Investigate Traefik's TLS certificates
From the expiry warnings we're getting, it seems like custom endpoints maybe aren't defaulting to the *.tardis.ac
certificate, and are instead creating a new certificate for that username.
We should investigate if this is the case, and if so fix it so that we are issuing less certificates.