If going down the Nginx DNS route, I would double-check and test:
- When does Nginx check/refresh the IP(s) from DNS?
- Does Nginx health-check the IP(s)?
If Nginx only checks DNS on initial load, a specific interval, and/or TTL expiry (not sure what the TTLs are on the .internal Fly DNS records) - you may have a larger than expected outage when you update your back-end app.
Even if Nginx does regularly update the IPs from DNS - if it doesn’t health-check them (and only send to those that are responive), you may still end up with an outage when you update your back-end app due to stale Fly DNS records.
Apparently Machines currently have static private IPs.