Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure Uptime Kuma for website monitoring with SSL and email alerts
monitoringRecently published
Setup Node.js error tracking with Sentry for production monitoring and debugging
monitoringImplement Node.js application monitoring with Prometheus metrics and Grafana dashboards
monitoringImplement OSPF multi-area design with FRRouting and advanced routing policies
networkingConfigure Istio security policies with external authorization services integration
securityImplement Docker network security with custom bridge networks and container isolation
securityConfigure OSSEC vulnerability detection with CVE scanning and automated security alerts
Set up OSSEC Host Intrusion Detection System with vulnerability scanning capabilities, CVE database integration, and automated alerting for comprehensive security monitoring across your infrastructure.
Configure systemd service resource limits and security isolation
Configure cgroups v2 resource limits and security isolation for systemd services to prevent resource exhaustion and improve system security. This tutorial covers memory, CPU, and I/O limits with monitoring and troubleshooting.
Configure CockroachDB 24.3 multi-region deployment with high availability clustering
Deploy CockroachDB across multiple regions with automated failover, data locality controls, and production-grade security. Includes replication zones, load balancing, and disaster recovery strategies.
Setup log aggregation with rsyslog and logrotate for centralized system monitoring
Configure rsyslog for centralized log collection across servers, implement advanced logrotate policies for automated retention, and set up remote log shipping with filtering for comprehensive system monitoring and audit compliance.
Configure PostgreSQL 17 SSL encryption and advanced security hardening
Set up SSL/TLS encryption, client certificate authentication, and comprehensive security policies for PostgreSQL 17. Includes audit logging, access controls, and firewall configuration for production environments.
Implement network security policies with iptables and firewalld for enterprise infrastructure protection
Configure enterprise-grade network security with iptables and firewalld, implementing zone-based policies, advanced rules, and comprehensive logging for production infrastructure protection.
Setup Tailscale site-to-site VPN with multiple exit nodes for redundancy
Configure a resilient Tailscale mesh VPN with multiple exit nodes for high availability site-to-site connectivity. Set up subnet routing, automatic failover, and monitoring across distributed networks.
Set up centralized security monitoring with ClamAV 1.4 and Elasticsearch 8
Build a comprehensive security monitoring infrastructure with ClamAV antivirus scanning, Elasticsearch log storage, and automated threat detection. This setup provides real-time malware scanning with centralized log aggregation for enterprise security compliance.
Set up Linux network traffic shaping with tc and QoS for bandwidth management
Learn how to implement advanced network traffic control on Linux using tc (traffic control) and HTB (Hierarchical Token Bucket) queueing disciplines. This tutorial covers bandwidth limiting, QoS policies, and traffic prioritization for optimal network performance.
Implement Tailscale OAuth integration with identity providers for enterprise authentication
Configure Tailscale with enterprise identity providers including SAML and OIDC authentication, implement access control policies, and manage users across distributed teams for secure zero-trust networking.
Setup automated backup verification and recovery testing with PostgreSQL, MySQL and filesystem backups
Build a comprehensive backup verification framework that automatically tests database restores, validates filesystem backups, and performs recovery testing using systemd timers and custom scripts.
Implement Linux security hardening with CIS benchmarks and automated compliance scanning
Harden your Linux systems using CIS benchmarks with automated compliance scanning and continuous monitoring. Learn to implement security controls for filesystem permissions, user authentication, network policies, and maintain ongoing compliance with industry standards.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer