📞 Outbound Call Limiter

1. System Overview

The Outbound Call Limiter is a Cloudflare Workers-based system that enforces per-phone-number daily call limits. It integrates with Telnyx telephony to manage outbound calls from fitness clubs.

Key Capabilities

• ✅ Process CSV files with phone numbers and daily call limits
• ✅ Check if a phone number can be called based on current day's usage
• ✅ Automatically reset call counts at midnight EST
• ✅ Handle Telnyx webhooks for call control
• ✅ Support zero-downtime CSV uploads using versioned tables

2. Architecture & Components

Cloudflare Resources

Resource	Name	Purpose
Worker	outbound-fitness-international	Main application logic
D1 Database	outbound_limiter_db	Stores phone numbers, limits, and call logs
D1 Database	inbound-fitness-international	Looks up club phone numbers
R2 Bucket	fitness-assets	Stores CSV uploads and static assets
KV Namespace	PROGRESS_KV	Tracks CSV upload progress
Queue	csv-split-queue	Splits large CSV files into chunks
Queue	csv-processing-queue	Processes CSV chunks in parallel

Database Schema

Main Tables

• outbound_numbers_MMDD_N - Versioned phone number tables (e.g., outbound_numbers_1211_1)
• active_table - JSON array tracking which versioned tables are active
• call_logs - History of all call attempts (allowed and blocked)
• upload_history - Tracks all CSV uploads and their status

Data Flow

3. API Endpoints Reference

4. Core Functions Breakdown

Main Entry Points

fetch(request, env, ctx)

Purpose: Main HTTP request handler

Routes:

• GET / → serveHomeUI()
• GET /outbound → serveUploadUI()
• POST /outbound/upload → handleCSVUpload()
• GET /outbound/check → checkLimit()
• GET /outbound/stats → getStats()
• DELETE /outbound/delete → handleDeletePhone()
• POST /telnyx/webhook → handleTelnyxWebhook()

queue(batch, env)

Purpose: Handle messages from Cloudflare Queues

Queues:

• csv-split-queue → handleSplitQueue()
• csv-processing-queue → handleProcessQueue()

scheduled(event, env, ctx)

Purpose: Daily cleanup task (runs at midnight UTC via cron)

What it does:

• Deletes all files in R2 bucket uploads/ directory
• CSV chunks only needed during processing, safe to delete after

CSV Upload Functions

handleCSVUpload(request, env, corsHeaders)

Purpose: Receives CSV file and initiates processing pipeline

Steps:

1. Parse multipart/form-data to extract CSV file
2. Generate unique uploadId (UUID)
3. Store CSV in R2: uploads/{uploadId}/original.csv
4. Create upload_history record with status="processing"
5. Send message to csv-split-queue

handleSplitQueue(batch, env)

Purpose: Split large CSV into 100K-row chunks for parallel processing

Steps:

1. Fetch CSV from R2 (uploads/{uploadId}/original.csv)
2. Parse CSV and split into chunks of 100K rows each
3. Generate next available table name (e.g., outbound_numbers_1211_1)
4. Create new empty versioned table
5. Store each chunk in R2: uploads/{uploadId}/chunk-{N}.csv
6. Send chunk messages to csv-processing-queue

handleProcessQueue(batch, env)

Purpose: Process individual CSV chunks in parallel

Steps:

1. Check if chunk already processed (prevents duplicates)
2. Fetch chunk from R2: uploads/{uploadId}/chunk-{N}.csv
3. For FIRST chunk only: Add new table to active_table array immediately
4. Parse chunk and normalize phone numbers
5. Batch insert records into versioned table (INSERT OR REPLACE)
6. Update upload_history progress counters
7. Mark chunk as processed in KV
8. Delete chunk file from R2
9. For LAST chunk: Mark upload as "completed"

Call Limit Functions

checkLimit(db, url, headers)

Purpose: Determine if a phone number can be called today

Steps:

1. Normalize phone number (remove formatting, ensure 10 digits)
2. Query active tables (2 most recent) for phone number
3. If NOT found: Log as allowed, return allowed=true (unlimited)
4. If found: Count today's allowed calls from call_logs (EST timezone)
5. Compare count vs call_limit
6. Log decision to call_logs (allowed=1 or 0)
7. Return decision with remaining quota

Telnyx Integration Functions

handleTelnyxWebhook(env, request, url, headers)

Purpose: Process Telnyx call events and control calls

Main Flow for call.initiated (parked):

1. Extract parkedCallId, destinationNumber, callerNumber from webhook
2. Look up club's real phone in FITNESS_DB using forwarding_number
3. Normalize destination number and check call limit
4. If limit reached: Reject call (speak limit message)
5. If allowed: Place outbound call via makeTelnyxCall()
6. Log decision to call_logs

Main Flow for call.answered:

1. Check query params: rate_limit, limit_reached, unavailable
2. If rejection param present: Speak appropriate message
3. If parked_call_id present: Bridge calls together

Main Flow for call.hangup:

1. Check if outbound call failed (hangup_cause != normal_clearing)
2. If failed and parked_call_id present: Answer parked call and speak unavailable message

makeTelnyxCall(apiKey, connectionId, toNumber, parkedCallId, fromNumber, workerUrl)

Purpose: Place outbound call via Telnyx API

Returns: Call control data including call_control_id

Error Handling: Sets isRateLimitError flag if status=429

bridgeTelnyxCalls(apiKey, callControlId, targetCallControlId)

Purpose: Connect two calls together

API: POST /v2/calls/{callControlId}/actions/bridge

rejectTelnyxCall(apiKey, callControlId, reason)

Purpose: Answer call and speak limit reached message

Webhook: Includes ?limit_reached=true to trigger speakRejectionMessage()

speakRejectionMessage(apiKey, callControlId)

Message: "Sorry, you've reached the maximum number of times you can call this number today. Please try again tomorrow."

speakRateLimitMessage(apiKey, callControlId)

Message: "We're experiencing high call volume. Please try your call again in a few moments."

speakUnavailableMessage(apiKey, callControlId)

Message: "The called party is temporarily unavailable. Please try again later."

Utility Functions

normalizePhone(phone)

Purpose: Convert any phone format to 10 digits

Accepts: 5551234567, 15551234567, +15551234567, (555)123-4567

Returns: 5551234567 (10 digits) or null if invalid

validateBearerToken(request, expectedToken)

Purpose: Verify Authorization header has correct bearer token

Header format: Authorization: Bearer YOUR_TOKEN

getActiveTableNames(db)

Purpose: Retrieve JSON array of active table names from active_table

Returns: Array like ["outbound_numbers_1211_1", "outbound_numbers_1211_2"]

switchActiveTable(db, newTableName)

Purpose: Add new table to active_table array and cleanup old tables

Logic:

1. Get current active tables
2. Drop tables from different days (different MMDD)
3. Keep max 2 tables from same day
4. Update active_table with new JSON array

getVersionedTableName(increment)

Purpose: Generate table name like outbound_numbers_1211_1

Format: outbound_numbers_{MMDD}_{increment}

getNextTableIncrement(db)

Purpose: Find next available increment number for today

Example: If outbound_numbers_1211_1 and outbound_numbers_1211_2 exist, returns 3

5. Common Issues & Solutions

Issue 1: CSV Upload Not Processing

Issue 2: Phone Numbers Not Being Found

Issue 3: Call Counters Not Resetting at Midnight

Issue 4: Calls Not Bridging (No Audio)

Issue 5: Wrong Rejection Message

Issue 6: High D1 Database Latency

6. Monitoring & Debugging

View Live Logs

This shows real-time logs from the worker including:

• HTTP requests and responses
• Queue messages being processed
• Database queries
• Errors and exceptions

Query Database Directly

Check Active Tables

Count Phone Numbers

Check Recent Call Logs

Find Phone Number Across All Tables

Check Upload History

Check Queue Status

List Queue Consumers

View Queue Messages (if accessible)

Check R2 Storage

List CSV Uploads

Download CSV File

Check KV Store

List All Keys

Get Upload Progress

Cloudflare Dashboard

Monitor worker metrics in Cloudflare dashboard:

• Workers & Pages → outbound-fitness-international → Metrics
• View: Requests per second, error rate, CPU time, success rate
• D1 → outbound_limiter_db → Metrics
• View: Query latency, queries per second, storage usage

Health Check Endpoints

Test system health with these quick checks:

1. Worker Responding

Should return HTML home page

2. Database Connected

Should return JSON with total_numbers, at_limit, etc.

3. Check Limit Working

Should return JSON with allowed, call_limit, etc.

Debug Mode

Add console.log statements to worker code for debugging:

Then view logs with wrangler tail

7. Accessing Workers in Cloudflare Dashboard

Overview

The Outbound Call Limiter has two separate worker deployments that can be managed through the Cloudflare dashboard:

• Production: outbound-fitness-international
• Development: outbound-fitness-international-dev

Locating Your Workers

Step 1: Navigate to Workers & Pages

1. Log in to Cloudflare Dashboard
2. Select your account
3. Click Workers & Pages in the left sidebar
4. You'll see both workers listed:
   • outbound-fitness-international (Production)
   • outbound-fitness-international-dev (Development)

Viewing and Editing Worker Code

Step 2: Access the Worker Editor

1. Click on the worker name (e.g., outbound-fitness-international)
2. Click the "Edit Code" button in the top right
3. The code editor will open showing the current deployed worker.js file

What You Can Do in the Editor

• ✅ View the current deployed code
• ✅ Search through the code (Ctrl+F / Cmd+F)
• ✅ Make quick hotfixes (emergency only)
• ✅ Test changes with the "Save and Deploy" button
• ✅ View console logs in real-time

Version History and Rollback

Step 3: Access Deployment History

1. From the worker overview page, click the "Deployments" tab
2. You'll see a list of all previous deployments with:
   • Version ID (e.g., cb7a4cb8-c86e-4722-985f-5227f1ace532)
   • Deployment date and time
   • Who deployed it
3. Each deployment has a "..." menu on the right side

Rolling Back to a Previous Version

1. Find the version you want to rollback to
2. Click the "..." menu next to that version
3. Select "Deploy version"
4. Confirm the deployment

When to Use Dashboard vs. Wrangler CLI

Task	Use Dashboard	Use Wrangler CLI
View current code	✅ Quick and easy	❌ Requires local files
Emergency hotfix	✅ Fast for simple fixes	⚠️ Better for tested changes
Rollback deployment	✅ Visual interface, easy	⚠️ Requires version ID
Regular deployments	❌ No version control	✅ Recommended approach
View logs	✅ Real-time in editor	✅ More detailed with tail
View metrics	✅ Built-in analytics	❌ Not available

Common Dashboard Tasks

Viewing Real-Time Logs

1. Open the worker in the code editor
2. Click the "Logs" tab at the bottom
3. Logs will stream in real-time as requests come in
4. Use the filter box to search for specific messages

Checking Worker Metrics

1. From the worker overview page, view the "Metrics" tab
2. See graphs for:
   • Requests per second
   • Error rate
   • CPU time usage
   • Success rate
3. Adjust time range (last hour, 24 hours, 7 days, etc.)

Managing Environment Variables

1. From the worker overview, go to "Settings"
2. Scroll to "Variables and Secrets"
3. View or add environment variables:
   • TELNYX_CONNECTION_ID
   • UPLOAD_BEARER_TOKEN
4. Add secrets (encrypted values like API keys):
   • TELNYX_API_KEY

Quick Reference: Dashboard URLs

• Production Worker: Dashboard Link
• Dev Worker: Dashboard Link
• D1 Database: Navigate to Storage & Databases → D1 → outbound_limiter_db
• R2 Storage: Navigate to Storage & Databases → R2 → fitness-assets
• Queues: Navigate to Queues → csv-split-queue / csv-processing-queue

8. Escalation Procedures

When to Escalate to Engineering

• 🔴 Critical: All calls blocked system-wide for >15 minutes
• 🔴 Critical: Database corruption or data loss
• 🟡 High: CSV uploads failing repeatedly for >1 hour
• 🟡 High: Worker errors affecting >10% of requests
• 🟡 High: Telnyx integration broken (calls not bridging)
• 🟢 Medium: Specific phone numbers not working correctly
• 🟢 Medium: Performance degradation (slow responses)

Information to Collect Before Escalating

1. Problem Description: Clear description of the issue and impact
2. Time of Occurrence: When did the problem start?
3. Affected Resources: Which phones/uploads/endpoints are affected?
4. Error Messages: Copy full error messages from logs
5. Steps to Reproduce: How to trigger the problem
6. Logs: Export relevant logs:
   wrangler tail --config outbound-wrangler.toml --format pretty > logs.txt
7. Database State: Export relevant tables:
   wrangler d1 export outbound_limiter_db --config outbound-wrangler.toml --output db-backup.sql

Emergency Contacts

Contact engineering team with collected information:

• Email: engineering@example.com
• Slack: #outbound-limiter-support
• On-call: PagerDuty escalation policy

Temporary Workarounds

Bypass Call Limits (Emergency Only)

If system is blocking legitimate calls, temporarily remove phone from database:

Phone will then be allowed unlimited calls until next CSV upload

Force Table Switch

If upload stuck but data is in database, manually switch active table:

Clear Queue Backlog

If queue messages stuck, may need to clear and restart: