Migrating away from Gandi, 9 months later - eviltoast

I’m posting this in selfhosted because Gandi increasing prices actually helped me a lot with being more serious about selfhosting, made me look into things like DNS and reverse proxies and VPN and docker and also ended up saving me money by re-evaluating my service needs.

For background, Gandi.net is a large and old (25 years) domain registrar and hosting provider in the EU, who after two successive rounds of being acquired by investment funds have hiked up prices across the board for all their services.

In July 2023 when they announced the changes for November I was using their services for pretty much everything because I manage domains for friends and family. That means a wide selection of domains registered with them (both TLDs and European ccTLDs), LAMP hosting, and was taking advantage of their free email hosting for multiple domains.

For the record I don’t hold the price hike against them, it was just unsustainable for us. Their email prices (~5€/mailbox/mo) are in line with market prices and so are hosting prices. Their domain prices are however exaggerated (€25-30/yr is their lower price now). I also think they could’ve been smarter about email, they could’ve offered lower prices if you keep domains registered with them. [These prices include the VAT for my country btw. They will appear lower in USD.]

What I did:

Domains: looked into alternative registrars with decent prices, support for all the ccTLDs I needed, DNSSEC, enforced whois privacy, and representative services (some ccTLDs require a local contact). Went with INWX.com (Germany) and Netim.com (France). Saved about €70/yr. Could have saved more for .org/.net/.com domains with an American registrar but didn’t want to spread too thin.

DNS: learned to use a dedicated DNS service, especially now that I was using multiple registrars since I didn’t want to manage DNS in multiple places. Wanted something with support for DNSSEC and API. Went with deSEC.io (Germany) as main service and Bunny.net (Slovenia) as backup. deSEC is free, more on Bunny pricing below. Learned a lot about DNS in the process.

Email: having multiple low-volume mailboxes forced me to look into volume-based providers who charge for storage and emails sent/received not mailboxes. I’ve found Migadu (Swiss with servers in France at OVH), MXRoute (self-hosted in Texas) and PurelyMail (don’t know). Fair warning, they’re all 1-2 man operations. But their prices are amazing because you pay a flat fee per year and can have any number of domains and mailboxes instead of monthly fees for one mailbox at one domain. Saved €130/yr. Learned a lot about MX records and SPF/DKIM/DMARC.

Hosting: had a revelation that none of the webpages I was hosting actually needed live dynamic services (like PHP and MySQL). Those that were using a CMS like WordPress or PHP photo galleries could be self-hosted in docker containers because only one person was using each, and the static output hosted on a CDN. Enter Bunny.net, who also offer CDN and static storage services. For Europe and North America it costs 1 cent per GB with a $1 minimum/mo, so basically $12/yr since all websites are low traffic personal websites. Saved another €130/yr. Learned a lot about Docker, reverse proxies and self-hosting in general.

Keep in mind that I already had a decent PC for self-hosting, but at €330 saved per year I could’ve afforded buying a decent machine and some storage either way.

I think separating registrars, DNS, email and hosting was a good decision because it allows a lot of flexibility should any of them have any issues, price hikes etc.

It does complicate things if I should kick the bucket – compared to having everything in one place – which is something I’ll have to consider. I’ve put together written details for now.

Any comments or questions are welcome. If there are others that have gone through similar migrations I’d be curious what you chose.

  • RegalPotoo@lemmy.world
    link
    fedilink
    English
    arrow-up
    6
    ·
    9 months ago

    I’ve started a similar process to yours and am moving domains as they come up for renewal, with a slightly different technical approach:

    • I’m using AWS Route 53 as my registrar. They aren’t the cheapest, but still work out at about half the price of Gandi and one of my key requirements was to be able to use Terraform to configure DS records for DNSSEC and NS records in the parent zone
    • I run an authoritative nameserver on an OCI free tier VM using PowerDNS, and replicate the zones to https://ns-global.zone/ for redundancy. I’m investigating setting up another authoritative server on a different cloud provider in case OCI yank the free tier or something
    • I use https://migadu.com/ for email

    I have one .nz domain which I’ll need to find a different registrar for, cos for some reason route53 doesn’t support .nz domains, but otherwise the move is going pretty smoothly. Kinda sad where Gandi has gone - I opened a support ticket to ask how they can justify being twice the price of their competitors and got a non-answer

    • NuclearArmWrestling@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      9 months ago

      I’ve been using CloudFlare for my DNS registration. They’re incredibly cheap (I think they sell at or near wholesale rates).

      For hosting, I tend to use Dreamhost. I think that it’s about $100/yr, with unlimited email inboxes, unlimited bandwidth (no porn or video hosting, or other things like that in the TOS).

      Personally, I use Fastmail for my email (and CloudFlare’s email forwarding to forward to it), although Proton is pretty good to look at as well.

      • RegalPotoo@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        9 months ago

        Cloudflare would probably meet my technical needs, but I refuse to give them any money due to how enthusiastic they are to have white supremacists on their platform

  • Domi@lemmy.secnd.me
    link
    fedilink
    English
    arrow-up
    4
    ·
    9 months ago

    Well thanks for the heads up, as a fellow lazy Gandi user I now know where to switch my domains to.

  • Nightwatch Admin@feddit.nl
    link
    fedilink
    English
    arrow-up
    3
    ·
    9 months ago

    I too am planning to leave; while the pricing is going up, that’s not really my issue. Support is not exactly helpful these days, and their business services stink - not really, because if they actually did, at least we could find them. There’s no added value for lots of money, no innovation, their cli tooling is dead, etc.

  • g5pw@feddit.it
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    9 months ago

    I also moved away my domains and the ones of the hackerspace I manage, mainly to:

    • infomaniak (Switzerland): a bit too pushy with extra services, but not bad
    • openprovider (NL): more geared towards bulk users, have to prepay (min 20€), but okay so far
    • aruba: meh, but free mailboxes are nice

    I also use Migadu, they have been great so far!

    desec.io for DNS, also great and supported by Traefik for DNS-01 ACME challenge.

  • Moonrise2473@feddit.it
    link
    fedilink
    English
    arrow-up
    1
    ·
    9 months ago

    This bunny.net CDN that’s $1 for 100GB intrigues me. How does it work? I can’t understand from the description. From the docs it looks like some S3-like service, instead in another page “publishing hugo on bunnycdn” it’s an FTP to sync via rclone

    • lemmyvore@feddit.nlOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      9 months ago

      Their CDN has two tiers, a super-cheap one (0.005/GB) with only 10 nodes and a more expensive one (0.01/GB) with 100+ nodes. The CDN and the storage services are distinct. The storage service is priced per quantity of data stored and replication zones, the CDN is priced at data served and geo-redundancy. You use FTP to manage the storage, not an API. A CDN can pull from a storage, or from a live website. Each CDN gets a b-cdn.net subdomain and you can either CNAME your own [sub]domain(s) to it or link it strictly for your static assets.

      You load money in your account (minimum of $10 per load) and at the end of every month they take how much you’ve consumed (minimum of $1 per month).

      In my case I only have a few hundred MB in total so I generate the websites locally and upload the static snapshots to their storage and serve from there with the main website domain CNAME’d to the CDN domain. But they have tutorials for acting as a static cache for WordPress for example or other CMS.

      The CDN’s have lots of useful settings like redirect/block rules, you can assign a free SSL cert, can do CORS headers, hotlink protection, custom error pages, control the cache timeouts, concurrent requests, apply all kinds of limits, you can white/blacklist countries, control regional routing and so on and so forth.

  • Decronym@lemmy.decronym.xyzB
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    9 months ago

    Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:

    Fewer Letters More Letters
    DNS Domain Name Service/System
    SSL Secure Sockets Layer, for transparent encryption
    TLS Transport Layer Security, supersedes SSL
    VPS Virtual Private Server (opposed to shared hosting)

    4 acronyms in this thread; the most compressed thread commented on today has 4 acronyms.

    [Thread #551 for this sub, first seen 27th Feb 2024, 22:55] [FAQ] [Full list] [Contact] [Source code]