Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure TimescaleDB with PostgreSQL for high-performance time-series data
databasesRecently published
Configure Consul Connect service mesh monitoring with distributed tracing
monitoringConfigure Kubernetes RBAC with service accounts and cluster roles for secure access control
devopsImplement Deno microservices architecture with service discovery and load balancing
devopsImplement Kubernetes security scanning with Falco and OPA Gatekeeper for runtime protection
securityConfigure OpenTelemetry custom metrics for application monitoring with Prometheus and Grafana
monitoringConfigure Jaeger with Elasticsearch backend security and encryption
Set up secure communication between Jaeger and Elasticsearch using TLS encryption, authentication, and production-grade security hardening for distributed tracing infrastructure.
Configure Redis 7 cluster SSL encryption and authentication for production security
Secure your Redis 7 cluster with TLS encryption, client authentication, and inter-node SSL communication for production environments. Includes certificate generation, authentication setup, and security validation.
Implement backup encryption key rotation and secure management with GPG and automated scripts
Build a production-grade backup encryption system with automated GPG key rotation, secure key distribution, and monitoring. Learn to implement enterprise-level key management policies with systemd timers and secure storage practices.
Configure Istio security policies with external authorization services integration
Set up comprehensive Istio security policies with external authorization services, JWT validation, and RBAC integration for enterprise-grade service mesh security and compliance.
Implement Istio security scanning and vulnerability management for Kubernetes service mesh
Set up comprehensive security scanning and vulnerability management for Istio service mesh using Trivy, Falco, and security policies to protect Kubernetes workloads from threats and compliance violations.
Set up Kubernetes container image security scanning with Trivy and admission controllers
Implement automated security scanning for Kubernetes container images using Trivy scanner and admission controllers to block vulnerable images before deployment.
Configure NTP monitoring with Grafana dashboards and Prometheus alerting
Set up comprehensive time synchronization monitoring using chrony, Prometheus node exporter, and custom Grafana dashboards with alerting for time drift and NTP service failures.
Configure Apache SSL hardening with perfect forward secrecy and modern security protocols
Harden Apache HTTP server with modern SSL/TLS configuration, perfect forward secrecy cipher suites, and security headers to protect against common web vulnerabilities and ensure compliance with security standards.
Configure MongoDB sharding with zone-based data distribution for geographic workloads
Set up MongoDB sharding with geographic zones to distribute data based on location, ensuring optimal performance for global applications and regulatory compliance.
Configure Kubernetes secrets management with Vault integration for secure container orchestration
Set up HashiCorp Vault Agent Injector to automatically inject secrets into Kubernetes pods without storing sensitive data in container images or configuration files. This production-grade approach replaces hardcoded secrets with dynamic, secure credential management.
Monitor Kubernetes network policies with Prometheus and Grafana for enhanced cluster security
Set up comprehensive monitoring for Kubernetes network policies using Prometheus and Grafana. Configure CNI metrics collection, create security dashboards, and implement alerting for policy violations and traffic anomalies.
Configure Node.js SSL certificates and HTTPS security hardening for production servers
Set up production-grade SSL/TLS encryption for Node.js applications with certificate management, secure cipher suites, and comprehensive security headers including HSTS implementation.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer