I’ve been using Gandi for over 20 years, almost since it was founded. Since being acquired in 2019 by Montefiore Investment and this year by Total Webhosting Solutions their service have become more and more expensive and have finally priced me out.
For context, I administer a bunch of domains, mailboxes and HTML websites for my family and extended family, and I prefer services hosted in the EU because of GDPR and local availability.
This post is meant as a list of practical decisions in 2023 for the small time selfhoster. If anybody wants to comment on what Gandi (or rather TWS) is doing feel free to do so in the comments, I’m curious myself.
Prices I’ve mentioned use my country’s VAT so will vary slightly for you.
Domain names
Domain names have always been a bit on the expensive side with Gandi but they used to include a lot of features for free with them (SSL, DNSSEC, mailboxes, a small static website, WHOIS privacy, local contact for TLDs that need it etc.) and what they added extra was proportional to the base TLD cost.
For the next renewal all my domains were slated to jump to €28 across the board. If you have domains with Gandi try adding some renewals to the cart and check in advance.
I had to look for an European registrar because I have lots of European ccTLDs that the usual suspects like Cloudflare and Porkbun don’t support.
I’m moving to INWX.de and will be saving 25-60% per domain. This takes into account WHOIS privacy where needed for an extra 5€/domain (EU ccTLDs are private due to GDPR but we own a couple of TLDs too) as well as local contact services where required (price varies by country).
I manage multiple mailboxes but they have low traffic and low storage requirements. Gandi will be offering them at €55/mailbox/year. I’m not questioning their pricing, 3-4€/month for email is common, but typically charged by email-focused services.
Anyway, this per-mailbox model would price us into hundreds of euros for resources that go 99% unused. I’m switching to Migadu.com, who allows unlimited domains and mailboxes (within common sense) under a single account and charges for the conflated storage space and emails sent/received across all mailboxes.
Migadu tiers start at 20€/year for 5GB and 200/20/day (soft limits).
Webhosting
We were using Gandi’s smallest hosting package for about 100€/year, which was slated to jump to €135. Not an outlandish price for your typical PHP + MySQL hosting, especially since it had some VPS-like features. Then again the typical webhosting service would include a couple of mailboxes and some other goodies.
This was a good opportunity for us to reevaluate out hosting needs and realize we can ditch PHP+MySQL (if we really have to revisit it we’ll consider VPS offers in the future). It’s mostly static sites, image galleries and a bit of blogging. We’ve cached all our stuff as plain HTML/CSS/images and moved it to BunnyCDN.
Bunny lets you define a file bundle, gives you FTP access with a unique username+password, lets you pick the extent of replication, puts a CDN on top of it, and lets you point a domain name to it. Also throws a bunch of web server-ish features on top like rules/rewrites and Let’s Encrypt SSL.
They actually offer more features than that but I’ve just mentioned the minimum you need for serving a bunch of static websites.
Bunny pricing starts at $0.01/GB (with a minimum of $1/month) and you pay as you go.
Nameservers
Since we’re doing this I’ve taken the opportunity to dab into DNS. Turns out it’s not that hard. There’s only like half a dozen of commonly used DNS record types and everybody’s helping you with them – email services like Migadu generate the email-related ones for you, registrars and managed DNS services generate the SOA for you, they have forms that tell you what fields are needed etc.
There are lots of managed DNS options. Registrars usually include nameservers and let you mess with the records so INWX was one choice. Bunny offers DNS service that integrates with their CDN. deSEC is a completely free service I’ll be using as backup.
All of the above also offer APIs so a bash script will be taking care of dynamic DNS.
I’m also on Migadu for email, and I can say the experience has been pretty excellent. They have good instructions for setup stuff, and their pricing model is great. The pricing model has things in common with rsync.net, where they impose a soft limit on storage and reach out if you start exceeding it to talk about upgrading.
I do wonder if other mail providers will at some stage support jmap, it seems like it could take away some frustrations.
JMAP would help providers and clients but I’m not sure how it would improve upon user experience. The problems that JMAP solves are typically hidden from the user.
There are speed and developer experience improvements, and a whole bunch of it is there to optimise for mobile. They have some info in the FAQ on jmap.io. It’s something I won’t 100% take without any consideration - it is written by the fastmail Devs - but a modern stateless protocol is no bad thing.
I am also bailing on Gandi, and am in the process of divesting them of my assets.
I was already using Let’s Encrypt for my self-hosted applications, and never used Gandi’s certificate service.
In July of this year I moved all of my Gandi mailboxes over to MXroute after subscribing to their $99 lifetime subscription plan. It’s more than I’ll ever really need.
I plan to move my domains over to Porkbun as they come up for renewal at Gandi, starting with two domains next month. I hold several domains in the standard TLDs and am US-based, so porkbun is a good fit for my needs. I’ll need to sort out DDNS services for a couple of my hosts, but if Porkbun isn’t sufficient then DuckDNS seems popular and well supported among the applications and self hosted services I use. If they have a paid tier, I will probably consider using that.
I intend to avoid Cloudflare except as a very last resort for more or less the same reasons I might avoid Google or Amazon: privacy, intellectual property and good netizenship.
Porkbun supports ddclient, and also provides a Python script to update records. They don’t maintain it anymore, but it still works fine. I have several domains pointing to dynamic IPS and they’ve worked flawlessly.
I’ve been very happy with porkbun.
deleted by creator
Can you elaborate? The new interface was one of the things I liked about Gandi. In particular the DNS editor — I still haven’t found another DNS provider that gives you the option to edit the zone as plain text.
Nice write up - I’m also with Gandi, run my own DNS, and switched to Migadu when the email pricing changes came in. Will take a look an INWX next time domains come up for renewal
Also check out Netim, they also have a wide TLD selection and similar features to INWX. Their prices vary from each other, for me it was a matter of who had the best prices for the particular ccTLD’s we’re using.
I’m using Netim right now for my personal domain. They’re a bit expensive (similar to Gandi’s old prices) but it does come with email which is nice.
Check out orangewebsite, they are from Iceland and are pretty private. Ive been using them for around 4 years and have had no issues!
p.s. I only use their domain registration service and not the hosting, so I cannot comment on that.
I’m also leaving, migrates to infomaniak as a registrar, DeSec as DNS provider and Migadu for email… no regrets!
I’m currently struggling to decide between migadu and mxroute. migadu is in Switzerland (EU would be even better though), and mxroute in the US. But migadu is also significantly more expensive than mxroute (e.g. 30Gb 90$ migadu vs 50gb 70$ mxroute )
also I’m not entirely sure what you need the whois privacy for. i just checked my ccTLDs and regular TLDs - mostly on cloudflare for now - and all of them have my data redacted
mxroute is also excellent. It’s rock solid and the support is top notch, should you ever need it.
i really do want to use it and I’m definitely not questioning it’s quality since it’s recommended here a lot. my concern/issue is that it’s a us company
Migadu is incorporated in Switzerland but the servers are in France.
Whois privacy is mainy needed for com/org/net domains.
i have com domains as well and the whois information is redacted there as well
If you mean it shows up as “REDACTED FOR PRIVACY”, that only happens for individuals who are EU citizens (due to GDPR). Also, the information still makes it to the US database, it’s just not shown.
With a WHOIS privacy service, the European registrar sends the American WHOIS database their own contact data instead of yours, so your information never reaches the US to begin with.
If you’re worried about price more than EU, i’ve been pretty happy with purelymail. They’re absurdly cheap, and they’ve been reliable so far.
I had a question about email.
I am currentl, routing(Cloudflare Email Routing) my email to a Yahoo mail account, basically all incoming email gets routed to my yahoo, and from Yahoo I can send email with my custom address as the sender address.
As far as I am aware I have a daily limit of 200 emails and 1tb storage, all this for free.
Would such a service not be better for your purpose too? Are there certain advantages to paying for an email provider?
A provider that offers email for free, especially with such generous limits, is almost certainly profiting off your email in other ways. Yahoo are terrible for privacy and also for security, they’ve been broken into many times.
Secondly, an EU-based provider is subject to GDPR and other country-specific privacy laws.
There are of course free providers based in the EU but they typically don’t let you use your own domains on the free tier and try to upsell you to paid plans. Which is as it should be. There’s no such thing as a truly free lunch.
free email is risky in many ways
Just to add an option to some of these services. LuaDNS are located in the EU (Romania), can be wholly managed via git (including webhooks for auto-build upon a push), and also do email forwarding.