Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure Uptime Kuma for website monitoring with SSL and email alerts
monitoringRecently published
Setup Node.js error tracking with Sentry for production monitoring and debugging
monitoringImplement Node.js application monitoring with Prometheus metrics and Grafana dashboards
monitoringImplement OSPF multi-area design with FRRouting and advanced routing policies
networkingConfigure Istio security policies with external authorization services integration
securityImplement Docker network security with custom bridge networks and container isolation
securityConfigure SSL certificates and security hardening for Nexus Repository Manager
Secure your Nexus Repository Manager with SSL/TLS certificates, enforce HTTPS connections, and implement comprehensive security hardening including authentication controls, access policies, and audit logging for production environments.
Configure Keycloak custom themes and branding with SSL integration and production deployment
Set up custom Keycloak themes with your organization's branding, implement SSL certificates, and deploy to production with hot reload development workflow and performance optimization.
Setup Keycloak SAML integration for enterprise single sign-on with identity providers
Configure Keycloak as a SAML identity provider for enterprise SSO, integrate with external identity providers, and implement secure SAML service provider connections with attribute mapping.
Configure Keycloak OAuth2 integration with web applications using OIDC and JWT tokens
Set up Keycloak as an OAuth2 identity provider with OIDC authentication flows. Configure client applications, implement JWT token validation, and secure NGINX reverse proxy with lua-resty-openidc for production web applications.
Deploy applications to Kubernetes with Helm charts and production best practices
Learn how to create production-ready Helm charts for Kubernetes deployments with proper templating, values management, security configurations, and environment-specific customizations for scalable application orchestration.
Set up Prometheus Alertmanager webhook notifications for Loki log alerts with Grafana integration
Configure Prometheus Alertmanager to send webhook notifications for Loki log-based alerts with proper routing, templating, and Grafana dashboard integration for comprehensive monitoring.
Implement two-factor authentication for SSH with Google Authenticator and TOTP
Secure your SSH connections by adding TOTP-based two-factor authentication using Google Authenticator and PAM modules for an additional layer of protection beyond passwords and keys.
Implement Kafka Streams processing applications with Java and Scala for real-time data analytics
Build production-ready Kafka Streams applications using Java and Scala for real-time data processing, including stateless transformations, stateful aggregations, windowing, and stream joins with exactly-once semantics.
Integrate HashiCorp Vault with Kubernetes secrets management for secure container orchestration
Configure HashiCorp Vault integration with Kubernetes using the Vault CSI driver and Secrets Operator for automated secret injection and synchronization. This setup enables secure secret management for containerized applications with dynamic secret rotation and policy-based access controls.
Configure HAProxy advanced routing with ACLs and maps for intelligent traffic management
Set up sophisticated traffic routing in HAProxy using Access Control Lists (ACLs) and map files for dynamic backend selection, SSL SNI routing, and intelligent request distribution based on headers, paths, and custom conditions.
Set up Prometheus Blackbox Exporter for uptime monitoring with SSL and alerting
Configure Prometheus Blackbox Exporter to monitor website availability, SSL certificate expiry, and HTTP response times with comprehensive Grafana dashboards and alert rules.
Configure nginx reverse proxy for Podman containers with SSL and load balancing
Set up nginx as a reverse proxy for Podman containers with SSL termination, health checks, and load balancing. Includes automated SSL certificate management with Let's Encrypt and container integration.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer