Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure Uptime Kuma for website monitoring with SSL and email alerts
monitoringRecently published
Configure Consul Connect service mesh monitoring with distributed tracing
monitoringConfigure Kubernetes RBAC with service accounts and cluster roles for secure access control
devopsImplement Deno microservices architecture with service discovery and load balancing
devopsImplement Kubernetes security scanning with Falco and OPA Gatekeeper for runtime protection
securityConfigure OpenTelemetry custom metrics for application monitoring with Prometheus and Grafana
monitoringImplement Linux security hardening with CIS benchmarks and automated compliance scanning
Harden your Linux systems using CIS benchmarks with automated compliance scanning and continuous monitoring. Learn to implement security controls for filesystem permissions, user authentication, network policies, and maintain ongoing compliance with industry standards.
Configure NGINX rate limiting and DDoS protection with advanced security rules
Set up NGINX rate limiting modules, implement connection limits, and configure geographic blocking to protect your web applications from DDoS attacks and abuse.
Configure centralized logging with rsyslog and logrotate for system monitoring and log management
Set up a centralized logging system using rsyslog server to collect logs from multiple clients, implement TLS encryption for secure transmission, and configure logrotate for automated log rotation and management.
Configure Apache Airflow high availability with CeleryExecutor and Redis clustering for production deployments
Set up Apache Airflow with CeleryExecutor and Redis clustering for high availability production deployments. Configure multiple workers, load balancing, monitoring, and automated failover to handle enterprise-scale workflow orchestration with zero downtime.
Configure advanced gRPC load balancing with Envoy Proxy health checks and circuit breakers
Set up Envoy Proxy with intelligent gRPC load balancing, health checks, and circuit breakers for production microservices. Includes SSL termination, monitoring integration, and security hardening.
Configure Falco runtime security for Kubernetes threat detection with eBPF monitoring
Set up Falco with eBPF monitoring to detect runtime security threats in Kubernetes clusters. Configure custom rules, integrate Prometheus metrics, and establish comprehensive threat detection for container workloads.
Configure Podman image scanning with Trivy security vulnerability detection
Set up automated container image security scanning using Trivy with Podman to detect vulnerabilities, misconfigurations, and security issues before deploying containers to production.
Set up Apache Airflow DAG security policies and data governance with RBAC and audit logging
Configure comprehensive security for Apache Airflow with role-based access control, DAG-level permissions, data lineage tracking, and audit logging for compliance monitoring in production environments.
Configure Jaeger with NGINX reverse proxy and SSL termination
Set up Jaeger distributed tracing behind an NGINX reverse proxy with SSL termination and authentication. Learn to configure secure access, performance optimization, and production-ready monitoring for your microservices.
Configure SSL certificates and security hardening for Nexus Repository Manager
Secure your Nexus Repository Manager with SSL/TLS certificates, enforce HTTPS connections, and implement comprehensive security hardening including authentication controls, access policies, and audit logging for production environments.
Configure advanced iptables firewall rules with logging, port knocking, and DDoS protection
Build a production-grade iptables firewall with connection tracking, rate limiting, and port knocking. Includes automated DDoS protection, detailed logging, and security hardening for enterprise environments.
Configure Loki with S3 storage backend for scalable centralized logging
Set up Grafana Loki with S3-compatible object storage for scalable log aggregation. Configure retention policies, schema management, and monitoring for production-ready centralized logging infrastructure.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer