Great post, I did a similar switch mid last year.

Hetzner was something I already used, so I just doubled down. I have a single OVH instance where I ma playing with Openclaw, but that was because I was having issues with Hetzner that day on their new instance page (was fixed the next day)

I use Bunny for my CDN, I just wish they have the capabilityt to route IPv4 and IPv6 traffic to IPv6 only origins. If your origin doesn't have IPv4, it wont route IPv4 to an IPv6 origin. Something Cloudflare could do. Still a shame its not a high priority.

For Domains, I am still on porkbun, but i have like 20 domains, and moving them to EU registrars would be pricey. I will do it, just not looking forward to it. Also there are few registrars tht handle all the TLDs i have, nothing like Porkbun. I use dot.bs to optimize my registrars and keep track of them.

I self-host a lot, but I haven't done github. I have a Forgejo instance with working CI/CD, but there are some painpoints mirroring 100s of repos and updating PATs. Also I minimize how much critical infra I host. I do it as my day job. Don't want to do it so much at home, and I still do some between NAS and self-hosted services I do run.

I do plan to try out Hanko and Nebius, those sound good. and Hit up scaleway to see if there is stuff I want to use there. I know Scaleway can be pricey.

Thank you for this. I'm in Europe with an established SaaS that's been running in production for years and I've converged on a similar stack (OVHCloud instead of Hetzner). However, I've realized you can stay sovereign and independent in any jurisdiction (not just Europe) just by simplifying your stack and running a few baremetal servers in-house.

Just buy a few Mac Studios and run them in-house with power supply backup and networking redundancy and you're good to go to serve more than 10k - 100k requests/second which is good enough to serve a million customers. You don't need VMs: a single Mac Studio gets you 2–4x the power of m7i.2xlarge on AWS, and pays for itself within a few months of AWS bills. You can do local AI inference and get Claude Opus-level performance (Kimi K2.5) over a cluster of Mac Studios with Exo.Labs (an unofficial Apple partner). You get free S3-compatible object storage with zero ongoing storage costs with MinIO (yes it's redundant even if you lose a server, and your hosting provider can't hold your data hostage by charging for egress). Postgres runs like a beast and is incredibly easy to setup - you get zero latency DB because it runs on the same machine, has access to lots of RAM and you're not paying per-GB or per-core. Managed databases are a scam. You don't need an Auth provider, just do passkeys yourself. And the great thing about Apple Silicon hardware is that it is amazingly quiet, reliable, and efficient - you can do thing like run headless browsers 3x faster and cheaper than on standard server hardware because of the unified memory and GPU acceleration, so you're not paying for CI/CD compute by-the-minute or headless browsers either.

This entire stack could give you computing power equivalent to a 25k euro/month AWS bill for the cost of electricity (same electricity cost as running a few fridges 24/7) plus about 50k euros one-time to set it up (about 4 Mac Studios). And yes, it's redundant, scalable, and even faster (in terms of per-request latency) than standard AWS/GCP cloud bloat. Not only is it cheaper and you own everything, but your app will work faster because all services are local (DB, Redis cache, SSD, etc.) without any VM overhead, shared cores, or noisy neighbours.

> Your users expect "Sign in with Google" and "Sign in with Apple." You can add email/password and passkeys, but removing social logins entirely is a conversion killer.

I know this is true, but I genuinely don't understand it. I want email/password and passkey, I will always go out of my way to avoid "Sign in with ...". I just don't get why people love this.

Good, honest write up! As users we need to make more efforts to move out of the American ecosystems. Cloudflare is just so convenient to take only one example.

OT, about the finished product (hank.parts): the French translation and tone is a little rude. For one, it uses "tu" instead of "vous", which does have become customary on Social networks but is still a little bit agressive on a regular website. And "bagnole" or "balance une photo" is more than casual.

Maybe the target are young people but I wouldn't bet on it. Average car ownership in Europe is 53, and 55 in France. Share of new vehicle registrations by adults aged 18-34 is below 10% in Europe.

My two cents.

I’ve found Scaleway really good, I’m surprised it doesn’t come up more often here.

If it matters, I didn’t go to them because they were specifically an EU org either - when Packet became Equinix Metal and then that got shut down, SCW were the most equivalent in terms of cost / hardware specifications and I often used them in parallel when Packet was still around so as to not have all my eggs in one basket.

Super timely - thank you! Im in the process of moving the entire stack of my SaaS* fully in EU as well. Hetzner bare-metal, Talos k8s, OVH Object Storage for backups, self-hosted (for now) image repo. For now im still on Cloudflare for CDN, but bunny looks interesting. Using GitOps (FluxCD) as deployment strategy enables no dependencies on e.g. GitHub Actions.

For one thing running on bare-metal @ Hetzner is insane value for money versus GCP GKE. Im a third of the running costs and get ~50x resources.

The only aspect im struggling with is full-disk encryption. Although customer data is still encrypred with envelope encryption in the database, i want to migrate to fully encrypted disks (LUKS + TPM) sooner rather than later. If anyone has any resources and/or experience with this, please let know :)

* Gatana AI MCP gateway: https://www.gatana.ai/

* Scaleway is totally painful/scary on data encryption at rest and in transit, does not feel like your infra/data is isolated from other customers

* OVHCloud is good if you deploy your production in HA fashion with higher tiers or do multi-region yourself using a vRack, real issue that they made the news with burning DCs, the fact that the customer base has been originally a gazillion cheap web servers does not help big companies going in, they are going somewhere on the SaaS

On most European cloud providers I feel like IAM is crap: workload identity is almost non-existent, API keys management is usually hellish. Same goes for encryption/isolation. I want to hear more technical feedback on most of them, devil is in the details !

Codeberg would make a better choice if we speak about EU source code forges. And Forgejo instead of Gitea, which is nowadays controversial project.