A bit of a tangent, but something like PowerDNS authoritative server comes with an API[0] that can be leveraged for similar functionality to what Cloudflare provides.
Decentralization of the internet has to start with Authoritative DNS. I know it's not free to host an authoritative server like this on a VPS, and there are DDoS considerations. But the flip side is that DNS is a metadata protocol and contains a wealth of information that anybody privacy focused should think twice about. It's also an incredibly powerful and important protocol to understand.
If you're privacy-focused, you should run your own recursive resolver. Running your own authoritative server doesn't help much with privacy if clients still go through centralized recursive resolvers to query your domain.
Consider Cloudflare (and large scale infrastructure providers like TLD operators) point of view on the traffic: If your private resolver is using root hints, it's IP is now correlated with the lookup of that domain even if they don't proxy the website. That's you and your users, and they can do that at scale - So it's important to point queries for your assets directly to your authoritative servers or rewrite inline without ever querying a internet source.
dnsdist[0] (also PowerDNS) allows you to load balance and apply rules across upstream resolvers which opens up allot of possibilities on the recursive side.
Trusted resolvers with a healthy number of users originating iterative queries from non-descript and changing IP's is probably the best way to anonymize your recursive traffic.
Decentralization of the internet has to start with Authoritative DNS. I know it's not free to host an authoritative server like this on a VPS, and there are DDoS considerations. But the flip side is that DNS is a metadata protocol and contains a wealth of information that anybody privacy focused should think twice about. It's also an incredibly powerful and important protocol to understand.
[0] https://doc.powerdns.com/authoritative/http-api/index.html