Firebase made building apps ridiculously fast — realtime database, auth, cloud functions, storage and push, all behind a single SDK. But the convenience has a cost: your data lives on Google, your backend is opaque, your bill grows unpredictably, and since Schrems II and the US CLOUD Act, European DPOs are asking hard questions.
The good news: in 2026 the open-source Backend-as-a-Service (BaaS) ecosystem has matured, managed Postgres is cheap, serverless containers are mainstream, and S3 storage is boringly reliable.
This guide compares every serious Firebase alternative available in Europe and shows how to build a Firebase-equivalent stack on DanubeData (Falkenstein, Germany) for about €35/month — GDPR-compliant, Schrems II safe, and CLOUD Act free.
What Firebase Actually Provides
Before picking an alternative, it helps to list what you're replacing. Firebase is not one product — it's a bundle:
| Firebase Product | What It Does | Typical Use Case |
|---|---|---|
| Firestore | NoSQL document database with realtime sync | App state, chat, collaborative features |
| Realtime Database | JSON tree database with websocket sync | Presence, live counters, simple game state |
| Firebase Auth | Email/password, OAuth, phone, anonymous | Full authentication stack |
| Cloud Functions | Node.js/Python serverless on triggers | Webhooks, scheduled jobs, API endpoints |
| Firebase Storage | Object storage (on Google Cloud Storage) | User uploads, images, videos |
| Firebase Hosting | Static site + edge CDN | SPA and landing page hosting |
| FCM (Cloud Messaging) | Push notifications across platforms | iOS/Android/Web push |
| Remote Config | Feature flags and A/B testing | Gradual rollouts, experiments |
| Analytics & Crashlytics | Event tracking and crash reporting | App performance insights |
When you plan a migration, map your app to this list first. Most apps use 3–5 of these, not all 9 — which makes the migration much smaller than it looks.
Why Leave Firebase in 2026?
1. Schrems II and the CLOUD Act
The CJEU invalidated Privacy Shield in 2020 (Schrems II); the successor EU-US Data Privacy Framework is still being challenged. The US CLOUD Act lets US authorities compel US companies — Google included — to hand over data stored anywhere in the world. For European healthcare, fintech or government suppliers, Firebase is increasingly hard to justify. Storing personal data in Falkenstein on a German operator is not.
2. Opaque and Unpredictable Pricing
Firebase Blaze bills per read, per write, per function invocation, per GB egress, per GB stored, per SMS. One badly-written listener can burn hundreds of euros overnight — every Firebase CTO has that story.
3. Vendor Lock-In
Firestore's query language, security rules and realtime semantics are proprietary. Cloud Functions v2 pins you to Google's runtime. FCM requires Firebase project config in your mobile app. Moving off later always costs more than picking open on day one.
4. Limited EU Data Residency
Firestore has a eur3 multi-region, but adjacent services (Cloud Functions, FCM, Auth) don't all offer the same residency guarantees. Auth tokens and push payloads may still traverse US infrastructure.
5. Google's Sunsetting Habit
Google Domains, Stadia, Cloud IoT Core, Hangouts — the graveyard is long. Firebase itself has deprecated enough (Dynamic Links, parts of Crashlytics API, Firebase Invites) that "will this still exist in five years?" is a fair question.
The Alternatives: An Honest Comparison
There are two broad paths:
- Firebase-shaped BaaS — one product that bundles DB + Auth + Functions + Storage with SDKs. Easiest migration, smallest cognitive load.
- Composable stack — best-of-breed pieces (Postgres + Authentik + Knative + S3) behind your own API. Maximum control, best long-term cost, slightly more wiring.
Below is a head-to-head comparison of the top options plus the DanubeData composable stack.
| Platform | Auth | Database | Storage | Functions | Realtime | Push | Residency | Entry Cost |
|---|---|---|---|---|---|---|---|---|
| Firebase (Google, US) | Yes | Firestore / RTDB | GCS-backed | Cloud Functions | Native | FCM | US / multi-region | Free tier → usage |
| Appwrite (self-hosted or EU cloud) | Yes | MariaDB-backed | Built-in + S3 | Node/Python/PHP/Deno | WebSocket API | Messaging (beta) | EU (Frankfurt) or self-host | Free / €15+ cloud |
| Supabase (EU regions) | Yes (GoTrue) | Postgres | S3-backed | Edge Functions (Deno) | Realtime on Postgres | Via extensions | EU region available | Free / $25+ Pro |
| Nhost (EU-first) | Yes (Hasura Auth) | Postgres + GraphQL | S3-backed | Serverless Functions | GraphQL subscriptions | External | Frankfurt (eu-central-1) | Free / $25+ Pro |
| PocketBase (self-hosted) | Yes | SQLite | Local FS + S3 | Go hooks / JS VM | Realtime via SSE | External | Wherever you host | €4.49 VPS |
| Parse Platform (self-hosted) | Yes | MongoDB / Postgres | S3 adapter | Cloud Code (Node) | LiveQuery | Parse Push (APNs/FCM) | Wherever you host | €8.99+ VPS |
| DanubeData Composable | Authentik | Managed Postgres | S3 (Ceph) | Knative Serverless | LISTEN/NOTIFY or WS | ntfy / web-push / APNs | Falkenstein, DE | ~€35/mo |
1. Appwrite — The Closest Firebase Clone
Appwrite is the strongest single-product Firebase replacement. SDKs for Web, Flutter, React Native, iOS, Android, Node, Python, .NET, Go, Deno and Dart — the product surface mirrors Firebase closely.
Strengths: auth with 30+ OAuth providers, magic links, phone, anonymous; NoSQL-style "Databases" with per-collection permissions; built-in websocket realtime on any collection, bucket or function; runtime for Node, PHP, Python, Dart, Ruby, Deno functions with triggers; storage with image transforms; self-hostable via Docker Compose or Appwrite Cloud with an EU (Frankfurt) region.
Weaknesses: Databases sit on MariaDB (less expressive than raw SQL); Messaging (push/email/SMS) is still labelled beta in 2026; scaling beyond a single node requires the Pro tier or custom Kubernetes.
Appwrite is right when your team wants Firebase DX without Google. On DanubeData you can self-host it on a single VPS with S3 for storage — more on that below.
2. Supabase — Postgres-first (briefly)
Supabase gets its own deep-dive article — see "Supabase Alternatives in Europe" for the full comparison. In short: Supabase is a Postgres-native BaaS with Auth (GoTrue), Storage (S3-backed), Edge Functions (Deno), and Realtime (replication stream → websocket).
Supabase Cloud offers an EU (Frankfurt) region. The project is fully open-source and self-hostable, which means you can run the exact same stack on DanubeData Kubernetes if you want zero US dependency.
Pick Supabase when: your app is Postgres-shaped (relational), you want a modern REST/GraphQL API auto-generated from your schema, and you value Row Level Security policies instead of writing authz middleware.
3. Nhost — GraphQL and EU-first
Nhost is the most EU-native managed BaaS — European company, primary region in Frankfurt (eu-central-1), GDPR/DPA prominently advertised. Under the hood: Hasura (instant GraphQL over Postgres with subscriptions), Hasura Auth (JWT, OAuth, magic links, MFA, webauthn), Hasura Storage (S3-backed, image transforms), and Serverless Functions (Node.js from your repo).
The killer feature is GraphQL-first DX: define Postgres tables, get typed queries, mutations and subscriptions instantly. Cost: free tier for hobbyists, then $25/mo Pro and up.
4. PocketBase — The Minimalist
PocketBase is a single Go binary. It embeds SQLite, ships an admin UI, exposes a REST API, handles auth, and supports realtime via SSE. Extract, run, done.
For MVPs, side projects and small production apps (under ~100k users), PocketBase is unreasonably productive — up and running on a €4.49/mo DanubeData VPS in 10 minutes. Trade-offs: single-node only, SQLite not ideal for write-heavy workloads, no built-in push (add ntfy or web-push), extension via Go hooks or embedded JS VM.
5. Parse Platform — The Veteran
Parse Platform is the open-sourced descendant of Facebook's Parse.com. Over a decade old, with battle-tested SDKs for iOS, Android, Unity, Flutter and JS, and MongoDB or Postgres as the backing store.
Strengths: arguably the best-maintained open-source mobile BaaS SDKs; LiveQuery for realtime; Parse Push unifies APNs and FCM; Cloud Code (Node.js) runs on database events. Weaknesses: dated dashboard, MongoDB can get messy at scale, smaller community than Appwrite or Supabase in 2026.
Pick Parse for mobile-first apps where you want the strongest open-source mobile SDKs and unified push without gluing services together.
6. Compose Your Own Stack on DanubeData (Recommended)
The most flexible, most auditable, and — once you're past prototyping — cheapest long-term path is to compose your own backend from managed primitives:
| Firebase Piece | DanubeData Replacement | Price | Notes |
|---|---|---|---|
| Firestore / Realtime DB | Managed PostgreSQL | €19.99/mo | Relational, JSONB for doc-style fields |
| Firebase Auth | Authentik on Knative | €5/mo | OIDC/SAML, passkeys, MFA, social login |
| Cloud Functions | Knative Serverless Containers | €5/mo per service | Scale to zero, any language, HTTP triggers |
| Firebase Storage | S3 Object Storage (Ceph) | €3.99/mo (1TB + 1TB egress) | S3 SDK compatible everywhere |
| Firebase Hosting | Knative static site / S3 + CDN | From €3.99/mo | Auto TLS, custom domain |
| FCM Push | ntfy + web-push + APNs bridge | Included with VPS/Knative | Self-hostable, open protocols |
| Realtime subscriptions | Postgres LISTEN/NOTIFY + WS service | Included | Or use Supabase Realtime on your DB |
Typical composable budget
For a production SaaS handling tens of thousands of MAUs:
- Managed Postgres (2 vCPU, 4GB) — €19.99/mo
- Knative Serverless (Auth + API + workers) — €10/mo (two services)
- S3 Object Storage (1TB) — €3.99/mo
- Managed Valkey cache (sessions, rate limiting) — €4.99/mo
Total: ~€38.96/month with €50 signup credit covering your first ~6 weeks.
A comparable Firebase setup at 10k DAU and modest usage commonly runs $100–$300/month once you factor Firestore reads, Cloud Function invocations, storage egress and FCM quotas. At 100k DAU, the gap widens dramatically.
Migration Guide: Firebase → DanubeData
Step 1: Audit What You Actually Use
Open Firebase Console → Usage & Billing. Note which services have non-zero usage (e.g. 180 Firestore collections / 48k Auth users / 14 Cloud Functions / 340 GB Storage / 20k FCM/day). That's your migration checklist.
Step 2: Firestore → PostgreSQL (JSONB)
Firestore is NoSQL, but most documents end up as rows with nested objects. Postgres JSONB handles this beautifully.
-- Firestore collection "users" → Postgres table
CREATE TABLE users (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
email TEXT UNIQUE NOT NULL,
metadata JSONB NOT NULL DEFAULT '{}'::jsonb,
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
);
CREATE INDEX users_metadata_gin ON users USING gin (metadata);
-- Subcollection "users/{uid}/orders" → child table
CREATE TABLE orders (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
user_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE,
items JSONB NOT NULL,
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
);
Export Firestore with gcloud firestore export, convert with a small Node script, then copy into Postgres.
Realtime via LISTEN/NOTIFY
Postgres triggers + pg_notify replicate Firestore's live updates:
CREATE OR REPLACE FUNCTION notify_order_change() RETURNS trigger AS $$
BEGIN
PERFORM pg_notify('orders_changed',
json_build_object('op', TG_OP, 'id', COALESCE(NEW.id, OLD.id))::text);
RETURN COALESCE(NEW, OLD);
END; $$ LANGUAGE plpgsql;
CREATE TRIGGER orders_notify AFTER INSERT OR UPDATE OR DELETE ON orders
FOR EACH ROW EXECUTE FUNCTION notify_order_change();
A small Node or Go service on Knative LISTENs to the channel and broadcasts to WebSocket clients — ~80 lines replaces Firestore realtime.
Step 3: Firebase Auth → Authentik
Authentik is an open-source IdP that speaks OIDC, SAML, LDAP and supports passkeys, TOTP, WebAuthn, social login, enterprise SSO and fine-grained policies. Deploy it as a Knative service on DanubeData backed by your managed Postgres and Valkey.
Migrate users with firebase auth:export users.json, then import via Authentik's API. Firebase's scrypt hashes are documented, so Authentik can verify existing passwords — no forced password reset.
Step 4: Cloud Functions → Knative Serverless Containers
Cloud Functions maps 1:1 to DanubeData Knative. The difference: you write a normal HTTP server instead of a Firebase handler.
// Before — Firebase Functions (Node)
export const createOrder = onRequest(async (req, res) => {
const {userId, items} = req.body;
res.json({ok: true, orderId});
});
// After — Knative (Node + Fastify)
import Fastify from "fastify";
const app = Fastify({logger: true});
app.post("/create-order", async (req) => {
const {rows} = await db.query(
"INSERT INTO orders (user_id, items, status) VALUES ($1, $2, 'pending') RETURNING id",
[req.body.userId, req.body.items]
);
return {ok: true, orderId: rows[0].id};
});
app.listen({port: 8080, host: "0.0.0.0"});
# Deploy with danube-cli — scales to zero when idle
danube serverless create api
--image ghcr.io/you/api:v1 --port 8080
--env DATABASE_URL=postgres://...
--min-scale 0 --max-scale 20
Firebase's built-in triggers (Firestore onWrite, Auth onCreate) become Postgres triggers → NOTIFY → a small dispatcher → your HTTP endpoints. About 20 lines of glue — but it's yours.
Step 5: Firebase Storage → S3 (Ceph)
Firebase Storage is Google Cloud Storage with ACL rules on top. On DanubeData, you get S3-compatible object storage backed by Ceph, in Falkenstein.
// Server-side: presigned PUT URL with any S3 SDK
const s3 = new S3Client({
endpoint: "https://s3.danubedata.ro",
region: "fsn1",
credentials: {accessKeyId: process.env.S3_KEY, secretAccessKey: process.env.S3_SECRET},
});
const url = await getSignedUrl(s3,
new PutObjectCommand({Bucket: "dd-42-avatars", Key: `users/${uid}/avatar.jpg`}),
{expiresIn: 900}
);
// Client uploads directly to S3 with this URL
Migrate existing files with rclone:
rclone sync firebase:my-project.appspot.com
danube-s3:dd-42-uploads --transfers 15 --progress
rclone check firebase:my-project.appspot.com danube-s3:dd-42-uploads
Step 6: FCM → ntfy, web-push, APNs
This is the trickiest replacement because FCM is deeply integrated into Android. For most apps, here is the pragmatic split:
- Web push — Use the W3C Push API directly with a self-hosted push server. No Google involvement.
- iOS push — Talk to Apple Push Notification service (APNs) directly from your Knative function using
node-apnor similar. Firebase was just a proxy anyway. - Android push — Two options:
- Use ntfy (ntfy.sh) — self-hosted push that runs in a Knative container. Your Android app subscribes via WebSocket. No Google Play Services required, works on GrapheneOS and degoogled devices.
- Keep FCM only for Android delivery — it's free, and the payload is end-to-end encrypted if you wrap it yourself. You stop using any other Firebase service.
// Example: unified push sender on Knative
import apn from "apn";
import webpush from "web-push";
import axios from "axios";
export async function sendPush(user, message) {
const targets = await db.getPushTargets(user.id);
await Promise.all(targets.map(t => {
if (t.platform === "ios") return apnProvider.send(note, t.token);
if (t.platform === "web") return webpush.sendNotification(t.sub, JSON.stringify(message));
if (t.platform === "ntfy") return axios.post(`https://ntfy.example.com/${t.topic}`, message);
}));
}
Step 7: Firebase Hosting → Knative or S3+CDN
Two paths on DanubeData:
- Static site on S3 + CDN — Upload your
dist/to a public bucket, point your domain at it. Simple, fast, ~€3.99/mo. - Knative serverless container — Ship a tiny nginx/caddy image serving your SPA. Adds flexibility (headers, SSR, rewrites) for ~€5/mo.
Mobile SDK Implications
The hardest question when leaving Firebase: how painful is the mobile SDK rewrite? Honest answer:
| Target | Firebase SDK | Alternative SDK | Effort |
|---|---|---|---|
| iOS (Swift) | FirebaseAuth, FirebaseFirestore | Appwrite Swift / Parse Swift / URLSession+OIDC | Medium |
| Android (Kotlin) | com.google.firebase:* | Appwrite Android / Parse Android / Retrofit+OIDC | Medium |
| Flutter | firebase_core, cloud_firestore | appwrite, supabase_flutter, parse_flutter | Small |
| React Native | @react-native-firebase/* | appwrite, supabase-js, parse | Small |
| Web (JS/TS) | firebase | appwrite, @supabase/supabase-js, pocketbase | Very small |
The composable stack route (custom API + OIDC) is the heaviest mobile lift but the most portable long-term — your SDK is just HTTP plus a JWT.
Cost Comparison at Scale
| Scenario | Firebase (Blaze) | Appwrite Self-Host | Nhost Pro (EU) | DanubeData Composable |
|---|---|---|---|---|
| MVP (1k MAU) | $0 (free tier) | €8.99/mo VPS | $0 (free tier) | €13.98/mo (VPS + S3) |
| Early stage (10k MAU) | $50–120/mo | €17.99/mo VPS | $25/mo | ~€35/mo |
| Growth (100k MAU) | $300–800/mo | €40–80/mo infra | $150+/mo | ~€60–100/mo |
| Scale (1M MAU) | $2,000–6,000/mo | €200–500/mo infra | Custom | ~€250–500/mo |
The Firebase numbers assume moderate writes, realtime usage, and Cloud Functions — they swing widely with app shape. What doesn't swing widely is the DanubeData composable price, because you're paying for infrastructure, not per-request.
Recommended Architecture on DanubeData
For a new European app in 2026, here is the architecture we'd recommend:
┌─────────────────────────────────────────────────────────┐
│ Web/Mobile Clients │
└──────────────┬──────────────────────────────┬───────────┘
│ HTTPS + JWT │ WebSocket
▼ ▼
┌─────────────────────────┐ ┌─────────────────────────┐
│ Knative Serverless API │ │ Realtime Service │
│ (Node / Go / Python) │ │ (LISTEN/NOTIFY → WS) │
│ Scale 0–N │ │ Scale 1–N │
└──────────┬──────────────┘ └──────────┬──────────────┘
│ │
└───────────────┬───────────────┘
▼
┌─────────────────────────────────────────────────────────┐
│ Managed PostgreSQL (DanubeData) │
│ JSONB + RLS + LISTEN/NOTIFY + Read Replica │
└─────────────────────────────────────────────────────────┘
│ │ │
▼ ▼ ▼
┌──────────────────┐ ┌──────────────────┐ ┌──────────────────┐
│ Authentik │ │ S3 (Ceph) │ │ Valkey Cache │
│ (OIDC / SAML) │ │ User uploads │ │ Sessions / RL │
│ on Knative │ │ €3.99/mo/1TB │ │ €4.99/mo │
└──────────────────┘ └──────────────────┘ └──────────────────┘
Everything in Falkenstein, Germany. Everything open-source or standard. Everything portable — you can move to any other provider later if you ever want to.
FAQ
How do I migrate a Firestore data model to Postgres?
Treat each top-level collection as a table. Convert subcollections into child tables with a foreign key to the parent. Nested maps and arrays become JSONB columns — you can still query them with ->, ->>, @>, and GIN indexes. Most teams find that 70% of their data was already relational in disguise, and forcing it into a schema reveals bugs they didn't know they had.
What replaces Firestore's realtime subscriptions?
Three options, from simplest to most capable: (1) Postgres LISTEN/NOTIFY + a tiny WebSocket broadcaster, (2) Supabase Realtime (which consumes Postgres replication slots) — self-hostable on DanubeData Kubernetes, (3) Appwrite's built-in realtime API. All three give you Firestore-like live updates without Google.
Do these alternatives have mobile SDKs as good as Firebase?
Appwrite and Parse have the strongest open-source mobile SDKs in 2026. For Flutter, Supabase's supabase_flutter is excellent. For React Native, all three are strong. iOS/Swift and Android/Kotlin clients for Appwrite and Parse cover auth, database, storage, and realtime out of the box. You won't lose much DX; you'll gain control.
Will the CLOUD Act still apply to my European Firebase alternative?
Only if the provider is a US entity or a subsidiary of one. DanubeData is a European operator with infrastructure exclusively in Falkenstein, Germany — not subject to the CLOUD Act. Appwrite Cloud (headquartered in the Netherlands) and Nhost (headquartered in Sweden) are also clean. Supabase's parent company is US-based even when you pick an EU region — worth noting for Schrems II reviews, though self-hosting Supabase eliminates the exposure.
How do I handle push notifications without FCM?
For iOS, connect directly to APNs — Firebase was a wrapper around it anyway. For web, use the standard W3C Push API with a self-hosted push server or VAPID. For Android, the most private option is ntfy (ntfy.sh) running on your own Knative service; your app connects via WebSocket and receives pushes without Google Play Services. Many teams adopt a pragmatic hybrid: ntfy for everything except Android stock builds, where FCM is kept just for delivery with the payload end-to-end encrypted.
What about offline sync (Firestore's killer feature)?
Firestore's offline mode is genuinely hard to replicate. The current best open-source answers are WatermelonDB (React Native), PowerSync (cross-platform sync engine for Postgres), and ElectricSQL (SQLite on the client, Postgres on the server, CRDT-based sync). All three work on a Postgres backend — and PowerSync/ElectricSQL can run on DanubeData Kubernetes. If offline is core to your product, evaluate these before committing to a stack.
Is self-hosting Appwrite a lot of work to maintain?
Less than you'd think. Appwrite ships a Docker Compose setup that runs on a single €17.99 DanubeData VPS and handles a few thousand MAU easily. Back up MariaDB nightly (Postgres if you swap the driver), point image storage at S3, and keep the container up-to-date. Total maintenance: about 30 minutes a month. For larger scale, move to Kubernetes — still easier than running a bespoke Firebase replica.
Can I migrate incrementally, or is it all-or-nothing?
Absolutely incremental. The usual order is: (1) Firebase Storage → S3 first (easiest, no user impact), (2) Cloud Functions → Knative (each function moves independently), (3) Firebase Auth → Authentik with a hybrid period where both accept tokens, (4) Firestore → Postgres table-by-table with dual-writes during transition, (5) FCM last. Large production apps typically take 6–12 weeks end-to-end, with no user-visible downtime.
Get Started Today
The European BaaS ecosystem is stronger in 2026 than it has ever been. You no longer have to choose between Firebase's DX and GDPR compliance — you can have both.
Recommended starting points:
- Small project / MVP: PocketBase on a €4.49/mo DanubeData VPS — up in 10 minutes, will carry you to the first 10k users.
- Mobile-first app: Self-host Appwrite or Parse Platform on DanubeData — best open-source mobile SDKs.
- Postgres-shaped SaaS: DanubeData Managed PostgreSQL (€19.99/mo) + Knative Serverless (€5/mo) + S3 (€3.99/mo) + Authentik for auth. ~€35/mo, Firebase-equivalent, Schrems II safe.
- GraphQL team: Nhost managed (EU) or self-host Hasura on DanubeData Kubernetes.
DanubeData makes the composable path cheap:
- €4.49/mo VPS for simple self-hosted BaaS (Appwrite, PocketBase, Parse)
- €19.99/mo Managed Postgres with automated backups
- €3.99/mo S3 Object Storage (1TB included)
- €4.99/mo Managed Valkey / Redis / Dragonfly cache
- €5/mo Serverless containers (Knative, scale-to-zero)
- 20TB outbound traffic included with every VPS
- €50 signup credit — covers your first month completely
- Falkenstein, Germany — GDPR-compliant, Schrems II safe, no CLOUD Act
Ready to leave Firebase behind?
👉 Start with €50 credit on DanubeData
Planning a migration? Talk to our team — we've helped dozens of companies move off Firebase and are happy to sketch an architecture with you at no charge.
