Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure ArgoCD for GitOps continuous deployment with RBAC and SSL
devopsInstall and configure PostgreSQL 17 with performance tuning and security hardening
databasesInstall and configure Loki for centralized log aggregation with Grafana integration
monitoringInstall and configure WireGuard VPN server with client management
networkingInstall and configure CockroachDB cluster with high availability and distributed SQL
databasesRecently published
Configure Nagios SNMP monitoring for network devices with automated discovery and templates
monitoringIntegrate Elasticsearch 8 with Prometheus monitoring and Grafana dashboards
monitoringSet up NGINX web application firewall with ModSecurity 3 and OWASP Core Rule Set
securityConfigure NGINX reverse proxy with advanced caching and load balancing
hostingConfigure Netdata alerts with Slack and Microsoft Teams for real-time monitoring notifications
monitoringSet up NGINX web application firewall with ModSecurity 3 and OWASP Core Rule Set
Configure a production-grade web application firewall using NGINX with ModSecurity 3 and OWASP Core Rule Set. Includes logging, monitoring, and fail2ban integration for comprehensive threat protection.
Configure NGINX reverse proxy with advanced caching and load balancing
Set up NGINX as a high-performance reverse proxy with Redis-backed caching, multiple load balancing algorithms, SSL termination, and comprehensive monitoring for production environments.
Configure Netdata alerts with Slack and Microsoft Teams for real-time monitoring notifications
Set up comprehensive Netdata alerting with Slack and Microsoft Teams integration. Configure custom alert thresholds, webhook notifications, and automated monitoring responses for real-time system health alerts.
Set up intrusion detection with OSSEC HIDS and nftables integration for automated threat response
Configure OSSEC Host-based Intrusion Detection System with nftables firewall integration for real-time threat detection and automated response. Monitor system activity, detect intrusions, and automatically block malicious IPs using active response mechanisms.
Implement custom Prometheus exporters for application metrics collection and monitoring
Build production-grade custom Prometheus exporters in Python and Go to collect application-specific metrics. Learn exporter architecture, metric types, systemd deployment, and Prometheus integration for comprehensive application monitoring.
Configure Varnish cache invalidation with automated purging strategies for high-performance web acceleration
Learn to configure advanced Varnish VCL for cache invalidation, implement PURGE and BAN strategies, and set up automated cache tagging for optimal performance. Master selective invalidation techniques and monitoring for production-grade web acceleration.
Configure Ansible dynamic inventory for AWS, Azure, and GCP with automated discovery
Set up Ansible dynamic inventory plugins for AWS EC2, Azure, and Google Cloud Platform to automatically discover and manage cloud resources. This tutorial covers authentication, filtering, and unified inventory management across multiple cloud providers.
Set up nftables IPv6 NAT and dual-stack networking with firewall rules and traffic forwarding
Configure nftables with IPv6 NAT masquerading, dual-stack IPv4/IPv6 forwarding, and comprehensive firewall rules for secure network routing and traffic management on modern Linux systems.
Configure Gunicorn performance monitoring with Prometheus metrics and Grafana dashboards
Set up comprehensive performance monitoring for Gunicorn WSGI servers using Prometheus metrics collection and Grafana visualization. Monitor request rates, response times, worker processes, memory usage, and implement automated alerting for production Python applications.
Implement HAProxy rate limiting and DDoS protection with advanced security rules
Configure HAProxy with comprehensive rate limiting, connection throttling, and DDoS protection using stick tables, ACLs, and advanced security rules to protect your applications from malicious traffic and ensure service availability.
Configure Kubernetes network policies with Calico CNI for microsegmentation and security enforcement
Learn to implement advanced network security in Kubernetes using Calico CNI. Configure namespace-based microsegmentation, application-level policies, and comprehensive monitoring for enterprise-grade cluster protection.
Implement Jaeger security with TLS encryption and authentication for distributed tracing
Secure your Jaeger distributed tracing infrastructure with TLS encryption, JWT-based authentication, and RBAC policies. This tutorial covers certificate generation, collector/query service encryption, and UI authentication through reverse proxy integration.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer