Alternative UE-uniquement à Supabase.
Supabase is the open-source Firebase alternative: hosted Postgres + Auth + Storage + Edge Functions + Realtime with a polished developer experience. Supabase Inc. is a Delaware US corporation; the EU regions (Frankfurt, Ireland, London, Paris) run on AWS infrastructure under both Supabase and AWS US-jurisdictional control. The good news: Supabase is open-source. You can self-host the entire stack on EU infrastructure with full feature parity — that is the sovereign alternative we deploy for clients.
Une "région UE" n'est pas la souveraineté. Quatre questions tranchent.
La résidence des données indique où sont les bits. La souveraineté indique quel système juridique peut contraindre à l'accès. La réponse doit tenir sur les quatre points — sinon la stack n'est pas souveraine.
Où les données sont-elles physiquement stockées ?
Pas "dans le cloud" — quel datacenter, dans quel pays, sous quelle juridiction.
Qui d'autre est dans votre chemin de données ?
Chaque fournisseur qui touche les données : le CDN, le relais e-mail, le tracker d'erreurs, le pipeline analytics.
Quelles lois peuvent contraindre à la divulgation ?
Un fournisseur dont le siège est aux États-Unis relève du FISA 702 et du CLOUD Act — même lorsque les données se trouvent à Francfort.
Qui détient réellement les clés de chiffrement ?
Si le fournisseur cloud détient à la fois les données et les clés, il peut les lire — quel que soit le DPA.
Échoue sur la juridiction et la garde des clés.
Bits en UE, maison mère américaine, sous-traitants américains dans le chemin par défaut, clés gérées par le fournisseur.
Réussit sur les quatre.
Hébergé en UE sur une infrastructure au siège européen. Zéro sous-traitant américain dans le chemin par défaut. Clés détenues par le client ou par un KMS européen. Nommés dans votre DPA Article 28.
Pourquoi les équipes partent Supabase
Supabase exits we have run come from one consistent trigger: a B2B SaaS that picked Supabase for its DX, grew to enterprise customers, and discovered that "Supabase Frankfurt on AWS Ireland" is two layers of US-jurisdictional processors that fail Schrems II analysis. The Supabase team itself has publicly discussed the data sovereignty constraints on their blog. Self-hosting Supabase on EU infrastructure preserves the full DX (the same supabase-js client works) while moving to full EU jurisdiction.
Supabase services et leurs équivalents UE-uniquement
Une migration n'est pas "échanger une boîte contre une autre". La cartographie ci-dessous est ce que nous exécutons pour les clients qui quittent Supabase pour des raisons Schrems II — pleine juridiction UE, pas de maison mère US dans le chemin des données.
| Supabase service | Alternative UE-uniquement | Note d'ingénierie |
|---|---|---|
| Postgres (managed) | Self-hosted Supabase on Hetzner, OVH Managed PostgreSQL with Supabase services on top, Aiven | Self-hosted Supabase deploys via Docker Compose; the managed-by-Binadit version on Hetzner is the cleanest sovereign equivalent. |
| Auth (GoTrue) | Self-hosted GoTrue (it's open-source), Keycloak, Authentik (DE) | GoTrue is part of the open Supabase stack; self-hosting preserves the JWT-based auth with social logins, magic links, MFA. |
| Storage (S3-compatible) | Self-hosted Supabase Storage with MinIO backend, OVH Object Storage as direct alternative | Supabase Storage is a service layer over S3-compatible storage; works with any EU S3 backend. |
| Edge Functions (Deno) | Self-hosted Deno runtime on EU compute, Scaleway Serverless Functions, EdgeDB on EU infra | Edge Functions are Deno runtimes; the self-hosted equivalent runs on any EU container platform. |
| Realtime (Postgres CDC) | Self-hosted Supabase Realtime on EU compute, native Postgres LISTEN/NOTIFY, Hasura on EU | Realtime is open-source; self-hosting preserves the WebSocket-based pub/sub. |
| Vector embeddings (pgvector) | Self-hosted Postgres + pgvector on EU compute, Qdrant (DE-headquartered) self-hosted or cloud | For dedicated vector workloads, Qdrant Cloud EU is a sovereign-by-default alternative. |
| Studio (admin UI) | Self-hosted Supabase Studio (it's open-source), pgAdmin self-hosted | Studio is part of the self-hosted distribution. |
| Database backups | pg_dump scheduled to EU object storage, WAL-G to S3-compatible EU storage, Borgbase EU | WAL-G with EU object storage backend is the production-grade pattern. |
| API (PostgREST) | Self-hosted PostgREST on EU compute, Hasura, custom API layer | PostgREST is open-source; self-hosting preserves the REST API generation. |
| CLI / Migrations | Standard supabase-cli works with self-hosted instances, sqitch, Atlas | The Supabase CLI supports `--db-url` to point at self-hosted instances. |
Comment nous migrons depuis Supabase
Une migration typique de mid-market se déroule en trois phases. Les chiffres ci-dessous supposent une équipe d'ingénierie de 6 à 10 personnes et une stack applicative modérément complexe.
Self-hosted Supabase deployment
Deploy self-hosted Supabase stack on Hetzner (Docker Compose or Kubernetes). Configure auth providers, storage backend, Edge Functions runtime. Set up monitoring and backups.
Database + auth migration
Postgres dump+restore to self-hosted instance. User accounts migrated via auth provider data export. Storage buckets mirrored. Edge Functions redeployed.
Application cutover
Application config updated to point at self-hosted Supabase URL. Same supabase-js client, same RLS policies, same auth flows. Cutover with a verification window.
Self-hosted Supabase on a single Hetzner CCX23 (€25/month) replaces Supabase Pro at $25/month-per-project plus per-project usage. For multi-project workloads, savings compound: a typical Supabase team plan ($599/month) becomes €40-100/month in raw infrastructure plus the managed-partner fee if you don't want to operate it yourself. Plus full EU jurisdiction.
Questions fréquemment posées
Is Supabase's EU region (Frankfurt, Ireland) sufficient for GDPR?
Residency yes, sovereignty no. Supabase Inc. is US-headquartered, and the Frankfurt/Ireland regions run on AWS — also US-jurisdictional. For Schrems II analyses, both layers are exposed.
Does self-hosted Supabase have full feature parity?
Yes for the core stack: Postgres, Auth (GoTrue), Storage, Edge Functions, Realtime, Studio, PostgREST. The supabase-js client works identically. The features that aren't in self-hosted: paid-tier features like team management UI and integrated logging dashboards (you build those with Loki + Grafana on EU infra).
How operationally complex is self-hosted Supabase?
For single-environment production, a single CCX23 Hetzner VM with Docker Compose is sufficient and operationally manageable for an experienced engineering team. For multi-environment or HA setups, Kubernetes with Helm chart is the production pattern; we operate this for clients.
Does the supabase-js client need code changes?
Just one: the URL points at your self-hosted instance instead of `*.supabase.co`. RLS policies, auth flows, storage URLs, realtime subscriptions — all unchanged.
What about managed Supabase EU equivalents?
There are emerging EU-headquartered offerings (Supascale, Supafast — both early-stage), but the production-ready answer is self-hosted Supabase managed by an EU partner. We deploy and operate this exact pattern.
How long does a Supabase exit take?
For a single-environment project (one Postgres, basic auth, a few buckets): 1–2 weeks elapsed. For multi-environment or large-data setups: 3–6 weeks. The migration is mechanically clean because everything is open-source upstream.
Planifiez votre sortie de Supabase.
Appel de cadrage de 30 minutes. Nous cartographions votre stack par rapport aux alternatives UE-uniquement, estimons l'effort de migration et vous disons si c'est le bon choix.