Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure Ollama for local AI models on Linux servers
devopsConfigure Linux system time synchronization with chrony and NTP hardening
linuxRecently published
Configure Django Redis caching and session storage for high-performance web applications
performanceSet up Kafka Streams testing framework with TopologyTestDriver for automated stream processing validation
devopsBenchmark database performance with sysbench and fio integration
databasesConfigure automated system maintenance with advanced cron scheduling and shell scripts
linuxConfigure Consul multi-datacenter WAN federation for geographic redundancy
devopsConfigure SSH certificate authentication with CA signing for secure server access
Set up SSH certificate-based authentication using a Certificate Authority to eliminate individual key management. Create signed user certificates that provide secure, scalable access control for multiple servers and users.
Configure SSH two-factor authentication with Google Authenticator TOTP
Add an extra layer of security to SSH logins by requiring both a password and a time-based one-time password (TOTP) generated by Google Authenticator or compatible apps.
Implement Linux security hardening with CIS benchmarks and automated compliance scanning
Harden your Linux systems using CIS benchmarks with automated compliance scanning and continuous monitoring. Learn to implement security controls for filesystem permissions, user authentication, network policies, and maintain ongoing compliance with industry standards.
Configure Keycloak OAuth2 integration with web applications using OIDC and JWT tokens
Set up Keycloak as an OAuth2 identity provider with OIDC authentication flows. Configure client applications, implement JWT token validation, and secure NGINX reverse proxy with lua-resty-openidc for production web applications.
Secure Grafana with OAuth authentication and RBAC integration
Configure Grafana with OAuth SSO authentication, implement role-based access control (RBAC), and harden security with SSL certificates for enterprise-grade monitoring dashboard access.
Implement two-factor authentication for SSH with Google Authenticator and TOTP
Secure your SSH connections by adding TOTP-based two-factor authentication using Google Authenticator and PAM modules for an additional layer of protection beyond passwords and keys.
Secure Docker containers with Traefik reverse proxy and Authelia authentication
Set up a production-grade security stack using Traefik v3 reverse proxy with SSL automation and Authelia for multi-factor authentication. This tutorial covers Docker hardening, LDAP integration, and container security monitoring.
Configure OpenVPN LDAP authentication for enterprise users with Active Directory integration
Set up OpenVPN server with LDAP authentication against Active Directory, enabling centralized user management and group-based access control for enterprise VPN deployments.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer