Deep dives on software engineering, architecture, and the real-world decisions
This blog runs on software I wrote. Here's everything I learned doing it.
Latest posts
How I got Caddy's on-demand TLS working inside Coolify
April 13, 2026Timelish needs to provision SSL certificates automatically for both subdomains and custom domains. Every business that connects its own domain to its booking page needs HTTPS to just work - no manual cert setup, no waiting, no friction. They type in
mybusiness.com, and it works. The same also applies if they use their default subdomain, like mybusiness.timeli.sh . The feature that makes this possible is Caddy's
on_demand_tls. And getting it to play nicely with Coolify took a few hours of digging that I want to save you.What on-demand TLS actually is
Most reverse proxies handle TLS by issuing certificates at startup - you define your domains upfront, the proxy fetches certs from Let's Encrypt, done. That works great when you know your domains ahead of time.