Infrastructure tutorials

Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.

Browse by topic

Most viewed

Configure Linux system time synchronization with chrony and NTP hardening

linux
869

Set up Node.js application security with Helmet and rate limiting

security
753

Install and configure Caddy web server with automatic HTTPS and reverse proxy

hosting
732

Install and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications

hosting
725

Install and configure PostgreSQL 17 with performance tuning and security hardening

databases
714

Recently published

Configure OSSEC active response for automated threat blocking

security
8 minutes ago

Configure CockroachDB 24.3 multi-region deployment with high availability clustering

databases
9 minutes ago

Set up Fail2ban with Cloudflare API integration for automatic IP blocking and enhanced security

security
12 minutes ago

Configure keepalived with HAProxy backend health monitoring for high availability load balancing

networking
14 minutes ago

Configure ModSecurity machine learning anomaly detection for automated threat protection

security
5 hours ago
"NAT" × Clear all
devops Intermediate

Configure Kubernetes network policies with Calico CNI for container security and microsegmentation

Set up Calico CNI in Kubernetes to implement network policies for pod-to-pod traffic control, create ingress and egress rules for microsegmentation, and test policy enforcement to secure container communication at the network layer.

35 min 4 distros 25 views
databases Intermediate

Implement Elasticsearch 8 snapshot lifecycle management with S3 storage for automated backups

Set up automated Elasticsearch 8 backups using snapshot lifecycle management policies with S3 repository storage. Configure retention policies, scheduling, and monitoring for production backup strategies.

45 min 4 distros 53 views
security Advanced

Integrate WireGuard VPN server with LDAP authentication for enterprise user management

Configure WireGuard VPN server to authenticate users against LDAP directory services like Active Directory. Automate client certificate management and implement centralized user access control for enterprise environments.

45 min 4 distros 56 views
devops Advanced

Setup Tekton Pipelines 0.62 for Kubernetes CI/CD with security scanning integration

Configure Tekton Pipelines for cloud-native CI/CD with automated security scanning, Git webhooks, and production-ready RBAC policies. Build secure container pipelines with integrated vulnerability detection and compliance checks.

45 min 4 distros 22 views
monitoring Intermediate

Implement Grafana advanced alerting with webhooks and notification channels

Set up comprehensive Grafana alerting with webhook endpoints, Slack and Teams notifications, and advanced alert conditions. Configure data sources, create alert rules, and implement custom notification channels for production monitoring.

45 min 4 distros 55 views
databases Advanced

Configure Elasticsearch 8 cross-cluster replication for disaster recovery

Set up cross-cluster replication between Elasticsearch 8 clusters to ensure data resilience and business continuity. This advanced configuration creates automatic data synchronization across geographically distributed clusters for disaster recovery scenarios.

45 min 4 distros 61 views
devops Intermediate

Set up GitLab container registry mirror and proxy cache for improved performance

Configure GitLab's built-in container registry as a mirror and proxy cache to reduce Docker Hub rate limits, speed up image pulls, and improve CI/CD pipeline performance across your organization.

45 min 4 distros 56 views
devops Advanced

Set up Kafka Connect cluster with high availability and load balancing

Configure a production-ready Kafka Connect cluster with multiple worker nodes, HAProxy load balancing, and Prometheus monitoring. Includes distributed configuration, shared storage setup, and comprehensive health checks for reliable data pipeline processing.

45 min 4 distros 63 views
devops Advanced

Integrate AWX 24.6 with HashiCorp Vault for dynamic secrets management and secure automation workflows

Configure AWX to securely retrieve database credentials and API keys from HashiCorp Vault using dynamic secrets that automatically rotate. Set up credential types, database engines, and secure playbook execution with centralized secrets management.

45 min 4 distros 59 views
devops Intermediate

Implement GitLab CI/CD security scanning for Docker images

Set up automated container vulnerability scanning in GitLab CI/CD pipelines with Trivy and registry integration. Implement security gates, quality controls, and automated reporting for production-ready DevSecOps workflows.

45 min 4 distros 55 views
security Intermediate

Configure Zabbix 7 with SSL certificates and database encryption

Secure your Zabbix 7 monitoring infrastructure with SSL certificates for the web interface, encrypted database connections, and TLS-protected agent communication. Essential for production monitoring environments.

45 min 4 distros 69 views
devops Advanced

Deploy Envoy-based service mesh in Kubernetes production environment with SSL and observability

Set up a production-ready Envoy service mesh in Kubernetes with mutual TLS authentication, SSL certificate management, and comprehensive observability through Prometheus monitoring and distributed tracing.

45 min 4 distros 10 views

Need help?

Don't want to manage this yourself?

We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.

Talk to an engineer