Infrastructure tutorials

Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.

Browse by topic

Most viewed

Configure Linux system time synchronization with chrony and NTP hardening

linux
869

Set up Node.js application security with Helmet and rate limiting

security
753

Install and configure Caddy web server with automatic HTTPS and reverse proxy

hosting
732

Install and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications

hosting
725

Install and configure PostgreSQL 17 with performance tuning and security hardening

databases
714

Recently published

Configure OSSEC active response for automated threat blocking

security
8 minutes ago

Configure CockroachDB 24.3 multi-region deployment with high availability clustering

databases
10 minutes ago

Set up Fail2ban with Cloudflare API integration for automatic IP blocking and enhanced security

security
13 minutes ago

Configure keepalived with HAProxy backend health monitoring for high availability load balancing

networking
15 minutes ago

Configure ModSecurity machine learning anomaly detection for automated threat protection

security
5 hours ago
"GPG" × Clear all
security Advanced

Configure Apache Airflow DAG security and secrets management with RBAC policies and encryption

Implement comprehensive security for Apache Airflow DAGs using role-based access control, HashiCorp Vault integration, and encrypted secrets management. Configure granular permissions, audit logging, and isolation policies for production workflows.

45 min 4 distros 22 views
security Intermediate

Configure Falco runtime security for Kubernetes threat detection with eBPF monitoring

Set up Falco with eBPF monitoring to detect runtime security threats in Kubernetes clusters. Configure custom rules, integrate Prometheus metrics, and establish comprehensive threat detection for container workloads.

45 min 4 distros 32 views
security Advanced

Implement Consul Connect mTLS with Vault PKI backend for secure service mesh communication

Set up mutual TLS authentication for Consul Connect using HashiCorp Vault's PKI backend to secure service-to-service communication with automatic certificate management and rotation.

45 min 4 distros 56 views
devops Advanced

Configure Podman secrets management with HashiCorp Vault integration

Set up secure container secrets management by integrating Podman with HashiCorp Vault. Configure dynamic secret injection, automated rotation, and production-ready monitoring for containerized applications.

45 min 4 distros 55 views
security Intermediate

Configure Podman image scanning with Trivy security vulnerability detection

Set up automated container image security scanning using Trivy with Podman to detect vulnerabilities, misconfigurations, and security issues before deploying containers to production.

45 min 4 distros 49 views
monitoring Intermediate

Set up InfluxDB alerting with Kapacitor and notifications

Configure comprehensive alerting for InfluxDB using Kapacitor with email, Slack, and webhook notifications. Set up real-time monitoring, thresholds, and automated responses for time-series data anomalies.

25 min 4 distros 14 views
databases Advanced

Set up TimescaleDB high availability with streaming replication and automatic failover

Configure TimescaleDB with PostgreSQL streaming replication for high availability. Set up primary and standby servers with hot standby mode, implement automatic failover with pg_auto_failover, and monitor replication status for production-ready time-series database clustering.

45 min 4 distros 28 views
monitoring Intermediate

Integrate TimescaleDB with Telegraf for metrics collection and time-series monitoring

Set up TimescaleDB with PostgreSQL and configure Telegraf to collect system and application metrics. Create continuous aggregates and monitoring dashboards for comprehensive time-series analysis and alerting.

25 min 4 distros 35 views
devops Advanced

Set up Nomad multi-node cluster with TLS encryption and Consul integration

Deploy a production-ready HashiCorp Nomad cluster with server and client nodes, TLS encryption, and Consul integration for service discovery. Includes workload deployment and monitoring configuration.

45 min 4 distros 38 views
devops Intermediate

Configure Kubernetes secrets management with Sealed Secrets for secure Helm values

Learn to implement Sealed Secrets controller for encrypting Kubernetes secrets in Git repositories, enabling secure GitOps workflows with encrypted Helm values and automated secret management.

45 min 4 distros 15 views
devops Intermediate

Setup Kubernetes ingress controller with cert-manager and Helm for automated SSL certificate management

Deploy NGINX Ingress Controller and cert-manager using Helm to automatically provision and manage SSL certificates for your Kubernetes applications with Let's Encrypt integration.

25 min 4 distros 31 views
security Intermediate

Configure SSL certificates and security hardening for Nexus Repository Manager

Secure your Nexus Repository Manager with SSL/TLS certificates, enforce HTTPS connections, and implement comprehensive security hardening including authentication controls, access policies, and audit logging for production environments.

45 min 4 distros 107 views

Need help?

Don't want to manage this yourself?

We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.

Talk to an engineer