selfprivacy.org/content/en/docs/Theory/architecture.md

---
title: "Project architecture"
linkTitle: "Architecture"
weight: 5
date: 2022-01-09
description: >
  How the project is organized and how it works.
---

Yes, you could use kubernetes. But why when immutability is ensured by NixOS?

**User app:** [Flutter](https://flutter.dev/)/[Dart](https://dart.dev/) was chosen because of the speed and smoothness of the UI and cross-platform.

**Server side (backend):** [NixOS](https://nixos.org/) + [Python](https://www.python.org/). NixOS was chosen because of its reproducibility, python because of its versatility and popularity.

# Service providers
**We do not get paid by any service providers!** We are not affiliated with them in any way. We chose them purely for professional reasons. But we do not exclude partnership in the future.

### Hosting
SelfPrivacy supports two hosting providers: [Hetzer](https://www.hetzner.com/) and [DigitalOcean](https://digitalocean.com)

Both were chosen because of low price and acceptable level of service, quality REST API.

Candidates:
- Own personal iron server. **Our main priority right now**;
- A service provider that will provide an API to deploy an iron server. Outside [FVEY](https://en.wikipedia.org/wiki/Five_Eyes);
- OVH
- Scaleway

There's also free [Oracle Cloud](https://docs.oracle.com/en-us/iaas/Content/FreeTier/freetier_topic-Always_Free_Resources.htm), but where you don't pay, you're usually a commodity.

### DNS
There's a choice between [Cloudflare](https://cloudflare.com), [deSEC](https://desec.io/), or [DigitalOcean DNS](https://www.digitalocean.com/).

[deSEC](https://desec.io/) is a more private option and is recommended by default.

[Cloudflare](https://cloudflare.com) likely collects data in proxy traffic mode, otherwise it's hard to explain why they would offer such services for free. **In our case, we don't proxy anything and use it only as a DNS server.**

### Backup repository
We use [Backblaze](https://www.backblaze.com/).

The first 20GB are free and significantly cheaper than AWS. [Backblaze](https://www.backblaze.com/) publishes its hardware developments in open source. They also [shares](https://www.backblaze.com/b2/hard-drive-test-data.html) very useful statistics on disk failures, based on which one can choose the most reliable and tested option.

In the future, we might replace them with a self-hosted solution or a peer-to-peer one. **Currently, this is not a top priority since the data is encrypted, and the service provider only sees the IP address of your server, not the device with the application.**
feat: Switch to docsy 2023-01-11 18:53:46 +02:00			`---`
			`title: "Project architecture"`
			`linkTitle: "Architecture"`
			`weight: 5`
			`date: 2022-01-09`
			`description: >`
			`How the project is organized and how it works.`
			`---`

			`Yes, you could use kubernetes. But why when immutability is ensured by NixOS?`

docs: update architecture en (#115) Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org/pulls/115 Reviewed-by: Inex Code <inex.code@selfprivacy.org> Co-authored-by: dettlaff <dettlaff@riseup.net> Co-committed-by: dettlaff <dettlaff@riseup.net> 2024-03-28 15:37:59 +02:00			`User app: [Flutter](https://flutter.dev/)/[Dart](https://dart.dev/) was chosen because of the speed and smoothness of the UI and cross-platform.`
feat: Switch to docsy 2023-01-11 18:53:46 +02:00
docs: update architecture en (#115) Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org/pulls/115 Reviewed-by: Inex Code <inex.code@selfprivacy.org> Co-authored-by: dettlaff <dettlaff@riseup.net> Co-committed-by: dettlaff <dettlaff@riseup.net> 2024-03-28 15:37:59 +02:00			`Server side (backend): [NixOS](https://nixos.org/) + [Python](https://www.python.org/). NixOS was chosen because of its reproducibility, python because of its versatility and popularity.`
feat: Switch to docsy 2023-01-11 18:53:46 +02:00
docs: update architecture en (#115) Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org/pulls/115 Reviewed-by: Inex Code <inex.code@selfprivacy.org> Co-authored-by: dettlaff <dettlaff@riseup.net> Co-committed-by: dettlaff <dettlaff@riseup.net> 2024-03-28 15:37:59 +02:00			`# Service providers`
fix arhitecture and some links 2023-05-20 23:05:18 +03:00			`We do not get paid by any service providers! We are not affiliated with them in any way. We chose them purely for professional reasons. But we do not exclude partnership in the future.`
feat: Switch to docsy 2023-01-11 18:53:46 +02:00
			`### Hosting`
fix arhitecture and some links 2023-05-20 23:05:18 +03:00			`SelfPrivacy supports two hosting providers: [Hetzer](https://www.hetzner.com/) and [DigitalOcean](https://digitalocean.com)`

			`Both were chosen because of low price and acceptable level of service, quality REST API.`

feat: Switch to docsy 2023-01-11 18:53:46 +02:00			`Candidates:`
fix arhitecture and some links 2023-05-20 23:05:18 +03:00			`- Own personal iron server. Our main priority right now;`
			`- A service provider that will provide an API to deploy an iron server. Outside [FVEY](https://en.wikipedia.org/wiki/Five_Eyes);`
feat: Switch to docsy 2023-01-11 18:53:46 +02:00			`- OVH`
			`- Scaleway`

			`There's also free [Oracle Cloud](https://docs.oracle.com/en-us/iaas/Content/FreeTier/freetier_topic-Always_Free_Resources.htm), but where you don't pay, you're usually a commodity.`

			`### DNS`
docs: update architecture en (#115) Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org/pulls/115 Reviewed-by: Inex Code <inex.code@selfprivacy.org> Co-authored-by: dettlaff <dettlaff@riseup.net> Co-committed-by: dettlaff <dettlaff@riseup.net> 2024-03-28 15:37:59 +02:00			`There's a choice between [Cloudflare](https://cloudflare.com), [deSEC](https://desec.io/), or [DigitalOcean DNS](https://www.digitalocean.com/).`

			`[deSEC](https://desec.io/) is a more private option and is recommended by default.`

			`[Cloudflare](https://cloudflare.com) likely collects data in proxy traffic mode, otherwise it's hard to explain why they would offer such services for free. In our case, we don't proxy anything and use it only as a DNS server.`
feat: Switch to docsy 2023-01-11 18:53:46 +02:00
			`### Backup repository`
docs: update architecture en (#115) Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org/pulls/115 Reviewed-by: Inex Code <inex.code@selfprivacy.org> Co-authored-by: dettlaff <dettlaff@riseup.net> Co-committed-by: dettlaff <dettlaff@riseup.net> 2024-03-28 15:37:59 +02:00			`We use [Backblaze](https://www.backblaze.com/).`

			`The first 20GB are free and significantly cheaper than AWS. [Backblaze](https://www.backblaze.com/) publishes its hardware developments in open source. They also [shares](https://www.backblaze.com/b2/hard-drive-test-data.html) very useful statistics on disk failures, based on which one can choose the most reliable and tested option.`

			`In the future, we might replace them with a self-hosted solution or a peer-to-peer one. Currently, this is not a top priority since the data is encrypted, and the service provider only sees the IP address of your server, not the device with the application.`