Nice write-up. I do the same sort of segmentation. It's just good practice to break things up into independent parts. Your registrar should only register domains, nothing else. DNS should be separate and distinct from that as should email and web hosting systems. And you should manage them all with separate, unique passwords. Doing that will go a long way toward making your systems secure and reliable and easy to diagnose when things go wrong.

Thanks for the kind words - I almost always try to keep everything separate, and think through the failover scenarios. Power, network connectivity, etc. In this case, though, we thought about it briefly early on, but it kept getting pushed down the priority list. As a community we talk a bunch about technical debt, but there's ops debt too that I made the mistake of de-prioritizing.

Email's an especially good point - I suspect email's a pretty huge SPOF for all of us. A major gapps outage would be pretty disastrous.