Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure TimescaleDB with PostgreSQL for high-performance time-series data
databasesRecently published
Configure Consul Connect service mesh monitoring with distributed tracing
monitoringConfigure Kubernetes RBAC with service accounts and cluster roles for secure access control
devopsImplement Deno microservices architecture with service discovery and load balancing
devopsImplement Kubernetes security scanning with Falco and OPA Gatekeeper for runtime protection
securityConfigure OpenTelemetry custom metrics for application monitoring with Prometheus and Grafana
monitoringSet up LUKS full disk encryption during Linux installation
Configure full disk encryption with LUKS during OS installation to secure your data at rest. Includes post-installation key management, performance optimization, and troubleshooting for production systems.
Configure auditd with Elasticsearch and Kibana for compliance reporting
Set up comprehensive Linux audit logging with auditd, integrate with Elasticsearch 8 and Kibana 8 for centralized analysis, and create compliance dashboards for PCI DSS, HIPAA, and SOX reporting requirements.
Configure network-attached storage backup with NFS and encryption
Set up an encrypted NFS backup server with automated backup scripts and performance monitoring. Configure LUKS encryption, NFS exports, and centralized backup management for secure enterprise storage.
Configure Nagios Core 4.5 SSL certificates and security hardening with authentication controls
Secure your Nagios monitoring with SSL certificates, advanced authentication, and comprehensive access controls. This guide covers Let's Encrypt integration, web interface hardening, and security monitoring setup.
Configure SELinux mandatory access controls for enhanced security
Set up SELinux on Ubuntu and Debian systems, configure security modes and policies, create custom application rules, and implement comprehensive monitoring for enhanced Linux security hardening.
Configure ScyllaDB SSL encryption and authentication with certificate management and security hardening
Secure your ScyllaDB cluster with comprehensive SSL/TLS encryption for client connections and inter-node communication. This tutorial covers certificate generation, authentication setup, and production security hardening.
Configure SSH certificate authentication with CA signing for secure server access
Set up SSH certificate-based authentication using a Certificate Authority to eliminate individual key management. Create signed user certificates that provide secure, scalable access control for multiple servers and users.
Configure SSH two-factor authentication with Google Authenticator TOTP
Add an extra layer of security to SSH logins by requiring both a password and a time-based one-time password (TOTP) generated by Google Authenticator or compatible apps.
Configure Cassandra SSL encryption and authentication with security hardening
Set up comprehensive SSL/TLS encryption for Apache Cassandra with client-to-node and node-to-node security, certificate management, and production-grade authentication hardening.
Integrate OSSEC with Splunk for centralized security monitoring and log analysis
Set up OSSEC HIDS with Splunk Universal Forwarder to centralize security events, create monitoring dashboards, and enable real-time threat correlation across your infrastructure.
Configure intrusion detection with OSSEC and fail2ban integration
Set up comprehensive intrusion detection by integrating OSSEC HIDS with fail2ban for automated threat response. This advanced configuration provides real-time monitoring, log analysis, and automated IP blocking for enhanced server security.
Configure ModSecurity machine learning anomaly detection for automated threat protection
Set up ModSecurity 3 with machine learning anomaly detection to automatically identify and block unknown attack patterns. This advanced configuration adds intelligent threat protection beyond traditional signature-based rules.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer