Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure TimescaleDB with PostgreSQL for high-performance time-series data
databasesRecently published
Configure Consul Connect service mesh monitoring with distributed tracing
monitoringConfigure Kubernetes RBAC with service accounts and cluster roles for secure access control
devopsImplement Deno microservices architecture with service discovery and load balancing
devopsImplement Kubernetes security scanning with Falco and OPA Gatekeeper for runtime protection
securityConfigure OpenTelemetry custom metrics for application monitoring with Prometheus and Grafana
monitoringSet up NGINX web application firewall with ModSecurity 3 and OWASP Core Rule Set
Configure a production-grade web application firewall using NGINX with ModSecurity 3 and OWASP Core Rule Set. Includes logging, monitoring, and fail2ban integration for comprehensive threat protection.
Implement OpenTelemetry distributed context propagation across microservices with automatic instrumentation
Set up comprehensive distributed tracing across microservices using OpenTelemetry with automatic context propagation, trace correlation headers, and framework-specific auto-instrumentation for Python, Java, and Node.js applications.
Configure Thanos Ruler for distributed alerting across multiple Prometheus clusters
Set up Thanos Ruler to create a unified alerting layer across distributed Prometheus instances. This tutorial covers installation, global rule configuration, and cross-cluster alert federation for enterprise monitoring.
Configure ClickHouse users and RBAC for production environments with authentication and access control
Secure your ClickHouse deployment with proper user authentication, role-based access control, and production-grade security policies. Learn to create users, manage roles, implement quota systems, and monitor access patterns for enterprise environments.
Implement automated ClickHouse backups with S3 storage and monitoring
Set up automated backup solutions for ClickHouse databases with S3 storage, retention policies, and monitoring alerts. This tutorial covers backup tool installation, S3 configuration, scheduling with systemd timers, and health monitoring.
Implement Deno JWT authentication with OAuth2 integration for secure API development
Set up production-grade JWT authentication middleware in Deno with OAuth2 provider integration and role-based access control. Learn to secure API endpoints with proper token validation, user management, and enterprise-ready authentication flows.
Configure WireGuard VPN with DNS filtering and ad blocking using Pi-hole and Unbound
Set up a secure WireGuard VPN server with integrated Pi-hole DNS filtering and Unbound recursive resolver for ad blocking and privacy protection. This configuration provides secure remote access while filtering malicious domains and advertisements.
Set up intrusion detection with OSSEC HIDS and nftables integration for automated threat response
Configure OSSEC Host-based Intrusion Detection System with nftables firewall integration for real-time threat detection and automated response. Monitor system activity, detect intrusions, and automatically block malicious IPs using active response mechanisms.
Implement custom Prometheus exporters for application metrics collection and monitoring
Build production-grade custom Prometheus exporters in Python and Go to collect application-specific metrics. Learn exporter architecture, metric types, systemd deployment, and Prometheus integration for comprehensive application monitoring.
Set up Apache Airflow high availability with CeleryExecutor and Redis clustering
Deploy Apache Airflow in high availability mode using CeleryExecutor with Redis clustering for task distribution, PostgreSQL connection pooling, and load-balanced webservers for production-grade workflow orchestration.
Integrate Nagios Core 4.5 with Grafana dashboards for advanced monitoring visualization
Connect Nagios Core 4.5 with Grafana through NDOUtils and MySQL to create powerful monitoring dashboards. This integration provides advanced visualization capabilities, real-time alerting, and comprehensive monitoring insights for your infrastructure.
Implement Apache web application firewall with ModSecurity 3 and OWASP Core Rule Set
Deploy ModSecurity 3 as an Apache module with OWASP Core Rule Set to protect web applications from common attacks. Configure real-time logging, custom rules, and automated threat detection for production environments.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer