Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure Uptime Kuma for website monitoring with SSL and email alerts
monitoringRecently published
Monitor Kubernetes network policies with Prometheus and Grafana for enhanced cluster security
monitoringSet up CockroachDB backup and disaster recovery automation with systemd timers and monitoring
databasesConfigure Kubernetes RBAC with service accounts and role bindings for secure cluster access control
devopsConfigure Prometheus Alertmanager with Slack integration for team notifications
monitoringSet up GitLab CI/CD with Kubernetes runners for scalable deployments
devopsConfigure OpenVPN server with certificate management and client automation
Set up a production-grade OpenVPN server with Easy-RSA certificate authority, automated client configuration generation, and certificate revocation management for secure remote access.
Optimize Linux network stack performance with sysctl tuning and TCP congestion control
Learn how to optimize Linux network performance using sysctl kernel parameters, TCP BBR congestion control, and advanced buffer tuning. This guide covers baseline testing, monitoring, and production-grade configurations for high-throughput servers.
Configure Linux system firewall with nftables and security hardening
Learn how to configure nftables firewall with advanced security rules, rate limiting, and fail2ban integration. This tutorial covers migration from iptables, logging configuration, and production-grade security hardening for modern Linux systems.
Install and configure Cilium CNI for Kubernetes with eBPF networking and security policies
Set up Cilium as your Kubernetes CNI plugin with advanced eBPF networking, load balancing, and network security policies. Includes Hubble observability for complete network visibility.
Install and configure Kubernetes cluster with kubeadm and security hardening
Set up a production-ready Kubernetes cluster using kubeadm with proper security hardening, RBAC configuration, and CNI networking. Includes worker node setup and verification steps.
Install and configure Fail2ban with advanced rules and email alerts
Set up Fail2ban intrusion prevention system with custom SSH, web server, and application protection rules. Configure email notifications and advanced filtering to automatically block malicious IP addresses based on log patterns.
Install and configure WireGuard VPN server with client management
Set up a secure WireGuard VPN server with automated client management, including key generation, firewall configuration, and traffic routing for remote access.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer