Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure TimescaleDB with PostgreSQL for high-performance time-series data
databasesRecently published
Configure Consul Connect service mesh monitoring with distributed tracing
monitoringConfigure Kubernetes RBAC with service accounts and cluster roles for secure access control
devopsImplement Deno microservices architecture with service discovery and load balancing
devopsImplement Kubernetes security scanning with Falco and OPA Gatekeeper for runtime protection
securityConfigure OpenTelemetry custom metrics for application monitoring with Prometheus and Grafana
monitoringConfigure ArgoCD Image Updater for automated container deployments
Set up ArgoCD Image Updater to automatically detect and deploy new container image versions in your GitOps workflow. Includes Git repository integration, webhook configuration, and monitoring setup.
Set up container runtime security with Falco and Sysdig for threat detection
Configure Falco for runtime security monitoring and Sysdig Agent for container visibility to detect threats in Kubernetes environments. Implement behavioral analysis, custom security rules, and threat detection policies for production container workloads.
Integrate ClamAV cluster with file upload APIs for scalable malware scanning
Set up a clustered ClamAV deployment with REST API endpoints for automated malware scanning of file uploads. Configure load balancing, authentication, and monitoring for high-availability antivirus scanning in production environments.
Setup Caddy automatic SSL certificates with Let's Encrypt and DNS challenges
Configure Caddy 2 web server with automatic SSL certificate provisioning using Let's Encrypt and DNS challenge authentication for secure HTTPS automation.
Configure OSSEC vulnerability detection with CVE scanning and automated security alerts
Set up OSSEC Host Intrusion Detection System with vulnerability scanning capabilities, CVE database integration, and automated alerting for comprehensive security monitoring across your infrastructure.
Implement Tailscale OAuth integration with identity providers for enterprise authentication
Configure Tailscale with enterprise identity providers including SAML and OIDC authentication, implement access control policies, and manage users across distributed teams for secure zero-trust networking.
Configure Kubernetes vertical pod autoscaler for resource optimization and cost management
Set up VPA to automatically adjust CPU and memory requests for your Kubernetes workloads. Reduce resource waste and optimize costs by letting VPA analyze actual usage patterns and rightsizing containers.
Install and configure Caddy 2 web server with automatic HTTPS and PHP-FPM
Set up Caddy 2 web server with automatic HTTPS certificates from Let's Encrypt and PHP-FPM integration for dynamic content. Includes virtual hosts, security headers, and systemd service configuration.
Configure ClamAV antivirus scanning with automated threat detection and email alerts
Set up ClamAV daemon for real-time malware detection with automated scanning schedules, email notifications for threats, and optimized performance settings for production servers.
Configure Tailscale mesh VPN with subnet routing and ACL policies for secure network access
Set up a zero-trust mesh VPN network with Tailscale that includes subnet routing for local network access, granular ACL policies for security, and exit nodes for secure internet access.
Install and configure Caddy web server with automatic HTTPS and reverse proxy
Set up Caddy, a modern web server with automatic HTTPS certificates from Let's Encrypt, zero-config HTTP/2, and built-in reverse proxy capabilities for production applications.
Configure automatic security updates with unattended-upgrades and email notifications
Set up automated security patching on Linux servers with unattended-upgrades and dnf-automatic. Configure email notifications, update policies, and monitoring to keep your systems secure while maintaining control over critical services.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer