For the past days I've been participating(albeit over Teams) in a conference relevant to my industry (intel), basically startups and established companies showcasing their products to a closed audience of EU gov. officials.
One thing I noticed right away, is that all companies were asked "Can we fully host this from within EU or our country" from the various people in audience. Every single one. Many of the startups had slides prepared for this.
Definitely a change, because it is not something I can recall being important just a couple of years ago.
While I agree with him that the US is becoming more unpredictable, I don't think the EU is much better, especially with regards to digital things where they can be worse in some ways. For example, they are discussing restricting VPN access for 'child protection'[1]
I think that's a very different kind of concern, and its also been very predictable and slow.
I would also say though, you have to be a bit careful about "they are discussing" because there are many people across different countries with different agendas, and a huge amount of discussion between people. Your link for example is a pretty good bit of background info, clearly saying VPNs aren't just about accessing porn
> In the corporate world, VPNs are essential for secure remote work, allowing employees to access company
systems without compromising sensitive information. For individual users, VPNs prevent tracking by
internet service providers, advertisers and potential cybercriminals. They are also used to access
educational or entertainment content that may be restricted in certain countries, including authoritarian
regimes, supporting freedom of information and digital inclusivity, as censorship becomes more difficult to
enforce through VPN use.
It links off to sites discussing possible approaches to age verification which highlights that various approaches in France didn't meet the regulators requirements because of a lack of privacy.
I think this is a different kind of concern about how your products must work compared to worrying that with little to no notice your country may be cut off due to a diplomatic spat from some specific service.
Currently, if you want the internet-climate of the 1990s or even 2010s, you need to build yours, preferably on a different planet, with your own hardware.
We don't have any "ideal" places anymore.
And we need to defend what we support and believe.
Have you been around at that time? NSA had recording boxes at ISP routing places, every few days guy would come to swap hdds. Most com was unencrypted. Or read about echolon...
Most digital things in Europe are in fact much better. Lots of laws allow people to protect themselves from digital exploitation.
I agree that there is a ton of bullshit as well though. Gotta dox myself with imprints for example, so I cant share my work with people without also doxing myself. Also as a hobbyist you pretty much need all the business documents as well, like a privacy policy even if its just a small public app on the playstore. Also gotta make sure that data of European citizens never leaves Europe and and and... Lots of things to remember.
And before anyone asks, yes I know an imprint usually is only required for businesses, but nowadays pretty much everything could have business intent.
Of course. But then again, it was the US that threatened the EU with military invasion, so if you want your service to continue uninterrupted, it helps being prepared.
The author isn't just moving their personal setup; they're also moving their business operations. It's not some slacktivism 'I don't like the US any more' issue; it's a 'how can I maintain my income now the US is firing all its glass cannon' issue.
> they are discussing restricting VPN access for 'child protection'
Just like with encryption, there will always be an idiot politician somewhere discussing banning it. Mr Google tells me, for example, that lawmakers in Michigan (US) recently proposed " Anticorruption of Public Morals Act" which contained VPN banning clauses.
Frankly, until such time as it actually NEARS, let alone BECOMES legislation, the only thing posts such as yours are doing is spreading FUD.
The clue is in the URL you post "thinktank". It not even EU parliament, let alone been through the parliament debates, let alone passed to votes, let alone passed to being implemented by member states .... its just a random idea someone wrote down.
And quite frankly, I would still much rather be in the EU's digital environment than that of the US.
Not only that but if you actually read the linked document it isn't calling for a VPN ban. It's a general report on what VPNs are and how they're perceived by various bodies. It does make reference to the UK Child Safety Commissioner's suggestion that they should be restricted to adult use only but it also talks about how essential they are for business etc. On the whole it's quite balanced and the existence of such a report seems very reasonable.
Just a nitpick: 1Password is Canadian (still not European, but not us based, if that’s the issue). I do understand the choice to move all into proton though.
Matomo charges 22 euros for 50k hits/month.[0] Basically, it's unusable for anything other than a hobby site - especially with the number of crawlers nowadays.
If you self host for free, you're missing basically all of the good parts of web analytics such as funnel analysis as they lock all of those features being paid subs.
I actually decided to self host analytics and generated a simple drop in google analytics replacement. People overthink these things. It's a very straightforward analytics API. And if you ingest the data in a good database or metrics engine (I used Elasticsearch), you can query it quite easily.
In my case, my motivation was that I want to use LLMs to query the data with agents. This whole thing was surprisingly easy to setup and a positive thing is that you don't have a scary extra data controller doing shady things with the data.
That lettermint service looks interesting! I was recently looking for something in that price range that covers both transactional and broadcast emails but couldn't find anything in Europe so I settled on Postmark which has been good, this looks almost identical in features and pricing though.
Same here. I just discovered this and put it in my "check out tonight" folder. I am currently happy using resend. But this looks interesting, especially also for my freelance clients with a focus on EU tech.
Matomo is nice on low traffic, but when we have a sustained rate of 5-25 logins per second and above things become real slow. Using regexps is really bad when you start having problems, but they are fine on low traffic sites.
So If like it but it is a headache on high traffic sites. If anyone have an easy solution I would gladly accept it.
Managed a fairly large matomo site in the past. Using queue plugin (https://plugins.matomo.org/QueuedTracking) with Redis Cluster really improves the situation. We actually built a custom plugin with Nginx + Lua to avoid PHP altogether for the tracking part. Scaling ingestion then wasn't the problem, draining the queue was
I have worked with two clients. Both north of 8 million visits a month. Both on matomo. Both self hosted.
If you architect the underlying infra right it still works like a charm. But I admit people need to know what they are doing. I was quite impressed with both infra teams.
But as always, if you do not want tu use auto scaling US cloud based services, you need to enasure you have the right scaling and the necessary technical expertise at hand.
They had a datacenter burn down (in large part because it was fully built using wood) and lost all customer data and did not take any action for 6 months after the incident.
It's fine to have an unstable backup system, as long as any failures in your backups are uncorrelated with failures in your primary system. And a random datacentre burning down probably isn't correlated with anything else, unless you're foolish enough to host your primary and backup copies in the same building.
All else equal, a more stable backup is of course better, but any backup is better than no backups, so choosing the cheapest possible option is often the best strategy since that's the one that you're the most likely to keep using long-term.
While the incident did happen, a lot of actions were taken and most of the data was recovered.
OVH now also keeps backups even for clients that don't pay for it.
I was hit by that datacenter catastrophe and got my data back almost immediately, in a new VM.
I've been using them for years with little issue (no more than happened on my AWS or Azure accounts, I would say less because it's less of a mess in general).
I've been dabbling with OVH and it feels very pricey and fragile. Has a very lipstick on a pig approach to whatever they used to be doing before piling into cloud.
Unless you're implying that Verisign isn't a US company, just because .com has become the conventional domain for businesses worldwide doesn't change the fact that it's US-based. Similarly, the EU's widespread adoption of Microsoft Office doesn't make it any less American.
It's a bit like .gov and .edu; technically exclusive to the US. The difference is that .com and .org were opened up for anyone to purchase.
And it goes deeper than just intent: .com was literally administered under a US government contract for decades, with Verisign only ending up in control because they acquired the company that held that government contract.
So while anyone can buy a .com today, the infrastructure and oversight have always been firmly American.
Why are there exceptions for Anthropic, GitHub and GitLab?
> Anthropic is a US company...But it satisfies something else, the sense that the organization building the thing has given serious thought to what it’s building and why.
This reads like a weak excuse. Mistral and Mistral Vibe exists and even if you don't like them, there are many non-US harnesses (Qwen code) that are available.
> GitHub stays in the picture for one specific purpose: public-facing NPM packages and issue tracking for open source software.
First of all Codeberg exists.
Secondly, at this stage relying on NPM and the Java/Typescript ecosystem is quite frankly waiting for a disaster to happen.
This post isn't absolute on moving their digital stack to Europe as it has not one but three exceptions too many.
> The OVHcloud control panel is a labyrinth: the lifecycle rule configuration is buried somewhere in the documentation, and it involves some work in the terminal.
Use OpenTofu/Terraform! Much better than messing with cloud consoles, and then your infrastructure self-documents.
I’d also put out one note to any people outside the EU looking to switch to Mistral or really any service: just because they’re a European company doesn’t mean they’ll follow the GDPR if you don’t live there. Mistral is an example: in their privacy policy, they state that they follow whatever privacy laws exist in your country.
> Digital sovereignty sounds like a buzzword until you think
Sure now just think and give me the reason. All these moving to Europe post is getting tiring. Amazon follows the same EU rules, if not more, than Scaleway.
Matt Lakeman writes in one of his blogs that wherever he goes, people tend to love the USA. Except in Europe where he faces a constant storm of criticism. And that was before February. Just like you cannot explain the taste of chocolate to someone, it is hardly possible to explain the mental shift that happened everywhere when the US threatened the EU with military invasion. Like a broken egg this is diplomatic damage that cannot be repaired.
If you sell software and you tell your customers and prospects that everything runs in Europe, by European companies, this instills an enormous amount of trust. Risk averse sectors like manufacturing love this, and it will help you gain customers immediately.
So no, these posts are not tiring to many of us. In fact, we are only at the beginning of the beginning because many of us will be making these migrations. I wish things had run a different course.
For the past days I've been participating(albeit over Teams) in a conference relevant to my industry (intel), basically startups and established companies showcasing their products to a closed audience of EU gov. officials.
One thing I noticed right away, is that all companies were asked "Can we fully host this from within EU or our country" from the various people in audience. Every single one. Many of the startups had slides prepared for this.
Definitely a change, because it is not something I can recall being important just a couple of years ago.
While I agree with him that the US is becoming more unpredictable, I don't think the EU is much better, especially with regards to digital things where they can be worse in some ways. For example, they are discussing restricting VPN access for 'child protection'[1]
[1] https://www.europarl.europa.eu/thinktank/en/document/EPRS_AT...
I think that's a very different kind of concern, and its also been very predictable and slow.
I would also say though, you have to be a bit careful about "they are discussing" because there are many people across different countries with different agendas, and a huge amount of discussion between people. Your link for example is a pretty good bit of background info, clearly saying VPNs aren't just about accessing porn
> In the corporate world, VPNs are essential for secure remote work, allowing employees to access company systems without compromising sensitive information. For individual users, VPNs prevent tracking by internet service providers, advertisers and potential cybercriminals. They are also used to access educational or entertainment content that may be restricted in certain countries, including authoritarian regimes, supporting freedom of information and digital inclusivity, as censorship becomes more difficult to enforce through VPN use.
It links off to sites discussing possible approaches to age verification which highlights that various approaches in France didn't meet the regulators requirements because of a lack of privacy.
I think this is a different kind of concern about how your products must work compared to worrying that with little to no notice your country may be cut off due to a diplomatic spat from some specific service.
Currently, if you want the internet-climate of the 1990s or even 2010s, you need to build yours, preferably on a different planet, with your own hardware.
We don't have any "ideal" places anymore.
And we need to defend what we support and believe.
Have you been around at that time? NSA had recording boxes at ISP routing places, every few days guy would come to swap hdds. Most com was unencrypted. Or read about echolon...
Most digital things in Europe are in fact much better. Lots of laws allow people to protect themselves from digital exploitation.
I agree that there is a ton of bullshit as well though. Gotta dox myself with imprints for example, so I cant share my work with people without also doxing myself. Also as a hobbyist you pretty much need all the business documents as well, like a privacy policy even if its just a small public app on the playstore. Also gotta make sure that data of European citizens never leaves Europe and and and... Lots of things to remember.
And before anyone asks, yes I know an imprint usually is only required for businesses, but nowadays pretty much everything could have business intent.
Of course. But then again, it was the US that threatened the EU with military invasion, so if you want your service to continue uninterrupted, it helps being prepared.
The author isn't just moving their personal setup; they're also moving their business operations. It's not some slacktivism 'I don't like the US any more' issue; it's a 'how can I maintain my income now the US is firing all its glass cannon' issue.
> they are discussing restricting VPN access for 'child protection'
Just like with encryption, there will always be an idiot politician somewhere discussing banning it. Mr Google tells me, for example, that lawmakers in Michigan (US) recently proposed " Anticorruption of Public Morals Act" which contained VPN banning clauses.
Frankly, until such time as it actually NEARS, let alone BECOMES legislation, the only thing posts such as yours are doing is spreading FUD.
The clue is in the URL you post "thinktank". It not even EU parliament, let alone been through the parliament debates, let alone passed to votes, let alone passed to being implemented by member states .... its just a random idea someone wrote down.
And quite frankly, I would still much rather be in the EU's digital environment than that of the US.
Not only that but if you actually read the linked document it isn't calling for a VPN ban. It's a general report on what VPNs are and how they're perceived by various bodies. It does make reference to the UK Child Safety Commissioner's suggestion that they should be restricted to adult use only but it also talks about how essential they are for business etc. On the whole it's quite balanced and the existence of such a report seems very reasonable.
Just a nitpick: 1Password is Canadian (still not European, but not us based, if that’s the issue). I do understand the choice to move all into proton though.
Off topic: that’s a beautiful website
Google Analytics --> Matomo
Matomo charges 22 euros for 50k hits/month.[0] Basically, it's unusable for anything other than a hobby site - especially with the number of crawlers nowadays.
If you self host for free, you're missing basically all of the good parts of web analytics such as funnel analysis as they lock all of those features being paid subs.
[0]https://matomo.org/pricing/
I actually decided to self host analytics and generated a simple drop in google analytics replacement. People overthink these things. It's a very straightforward analytics API. And if you ingest the data in a good database or metrics engine (I used Elasticsearch), you can query it quite easily.
In my case, my motivation was that I want to use LLMs to query the data with agents. This whole thing was surprisingly easy to setup and a positive thing is that you don't have a scary extra data controller doing shady things with the data.
Umami isn't half bad self hosted. Been using it with Docker Compose for a few years now on a LEB and it's working great.
All the good parts of web analytics doesn't amount to much anyway. Especially if you desire to have a usable site, which includes no cookie popups.
i.e. you can't give stuff away for free if you aren't one of the 3 largest companies on the planet
Would you pay $20/month for Hacker News access?
I think it's fair that GA is free and Google gets some benefits from using the data for their ad network.
"some benefits" is really underselling it though.
That lettermint service looks interesting! I was recently looking for something in that price range that covers both transactional and broadcast emails but couldn't find anything in Europe so I settled on Postmark which has been good, this looks almost identical in features and pricing though.
Same here. I just discovered this and put it in my "check out tonight" folder. I am currently happy using resend. But this looks interesting, especially also for my freelance clients with a focus on EU tech.
Matomo is nice on low traffic, but when we have a sustained rate of 5-25 logins per second and above things become real slow. Using regexps is really bad when you start having problems, but they are fine on low traffic sites.
So If like it but it is a headache on high traffic sites. If anyone have an easy solution I would gladly accept it.
Managed a fairly large matomo site in the past. Using queue plugin (https://plugins.matomo.org/QueuedTracking) with Redis Cluster really improves the situation. We actually built a custom plugin with Nginx + Lua to avoid PHP altogether for the tracking part. Scaling ingestion then wasn't the problem, draining the queue was
I have worked with two clients. Both north of 8 million visits a month. Both on matomo. Both self hosted.
If you architect the underlying infra right it still works like a charm. But I admit people need to know what they are doing. I was quite impressed with both infra teams.
But as always, if you do not want tu use auto scaling US cloud based services, you need to enasure you have the right scaling and the necessary technical expertise at hand.
Great post! Today we just launched an European alternative to Claude Code - Berget Code- https://berget.ai/code
And how should one mispronounce "Berget"? :)
Using OVH for backups is a crazy choice.
They had a datacenter burn down (in large part because it was fully built using wood) and lost all customer data and did not take any action for 6 months after the incident.
They're just not a serious company.
It's fine to have an unstable backup system, as long as any failures in your backups are uncorrelated with failures in your primary system. And a random datacentre burning down probably isn't correlated with anything else, unless you're foolish enough to host your primary and backup copies in the same building.
All else equal, a more stable backup is of course better, but any backup is better than no backups, so choosing the cheapest possible option is often the best strategy since that's the one that you're the most likely to keep using long-term.
This is borderline adversarial propaganda.
While the incident did happen, a lot of actions were taken and most of the data was recovered. OVH now also keeps backups even for clients that don't pay for it.
I was hit by that datacenter catastrophe and got my data back almost immediately, in a new VM.
I've been using them for years with little issue (no more than happened on my AWS or Azure accounts, I would say less because it's less of a mess in general).
Stop spreading false rumors.
It's important to distinguish between a backup strategy and a backup location. A real backup strategy would involve multiple locations (3-2-1 etc)
Any source for this? Would love to read up on this.
this was 5 years ago. There were many threads on it on HN that may be of interest to you
https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que...
Thanks a ton. Greatly appreciated. I am currently evaluation options. So this is relevant to me.
https://www.datacenterdynamics.com/en/opinions/ovhclouds-dat...
Wooden floors contributed to the fire, they were fire resistant but that only lasts so long. Fire-doors are often the same type of wood.
Thanks a ton. Much appreciated. I am looking for German/EU options so this is highly relevant.
I've been dabbling with OVH and it feels very pricey and fragile. Has a very lipstick on a pig approach to whatever they used to be doing before piling into cloud.
not the domain name :)
A .com domain is not exclusive to the United States
Unfortunately, it is.
Unless you're implying that Verisign isn't a US company, just because .com has become the conventional domain for businesses worldwide doesn't change the fact that it's US-based. Similarly, the EU's widespread adoption of Microsoft Office doesn't make it any less American.
EDIT: That was unpopular. Why?
It is not
Source: own multiple, via EU registrar
(Edit: Parent was edited after reply - parent statement is now correct)
Registering a .com through a EU-based registrar doesn't change anything.
Verisign, the organisation that actually controls the .com top-level domain, is a US company and operates under US jurisdiction.
Where you purchase the domain from is irrelevant.
That… is true - thanks for editing your comment to clarify
The initial thread read like “.com domains are exclusive to US” which they of course aren’t
It's a bit like .gov and .edu; technically exclusive to the US. The difference is that .com and .org were opened up for anyone to purchase.
And it goes deeper than just intent: .com was literally administered under a US government contract for decades, with Verisign only ending up in control because they acquired the company that held that government contract.
So while anyone can buy a .com today, the infrastructure and oversight have always been firmly American.
you do not really own a domain
From Rome to Babylon.
Small print: With exceptions
Why are there exceptions for Anthropic, GitHub and GitLab?
> Anthropic is a US company...But it satisfies something else, the sense that the organization building the thing has given serious thought to what it’s building and why.
This reads like a weak excuse. Mistral and Mistral Vibe exists and even if you don't like them, there are many non-US harnesses (Qwen code) that are available.
> GitHub stays in the picture for one specific purpose: public-facing NPM packages and issue tracking for open source software.
First of all Codeberg exists.
Secondly, at this stage relying on NPM and the Java/Typescript ecosystem is quite frankly waiting for a disaster to happen.
This post isn't absolute on moving their digital stack to Europe as it has not one but three exceptions too many.
> The OVHcloud control panel is a labyrinth: the lifecycle rule configuration is buried somewhere in the documentation, and it involves some work in the terminal.
Use OpenTofu/Terraform! Much better than messing with cloud consoles, and then your infrastructure self-documents.
I’d also put out one note to any people outside the EU looking to switch to Mistral or really any service: just because they’re a European company doesn’t mean they’ll follow the GDPR if you don’t live there. Mistral is an example: in their privacy policy, they state that they follow whatever privacy laws exist in your country.
> Digital sovereignty sounds like a buzzword until you think
Sure now just think and give me the reason. All these moving to Europe post is getting tiring. Amazon follows the same EU rules, if not more, than Scaleway.
Matt Lakeman writes in one of his blogs that wherever he goes, people tend to love the USA. Except in Europe where he faces a constant storm of criticism. And that was before February. Just like you cannot explain the taste of chocolate to someone, it is hardly possible to explain the mental shift that happened everywhere when the US threatened the EU with military invasion. Like a broken egg this is diplomatic damage that cannot be repaired.
If you sell software and you tell your customers and prospects that everything runs in Europe, by European companies, this instills an enormous amount of trust. Risk averse sectors like manufacturing love this, and it will help you gain customers immediately.
So no, these posts are not tiring to many of us. In fact, we are only at the beginning of the beginning because many of us will be making these migrations. I wish things had run a different course.
Second paragraph: https://en.wikipedia.org/wiki/CLOUD_Act
> if not more
more mean the US rules that hoover up all the data for the government