Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure Uptime Kuma for website monitoring with SSL and email alerts
monitoringRecently published
Setup Node.js error tracking with Sentry for production monitoring and debugging
monitoringImplement Node.js application monitoring with Prometheus metrics and Grafana dashboards
monitoringImplement OSPF multi-area design with FRRouting and advanced routing policies
networkingConfigure Istio security policies with external authorization services integration
securityImplement Docker network security with custom bridge networks and container isolation
securityConfigure Varnish ESI (Edge Side Includes) for dynamic content optimization
Set up Varnish Cache 7 with Edge Side Includes to fragment and cache dynamic content separately. ESI allows you to cache static page parts while keeping dynamic sections fresh, improving performance for complex applications with mixed content types.
Configure Cassandra SSL encryption and authentication with security hardening
Set up comprehensive SSL/TLS encryption for Apache Cassandra with client-to-node and node-to-node security, certificate management, and production-grade authentication hardening.
Configure NGINX SSL termination with Redis session storage
Set up NGINX as an SSL termination proxy with Redis backend for session storage, enabling scalable load balancing and persistent user sessions across multiple application servers.
Set up Fail2ban with Cloudflare API integration for automatic IP blocking and enhanced security
Configure Fail2ban to automatically add malicious IPs to Cloudflare's firewall rules for enhanced protection. This tutorial covers installation, custom filters, API integration, and monitoring for comprehensive security automation across your infrastructure.
Integrate ModSecurity 3 with SOAR platforms for automated incident response and threat detection
Set up ModSecurity 3 with structured logging, webhook notifications, and API integrations to automatically feed security events into SOAR platforms for real-time threat detection and incident response workflows.
Deploy FastAPI applications with Docker Compose and production optimization
Learn to containerize FastAPI applications with Docker Compose, integrate PostgreSQL and Redis services, configure Nginx reverse proxy with SSL, and implement production monitoring for scalable microservices deployment.
Configure H2O HTTP/2 web server caching and compression optimization for high performance
Optimize H2O web server performance with advanced caching strategies, HTTP/2 compression, and production-grade tuning for high-traffic applications.
Implement Tailscale OAuth integration with identity providers for enterprise authentication
Configure Tailscale with enterprise identity providers including SAML and OIDC authentication, implement access control policies, and manage users across distributed teams for secure zero-trust networking.
Implement OpenLiteSpeed WAF and DDoS protection with ModSecurity 3 and rate limiting
Set up comprehensive web application security for OpenLiteSpeed with ModSecurity 3 web application firewall, OWASP Core Rule Set for threat protection, and advanced rate limiting to defend against DDoS attacks and malicious traffic.
Configure Kubernetes cluster autoscaler with mixed instance types for cost optimization
Set up Kubernetes cluster autoscaler 1.30 with mixed instance types and spot instances to automatically scale nodes based on demand while minimizing infrastructure costs through intelligent instance selection and workload optimization.
Configure ArgoCD with SonarQube quality gates for GitOps deployment validation
Set up automated quality gate validation in ArgoCD using SonarQube webhooks and pre-sync hooks to prevent deployments that fail code quality standards. This integration ensures only code that passes your quality criteria gets deployed to production.
Configure Kubernetes network policies with Calico CNI for container security and microsegmentation
Set up Calico CNI in Kubernetes to implement network policies for pod-to-pod traffic control, create ingress and egress rules for microsegmentation, and test policy enforcement to secure container communication at the network layer.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer