Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure Uptime Kuma for website monitoring with SSL and email alerts
monitoringRecently published
Implement Apache load balancing with SSL termination and health checks
hostingSetup Node.js error tracking with Sentry for production monitoring and debugging
monitoringImplement Node.js application monitoring with Prometheus metrics and Grafana dashboards
monitoringImplement OSPF multi-area design with FRRouting and advanced routing policies
networkingConfigure Istio security policies with external authorization services integration
securitySecure Docker containers with Traefik reverse proxy and Authelia authentication
Set up a production-grade security stack using Traefik v3 reverse proxy with SSL automation and Authelia for multi-factor authentication. This tutorial covers Docker hardening, LDAP integration, and container security monitoring.
Configure WireGuard site-to-site VPN connections with advanced routing and security
Set up secure network-to-network VPN tunnels using WireGuard with advanced routing, firewall rules, and monitoring for connecting multiple office locations or data centers.
Monitor WireGuard VPN server with Prometheus and Grafana dashboards
Set up comprehensive monitoring for your WireGuard VPN server using Prometheus metrics collection and Grafana visualization. This guide covers installing the WireGuard exporter, configuring alerting rules, and building dashboards to track connection status, bandwidth usage, and peer activity.
Configure OpenVPN LDAP authentication and user management with Active Directory integration
Set up OpenVPN with LDAP authentication to integrate with Active Directory for centralized user management. Configure group-based access control and combine certificate-based authentication with LDAP for enterprise security.
Configure Tailscale with Kubernetes cluster networking integration
Set up Tailscale mesh VPN with Kubernetes cluster integration for secure pod-to-pod communication, subnet routing, and service discovery across distributed nodes.
Configure SSH port forwarding and tunneling for secure connections
Learn to configure SSH port forwarding, remote tunnels, and SOCKS proxy for secure network connections. Set up local, remote, and dynamic port forwarding with automated monitoring and security hardening.
Configure OpenVPN LDAP authentication for enterprise users with Active Directory integration
Set up OpenVPN server with LDAP authentication against Active Directory, enabling centralized user management and group-based access control for enterprise VPN deployments.
Monitor OpenVPN connections with Grafana dashboard and Prometheus metrics
Set up comprehensive monitoring for your OpenVPN server using Prometheus to collect connection metrics and Grafana to visualize client connections, bandwidth usage, and server performance through custom dashboards.
Set up OSSEC agent deployment and centralized management with automated configuration
Deploy and manage OSSEC Host-based Intrusion Detection System (HIDS) across multiple servers with centralized monitoring, automated agent configuration, and real-time security event processing for enterprise-scale infrastructure protection.
Set up OpenVPN high availability cluster with automatic failover and load balancing
Build a production-ready OpenVPN high availability cluster using keepalived for automatic failover and HAProxy for load balancing across multiple OpenVPN servers.
Configure WireGuard VPN with DNS filtering and ad blocking using Pi-hole and Unbound
Set up a secure WireGuard VPN server with integrated Pi-hole DNS filtering and Unbound recursive resolver for ad blocking and privacy protection. This configuration provides secure remote access while filtering malicious domains and advertisements.
Set up intrusion detection with OSSEC HIDS and nftables integration for automated threat response
Configure OSSEC Host-based Intrusion Detection System with nftables firewall integration for real-time threat detection and automated response. Monitor system activity, detect intrusions, and automatically block malicious IPs using active response mechanisms.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer