Infrastructure tutorials

Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.

security Intermediate

Implement Linux security hardening with CIS benchmarks and automated compliance scanning

Harden your Linux systems using CIS benchmarks with automated compliance scanning and continuous monitoring. Learn to implement security controls for filesystem permissions, user authentication, network policies, and maintain ongoing compliance with industry standards.

45 min 4 distros 262 views
security Intermediate

Configure NGINX rate limiting and DDoS protection with advanced security rules

Set up NGINX rate limiting modules, implement connection limits, and configure geographic blocking to protect your web applications from DDoS attacks and abuse.

25 min 4 distros 278 views
linux Intermediate

Configure centralized logging with rsyslog and logrotate for system monitoring and log management

Set up a centralized logging system using rsyslog server to collect logs from multiple clients, implement TLS encryption for secure transmission, and configure logrotate for automated log rotation and management.

45 min 4 distros 398 views
networking Advanced

Implement WireGuard multi-site mesh networking with automatic routing and failover

Deploy a scalable WireGuard mesh network across multiple sites with automatic routing, failover mechanisms, and centralized management for high-availability site-to-site connectivity.

45 min 4 distros 364 views
security Advanced

Integrate WireGuard VPN server with LDAP authentication for enterprise user management

Configure WireGuard VPN server to authenticate users against LDAP directory services like Active Directory. Automate client certificate management and implement centralized user access control for enterprise environments.

45 min 4 distros 332 views
devops Advanced

Integrate AWX 24.6 with HashiCorp Vault for dynamic secrets management and secure automation workflows

Configure AWX to securely retrieve database credentials and API keys from HashiCorp Vault using dynamic secrets that automatically rotate. Set up credential types, database engines, and secure playbook execution with centralized secrets management.

45 min 4 distros 367 views
security Advanced

Implement Podman pod security with network policies and microsegmentation

Secure Podman pods with custom network policies, traffic filtering, and microsegmentation using CNI plugins and netavark. Implement zero-trust networking with firewall rules and container isolation.

45 min 4 distros 318 views
networking Advanced

Configure advanced gRPC load balancing with Envoy Proxy health checks and circuit breakers

Set up Envoy Proxy with intelligent gRPC load balancing, health checks, and circuit breakers for production microservices. Includes SSL termination, monitoring integration, and security hardening.

45 min 4 distros 353 views
security Advanced

Configure Apache Airflow DAG security and secrets management with RBAC policies and encryption

Implement comprehensive security for Apache Airflow DAGs using role-based access control, HashiCorp Vault integration, and encrypted secrets management. Configure granular permissions, audit logging, and isolation policies for production workflows.

45 min 4 distros 347 views
security Intermediate

Configure Falco runtime security for Kubernetes threat detection with eBPF monitoring

Set up Falco with eBPF monitoring to detect runtime security threats in Kubernetes clusters. Configure custom rules, integrate Prometheus metrics, and establish comprehensive threat detection for container workloads.

45 min 4 distros 658 views
devops Advanced

Configure Podman secrets management with HashiCorp Vault integration

Set up secure container secrets management by integrating Podman with HashiCorp Vault. Configure dynamic secret injection, automated rotation, and production-ready monitoring for containerized applications.

45 min 4 distros 400 views
security Intermediate

Configure Podman image scanning with Trivy security vulnerability detection

Set up automated container image security scanning using Trivy with Podman to detect vulnerabilities, misconfigurations, and security issues before deploying containers to production.

45 min 4 distros 319 views

Need help?

Don't want to manage this yourself?

We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.

Talk to an engineer