Migrate primary domain from frontman.sh to getfrontman.com

[BlueHotDog]

Summary

Migrate the primary domain from frontman.sh to getfrontman.com. This touches DNS, infrastructure, SDK libraries, marketing site, email, and third-party service integrations.

Current State (audited 2026-04-03)

Cloudflare

• frontman.sh — fully configured: A record for api (Hetzner 46.225.13.x, proxied), CNAMEs for app/root/www (proxied), 5 Google Workspace MX records, Resend MX on send, SPF/DKIM/DMARC TXT records, WorkOS + Google + Pinterest verification TXT records
• getfrontman.com — zone exists in Cloudflare, zero DNS records configured

Codebase

• 247 occurrences of frontman.sh across 115 files
• Single source of truth for API host: libs/frontman-core/src/FrontmanCore__Hosts.res
• Subdomains in use: api.frontman.sh (Phoenix API/WS), app.frontman.sh (client bundle CDN), root (marketing site)

Migration Plan

Phase 1: DNS + External Services (before any code changes)

• DNS records on getfrontman.com — mirror frontman.sh zone:
  • A api.getfrontman.com → 46.225.13.x (DNS-only so Caddy can ACME)
  • CNAME getfrontman.com → same target as frontman.sh root
  • CNAME www.getfrontman.com → same target
  • CNAME app.getfrontman.com → same target as app.frontman.sh
  • All 5 Google Workspace MX records on root
  • MX send.getfrontman.com → same as send.frontman.sh
  • SPF, DMARC TXT records
• Resend — verify getfrontman.com as sending domain, get new DKIM TXT records
• WorkOS — add getfrontman.com OAuth redirect URIs (keep old ones)
• Google Workspace — add getfrontman.com as alias domain
• Google Search Console — add getfrontman.com property
• Caddy on Hetzner — add api.getfrontman.com server block alongside existing api.frontman.sh (both proxy to same backend, Caddy gets certs for both)

Phase 2: Code Changes (ship before DNS cutover)

• FrontmanCore__Hosts.res — update apiHost, clientJs, clientCss to getfrontman.com subdomains
• runtime.exs — add getfrontman.com patterns to check_origin (keep frontman.sh patterns too)
• user_notifier.ex — update @from email address from danni@frontman.sh to danni@getfrontman.com
• astro.config.mjs — update site: "https://getfrontman.com"
• Marketing content — update all frontman.sh URLs in blog posts, comparison pages, layouts, structured data, llms.txt
• Infra templates — update DOMAIN in deploy.sh, server-setup.sh, Caddyfile.template, env.template
• render.yaml — update PHX_HOST (if still in use)
• WordPress plugin — update hardcoded domain refs in frontman.php and class-frontman-ui.php
• Package.json files — update homepage/repository URLs across all libs
• Release new SDK versions with updated hosts

Phase 3: DNS Cutover

• Verify Caddy has obtained certs for api.getfrontman.com
• Switch Cloudflare proxy status on api.getfrontman.com from DNS-only to proxied (if desired)
• Update production env files on Hetzner: PHX_HOST=api.getfrontman.com
• Restart Phoenix to pick up new host
• Verify marketing site serves on getfrontman.com
• Verify API + WebSocket on api.getfrontman.com
• Verify email sending from @getfrontman.com

Phase 4: Redirects + Transition

• Cloudflare Bulk Redirects on frontman.sh zone: frontman.sh/* → https://getfrontman.com/$1 (301)
• Keep api.frontman.sh alive — both domains in Caddy, same backend. Do NOT redirect API traffic (breaks WebSockets and existing SDK versions)
• Submit Google Search Console change-of-address from frontman.sh → getfrontman.com
• Update IndexNow key for new domain (apps/marketing/scripts/indexnow.mjs)

Phase 5: Cleanup (after 6+ months)

• Remove frontman.sh patterns from check_origin
• Remove old WorkOS redirect URIs
• Audit remaining frontman.sh references
• Consider sunsetting frontman.sh DNS (keep api.frontman.sh as long as any SDK version in the wild uses it)

Key Risks

1. SDK breaking change — existing installed integrations hardcode api.frontman.sh. Must keep that domain resolving and serving the same backend indefinitely (or until usage drops to zero).
2. SEO — 301 redirects preserve ~90-95% of link equity but there will be a temporary ranking dip. All backlinks, Google index, AI training data reference frontman.sh.
3. Email deliverability — new domain needs reputation warm-up. Consider keeping frontman.sh as the sending domain initially and switching gradually.
4. WebSocket connections — check_origin must accept both domains during the entire transition period.

Files with frontman.sh references (key ones)

Infrastructure:

• infra/production/Caddyfile.template
• infra/production/deploy.sh
• infra/production/server-setup.sh
• infra/production/env.template
• render.yaml

SDK/Libraries:

• libs/frontman-core/src/FrontmanCore__Hosts.res (single source of truth)
• libs/frontman-vite/src/FrontmanVite__Config.res
• libs/frontman-nextjs/src/FrontmanNextjs__Config.res
• libs/frontman-wordpress/frontman.php
• libs/frontman-wordpress/includes/class-frontman-ui.php

Server:

• apps/frontman_server/config/runtime.exs
• apps/frontman_server/lib/frontman_server/accounts/user_notifier.ex
• apps/frontman_server/lib/frontman_server_web/user_auth.ex

Marketing:

• apps/marketing/astro.config.mjs
• apps/marketing/public/llms.txt
• ~50+ blog/content markdown files
• Multiple .astro layout and page files