Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure TimescaleDB with PostgreSQL for high-performance time-series data
databasesInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingRecently published
Configure Consul Connect service mesh monitoring with distributed tracing
monitoringConfigure Kubernetes RBAC with service accounts and cluster roles for secure access control
devopsImplement Deno microservices architecture with service discovery and load balancing
devopsImplement Kubernetes security scanning with Falco and OPA Gatekeeper for runtime protection
securityConfigure OpenTelemetry custom metrics for application monitoring with Prometheus and Grafana
monitoringConfigure OSSEC active response for automated threat blocking
Set up OSSEC active response to automatically block threats by configuring firewall rules, custom response scripts, and tuning response actions for real-time intrusion prevention.
Configure CockroachDB 24.3 multi-region deployment with high availability clustering
Deploy CockroachDB across multiple regions with automated failover, data locality controls, and production-grade security. Includes replication zones, load balancing, and disaster recovery strategies.
Integrate ModSecurity 3 with SOAR platforms for automated incident response and threat detection
Set up ModSecurity 3 with structured logging, webhook notifications, and API integrations to automatically feed security events into SOAR platforms for real-time threat detection and incident response workflows.
Implement network security policies with iptables and firewalld for enterprise infrastructure protection
Configure enterprise-grade network security with iptables and firewalld, implementing zone-based policies, advanced rules, and comprehensive logging for production infrastructure protection.
Setup Tailscale site-to-site VPN with multiple exit nodes for redundancy
Configure a resilient Tailscale mesh VPN with multiple exit nodes for high availability site-to-site connectivity. Set up subnet routing, automatic failover, and monitoring across distributed networks.
Set up centralized security monitoring with ClamAV 1.4 and Elasticsearch 8
Build a comprehensive security monitoring infrastructure with ClamAV antivirus scanning, Elasticsearch log storage, and automated threat detection. This setup provides real-time malware scanning with centralized log aggregation for enterprise security compliance.
Configure ClamAV integration with web servers and email systems for automated threat detection
Integrate ClamAV antivirus with NGINX, Apache, Postfix and Dovecot for automated file scanning and email protection. Set up real-time threat detection with monitoring and alerting.
Configure Tailscale monitoring with Prometheus and Grafana dashboards
Set up comprehensive monitoring for your Tailscale mesh VPN network using Prometheus metrics collection and Grafana dashboards to track node connectivity, traffic patterns, and performance across your distributed infrastructure.
Set up Linux network traffic shaping with tc and QoS for bandwidth management
Learn how to implement advanced network traffic control on Linux using tc (traffic control) and HTB (Hierarchical Token Bucket) queueing disciplines. This tutorial covers bandwidth limiting, QoS policies, and traffic prioritization for optimal network performance.
Implement Tailscale OAuth integration with identity providers for enterprise authentication
Configure Tailscale with enterprise identity providers including SAML and OIDC authentication, implement access control policies, and manage users across distributed teams for secure zero-trust networking.
Implement Apache log analysis with GoAccess and ELK stack for real-time monitoring
Set up comprehensive Apache log monitoring with GoAccess for real-time analysis and ELK stack for centralized log processing, creating powerful Kibana dashboards for web server insights and automated alerting.
Configure ELK stack for centralized logging with Elasticsearch 8, Logstash 8, and Kibana 8
Set up a production-grade ELK stack with Elasticsearch 8, Logstash 8, and Kibana 8 for centralized log management. Configure authentication, SSL encryption, and log processing pipelines across multiple data sources.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer