Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure Uptime Kuma for website monitoring with SSL and email alerts
monitoringRecently published
Implement Apache load balancing with SSL termination and health checks
hostingSetup Node.js error tracking with Sentry for production monitoring and debugging
monitoringImplement Node.js application monitoring with Prometheus metrics and Grafana dashboards
monitoringImplement OSPF multi-area design with FRRouting and advanced routing policies
networkingConfigure Istio security policies with external authorization services integration
securityConfigure advanced iptables firewall rules with logging, port knocking, and DDoS protection
Build a production-grade iptables firewall with connection tracking, rate limiting, and port knocking. Includes automated DDoS protection, detailed logging, and security hardening for enterprise environments.
Deploy applications to Kubernetes with Helm charts and production best practices
Learn how to create production-ready Helm charts for Kubernetes deployments with proper templating, values management, security configurations, and environment-specific customizations for scalable application orchestration.
Implement two-factor authentication for SSH with Google Authenticator and TOTP
Secure your SSH connections by adding TOTP-based two-factor authentication using Google Authenticator and PAM modules for an additional layer of protection beyond passwords and keys.
Integrate HashiCorp Vault with Kubernetes secrets management for secure container orchestration
Configure HashiCorp Vault integration with Kubernetes using the Vault CSI driver and Secrets Operator for automated secret injection and synchronization. This setup enables secure secret management for containerized applications with dynamic secret rotation and policy-based access controls.
Configure Vault dynamic secrets for databases with PostgreSQL and MySQL integration
Set up HashiCorp Vault's database secrets engine to automatically generate short-lived credentials for PostgreSQL and MySQL databases, improving security by eliminating static passwords and enabling automated credential rotation.
Set up Vault as a PKI certificate authority with SSL automation and intermediate CA
Build a production-grade PKI infrastructure using HashiCorp Vault with root and intermediate certificate authorities. Enable automated SSL certificate generation and renewal for your applications with RBAC policies.
Integrate MinIO with Kubernetes for persistent storage and object data management
Deploy MinIO on Kubernetes using the operator for scalable object storage. Configure persistent volumes, high availability tenants, and secure ingress with SSL certificates.
Set up SSH bastion host with jump server configuration for secure network access
Configure an SSH bastion host to secure access to private networks, implementing jump server functionality with key-based authentication and access controls for enhanced security.
Configure Apache HTTP Server clustering with mod_cluster and JBoss EAP for enterprise load balancing
Set up Apache HTTP Server with mod_cluster module to create an intelligent load balancing cluster with JBoss EAP application servers, featuring automatic node discovery, session clustering, and health monitoring.
Implement container security monitoring with Falco runtime detection
Set up Falco for real-time container security monitoring with runtime threat detection, Kubernetes integration, and automated alerting through Grafana dashboards.
Configure intrusion detection with OSSEC and Wazuh for real-time security monitoring
Set up comprehensive host-based intrusion detection with OSSEC HIDS and Wazuh manager for real-time security monitoring, file integrity checking, and automated threat response across your infrastructure.
Implement MongoDB 8.0 change streams for real-time data processing and application synchronization
Set up MongoDB 8.0 change streams to monitor database changes in real-time. Configure replica sets, implement Python and Node.js clients, and add filtering and resumability for production applications.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer