Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure Uptime Kuma for website monitoring with SSL and email alerts
monitoringRecently published
Implement Node.js application monitoring with Prometheus metrics and Grafana dashboards
monitoringImplement OSPF multi-area design with FRRouting and advanced routing policies
networkingConfigure Istio security policies with external authorization services integration
securityImplement Docker network security with custom bridge networks and container isolation
securityImplement Network Time Security (NTS) for encrypted time synchronization with chrony
securitySetup Keycloak SAML integration for enterprise single sign-on with identity providers
Configure Keycloak as a SAML identity provider for enterprise SSO, integrate with external identity providers, and implement secure SAML service provider connections with attribute mapping.
Configure Keycloak OAuth2 integration with web applications using OIDC and JWT tokens
Set up Keycloak as an OAuth2 identity provider with OIDC authentication flows. Configure client applications, implement JWT token validation, and secure NGINX reverse proxy with lua-resty-openidc for production web applications.
Configure Grafana LDAP authentication and role-based access control with Active Directory integration
Set up Grafana with LDAP authentication to connect with Active Directory, configure role-based access control for teams, and implement production-ready security policies for enterprise environments.
Deploy applications to Kubernetes with Helm charts and production best practices
Learn how to create production-ready Helm charts for Kubernetes deployments with proper templating, values management, security configurations, and environment-specific customizations for scalable application orchestration.
Integrate GitLab with Kubernetes for automated deployments using CI/CD pipelines and runners
Set up GitLab CI/CD pipelines with Kubernetes runners for automated application deployments. Configure RBAC, implement rolling updates, and establish production-grade deployment strategies.
Configure Kubernetes OpenTelemetry auto-instrumentation for microservices observability
Set up OpenTelemetry Operator in Kubernetes to automatically instrument microservices with distributed tracing. Enable seamless observability across your application stack without modifying application code.
Setup HAProxy with Docker container backends for dynamic load balancing
Configure HAProxy 2.8 to automatically discover and load balance traffic across Docker containers with health checks, service discovery, and SSL termination for production-grade dynamic routing.
Integrate HashiCorp Vault with Kubernetes secrets management for secure container orchestration
Configure HashiCorp Vault integration with Kubernetes using the Vault CSI driver and Secrets Operator for automated secret injection and synchronization. This setup enables secure secret management for containerized applications with dynamic secret rotation and policy-based access controls.
Configure Vault dynamic secrets for databases with PostgreSQL and MySQL integration
Set up HashiCorp Vault's database secrets engine to automatically generate short-lived credentials for PostgreSQL and MySQL databases, improving security by eliminating static passwords and enabling automated credential rotation.
Set up Vault as a PKI certificate authority with SSL automation and intermediate CA
Build a production-grade PKI infrastructure using HashiCorp Vault with root and intermediate certificate authorities. Enable automated SSL certificate generation and renewal for your applications with RBAC policies.
Secure Docker containers with Traefik reverse proxy and Authelia authentication
Set up a production-grade security stack using Traefik v3 reverse proxy with SSL automation and Authelia for multi-factor authentication. This tutorial covers Docker hardening, LDAP integration, and container security monitoring.
Configure NGINX reverse proxy with load balancing and SSL termination
Set up NGINX as a reverse proxy with multiple backend servers, SSL termination, and health monitoring. Perfect for distributing traffic across application instances while handling encryption at the edge.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer