Infrastructure tutorials

Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.

/

Browse by topic

41 guides

Linux

System administration, shell scripting, package management

52 guides

Hosting & Servers

Web servers, reverse proxies, SSL, domains

109 guides

Security

Firewalls, hardening, encryption, access control

38 guides

Performance

Caching, optimization, profiling, load testing

71 guides

Databases

MySQL, PostgreSQL, Redis, backups, replication

52 guides

Networking

DNS, load balancing, VPN, TCP/IP, routing

127 guides

DevOps

CI/CD, Docker, Kubernetes, automation

122 guides

Monitoring

Logging, alerting, metrics, observability

Most viewed

Configure Linux system time synchronization with chrony and NTP hardening

linux

907

Install and configure Caddy web server with automatic HTTPS and reverse proxy

hosting

785

Install and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications

hosting

785

Set up Node.js application security with Helmet and rate limiting

security

760

Install and configure PostgreSQL 17 with performance tuning and security hardening

databases

740

Recently published

Monitor ScyllaDB cluster with Prometheus and Grafana for comprehensive performance tracking

monitoring

1 hour ago

Monitor Jetty performance with JMX and Grafana dashboards

monitoring

6 hours ago

Configure FRRouting route maps and prefix lists for advanced routing policies

networking

11 hours ago

Configure Jetty clustering and session replication for high availability

hosting

20 hours ago

Configure Cherokee web server with MySQL database optimization and performance tuning

hosting

1 day ago

"security monitoring" × Clear all

security Intermediate

Configure ClamAV integration with web servers and email systems for automated threat detection

Integrate ClamAV antivirus with NGINX, Apache, Postfix and Dovecot for automated file scanning and email protection. Set up real-time threat detection with monitoring and alerting.

45 min 4 distros 6 views

security Advanced

Implement Tailscale OAuth integration with identity providers for enterprise authentication

Configure Tailscale with enterprise identity providers including SAML and OIDC authentication, implement access control policies, and manage users across distributed teams for secure zero-trust networking.

45 min 4 distros 57 views

security Intermediate

Implement OpenLiteSpeed WAF and DDoS protection with ModSecurity 3 and rate limiting

Set up comprehensive web application security for OpenLiteSpeed with ModSecurity 3 web application firewall, OWASP Core Rule Set for threat protection, and advanced rate limiting to defend against DDoS attacks and malicious traffic.

45 min 4 distros 20 views

security Intermediate

Configure NGINX rate limiting and DDoS protection with advanced security rules

Set up NGINX rate limiting modules, implement connection limits, and configure geographic blocking to protect your web applications from DDoS attacks and abuse.

25 min 4 distros 23 views

devops Intermediate

Implement GitLab CI/CD security scanning for Docker images

Set up automated container vulnerability scanning in GitLab CI/CD pipelines with Trivy and registry integration. Implement security gates, quality controls, and automated reporting for production-ready DevSecOps workflows.

45 min 4 distros 69 views

security Advanced

Implement Envoy proxy JWT authentication with OAuth2 integration

Configure Envoy proxy with JWT authentication filters integrated with Keycloak OAuth2 provider for secure microservices communication and advanced rate limiting policies.

45 min 4 distros 25 views

networking Advanced

Configure advanced gRPC load balancing with Envoy Proxy health checks and circuit breakers

Set up Envoy Proxy with intelligent gRPC load balancing, health checks, and circuit breakers for production microservices. Includes SSL termination, monitoring integration, and security hardening.

45 min 4 distros 47 views

security Intermediate

Implement Airflow DAG security scanning with Bandit and safety checks

Set up automated security scanning for Apache Airflow DAGs using Bandit for Python code analysis and Safety for vulnerability detection. Configure pre-commit hooks and CI/CD integration for continuous security monitoring.

45 min 4 distros 22 views

networking Advanced

Implement Kubernetes network policies with Calico for microsegmentation

Configure Calico CNI to enforce network policies for pod-to-pod traffic control and namespace isolation. This tutorial covers advanced microsegmentation patterns, ingress/egress rules, and policy monitoring for production Kubernetes security.

45 min 4 distros 137 views

security Intermediate

Configure Falco runtime security for Kubernetes threat detection with eBPF monitoring

Set up Falco with eBPF monitoring to detect runtime security threats in Kubernetes clusters. Configure custom rules, integrate Prometheus metrics, and establish comprehensive threat detection for container workloads.

45 min 4 distros 51 views

security Intermediate

Configure Podman image scanning with Trivy security vulnerability detection

Set up automated container image security scanning using Trivy with Podman to detect vulnerabilities, misconfigurations, and security issues before deploying containers to production.

45 min 4 distros 66 views

performance Advanced

Optimize NGINX performance for high-traffic websites with advanced configuration and tuning

Configure NGINX for maximum performance with worker process optimization, advanced caching strategies, HTTP/2 tuning, and security hardening for high-traffic production environments.

45 min 4 distros 46 views

Need help?

Don't want to manage this yourself?

We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.

Talk to an engineer