Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure Uptime Kuma for website monitoring with SSL and email alerts
monitoringRecently published
Setup Node.js error tracking with Sentry for production monitoring and debugging
monitoringImplement Node.js application monitoring with Prometheus metrics and Grafana dashboards
monitoringImplement OSPF multi-area design with FRRouting and advanced routing policies
networkingConfigure Istio security policies with external authorization services integration
securityImplement Docker network security with custom bridge networks and container isolation
securityImplement Docker network security with custom bridge networks and container isolation
Secure your Docker deployments by creating isolated custom bridge networks, implementing container segmentation, and configuring network access controls to prevent unauthorized communication between containers.
Implement Network Time Security (NTS) for encrypted time synchronization with chrony
Set up Network Time Security (NTS) with chrony to provide cryptographically authenticated and encrypted time synchronization, protecting against time-based attacks and ensuring secure clock synchronization across your infrastructure.
Set up container runtime security with Falco and Sysdig for threat detection
Configure Falco for runtime security monitoring and Sysdig Agent for container visibility to detect threats in Kubernetes environments. Implement behavioral analysis, custom security rules, and threat detection policies for production container workloads.
Implement Istio security scanning and vulnerability management for Kubernetes service mesh
Set up comprehensive security scanning and vulnerability management for Istio service mesh using Trivy, Falco, and security policies to protect Kubernetes workloads from threats and compliance violations.
Set up Kubernetes container image security scanning with Trivy and admission controllers
Implement automated security scanning for Kubernetes container images using Trivy scanner and admission controllers to block vulnerable images before deployment.
Configure NTP monitoring with Grafana dashboards and Prometheus alerting
Set up comprehensive time synchronization monitoring using chrony, Prometheus node exporter, and custom Grafana dashboards with alerting for time drift and NTP service failures.
Configure audit compliance automation with Ansible for security monitoring and reporting
Build comprehensive security audit compliance automation using Ansible playbooks to enforce security policies, monitor system configurations, and generate compliance reports across your Linux infrastructure fleet.
Integrate OSSEC with Splunk for centralized security monitoring and log analysis
Set up OSSEC HIDS with Splunk Universal Forwarder to centralize security events, create monitoring dashboards, and enable real-time threat correlation across your infrastructure.
Implement container security with AppArmor and seccomp profiles
Secure your containers with AppArmor mandatory access controls and seccomp system call filtering. Learn to create custom security profiles, implement runtime policies, and monitor container security violations in production environments.
Implement OpenLiteSpeed WAF and DDoS protection with ModSecurity 3 and rate limiting
Set up comprehensive web application security for OpenLiteSpeed with ModSecurity 3 web application firewall, OWASP Core Rule Set for threat protection, and advanced rate limiting to defend against DDoS attacks and malicious traffic.
Configure Kubernetes network policies with Calico CNI for container security and microsegmentation
Set up Calico CNI in Kubernetes to implement network policies for pod-to-pod traffic control, create ingress and egress rules for microsegmentation, and test policy enforcement to secure container communication at the network layer.
Implement GitLab CI/CD security scanning for Docker images
Set up automated container vulnerability scanning in GitLab CI/CD pipelines with Trivy and registry integration. Implement security gates, quality controls, and automated reporting for production-ready DevSecOps workflows.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer