Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure Uptime Kuma for website monitoring with SSL and email alerts
monitoringRecently published
Setup Node.js error tracking with Sentry for production monitoring and debugging
monitoringImplement Node.js application monitoring with Prometheus metrics and Grafana dashboards
monitoringImplement OSPF multi-area design with FRRouting and advanced routing policies
networkingConfigure Istio security policies with external authorization services integration
securityImplement Docker network security with custom bridge networks and container isolation
securityConfigure Falco runtime security for Kubernetes threat detection with eBPF monitoring
Set up Falco with eBPF monitoring to detect runtime security threats in Kubernetes clusters. Configure custom rules, integrate Prometheus metrics, and establish comprehensive threat detection for container workloads.
Configure Podman image scanning with Trivy security vulnerability detection
Set up automated container image security scanning using Trivy with Podman to detect vulnerabilities, misconfigurations, and security issues before deploying containers to production.
Configure TimescaleDB automated data retention policies for efficient storage management
Set up automated data retention and compression policies in TimescaleDB to optimize storage usage and maintain database performance. Learn to configure drop_chunks and compression policies with monitoring.
Implement Ansible AWX Tower for enterprise automation workflows with RBAC and inventory management
Deploy Ansible AWX with Docker Compose for centralized automation management. Configure enterprise RBAC, dynamic inventory sources, and workflow templates for scalable infrastructure orchestration across multiple environments.
Set up Apache Airflow DAG security policies and data governance with RBAC and audit logging
Configure comprehensive security for Apache Airflow with role-based access control, DAG-level permissions, data lineage tracking, and audit logging for compliance monitoring in production environments.
Configure SSL certificates and security hardening for Nexus Repository Manager
Secure your Nexus Repository Manager with SSL/TLS certificates, enforce HTTPS connections, and implement comprehensive security hardening including authentication controls, access policies, and audit logging for production environments.
Configure Loki with S3 storage backend for scalable centralized logging
Set up Grafana Loki with S3-compatible object storage for scalable log aggregation. Configure retention policies, schema management, and monitoring for production-ready centralized logging infrastructure.
Implement two-factor authentication for SSH with Google Authenticator and TOTP
Secure your SSH connections by adding TOTP-based two-factor authentication using Google Authenticator and PAM modules for an additional layer of protection beyond passwords and keys.
Integrate HashiCorp Vault with Kubernetes secrets management for secure container orchestration
Configure HashiCorp Vault integration with Kubernetes using the Vault CSI driver and Secrets Operator for automated secret injection and synchronization. This setup enables secure secret management for containerized applications with dynamic secret rotation and policy-based access controls.
Configure Vault dynamic secrets for databases with PostgreSQL and MySQL integration
Set up HashiCorp Vault's database secrets engine to automatically generate short-lived credentials for PostgreSQL and MySQL databases, improving security by eliminating static passwords and enabling automated credential rotation.
Set up SSH bastion host with jump server configuration for secure network access
Configure an SSH bastion host to secure access to private networks, implementing jump server functionality with key-based authentication and access controls for enhanced security.
Implement container security monitoring with Falco runtime detection
Set up Falco for real-time container security monitoring with runtime threat detection, Kubernetes integration, and automated alerting through Grafana dashboards.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer