Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure Ollama for local AI models on Linux servers
devopsConfigure Linux system time synchronization with chrony and NTP hardening
linuxRecently published
Set up audit log analysis dashboard with Grafana and Prometheus for security monitoring
securityConfigure Redis 7 cluster sharding with SSL/TLS authentication and security hardening
databasesImplement backup rotation policies with automated cleanup using systemd timers and shell scripts
linuxOptimize OpenResty performance with advanced caching strategies and Lua optimization
performanceConfigure Linux audit system with SIEM integration for Splunk security monitoring
securitySetup log aggregation with rsyslog and logrotate for centralized system monitoring
Configure rsyslog for centralized log collection across servers, implement advanced logrotate policies for automated retention, and set up remote log shipping with filtering for comprehensive system monitoring and audit compliance.
Configure SSH key authentication and security hardening
Replace password authentication with SSH keys and implement comprehensive security hardening including fail2ban, audit logging, and access controls to protect your Linux servers from unauthorized access and brute force attacks.
Integrate ModSecurity 3 with SOAR platforms for automated incident response and threat detection
Set up ModSecurity 3 with structured logging, webhook notifications, and API integrations to automatically feed security events into SOAR platforms for real-time threat detection and incident response workflows.
Implement network security policies with iptables and firewalld for enterprise infrastructure protection
Configure enterprise-grade network security with iptables and firewalld, implementing zone-based policies, advanced rules, and comprehensive logging for production infrastructure protection.
Implement container security with AppArmor and seccomp profiles
Secure your containers with AppArmor mandatory access controls and seccomp system call filtering. Learn to create custom security profiles, implement runtime policies, and monitor container security violations in production environments.
Setup Tailscale site-to-site VPN with multiple exit nodes for redundancy
Configure a resilient Tailscale mesh VPN with multiple exit nodes for high availability site-to-site connectivity. Set up subnet routing, automatic failover, and monitoring across distributed networks.
Set up centralized security monitoring with ClamAV 1.4 and Elasticsearch 8
Build a comprehensive security monitoring infrastructure with ClamAV antivirus scanning, Elasticsearch log storage, and automated threat detection. This setup provides real-time malware scanning with centralized log aggregation for enterprise security compliance.
Configure ClamAV integration with web servers and email systems for automated threat detection
Integrate ClamAV antivirus with NGINX, Apache, Postfix and Dovecot for automated file scanning and email protection. Set up real-time threat detection with monitoring and alerting.
Set up PostgreSQL 17 streaming replication with PgBouncer connection pooling and load balancing
Configure PostgreSQL 17 with streaming replication for high availability, then add PgBouncer connection pooling with intelligent load balancing across primary and replica servers for production-grade database infrastructure.
Implement Tailscale OAuth integration with identity providers for enterprise authentication
Configure Tailscale with enterprise identity providers including SAML and OIDC authentication, implement access control policies, and manage users across distributed teams for secure zero-trust networking.
Configure BIRD BGP routing daemon for advanced routing policies and network automation
Set up BIRD 2.15 BGP daemon with advanced routing policies, route filtering, and automated network management. Configure BGP peering, implement complex routing decisions, and set up route aggregation for production networks.
Configure Linux process scheduling and CPU affinity for performance optimization
Learn to optimize Linux process performance by configuring CPU scheduling priorities, CPU affinity, and systemd resource management for better workload distribution and reduced context switching.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer