Alternativa apenas UE a Supabase.
Supabase is the open-source Firebase alternative: hosted Postgres + Auth + Storage + Edge Functions + Realtime with a polished developer experience. Supabase Inc. is a Delaware US corporation; the EU regions (Frankfurt, Ireland, London, Paris) run on AWS infrastructure under both Supabase and AWS US-jurisdictional control. The good news: Supabase is open-source. You can self-host the entire stack on EU infrastructure with full feature parity — that is the sovereign alternative we deploy for clients.
"Região UE" não é soberania. Quatro perguntas decidem.
Residência de dados diz onde os bits ficam. Soberania diz qual sistema jurídico pode forçar o acesso. A resposta tem de valer nos quatro pontos — caso contrário a stack não é soberana.
Onde os dados estão fisicamente armazenados?
Não "na nuvem" — qual datacenter, em qual país, sob qual jurisdição.
Quem mais está no seu caminho de dados?
Cada fornecedor que toca os dados: o CDN, o relay de e-mail, o rastreador de erros, o pipeline de analytics.
Quais leis podem forçar a divulgação?
Um fornecedor com sede nos EUA está sujeito ao FISA 702 e ao CLOUD Act — mesmo quando os dados estão em Frankfurt.
Quem detém realmente as chaves de cifragem?
Se o provedor de nuvem tem tanto os dados quanto as chaves, ele pode lê-los — independentemente de qualquer DPA.
Falha em jurisdição e custódia de chaves.
Bits na UE, casa-mãe nos EUA, subprocessadores americanos no caminho predefinido, chaves geridas pelo fornecedor.
Passa nos quatro.
Hospedado na UE em infraestrutura com sede europeia. Zero subprocessadores americanos no caminho padrão. Chaves do cliente ou de KMS europeu. Nomeados no seu DPA Artigo 28.
Porque é que as equipas estão a sair Supabase
Supabase exits we have run come from one consistent trigger: a B2B SaaS that picked Supabase for its DX, grew to enterprise customers, and discovered that "Supabase Frankfurt on AWS Ireland" is two layers of US-jurisdictional processors that fail Schrems II analysis. The Supabase team itself has publicly discussed the data sovereignty constraints on their blog. Self-hosting Supabase on EU infrastructure preserves the full DX (the same supabase-js client works) while moving to full EU jurisdiction.
Supabase serviços e os seus equivalentes apenas na UE
Uma migração não é "trocar uma caixa por outra". O mapeamento abaixo é o que executamos para clientes que saem de Supabase por motivos Schrems II — plena jurisdição UE, sem casa-mãe US no caminho dos dados.
| Supabase serviço | Alternativa apenas UE | Nota de engenharia |
|---|---|---|
| Postgres (managed) | Self-hosted Supabase on Hetzner, OVH Managed PostgreSQL with Supabase services on top, Aiven | Self-hosted Supabase deploys via Docker Compose; the managed-by-Binadit version on Hetzner is the cleanest sovereign equivalent. |
| Auth (GoTrue) | Self-hosted GoTrue (it's open-source), Keycloak, Authentik (DE) | GoTrue is part of the open Supabase stack; self-hosting preserves the JWT-based auth with social logins, magic links, MFA. |
| Storage (S3-compatible) | Self-hosted Supabase Storage with MinIO backend, OVH Object Storage as direct alternative | Supabase Storage is a service layer over S3-compatible storage; works with any EU S3 backend. |
| Edge Functions (Deno) | Self-hosted Deno runtime on EU compute, Scaleway Serverless Functions, EdgeDB on EU infra | Edge Functions are Deno runtimes; the self-hosted equivalent runs on any EU container platform. |
| Realtime (Postgres CDC) | Self-hosted Supabase Realtime on EU compute, native Postgres LISTEN/NOTIFY, Hasura on EU | Realtime is open-source; self-hosting preserves the WebSocket-based pub/sub. |
| Vector embeddings (pgvector) | Self-hosted Postgres + pgvector on EU compute, Qdrant (DE-headquartered) self-hosted or cloud | For dedicated vector workloads, Qdrant Cloud EU is a sovereign-by-default alternative. |
| Studio (admin UI) | Self-hosted Supabase Studio (it's open-source), pgAdmin self-hosted | Studio is part of the self-hosted distribution. |
| Database backups | pg_dump scheduled to EU object storage, WAL-G to S3-compatible EU storage, Borgbase EU | WAL-G with EU object storage backend is the production-grade pattern. |
| API (PostgREST) | Self-hosted PostgREST on EU compute, Hasura, custom API layer | PostgREST is open-source; self-hosting preserves the REST API generation. |
| CLI / Migrations | Standard supabase-cli works with self-hosted instances, sqitch, Atlas | The Supabase CLI supports `--db-url` to point at self-hosted instances. |
Como migramos de Supabase
Uma migração típica de mid-market decorre em três fases. Os números abaixo assumem uma equipa de engenharia de 6 a 10 pessoas e uma stack de aplicação moderadamente complexa.
Self-hosted Supabase deployment
Deploy self-hosted Supabase stack on Hetzner (Docker Compose or Kubernetes). Configure auth providers, storage backend, Edge Functions runtime. Set up monitoring and backups.
Database + auth migration
Postgres dump+restore to self-hosted instance. User accounts migrated via auth provider data export. Storage buckets mirrored. Edge Functions redeployed.
Application cutover
Application config updated to point at self-hosted Supabase URL. Same supabase-js client, same RLS policies, same auth flows. Cutover with a verification window.
Self-hosted Supabase on a single Hetzner CCX23 (€25/month) replaces Supabase Pro at $25/month-per-project plus per-project usage. For multi-project workloads, savings compound: a typical Supabase team plan ($599/month) becomes €40-100/month in raw infrastructure plus the managed-partner fee if you don't want to operate it yourself. Plus full EU jurisdiction.
Perguntas frequentes
Is Supabase's EU region (Frankfurt, Ireland) sufficient for GDPR?
Residency yes, sovereignty no. Supabase Inc. is US-headquartered, and the Frankfurt/Ireland regions run on AWS — also US-jurisdictional. For Schrems II analyses, both layers are exposed.
Does self-hosted Supabase have full feature parity?
Yes for the core stack: Postgres, Auth (GoTrue), Storage, Edge Functions, Realtime, Studio, PostgREST. The supabase-js client works identically. The features that aren't in self-hosted: paid-tier features like team management UI and integrated logging dashboards (you build those with Loki + Grafana on EU infra).
How operationally complex is self-hosted Supabase?
For single-environment production, a single CCX23 Hetzner VM with Docker Compose is sufficient and operationally manageable for an experienced engineering team. For multi-environment or HA setups, Kubernetes with Helm chart is the production pattern; we operate this for clients.
Does the supabase-js client need code changes?
Just one: the URL points at your self-hosted instance instead of `*.supabase.co`. RLS policies, auth flows, storage URLs, realtime subscriptions — all unchanged.
What about managed Supabase EU equivalents?
There are emerging EU-headquartered offerings (Supascale, Supafast — both early-stage), but the production-ready answer is self-hosted Supabase managed by an EU partner. We deploy and operate this exact pattern.
How long does a Supabase exit take?
For a single-environment project (one Postgres, basic auth, a few buckets): 1–2 weeks elapsed. For multi-environment or large-data setups: 3–6 weeks. The migration is mechanically clean because everything is open-source upstream.
Planeie a sua saída de Supabase.
Chamada de scoping de 30 minutos. Mapeamos a sua stack contra alternativas apenas UE, estimamos o esforço de migração e dizemos-lhe se é a decisão certa.