Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure Uptime Kuma for website monitoring with SSL and email alerts
monitoringRecently published
Implement Apache load balancing with SSL termination and health checks
hostingSetup Node.js error tracking with Sentry for production monitoring and debugging
monitoringImplement Node.js application monitoring with Prometheus metrics and Grafana dashboards
monitoringImplement OSPF multi-area design with FRRouting and advanced routing policies
networkingConfigure Istio security policies with external authorization services integration
securityConfigure network bridge with VLAN support for virtualization
Set up Linux network bridges with VLAN tagging to create isolated network segments for virtual machines and containers. This enables advanced networking scenarios with traffic separation and trunk port functionality.
Set up HAProxy high availability with keepalived clustering for automatic failover
Configure HAProxy load balancer with keepalived VRRP clustering for automatic failover. Set up virtual IP failover, health checks, and monitor the cluster for production high availability.
Configure BIRD BGP routing daemon for advanced routing policies and network automation
Set up BIRD 2.15 BGP daemon with advanced routing policies, route filtering, and automated network management. Configure BGP peering, implement complex routing decisions, and set up route aggregation for production networks.
Configure Linux filesystem tuning and optimization for database workloads
Optimize Linux filesystem performance for database workloads by configuring mount options, I/O schedulers, and kernel parameters to maximize database throughput and minimize latency.
Configure Linux NUMA optimization for multi-socket servers with memory policy tuning and CPU affinity
Optimize multi-socket server performance by configuring NUMA memory policies, CPU affinity, and topology-aware application placement. Achieve significant performance gains through proper NUMA optimization.
Implement Linux security hardening with CIS benchmarks and automated compliance scanning
Harden your Linux systems using CIS benchmarks with automated compliance scanning and continuous monitoring. Learn to implement security controls for filesystem permissions, user authentication, network policies, and maintain ongoing compliance with industry standards.
Implement WireGuard multi-site mesh networking with automatic routing and failover
Deploy a scalable WireGuard mesh network across multiple sites with automatic routing, failover mechanisms, and centralized management for high-availability site-to-site connectivity.
Integrate WireGuard VPN server with LDAP authentication for enterprise user management
Configure WireGuard VPN server to authenticate users against LDAP directory services like Active Directory. Automate client certificate management and implement centralized user access control for enterprise environments.
Implement Podman pod security with network policies and microsegmentation
Secure Podman pods with custom network policies, traffic filtering, and microsegmentation using CNI plugins and netavark. Implement zero-trust networking with firewall rules and container isolation.
Optimize ClickHouse performance for high-throughput workloads with advanced tuning and memory management
Learn how to optimize ClickHouse for high-throughput analytics workloads through advanced memory configuration, query performance tuning, storage engine optimization, and connection pooling strategies.
Optimize NGINX performance for high-traffic websites with advanced configuration and tuning
Configure NGINX for maximum performance with worker process optimization, advanced caching strategies, HTTP/2 tuning, and security hardening for high-traffic production environments.
Configure advanced iptables firewall rules with logging, port knocking, and DDoS protection
Build a production-grade iptables firewall with connection tracking, rate limiting, and port knocking. Includes automated DDoS protection, detailed logging, and security hardening for enterprise environments.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer