@nlnetlabs Can you ask @nextcloud to also move to codeberg ?
they seem to always say they think about it, yet they don't act on those tough
Discussion
Loading...
I like the list, really nice.
For DNS and domain registration, have you checked out DeSec 🇩🇪? I use them for quite a while and I am very happy.
Also, for Hardware security keys, ... I know Yubikeys are the most promoted ones. But check out Token2 🇨🇭. They support all the fido2 features with 300 passkeys, openpgp, totp, .... And the price is nearly half of a Yubikey.
* https://blog.tinned-software.net/framework-expansion-card-for-token2-t2f2-security-key/
* https://blog.tinned-software.net/fido2-security-key-login-for-id-austria/
@tinnedsoftware Thanks for the tips! The Yubikeys were a gift from Yubico for the #OpenSoiurce work we do.
deSec is a great suggestion. We know them well from the @dnsoarc community, as well as the IETF.
Will look into Token2! Nice.
@nlnetlabs check out a self hosted wire server if you want e2e, or discourse, which is an opensource discord clone
@Viss Thanks! I'm happy to tell you we already have Discourse sorted: https://community.nlnetlabs.nl/
@nlnetlabs theres a chat variant of it, right? i could swear discourse has a discord-chat-like end of things
@nlnetlabs yeah thats the thing! I guess i had no idea it was a plugin, i thought discourse 'was that'. oops
@nlnetlabs Top! A good next step towards true sovereignty is to have either a second alternative ready for every line (including a migration path), or doing it yourself (ideally some steps down the stack too). I moved many of my “home dependencies” into “home hosting/home cloud” (with offsite backup, of course….)
@nlnetlabs Can you ask @nextcloud to also move to codeberg ?
they seem to always say they think about it, yet they don't act on those tough
@lexinova @nextcloud To be fair, we have also ‘thought about it' for a long time. The ongoing AI enshitification has accelerated this process though.
Yet, reworking our extensive use of GitHub Actions and achieving feature parity for all the runners on our various platforms only became viable recently. See this post for context https://hachyderm.io/@alexband/115961574869660535
@nlnetlabs @nextcloud yeah of couse i never asked to move everything if not possible.
but moving out source code, issue management etc (making codeberg default) while maintaining github as "backup" + Github action + account for donation i have nothing against it.
What annoy me is the fact they maintain on github some feature that would work perfectly on codeberg.
I think we must start thinking that temporary hybrid system (github/codeberg) is a valid migration strategy
@lexinova @nextcloud
The process has begun slowly: https://codeberg.org/NLnetLabs
@terts is currently the first one on his way to fully migrate with the Roto repo. It will likely take us all of 2026 to get this sorted for all other 100+ repositories: https://github.com/orgs/NLnetLabs/repositories
Example CI: https://github.com/NLnetLabs/routinator/blob/main/.github/workflows/ci.yml
@nlnetlabs @nextcloud @terts happy to see you moving, hope other follow like nextcloud, as a major piece in many's freedom from US and Big Tech Golden Jail, see them on an US monopolistic platform is dangerous if said monopolistic corporation try to shut them down.
@nlnetlabs #TransIp has become a terrible bad actor with lots of foreign venture capital and insane prices. Don’t use their services! Mijn.host is a great and 50%+ cheaper alternative.
@nlnetlabs btw TransIP is owned by a Belgian company Team.Blue and the primary large investors are non-European: mostly UK and Canadian based. So even a seemingly EU company... isn't.
@nlnetlabs Don't do Mattermost, they are pushing enshittification into the "free" product.
@nlnetlabs What do you use for Identify Management? Or is that simply handled per service?
@graaff Given the amount of people we have and services we depend on, this is all handled per service. Personal and shared credentials are handled in 1Password. For critical credentials and software signing we have a Yubikey-based process.
"Fun” fact: our security posture is pretty strong, but we don’t have a formally documented and verified process and thus no ISO27001 certification. This is becoming increasingly problematic dealing with (potential) customers. #DigitalSovereignty #OpenSource
@nlnetlabs we use mattermost internally at OISF and really like it. But for community at least when we checked a few years ago it seemed to miss some features around community management and access controls, so we went with discord for that.
We’re definitely not completely without a hyperscaler dependency though:
Unlike our C projects Unbound, NSD, ldns that are distro packaged ❤️, our Rust projects are not yet in all distros (✅ Fedora, FreeBSD ❌ Debian)
So years back we decided to offer packages as a convenience. The repository hosting .deb and .rpm packages for our Rust software today uses AWS Cloudfront 🇺🇸 (with a standby at Hetzner).
Uptime and cost are important factors. Talk to us if you feel you can make a difference.
@nlnetlabs The alternative that is on my list for Cloudfront is https://bunny.net, except that, like many non-US service providers, they have their own hyperscaler dependencies, such as Google Apps for email.
Also, unless something has changed fairly recently, 1Password depends entirely on AWS for all of their products and services, Google Apps for email, and so forth.
Tresorit seems to be all-in on Azure and M365. Communiteq seems to be running on Cloudflare + Digital Ocean.
So if this is anything more than a PR exercise, you will probably need to do a bit more work 😄
@mejofi yep, it’s turtles all the way down.
@nlnetlabs I would suggest adding:
- Domain registrar: INWX (inwx.ch) 🇨🇭
- Infra hosting: Netcup 🇩🇪
@rootwyrm The list reflects what we use, not what we like :-)
Don't know about Zulip, but Mattermost is able to import a Slack export 1:1 - meaning that everything can be migrated pretty effortlessly.
We forgot that our blog is hosted by ghost.org (HQ in 🇸🇬 and servers in 🇳🇱) #DigitalSovereignty #OpenSource #DNS #BGP
@nlnetlabs we (small team half a dozen people) have been very satisfied with self-hosted Mattermost.
@nlnetlabs can you tell more about how Email, calendar, collaborative writing works for you now? I thought you were on Proton, but apparently you have moved.
@ronnylam We used to host email ourselves. Then we had it hosted at Soverin for a few years but have been very happy mailbox.org customers for a long time already.
@nlnetlabs good to hear, sounds like a recommendation for others to switch also. Thanks, this helps me convincing some people/companies.
@ronnylam @nlnetlabs For everything self-hosted, most workplaces (and individuals) are not ready to do this. Also, in the workplace, if you are on MS products, you need to change everything just to use a different app - and many will find that the hassle is not worth it
@thomasjorgensen Look at what @nlnetlabs is doing. They do not host anything. You just move your mail, docs, etc. to a solution that does not have a big red button with an orange man sitting behind it. Not talking about all the surveillance they are running over your data.
@ronnylam @nlnetlabs You do not have to convince me 😉 but if I send my CFO your website and ask them to change provider, not much will happen
1+ more replies (not shown)