For a single server why would you use cloud services rather than go the self-owned route?

skiing_crawling 14 hours ago | parent [-]

A "single server" covers a pretty large range of scale, its more about how F-droid is used and perceived. Package repos are infrastructure, and reliability is important. A server behind someone's TV is much more susceptible to power outages, network issues, accidents, and tampering. Again, I don't know that's the case since they didn't really say anything specific.

> not hosted in just any data center where commodity hardware is managed by some unknown staff

I took this to mean it's not in a colo facility either, assumed it mean't someone's home, AKA residential power and internet.

	▲	secabeen 9 hours ago \| parent \| next [-]
		The F-Droid repos are provided by redundant mirrors: https://f-droid.org/en/docs/Running_a_Mirror/ If this is the hidden master server that only the mirrors talk to, then it's redundancy is largely irrelevant. Yes, if it's down, new packages can't be uploaded, but that doesn't affect downloads at all. We also know nothing about the backup setup they have. A lot depends on the threat model they're operating under. If state-level actors and supply chain attacks are the primary threats, they may be better off having their system under the control of a few trusted contributors versus a large corporation that they have little to no influence over.
	▲	AndrewDucker 13 hours ago \| parent \| prev [-]
		Ah. I took "not just any data center" to mean "in a specific co-location facility where they trust the person responsible for it". I agree that "behind someone's TV" would be a terrible idea.