Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure TimescaleDB with PostgreSQL for high-performance time-series data
databasesInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingRecently published
Configure Consul Connect service mesh monitoring with distributed tracing
monitoringConfigure Kubernetes RBAC with service accounts and cluster roles for secure access control
devopsImplement Deno microservices architecture with service discovery and load balancing
devopsImplement Kubernetes security scanning with Falco and OPA Gatekeeper for runtime protection
securityConfigure OpenTelemetry custom metrics for application monitoring with Prometheus and Grafana
monitoringImplement enterprise network QoS with Cisco integration using FRRouting and traffic shaping
Configure enterprise-grade Quality of Service policies with DSCP marking, traffic shaping using tc and HTB, and seamless integration with Cisco equipment through FRRouting BGP and OSPF routing protocols for comprehensive network bandwidth management.
Configure advanced iptables QoS with fwmark and multiple interfaces
Set up traffic shaping with iptables packet marking, HTB queueing discipline, and multi-interface QoS policies for bandwidth management and network performance optimization.
Implement Docker network security with custom bridge networks and container isolation
Secure your Docker deployments by creating isolated custom bridge networks, implementing container segmentation, and configuring network access controls to prevent unauthorized communication between containers.
Implement NGINX Plus active health checks for enterprise environments
Configure NGINX Plus active health checks to automatically detect and remove unhealthy upstream servers, ensuring high availability and optimal load balancing for enterprise applications.
Configure audit compliance automation with Ansible for security monitoring and reporting
Build comprehensive security audit compliance automation using Ansible playbooks to enforce security policies, monitor system configurations, and generate compliance reports across your Linux infrastructure fleet.
Configure encrypted network storage with LUKS and NFS for secure file sharing
Set up enterprise-grade encrypted network storage by combining LUKS disk encryption with NFS file sharing. This advanced configuration provides secure, centralized file access across multiple systems while maintaining data protection at rest.
Configure SSH two-factor authentication with Google Authenticator TOTP
Add an extra layer of security to SSH logins by requiring both a password and a time-based one-time password (TOTP) generated by Google Authenticator or compatible apps.
Monitor Apache Cassandra cluster with Prometheus and Grafana dashboards
Set up comprehensive monitoring for Apache Cassandra clusters using JMX exporter, Prometheus metrics collection, and Grafana dashboards with alerting rules for cluster health.
Configure intrusion detection with OSSEC and fail2ban integration
Set up comprehensive intrusion detection by integrating OSSEC HIDS with fail2ban for automated threat response. This advanced configuration provides real-time monitoring, log analysis, and automated IP blocking for enhanced server security.
Configure OSSEC active response for automated threat blocking
Set up OSSEC active response to automatically block threats by configuring firewall rules, custom response scripts, and tuning response actions for real-time intrusion prevention.
Set up Fail2ban with Cloudflare API integration for automatic IP blocking and enhanced security
Configure Fail2ban to automatically add malicious IPs to Cloudflare's firewall rules for enhanced protection. This tutorial covers installation, custom filters, API integration, and monitoring for comprehensive security automation across your infrastructure.
Configure ModSecurity machine learning anomaly detection for automated threat protection
Set up ModSecurity 3 with machine learning anomaly detection to automatically identify and block unknown attack patterns. This advanced configuration adds intelligent threat protection beyond traditional signature-based rules.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer