Infrastructure tutorials

Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.

/

Browse by topic

41 guides

Linux

System administration, shell scripting, package management

52 guides

Hosting & Servers

Web servers, reverse proxies, SSL, domains

109 guides

Security

Firewalls, hardening, encryption, access control

38 guides

Performance

Caching, optimization, profiling, load testing

71 guides

Databases

MySQL, PostgreSQL, Redis, backups, replication

52 guides

Networking

DNS, load balancing, VPN, TCP/IP, routing

127 guides

DevOps

CI/CD, Docker, Kubernetes, automation

121 guides

Monitoring

Logging, alerting, metrics, observability

Most viewed

Configure Linux system time synchronization with chrony and NTP hardening

linux

905

Install and configure Caddy web server with automatic HTTPS and reverse proxy

hosting

779

Install and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications

hosting

773

Set up Node.js application security with Helmet and rate limiting

security

760

Install and configure PostgreSQL 17 with performance tuning and security hardening

databases

739

Recently published

Monitor Jetty performance with JMX and Grafana dashboards

monitoring

7 minutes ago

Configure FRRouting route maps and prefix lists for advanced routing policies

networking

5 hours ago

Configure Jetty clustering and session replication for high availability

hosting

14 hours ago

Configure Cherokee web server with MySQL database optimization and performance tuning

hosting

19 hours ago

Configure Cassandra SSL encryption and authentication with security hardening

databases

1 day ago

"access control" × Clear all

databases Advanced

Configure Cassandra SSL encryption and authentication with security hardening

Set up comprehensive SSL/TLS encryption for Apache Cassandra with client-to-node and node-to-node security, certificate management, and production-grade authentication hardening.

45 min 4 distros 12 views

security Intermediate

Configure SSH key authentication and security hardening

Replace password authentication with SSH keys and implement comprehensive security hardening including fail2ban, audit logging, and access controls to protect your Linux servers from unauthorized access and brute force attacks.

25 min 4 distros 9 views

security Intermediate

Configure PostgreSQL 17 SSL encryption and advanced security hardening

Set up SSL/TLS encryption, client certificate authentication, and comprehensive security policies for PostgreSQL 17. Includes audit logging, access controls, and firewall configuration for production environments.

45 min 4 distros 13 views

security Intermediate

Implement container security with AppArmor and seccomp profiles

Secure your containers with AppArmor mandatory access controls and seccomp system call filtering. Learn to create custom security profiles, implement runtime policies, and monitor container security violations in production environments.

45 min 4 distros 90 views

networking Intermediate

Setup Tailscale site-to-site VPN with multiple exit nodes for redundancy

Configure a resilient Tailscale mesh VPN with multiple exit nodes for high availability site-to-site connectivity. Set up subnet routing, automatic failover, and monitoring across distributed networks.

45 min 4 distros 23 views

security Advanced

Implement Tailscale OAuth integration with identity providers for enterprise authentication

Configure Tailscale with enterprise identity providers including SAML and OIDC authentication, implement access control policies, and manage users across distributed teams for secure zero-trust networking.

45 min 4 distros 57 views

networking Advanced

Implement network monitoring with SNMP and BGP metrics using FRRouting and Prometheus

Set up comprehensive network monitoring with SNMP daemon, FRRouting BGP metrics, and Prometheus collection for real-time infrastructure visibility and alerting.

45 min 4 distros 11 views

hosting Intermediate

Configure Caddy 2 with Docker containers and automatic SSL certificates

Set up Caddy 2 as a reverse proxy using Docker with automatic Let's Encrypt SSL certificates. Deploy containerized web applications behind Caddy with zero-downtime SSL management and built-in load balancing.

45 min 4 distros 21 views

security Intermediate

Implement Caddy 2 rate limiting and DDoS protection with advanced security rules

Configure Caddy 2 web server with comprehensive rate limiting, request throttling, and DDoS protection using built-in security modules and advanced filtering rules.

45 min 4 distros 23 views

security Intermediate

Implement Linux security hardening with CIS benchmarks and automated compliance scanning

Harden your Linux systems using CIS benchmarks with automated compliance scanning and continuous monitoring. Learn to implement security controls for filesystem permissions, user authentication, network policies, and maintain ongoing compliance with industry standards.

45 min 4 distros 16 views

security Advanced

Integrate WireGuard VPN server with LDAP authentication for enterprise user management

Configure WireGuard VPN server to authenticate users against LDAP directory services like Active Directory. Automate client certificate management and implement centralized user access control for enterprise environments.

45 min 4 distros 84 views

devops Intermediate

Set up GitLab container registry mirror and proxy cache for improved performance

Configure GitLab's built-in container registry as a mirror and proxy cache to reduce Docker Hub rate limits, speed up image pulls, and improve CI/CD pipeline performance across your organization.

45 min 4 distros 81 views

Need help?

Don't want to manage this yourself?

We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.

Talk to an engineer