Back to Blog

Self-Hosting with Coolify and Cloudflare

How I deployed my portfolio and other web applications using Coolify as a self-hosted PaaS with Cloudflare for DNS and TLS.

Self-HostingCoolifyCloudflareDevOps

There's something satisfying about owning your entire deployment pipeline. When I decided to self-host my portfolio and other projects, I wanted the developer experience of platforms like Vercel or Railway, but with full control over the infrastructure.

Coolify gave me exactly that.

Why Self-Host

The arguments for managed platforms are compelling: they handle scaling, SSL, deployments, and monitoring. You push code, and it works.

But I had reasons to go a different route:

  • Learning: I wanted to understand the full stack, not just consume it as a service
  • Control: My infrastructure, my rules, my debugging
  • Cost: For my usage patterns, self-hosting is cheaper
  • Integration: My homelab already had the compute; might as well use it

The Coolify Platform

Coolify is an open-source PaaS that runs on your own servers. It provides:

Git-Based Deployments

Connect a repository, and Coolify handles the rest. Push to main, and it builds, deploys, and routes traffic automatically. The workflow feels familiar if you've used Vercel or Netlify.

Container Runtime

Under the hood, Coolify builds Docker images and runs them. This means I can deploy:

  • Next.js applications
  • Static sites
  • Backend APIs
  • Databases and supporting services

Reverse Proxy

Coolify manages nginx or Traefik configurations automatically. Domain routing, SSL termination, and traffic management are handled by the platform.

Environment Management

Secrets, environment variables, and configuration are managed through the Coolify UI or API. Deployments pick up changes without manual intervention.

The Cloudflare Layer

Cloudflare sits in front of everything, handling DNS and providing additional benefits:

DNS Management

My domains point to Cloudflare's nameservers. DNS changes propagate quickly, and I get a clean interface for managing records.

TLS Termination

Cloudflare provides SSL certificates automatically. Traffic from browsers to Cloudflare is encrypted; traffic from Cloudflare to my origin is also encrypted with origin certificates.

Additional Protection

Cloudflare's proxy hides my origin IP, provides basic DDoS protection, and offers caching for static assets.

The Architecture

The full deployment path:

  1. Browser requests my domain
  2. Cloudflare DNS resolves to Cloudflare's edge
  3. Cloudflare proxy forwards to my origin
  4. Origin reverse proxy routes to the right container
  5. Application container serves the response

Each layer has a specific responsibility, and I can troubleshoot or modify any part independently.

Troubleshooting Reality

Self-hosting means owning problems end-to-end. When something breaks, the debugging process touches every layer:

DNS Issues

Is the domain resolving correctly? Are the records pointing to the right place? Is Cloudflare proxying or DNS-only?

TLS Problems

Is the certificate valid? Is the origin configured for HTTPS? Are Cloudflare's SSL settings compatible with my origin?

Routing Problems

Is the reverse proxy receiving traffic? Is it routing to the right container? Is the container listening on the expected port?

Application Issues

Is the app healthy? Are environment variables set correctly? Are there runtime errors in the logs?

I've debugged all of these at various points. Each incident made me more confident in the system.

Lessons Learned

Building this deployment platform taught me:

  1. Domain validation is finicky - HTTPS scheme in Coolify domain fields matters; small details cause mysterious failures
  2. Layers mean troubleshooting layers - When something breaks, verify each layer from DNS to app
  3. Platforms hide complexity - Managed services handle real work; doing it yourself reveals what that work is
  4. Owning infrastructure builds skills - Every debugging session teaches something about how the web works

What I Run

Currently deployed through this stack:

  • Portfolio site: This very site, Next.js with static content
  • Personal projects: Various web applications and experiments
  • API services: Backend services for projects that need them

The Trade-Offs

Self-hosting isn't free:

  • Time investment: Setup, maintenance, troubleshooting are my responsibility
  • Availability: If my infrastructure goes down, my sites go down
  • Security: I'm responsible for patching and hardening

But for learning and for projects where I want full control, the trade-offs are worth it.

If you're considering self-hosting, start with something you don't mind breaking. The skills you build—DNS, TLS, containerization, reverse proxies, monitoring—transfer directly to professional infrastructure work.