Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uptime Kuma for website monitoring with SSL and email alerts
monitoringRecently published
Implement NGINX Plus active health checks for enterprise environments
hostingSetup Prometheus Blackbox Exporter for endpoint monitoring with SSL and alerting
monitoringConfigure Prometheus alerting with AlertManager notifications and webhook integration
monitoringConfigure Elasticsearch cross-cluster replication for disaster recovery
databasesConfigure InfluxDB 2.7 clustering for high availability with data replication and automated failover
databasesSet up Linux network traffic shaping with tc and QoS for bandwidth management
Learn how to implement advanced network traffic control on Linux using tc (traffic control) and HTB (Hierarchical Token Bucket) queueing disciplines. This tutorial covers bandwidth limiting, QoS policies, and traffic prioritization for optimal network performance.
Set up PostgreSQL 17 streaming replication with PgBouncer connection pooling and load balancing
Configure PostgreSQL 17 with streaming replication for high availability, then add PgBouncer connection pooling with intelligent load balancing across primary and replica servers for production-grade database infrastructure.
Configure BIRD BGP routing daemon for advanced routing policies and network automation
Set up BIRD 2.15 BGP daemon with advanced routing policies, route filtering, and automated network management. Configure BGP peering, implement complex routing decisions, and set up route aggregation for production networks.
Implement OpenLiteSpeed WAF and DDoS protection with ModSecurity 3 and rate limiting
Set up comprehensive web application security for OpenLiteSpeed with ModSecurity 3 web application firewall, OWASP Core Rule Set for threat protection, and advanced rate limiting to defend against DDoS attacks and malicious traffic.
Implement Caddy 2 rate limiting and DDoS protection with advanced security rules
Configure Caddy 2 web server with comprehensive rate limiting, request throttling, and DDoS protection using built-in security modules and advanced filtering rules.
Implement WireGuard multi-site mesh networking with automatic routing and failover
Deploy a scalable WireGuard mesh network across multiple sites with automatic routing, failover mechanisms, and centralized management for high-availability site-to-site connectivity.
Integrate WireGuard VPN server with LDAP authentication for enterprise user management
Configure WireGuard VPN server to authenticate users against LDAP directory services like Active Directory. Automate client certificate management and implement centralized user access control for enterprise environments.
Implement Podman pod security with network policies and microsegmentation
Secure Podman pods with custom network policies, traffic filtering, and microsegmentation using CNI plugins and netavark. Implement zero-trust networking with firewall rules and container isolation.
Set up TimescaleDB high availability with streaming replication and automatic failover
Configure TimescaleDB with PostgreSQL streaming replication for high availability. Set up primary and standby servers with hot standby mode, implement automatic failover with pg_auto_failover, and monitor replication status for production-ready time-series database clustering.
Configure Cilium BGP peering with MetalLB integration for Kubernetes load balancing
Set up Cilium CNI with BGP routing capabilities and integrate with MetalLB speaker components for bare-metal Kubernetes load balancing. This configuration enables external traffic routing and service discovery in on-premises environments.
Configure advanced iptables firewall rules with logging, port knocking, and DDoS protection
Build a production-grade iptables firewall with connection tracking, rate limiting, and port knocking. Includes automated DDoS protection, detailed logging, and security hardening for enterprise environments.
Configure WireGuard site-to-site VPN connections with advanced routing and security
Set up secure network-to-network VPN tunnels using WireGuard with advanced routing, firewall rules, and monitoring for connecting multiple office locations or data centers.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer