Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uptime Kuma for website monitoring with SSL and email alerts
monitoringRecently published
Implement NGINX Plus active health checks for enterprise environments
hostingSetup Prometheus Blackbox Exporter for endpoint monitoring with SSL and alerting
monitoringConfigure Prometheus alerting with AlertManager notifications and webhook integration
monitoringConfigure Elasticsearch cross-cluster replication for disaster recovery
databasesConfigure InfluxDB 2.7 clustering for high availability with data replication and automated failover
databasesConfigure ScyllaDB SSL encryption and authentication with certificate management and security hardening
Secure your ScyllaDB cluster with comprehensive SSL/TLS encryption for client connections and inter-node communication. This tutorial covers certificate generation, authentication setup, and production security hardening.
Configure SSH certificate authentication with CA signing for secure server access
Set up SSH certificate-based authentication using a Certificate Authority to eliminate individual key management. Create signed user certificates that provide secure, scalable access control for multiple servers and users.
Configure OSSEC vulnerability detection with CVE scanning and automated security alerts
Set up OSSEC Host Intrusion Detection System with vulnerability scanning capabilities, CVE database integration, and automated alerting for comprehensive security monitoring across your infrastructure.
Configure systemd service resource limits and security isolation
Configure cgroups v2 resource limits and security isolation for systemd services to prevent resource exhaustion and improve system security. This tutorial covers memory, CPU, and I/O limits with monitoring and troubleshooting.
Configure CockroachDB 24.3 multi-region deployment with high availability clustering
Deploy CockroachDB across multiple regions with automated failover, data locality controls, and production-grade security. Includes replication zones, load balancing, and disaster recovery strategies.
Setup log aggregation with rsyslog and logrotate for centralized system monitoring
Configure rsyslog for centralized log collection across servers, implement advanced logrotate policies for automated retention, and set up remote log shipping with filtering for comprehensive system monitoring and audit compliance.
Configure PostgreSQL 17 SSL encryption and advanced security hardening
Set up SSL/TLS encryption, client certificate authentication, and comprehensive security policies for PostgreSQL 17. Includes audit logging, access controls, and firewall configuration for production environments.
Implement network security policies with iptables and firewalld for enterprise infrastructure protection
Configure enterprise-grade network security with iptables and firewalld, implementing zone-based policies, advanced rules, and comprehensive logging for production infrastructure protection.
Setup Tailscale site-to-site VPN with multiple exit nodes for redundancy
Configure a resilient Tailscale mesh VPN with multiple exit nodes for high availability site-to-site connectivity. Set up subnet routing, automatic failover, and monitoring across distributed networks.
Set up centralized security monitoring with ClamAV 1.4 and Elasticsearch 8
Build a comprehensive security monitoring infrastructure with ClamAV antivirus scanning, Elasticsearch log storage, and automated threat detection. This setup provides real-time malware scanning with centralized log aggregation for enterprise security compliance.
Set up Linux network traffic shaping with tc and QoS for bandwidth management
Learn how to implement advanced network traffic control on Linux using tc (traffic control) and HTB (Hierarchical Token Bucket) queueing disciplines. This tutorial covers bandwidth limiting, QoS policies, and traffic prioritization for optimal network performance.
Implement Tailscale OAuth integration with identity providers for enterprise authentication
Configure Tailscale with enterprise identity providers including SAML and OIDC authentication, implement access control policies, and manage users across distributed teams for secure zero-trust networking.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer