Skip to Content

Building a 100% Sovereign Cloud: The ERP/CRM Challenge

June 23, 2026 by
Building a 100% Sovereign Cloud: The ERP/CRM Challenge
Patrii Cloud inc., Guillaume Harvey
Everyone is selling "sovereign cloud" these days. Look closely, though, most of it comes down to one thing: location. The data sits in a Canadian data centre, a flag goes on the website, and that's supposed to be the end of the conversation.

But location isn't sovereignty. If the technology running underneath was built, licensed and controlled by a foreign company, your data centre's postal code doesn't change who ultimately holds the keys. A server in Montreal running a stack you don't own and can't audit is still exposed, whether to foreign legislation like the US Cloud Act, to vendor lock-in, or simply to decisions made in a boardroom on another continent.

We wanted to change that. Not the location, the whole thing, top to bottom.

That's the story of Patrii Cloud, and in particular the part of it that nearly broke us: building our own ERP and CRM.

What "sovereign" actually means to us

When we started, we set a hard rule for ourselves. Every layer of the platform had to be something we could install, run, audit and control on Canadian soil, on technology we genuinely owned or could legally make our own.

The infrastructure layer was demanding but tractable. Compute, networking, block and object storage that's S3 compatible, images, load balancing, NFS as a service, managed databases (we even added custom Valkey and FerretDB options), Kubernetes, DNS as a service, secrets and certificate management. OpenStack gave us a strong, open foundation for most of that.

We also knew that asking people to "go sovereign" is meaningless if leaving their current provider is a nightmare. So we built Tramontane, our cloud migration service, specifically to make moving workloads over to us easy. Sovereignty you can't actually reach isn't sovereignty, it's marketing.

But one piece refused to fit neatly into the plan: the ERP and CRM.

Why ownership mattered more than features

Plenty of ERP and CRM platforms offer every feature we wanted. That was never the hard part.

The hard part was ownership. A truly sovereign cloud can't run its own business on a third party's hosted platform sitting on foreign infrastructure. It would be hypocritical to ask our clients to repatriate their data while we quietly shipped our own customer records, invoices and employee information off to someone else's SaaS.

We needed a platform we could install inside our own Canadian cloud, run entirely under our control, and keep our customers' and employees' data at home. That single requirement eliminated almost every off-the-shelf option overnight.

Build from scratch, or stand on open source?

This left our team with a classic engineering fork in the road: start from the ground up, or build on top of an existing open-source project with a license permissive enough to rebrand and extend, something like LGPL or MIT.

Building from zero would have given us total control, but it would have cost us years we didn't have. Building on solid open source let us move faster, as long as we respected the license and were willing to do the genuinely hard work ourselves rather than just slapping our logo on someone else's product.

After weighing it, we chose to fork Odoo CE.

Meet Lynx ERP/CRM

Forking was just the starting line, not the finish.

The community edition gave us a foundation, but it was missing the enterprise functionalities we needed to actually run a company. So we recreated almost all of them ourselves, from the ground up, because we weren't building this as a side experiment. We were building the system our own business would live or die on. On top of that foundation, we layered roughly 300 proprietary addons to create what is now Lynx ERP/CRM.

Today, from a single platform, our company can:
  • Manage customer relations and track leads
  • Host company meetings
  • Accept and automatically reconcile Interac payments straight from auto-deposit
  • Generate quotations
  • Follow income and expenses
  • Track subscriptions
... and a great deal more.

That Interac auto-deposit reconciliation deserves a special mention. Anyone who has manually matched incoming payments to invoices knows how tedious and error-prone it is. Automating it for the Canadian payment reality, rather than the American one most platforms assume, was exactly the kind of detail that convinced us we were right to own the stack instead of renting it.

Knowing when to stop (the perfectionist's curse)

If we're honest, the single hardest part of building Lynx wasn't technical. It was knowing when to stop.

Something funny happens when you build a platform you also use yourself: every day of onboarding surfaces a new need. We'd discover a workflow that could be smoother, a report that could be smarter, an integration that would save someone ten minutes a day. For a team of perfectionists, that's intoxicating and dangerous in equal measure.

The ideas never stopped coming. They still haven't. And you can't ship them all at once, no matter how much you want to. At some point you have to draw a line in the sand and say the words that are genuinely hard for people like us to say out loud:
This is the first public customer release.

Not the final version. Not the perfect version. The first one good enough to put real customers' trust in, with a roadmap full of everything we're still excited to build.

Compliance, built in

There's one more piece we're especially proud of: the Lynx compliance module, offered at a fixed price per year.

It's designed to help our clients actually succeed at achieving certification for NIST, GDPR, ISO 27001, SOC 2 and more. But it goes well beyond just handing you a checklist and wishing you luck. The module integrates with the Patrii Cloud Console, GitHub, Atlassian and other tools to pull in the information needed to automatically complete tasks inside Lynx.

And because Lynx already has many of the applications these frameworks require built right in, you can fetch your own data to fill out the remaining tasks, no scattered spreadsheets, no manual copy-paste, no audit-season panic.

Compliance also helps you connect with your partners. You can share your compliance public certificate with your customers, or grant your auditor direct access to your compliance records when it's time for review, turning what is usually a painful back-and-forth into a simple, controlled handoff.

We also know that software can only take you so far. Sometimes you need a human expert in your corner. That's why we're signing partnerships with security specialists, so that clients who want extra hands-on consulting for their compliance journey can be referred to trusted experts who know the frameworks inside and out. The tooling does the heavy lifting; the specialists help with the judgment calls.

And we'll be honest with you, because honesty is kind of the whole point here: we haven't completed our own certifications yet. But we're actively working toward them using this very same technology, our own ecosystem, putting it through its paces exactly the way our clients will. We're our own first test case. That means by the time you adopt it, the path will be even smoother, because we'll have walked every step of it ourselves first.

We're shipping it

So here we are. We're proud to announce the release of our first SaaS offering.
We're not just selling it, we're running our own company on it in production, right now, alongside a handful of other clients who already came aboard. It's not a demo or a promise. It's the platform we trust with our own business.

If you've been looking for a way to bring your customer and employee data back home, onto a cloud that's sovereign all the way down and not just on the map, this is your invitation.

Join us, and repatriate your data to a cloud that's truly yours.

Patrii Cloud Service is Now in Beta!