Live incident — 164 civic domains taken offline simultaneously · April 3, 2026 · Cloudflare Case #02055919 open and unanswered
The Cookbook

Your sovereign stack — step by step

The migration is not complex. It has been executed at scale — 164 domains in a single day — using the tools below. All open. All documented. All yours.

What you're leaving
Cloudflare Workers
Routing logic that can be switched off without notice. Free plan: 100k req/day hard limit. Payment gateway broken by design.
Cloudflare DNS (as compute dependency)
Free DNS is fine in isolation. The trap is routing business logic through Workers attached to it.
Any single-vendor critical path
If one company can take you offline without a phone call, you are not sovereign.
What you're building
Replit — Development & Deployment
Your build environment. The migration cookbook lives here. Rapid iteration, full control of routing logic.
Fly.io — Routing & Compute
Your routing script handles all traffic by Host header. Shared machine, no per-domain cost. Already live.
Bunny DNS — Authoritative DNS
Fast global anycast DNS. Clean REST API — create zones, add A records, and bulk-migrate all domains with a script. NS: kiki.bunny.net / coco.bunny.net.
Porkbun — Domain Registration
Nameserver updates scriptable via API. Point to Hetzner nameservers. Bulk update available.
NetSentinel — Attack Filtering
Drop-in Node.js middleware. Detects 22 attack signatures. RIPE NCC abuse contact lookup. Federated network. No Cloudflare dependency.

The migration sequence

# Phase 1: Deploy routing layer — do this once for all domains
1. Create Fly.io app (free tier, shared machine)
2. Deploy routing script — reads Host: header, proxies to your platform
3. Add health check endpoint to proxy (/health returns 200 JSON)
4. Set autostop = "suspend" — 2s resume vs 30s cold boot
5. Create second machine in a second region (East Coast + West Coast)
6. Note Fly.io shared IP address

# Phase 2: Canary domain first — validate end-to-end
7. Create Bunny DNS zone for first domain (API call)
8. Add A record → Fly.io IP
9. Update Porkbun nameservers → kiki.bunny.net / coco.bunny.net
10. Wait 15–30 min, verify TLS + site loads cleanly
11. Confirm: no Cloudflare in response headers

# Phase 3: Batch the rest — scriptable at ~30s/domain
12. Script Bunny DNS zone creation via API for all remaining domains
13. Script Porkbun nameserver updates via API (bulk endpoint available)
14. Run status checker — domains turn green when DNS propagates

# If the proxy goes silent: one-line recovery (no CLI tools required)
# curl -X POST https://api.machines.dev/v1/apps/APP/machines/ID/restart
# -H "Authorization: Bearer $FLY_IO_TOKEN"

# Total cost after migration: ~$0.01/month (Bunny DNS free, Fly shared machine)
# Time to migrate 164 domains after canary: < 4 hours with scripts
The health check is not optional. Without it, Fly.io cannot detect when your proxy enters a broken state and will not auto-restart it. A machine that looks "started" can silently stop routing traffic. The health check is what converts a human-dependent recovery into an automatic one.
Submit Your Cloudflare Incident →