Why no US hyperscalers like AWS or Azure?

Data sovereignty. Hosting in Switzerland consistently with Swiss providers means Swiss law applies, not the US CLOUD Act. For SMEs with customer or employee data, this is a real difference. Infomaniak is also climate-neutral and operates its own data centres in Geneva.

What happens if a server fails?

Our probes detect outages within seconds. Cinder volumes are persistent, so a new server can be provisioned from the Terraform code automatically. Database backups support point-in-time recovery.

Where is my data stored?

All production data, backups and logs live in Switzerland on Infomaniak infrastructure. There is no transfer to third countries.

Can I see logs or metrics for my website?

On request, you get access to a Grafana dashboard with live metrics, performance data and uptime history for your website.

INFRASTRUCTURE

Swiss cloud,
fully transparent.

Your website runs on cloud infrastructure we operate ourselves in Switzerland. No black box, no US hyperscalers. See exactly what runs where.

uptime: 99.9% Uptime
region: Switzerland (Infomaniak)
monitoring: 24/7 Monitoring

// 01_CLOUD

Where your site runs

Swiss cloud on OpenStack. Data stays in Switzerland.

Infomaniak Public Cloud

OpenStack-based Swiss cloud, operated by Switzerland's largest independent cloud provider. Own data centres in Geneva.

Swiss data residency

All servers, databases and backups live in Switzerland. Compliant with revFADP and GDPR.

IPv4 and IPv6

Every application gets its own floating IPs (v4 and v6). Private networks isolate the app and database tiers.

// 02_DEPLOYMENT

How we deploy

Infrastructure as code. Every deploy is reproducible and versioned.

Terraform (Infrastructure as Code)

The entire cloud infrastructure is defined in Terraform. State is encrypted in an S3 bucket. Reproducible, versioned, no click-ops.

Ubuntu via cloud-init

Servers are provisioned from audited Ubuntu templates using cloud-init. No hand-built servers.

Docker Compose per server

Every application runs in containers with explicit resource limits derived automatically from the server flavour.

Caddy as reverse proxy

Automatic TLS (Let's Encrypt), HTTP/3, modern security headers, without manual work per domain.

// 03_SECURITY

How we secure

Defense in depth: network, application, secrets, at every layer.

OpenStack Security Groups

Cloud-level firewall rules. Only explicitly allowed ports reach your servers.

Caddy security headers

HSTS, CSP, Referrer-Policy, Permissions-Policy, on by default for every domain.

Fail2ban

Automatically bans IPs that show repeated failed login attempts.

SOPS + age for secrets

Secrets are encrypted in the Git repository, never stored as cleartext.

// 04_OBSERVABILITY

How we monitor

Full visibility into metrics, logs and availability.

Prometheus

Central metrics collection for every server and container. Auto-discovery via Grafana Alloy.

Loki

Central log aggregation. All container logs land in one searchable store.

Grafana

Dashboards for performance, errors, utilisation and security events.

Blackbox Exporter

External uptime probes hit your application's health endpoint. We notice outages, usually before you do.

// 05_BACKUPS

How we back up

Multi-tier, tested, automated backups.

OpenStack Cinder volumes

Persistent, redundant block storage for application data and database.

Automatic backups to S3

Database and application backups land in a separate S3 bucket every day.

7 days local, 30 days S3

Local snapshots (7-day retention) for fast recovery, S3 backups (30-day retention) for disaster recovery.

// 06_OPEN_SOURCE

Open source. Verifiable.

Every component is open source. You can verify what's running yourself.

Component	Purpose	License
Terraform	Infrastructure as Code	BSL
OpenStack	Cloud platform	Apache 2.0
Ubuntu	Server OS	Free/Open
Docker + Compose	Container runtime	Apache 2.0
Caddy	Reverse proxy, TLS	Apache 2.0
PostgreSQL	Database	PostgreSQL License
Prometheus	Metrics	Apache 2.0
Loki	Logs	AGPL-3.0
Grafana	Dashboards	AGPL-3.0
Blackbox Exporter	Uptime probes	Apache 2.0
Grafana Alloy	Telemetry agent	Apache 2.0
SOPS	Secret encryption	MPL 2.0
age	Encryption	MIT
Fail2ban	Intrusion prevention	GPL-2.0
Next.js	Web framework	MIT

Frequently asked questions

Why no US hyperscalers like AWS or Azure?: Data sovereignty. Hosting in Switzerland consistently with Swiss providers means Swiss law applies, not the US CLOUD Act. For SMEs with customer or employee data, this is a real difference. Infomaniak is also climate-neutral and operates its own data centres in Geneva.
What happens if a server fails?: Our probes detect outages within seconds. Cinder volumes are persistent, so a new server can be provisioned from the Terraform code automatically. Database backups support point-in-time recovery.
Where is my data stored?: All production data, backups and logs live in Switzerland on Infomaniak infrastructure. There is no transfer to third countries.
Can I see logs or metrics for my website?: On request, you get access to a Grafana dashboard with live metrics, performance data and uptime history for your website.

Your projects run on this infrastructure.

Let's talk about your project, from a simple association site to a custom web application.

Request a project View packages

Swiss cloud,fully transparent.