# Migrating DronaHQ to Code: The Complete Playbook (2026)

- Tool: No-Code to Code Migrations
- Last updated: July 2026

## TL;DR

DronaHQ is an active platform, but its self-hosted mode still depends on a license key validated against DronaHQ servers — you are not fully free. App JSON is exportable but not runnable outside their runtime. Data via connectors is always yours. Teams migrate when license costs or the proprietary runtime dependency outweighs drag-drop convenience. Typical agency migration: 6–10 weeks, $13K–$25K.

## Platform status

- Status: active — Deltecs Infotech; SOC-II and ISO 27001 certified. Self-hosted repo (github.com/dronahq/self-hosted) maintained with docs commits as of June 2026. Actively targeted Internal.io refugees after that platform shut down in December 2023.
- Migration urgency: low
- Typical timeline: 6–10 weeks
- Typical cost: $13K–$25K (agency, fixed)

## Why migrate

DronaHQ is a capable internal-tool builder, but its runtime is proprietary even on self-hosted deployments. Teams migrate when the license dependency, pricing, or UI limitations cross an economic threshold.

- **Proprietary runtime, even self-hosted** — The self-hosted repo (github.com/dronahq/self-hosted) contains Docker and setup scripts plus a LICENSE_KEY validated against license.dronahq.com — not an open-source eject. Your apps still depend on DronaHQ's proprietary engine regardless of where it runs.
- **JSON export is config, not code** — DronaHQ allows app export as JSON but apps must be published first and the JSON is not a runnable standalone application. Git push/pull is only available on self-hosted. The export serves as documentation, not a portability path.
- **Self-host is licensed, not libre** — HIPAA compliance requires the self-hosted tier, which requires a license key. License renewal means vendor dependency continues indefinitely — self-hosting does not eliminate the DronaHQ relationship.
- **30-day data window on termination** — On cancellation, DronaHQ provides a 30-day data-copy window. Missing this window is the highest-severity exit risk. Teams who discover this policy after canceling face data recovery urgency.
- **Feature gating stack** — Self-hosted (for HIPAA), Git version control, PDF builder, public forms, and approval workflows are all gated behind paid tiers. Teams that need multiple of these simultaneously see rapid cost escalation.

## What you can export

Your data (in connected external sources) is always yours. App definitions export as JSON but are not runnable outside DronaHQ's runtime — there is no source-code eject.

| Asset | Exportable | How |
| --- | --- | --- |
| Data | yes | Exportable on any plan via connected data sources (Postgres, MySQL, REST APIs); 30-day data-copy window granted on termination |
| Code | no | JSON app export available after publishing; self-hosted adds Git push/pull |
| Design/UI | no | No HTML or React export |
| Logic/Workflows | partial | Approval workflows and automation rules are included in the JSON export |
| Users & Auth | partial | User list manageable via admin panel; SSO config (SAML/OIDC) is provider-side portable |

## Stack mapping

Each DronaHQ concept maps cleanly to a Next.js + Supabase equivalent — the connector model means data migration is typically minimal.

| Platform concept | Code equivalent |
| --- | --- |
| DronaHQ app screens | Next.js pages (App Router) with server-side auth guard |
| DronaHQ connectors (Postgres, MySQL, REST, GraphQL) | Supabase queries + Next.js Route Handlers |
| DronaHQ drag-drop UI (tables, forms, detail views) | shadcn/ui + Radix UI React components |
| DronaHQ approval workflows | Supabase database-driven state machine + Edge Function notifications |
| DronaHQ PDF builder | React-PDF or Puppeteer in a Next.js Route Handler |
| DronaHQ RBAC (roles per app/screen) | Supabase RLS + role column; Next.js middleware |
| DronaHQ public forms | Next.js public routes with Supabase insert + RLS policy |
| DronaHQ self-hosted (Docker + license key) | Vercel + Supabase cloud |

## Migration roadmap

Four phases: secure your data and export first, then rebuild foundation, then port workflows, then cut over with a parallel-run period.

### Phase 1: Export & Audit (urgent first step) (1 week)

- Export all app JSON before initiating any plan change or cancellation
- Confirm the 30-day data-copy window policy with DronaHQ support
- Inventory every connector: type, host, credentials, tables/endpoints used
- Screenshot every screen and workflow for rebuild specification
- Note license key expiry date if self-hosted

> Watch out: Do not cancel your plan before completing data export; the 30-day window starts on cancellation

### Phase 2: Foundation Setup (1–2 weeks)

- Provision Supabase project; create schemas mirroring your existing data sources
- Set up Next.js project with App Router, Tailwind, shadcn/ui
- Configure Supabase Auth with role column on users table
- Implement RLS policies matching DronaHQ's role/screen permission matrix
- Confirm new stack HIPAA/BAA coverage if applicable

### Phase 3: UI & Connector Migration (2–4 weeks)

- Build one Next.js page per DronaHQ screen using screenshots as spec
- Replace each connector with direct Supabase query or Route Handler
- Implement DataTable components for list views; forms with react-hook-form + zod
- Build PDF generation if used (React-PDF or Puppeteer Route Handler)

### Phase 4: Approval Workflow Rebuild (1–2 weeks)

- Map every approval workflow step-by-step from the JSON export
- Implement state machine in Supabase (status column + transitions)
- Wire Edge Function notifications for each workflow transition
- Test end-to-end with real workflow scenarios

> Watch out: Multi-step approval chains with conditional routing are the most time-intensive feature to rebuild; allocate a dedicated sprint

### Phase 5: Parallel Run & Cutover (1 week)

- Run DronaHQ and new app in parallel; validate parity page by page
- Perform forced password reset for built-in auth users
- Update SSO redirect URLs for SAML/OIDC users
- Cut over before license key expiry if self-hosted

## Cost paths

| Path | Cost | Timeline | Fits |
| --- | --- | --- | --- |
| DIY (with AI tools) | $0–500 + time | 3–6 months part-time | Technical founders comfortable with Next.js and Supabase; apps with simple CRUD screens and no complex approval workflows |
| Freelancer | $3K–10K | 6–10 weeks | Apps with clear scope, limited approval workflows, and an internal technical contact who can QA outputs |
| Agency (RapidDev) | $13K–25K fixed | 6–10 weeks | Teams with complex approval chains, HIPAA compliance requirements, or customer-facing portals who need a predictable timeline and fixed price |

## Risks and mitigations

- **Missing the 30-day data window** — Set calendar reminders from cancellation date; initiate data export on day 1 of the window, not day 29
- **License key dependency breaking production** — If self-hosted, confirm license key expiry date before starting migration and plan cutover before that date; production apps will break when the key expires
- **Approval workflow complexity underestimated** — Map every workflow step, condition, and notification from the JSON export before writing code; allocate a dedicated sprint for workflows alone
- **HIPAA compliance gap during transition** — Confirm Supabase BAA coverage and Next.js hosting HIPAA posture before initiating cutover; do not run parallel systems past your BAA coverage window
- **Built-in auth users disrupted** — Plan a forced password reset flow; communicate to users in advance; SSO (SAML/OIDC) users are unaffected

## Stay or go

Stay if:

- You need rapid internal-tool iteration and approval workflows without engineering overhead and current pricing is within budget
- Your team is HIPAA-regulated and DronaHQ's self-hosted plus BAA already covers your compliance posture
- You are using DronaHQ as an Internal.io replacement and the platform fully meets current operational needs
- The license renewal cost is materially less than the estimated migration cost at your current app complexity

Go if:

- Self-host license renewal cost is approaching the economics of maintaining a custom Next.js + Supabase stack
- You need customer-facing UI with custom branding beyond DronaHQ's internal-tool aesthetic
- You want to eliminate the proprietary runtime and license-key dependency entirely and own your infrastructure
- Approval workflow complexity or PDF generation needs have pushed you to multiple paid tiers simultaneously

DronaHQ is a competent Internal.io successor. The migration case is economic or compliance-driven; the proprietary license-key self-host model is the key friction point, not platform quality.

## Migration checklist

- Export all app JSON files before initiating any plan change or cancellation — The JSON export is your rebuild specification; once you cancel, access may be restricted before the data window opens
- Confirm the 30-day data-copy window policy with DronaHQ support before canceling — Policy details matter; you need written confirmation of exactly when the window opens and what's included
- Inventory every connector: document data source type, host, credentials, tables/endpoints used — Connectors are your data access layer; missing one means a broken feature in the new app
- Map all approval workflows step-by-step from the JSON export — Approval workflows are the most business-critical and most time-intensive feature to rebuild; the spec must be complete before coding starts
- Verify license key expiry date if self-hosted — plan cutover before that date — A lapsed license key breaks production apps; this is a hard deadline, not a suggestion
- Confirm new stack's HIPAA/BAA coverage if applicable before switching — Cutting over to an uncovered stack, even briefly, creates a compliance gap that may require disclosure

## Frequently asked questions

### Can I export my DronaHQ app code?

You can export app definitions as JSON, but the JSON only runs on DronaHQ's proprietary runtime — cloud or self-hosted Docker with an active license key. There is no standalone code eject. The JSON is useful as a rebuild specification, not as deployable code.

### Can I export my data from DronaHQ?

Yes — DronaHQ connects to your own databases and APIs; it does not store your source data. Your Postgres, MySQL, and REST API data is already in systems you control. On termination, DronaHQ provides a 30-day data-copy window; initiate extraction on day 1, not day 29.

### How long does migrating from DronaHQ take?

Typically 6–10 weeks for a standard internal-tool app. Approval workflow complexity is the main variable — each multi-step workflow with conditional routing adds time. Apps with no approval workflows or PDF generation are on the shorter end of that range.

### What happens to my users and passwords when I migrate?

Users on SSO (SAML/OIDC) migrate cleanly — their IdP config is provider-side portable and unaffected. Users on DronaHQ's built-in auth will need a forced password reset on the new platform; password hashes are not exported.

### Is DronaHQ's self-hosted version truly open source?

No. The self-hosted repo (github.com/dronahq/self-hosted) contains Docker setup scripts and a LICENSE_KEY that must be validated against DronaHQ's license server. It is not an open-source eject; your apps remain dependent on DronaHQ's proprietary runtime and an active license.

### Is DronaHQ shutting down?

No — as of June 2026 the platform is actively maintained (SOC-II, ISO 27001 certified, recent docs commits). The migration case is economic or compliance-driven, not a shutdown risk. DronaHQ actually grew after Internal.io's shutdown in December 2023.

### Can RapidDev handle a DronaHQ migration with complex approval workflows?

Yes. RapidDev offers fixed-price DronaHQ migrations ($13K–$25K, 6–10 weeks) including approval workflow state machine implementation, PDF generation, and HIPAA-compliant stack setup. Book a free scoping call to get an accurate estimate based on your workflow count and complexity.

### Does DronaHQ work for HIPAA-compliant use cases?

DronaHQ offers a self-hosted deployment path intended for HIPAA compliance. However, that path requires an active paid license key validated against DronaHQ's servers. If you are migrating for HIPAA reasons, ensure your new stack (Next.js + Supabase) has an equivalent BAA in place before cutting over.

---

Source: https://www.rapidevelopers.com/no-code-to-code/how-to-migrate-dronahq-project-to-code
© RapidDev — https://www.rapidevelopers.com/no-code-to-code/how-to-migrate-dronahq-project-to-code
