Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure Uptime Kuma for website monitoring with SSL and email alerts
monitoringRecently published
Implement Apache load balancing with SSL termination and health checks
hostingSetup Node.js error tracking with Sentry for production monitoring and debugging
monitoringImplement Node.js application monitoring with Prometheus metrics and Grafana dashboards
monitoringImplement OSPF multi-area design with FRRouting and advanced routing policies
networkingConfigure Istio security policies with external authorization services integration
securityConfigure Apache security headers and Content Security Policy for enhanced web application protection
Configure essential security headers including HSTS, CSRF protection, and Content Security Policy (CSP) in Apache to protect your web applications from common attacks like XSS, clickjacking, and data injection vulnerabilities.
Configure CockroachDB SSL encryption and security hardening
Set up SSL/TLS encryption, authentication, and advanced security policies for CockroachDB 24.3 in production environments with certificate management and cluster monitoring.
Monitor Kubernetes network policies with Prometheus and Grafana for enhanced cluster security
Set up comprehensive monitoring for Kubernetes network policies using Prometheus and Grafana. Configure CNI metrics collection, create security dashboards, and implement alerting for policy violations and traffic anomalies.
Configure audit compliance automation with Ansible for security monitoring and reporting
Build comprehensive security audit compliance automation using Ansible playbooks to enforce security policies, monitor system configurations, and generate compliance reports across your Linux infrastructure fleet.
Set up audit log analysis dashboard with Grafana and Prometheus for security monitoring
Build a comprehensive security monitoring dashboard that collects Linux audit logs through auditd, exports metrics to Prometheus, and visualizes security events in Grafana with automated alerting for suspicious activities.
Setup Elasticsearch 8 index lifecycle management for automated log retention and storage optimization
Configure Elasticsearch 8 ILM policies to automatically manage log data through hot-warm-cold phases, optimize storage costs, and enforce retention policies for production workloads.
Configure encrypted network storage with LUKS and NFS for secure file sharing
Set up enterprise-grade encrypted network storage by combining LUKS disk encryption with NFS file sharing. This advanced configuration provides secure, centralized file access across multiple systems while maintaining data protection at rest.
Configure network-attached storage backup with NFS and encryption
Set up an encrypted NFS backup server with automated backup scripts and performance monitoring. Configure LUKS encryption, NFS exports, and centralized backup management for secure enterprise storage.
Configure ModSecurity machine learning anomaly detection for automated threat protection
Set up ModSecurity 3 with machine learning anomaly detection to automatically identify and block unknown attack patterns. This advanced configuration adds intelligent threat protection beyond traditional signature-based rules.
Integrate ModSecurity 3 with SOAR platforms for automated incident response and threat detection
Set up ModSecurity 3 with structured logging, webhook notifications, and API integrations to automatically feed security events into SOAR platforms for real-time threat detection and incident response workflows.
Set up ELK Stack for centralized ModSecurity log analysis and monitoring
Configure Elasticsearch 8, Logstash 8, and Kibana 8 to collect, parse, and visualize ModSecurity web application firewall logs from multiple servers for centralized security monitoring and threat detection.
Implement GitLab CI/CD security scanning for Docker images
Set up automated container vulnerability scanning in GitLab CI/CD pipelines with Trivy and registry integration. Implement security gates, quality controls, and automated reporting for production-ready DevSecOps workflows.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer