would get stuck with one or two services, was it still worth it to migrate the ones he did manage? If you think it has all been in vain, then yes - its a different takeaway. But obviously Martijn does things step by step and I imagine he is happy even with the progress he made.

In other words, the question is 'is it easy to migrate to a service for which decent alternatives exist', rather than 'do decent alternatives exist for every service you depend on?'

You takeaway depends on what question you are most concerned with.

Qwant is an EU search engine, NPM allows you to specify a git repo and that git repo can be hosted on a gitlab instance or an EU provider. It’s not impossible to switch these providers, you just give up on major conveniences.

I expected it to be much harder to move away from these services I heavily relied on like Microsoft 365. Before I started migrating it figured I was so entangled in their web, that switching to an alternative would be a tremendous task. After actually migrating these services, I managed to migrate 90% within a few hours per service. This is nowhere near the amount of effort I expected it needed. Because of that, I'm also optimistic about migrating Git and NPM. While I don't think NPM will be any different, I suppose my optimism about Git might be misguided because of the amount of customization that goes into setting up CI/CD. Still, since only one out of all of the services might be hard - one that doesn't handle any PII - I stand by saying the overall effort was easier than expected.

> It feels like there's a real opportunity here for European companies to step up and make a big play, but will they?

Big plays are possible only with big capital, and that isn't what happens in the EU tech market.

Lack of serious VCs is a problem on one hand, but to blame is also the EU Horizon program which will favor large established companies (which innovate very little), and the fact that the funding direction changes with hype cycles (in 2020 that was digital transformation, in 2024 it was AI and similar).

What's a good alternative to Proton? Still haven't migrated my business away from Google Workspace, and I was thinking Proton would be a good alternative, but apparently not if they don't even support IMAP/SMTP.

I am migrating away from Proton. In theory they check all marks, in practice they fail in delivering baseline functionality in all categories.

1. The Web interface email is so-so, but the proxy email bridge is really heavy and takes a huge amount of disk space. It also makes my computer start flying from time to time. The iOS email client(very important as they dont support standard protocols) is just useless. The text is rendered like an image which I need to pinch to zoom in and slide across the text. There is no way for the font size to be increased to a legible amount. The images in attachment are not in a carroussel so I need to open1/close1/open2/close2/open3/close3 if there are 3 attached images. In an email client this is absolutely basic.

2. ProtonDrive: It took a long while before rclone was supported and for their web client to be working, "ok". Anyway it is basically unusable as a backup cloud service because it takes forever to encrypt in the browser. I just gave up and have no idea what is the state of sync of my files there. I just moved to backblaze and am waiting for my Proton subscription to expire.

3. ProtonVPN: Good on paper, totally untrusted and blocked by the internet. I can't navigate without filling 10 captchas or just be outright blocked.

4. ProtonCalendar is proprietary and not compatible with generic tools in iOS or linux or Android.

I gave up trying their other services as I just expect them to be as incomplete.

I mean: Email is the thing that needs to work right and every time I need to see some email together with my wife I feel like this goofy person that complicates what for everyone else is one of the most basic tasks in using a computer.

If I could I would just cancel and ask my money back, unfortunately they do not do that.

How would you support E2E without the proxy? Not that the majority of people’s emails are truly E2E anyway on Proton, but still.

Also the CEO is praising the current Republican administration https://x.com/andyyen/status/1864436449942110660

Yes I'm not a fan of Proton either. Especially because they hammer so much on their "Encryption" thing while 95% of the mails you get will come unencrypted from one of the big tech parties, Google, Microsoft, Amazon. So what is the point, really? And because of this indeed it is very hard to connect to it.

Email is just dead as a tech. It's no surprise nobody uses it for sensitive content anymore but instead just uses it as a notification service ("Please log in to our portal to read your message").

I don't personally like bitwarden either because it uses a master password, I prefer "pass" which encrypts each password with your GPG key (which can be stored on a yubikey for hardware security). But yeah self hosted bitwarden is a good option too and very popular.

Yeah, I was a Protonmail evangelist but their mobile app sucks and their client software has nonconsensual surveillance embedded in it that you have to remember to turn off.

Why is IMAP/SMTP so important?

What exactly are people missing out on by Proton not having this support?

Can you please write more details about "I block many AI crawlers from accessing code and photos"? The bots are trying to access your nextcloud instance? I'm also self hosting a few services, including nextcloud.

I self host a mail server too. Static IPs are not available for a residential connection where I live which makes PTR and SPF records hard. What I've been doing is using Oracle's "always free" VM to host VyOS as an ingress/egress router. It's been pretty easy to set up the mail server itself using iRedMail.

I've had some problems with spamhaus and outlook because that whole IP range is not trustworthy but otherwise it's just worked (Spamhaus was nice enough to put me on a whiltelist).

I know hosting at Oracle is not moving away from US cloud services but I set this up two years ago and this could be achieved using any cheap or free VPS.

The cloud, speaking for small-to-medium companies, is two things; a directory server with file storage, email, and an attached suite of productivity tools (e.g. Microsoft 365 or Google Workspace), and virtual, distributed infrastructure (e.g. AWS, Google Cloud, or Azure).

You can build the offerings commonly sold as "cloud" yourself, but it requires a ludicrously unreasonable amount of engineering work to reinvent the wheel and end up with a shitty solution that gets your users frustrated, guaranteed.

We need a European contender (or multiple!) that can actually compete in one or both of these disciplines. There is going to be a huge market for this very soon.

I find it really annoying when tradional hosters (indeed in NL and DE for instance) move to the grifting 'pay per use'; the same VPS that I could beat over the head for millions req/month for 5 euros, now costs, for the same usage, 50+ euros because suddenly i'm paying for the cpu, memory, disk, network etc that I use. It costs them $0 extra, so that's all profit. I had it a few time now ; you can recognise it either indeed if they get taken over by some large investment firm and/or when they start offering more and more 'cloud services' next to their VPSs; once they have the infrastructure up and running, they start screwing over people. Mind you, if the service was better, then maybe, but it's not; it's just vastly more expensive.

Yep, I just finished moving most of my stuff to a bunch of small (but stupidly powerful) machines in my and my parents house. They sync and work very well. It's a nice feeling, finally everything is hosted and backed up and in my own hands. Of coourse, this is not for business, although I would have no issues hosting small busness on here; it's more robust than most single vps solutions.

It is important to not lock yourself into any cloud provider. For example using services like Firebase, which are very good, means you cannot *easily* move to self host once your business idea turns out to be a success.

For hobby projects this has always been an option, but a business will prefer the reliability and value add offered by cloud services.

> public IPs affordable

Not until we start considering all non-IPv6-supporting ISPs to be a no-go.

Why move away though? The cloud subsidizes for "free" a lot of powerful services that the average user can only dream of self-hosting.

And the price is what? Your browsing history? Personalized Ad's? Provided you don't AdBlock that is!

I like the symbiotic relationship. I do believe in safeguarding yourself from getting locked out of your life due to your Google acc getting banned but outside of that I see no harm in getting free service in exchange for data. It's a fair deal.

Yeah the pricing for memory in most cloud instances is so atrocious that you pay enough to buy a whole DDR5 stick in a few months already. Or an entire ARM SBC that will outperform that stingy offer in every way.

Cloud also has networked SSDs so they can keep the machines and partitions separate, which really limits their speed and throughput and increases latency. Nothing beats a PCIe attached NVMe.

Perfect is the enemy of good. The EU has it's flaws, but if you can't see the difference between the US privacy climate and the EU privacy climate then you need a reality check.

You might be interested in Peergos (lead here). It is E2EE, built on a P2P protocol (libp2p) and thus self hostable. We don't have onion routing yet though.

https://peergos.org

For me it's not even about privacy, it's pretty clear that no matter where I host things, if I don't have control of the hardware and the TLS termination then there's no privacy I can guarantee.

However there's still a case to be made for some form of digital sovereignty.

It's no longer considered a complete paranoid delusion that the US could snap its fingers and put tariffs/sanctions on digital goods served from US companies or consider the EU to be proscribed and cut access entirely.

I used to allow myself to think of the consequences of such a situation, after all the US very famously stated that they have no such thing as allies, only temporary allegiances, and as a brit: that is a sobering thought, because we cosy up to them a lot - even going so far as to join them in an illegal war.

However, if you consider the economic harm that would be caused by microsoft just cutting access to Office365, disabling the licenses used or even cutting access to EntraID and managed sharepoints and/or Teams. Most of the EU would not lose billions in lost productivity, they would lose trillions.

What a crazy economic risk, and that's just one product. Nearly all digital services in the EU depend nearly entirely on Azure/AWS & GCP.

Even the ones that don't depend on hosting, still depend on Google Workspace or Office365; both of which depend heavily upon online services which may not always be online during heavy tensions.

I know this is difficult to reason about, but we really have our heads in the alligators mouth when it comes to our digital capability- it will be hard to remove it, and many people are enjoying the echo and will actively fight against attempts for change.

I recently had to use MS365 for a short time and I hated every moment.

I agree!

I switched because of their calendar integration. I needed an email tool that would send 'accept' replies to calendar invites send from outlook and google, and I landed on proton.

To any self-hosters if you have a working setup for that (email+calendar), please let me know! I couldn't find anything decent.

Teams is a horrible, ghastly product that is absolutely impossible to avoid with clients :-( I'd prefer to stay on the free plan because it feels so soul-destroying to reward such behavior, but then you can't start calls unless invited to a meeting by someone on a paid plan (or something, it's disabled with no message).

Would you recommend moving from Google Workspace to Proton? Including emails and so on.

Hetzner is great value, but their networking has a few issues:

1) Networking is mostly limited to 1Gbps. Even private networking. You can request a 10Gbps NIC, but it has to be housed in the correct data center and adds a $48 monthly fee.

2) Private networking is IPv4 only so dual-stack private networking isn't possible. Also each public IPv6 address is /64. Would be nice to get a /56 to setup dual-stack IPv6.

3) Can't specify a subnet to assign a server to when using hcloud API/Terraform. You have to specify the required IP on the subnet explicitly.

4) As I understand it, the private network traffic isn't truly secure between tenants, so needs to be encrypted between nodes anyway.

Still, I'm betting they'll fix these issues as their offering grows.

Problem with Hetzner is they don't have the self hosted DCs in pacific region yet. They have Singapore for their PaaS solution, but if you want those cheap second hand servers then have to be in EU

How about Scaleway?

koyeb.com is an EU (France) alternative to fly.io

OVH and Hetzner are excellent companies. I doubt there would be any problem with them in the future.

I think this is less of an issue than people actually think - if it gets to the point where this becomes a real problem, individual EU countries can force the datacenter owners like Google/MS to change ownership structure for these datacenters to EU-based subsidiaries or completely new companies if they want to continue to operate.

Codeberg looks really nice, almost a copy of github, and is hosted in Germany while you can also self-host.

You're right IAM is the major missing piece that is often forgotten.

The closest I've seen is (ironically) this opensouce project from AWS https://www.cedarpolicy.com/

For hetzner object storage probably generate keys for VM's and store them in Vault or similar tool to manage credentials, which you'll likely want anyway.