Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure CockroachDB cluster with high availability and distributed SQL
databasesInstall and configure ArgoCD for GitOps continuous deployment with RBAC and SSL
devopsInstall and configure PostgreSQL 17 with performance tuning and security hardening
databasesInstall and configure Loki for centralized log aggregation with Grafana integration
monitoringInstall and configure WireGuard VPN server with client management
networkingRecently published
Configure Nagios SNMP monitoring for network devices with automated discovery and templates
monitoringIntegrate Elasticsearch 8 with Prometheus monitoring and Grafana dashboards
monitoringSet up NGINX web application firewall with ModSecurity 3 and OWASP Core Rule Set
securityConfigure NGINX reverse proxy with advanced caching and load balancing
hostingConfigure Netdata alerts with Slack and Microsoft Teams for real-time monitoring notifications
monitoringConfigure Linux file permissions and access control with umask and chmod best practices
Learn how to configure secure Linux file permissions using chmod, set default permissions with umask, and implement proper access control to prevent security vulnerabilities while fixing permission denied errors.
Configure Linux environment variables and PATH management for development workflows
Learn how to properly configure Linux environment variables and manage your PATH for development workflows. This guide covers temporary and persistent variables, user vs system-wide configuration, and troubleshooting common issues across Ubuntu, Debian, AlmaLinux, Rocky Linux, and Fedora.
Configure SSH key authentication and disable password login for secure server access
Set up SSH public key authentication on Linux servers and disable password-based logins to prevent brute force attacks and improve security. This tutorial covers key generation, server configuration, and troubleshooting common authentication issues.
Install and configure Jetty application server with SSL certificates and performance tuning
Deploy Eclipse Jetty application server with SSL/TLS encryption, systemd service management, and production-ready performance optimizations. Configure reverse proxy integration and security hardening for Java web applications.
Install and configure Cherokee web server with FastCGI and virtual hosts
Set up Cherokee web server with web-based administration, FastCGI support for PHP applications, SSL-enabled virtual hosts, and performance optimizations for lightweight web hosting environments.
Configure network traffic shaping with tc and HTB for bandwidth management and QoS
Set up hierarchical token bucket (HTB) traffic shaping with tc to control bandwidth allocation, prioritize network traffic, and implement quality of service policies for optimal network performance.
Configure OSSEC HIDS for intrusion detection with email alerts and real-time monitoring
Set up OSSEC Host-based Intrusion Detection System with server-agent architecture, custom detection rules, email notifications, and real-time monitoring for comprehensive security monitoring across multiple systems.
Configure network load balancing with keepalived and VRRP for high availability failover
Set up keepalived with VRRP to create highly available network services with automatic failover. Configure virtual IP addresses that move between servers when one fails, ensuring zero-downtime load balancing.
Configure Linux firewall rules with fail2ban for SSH brute force protection and intrusion prevention
Set up fail2ban to automatically block SSH brute force attacks and protect your Linux server from unauthorized access attempts. Configure custom jails, firewall integration, and email notifications for comprehensive intrusion prevention.
Configure Tailscale mesh VPN with subnet routing and ACL policies for secure network access
Set up a zero-trust mesh VPN network with Tailscale that includes subnet routing for local network access, granular ACL policies for security, and exit nodes for secure internet access.
Configure Linux system backup automation with rsync and systemd timers
Set up automated Linux system backups using rsync with SSH authentication, systemd timers for scheduling, retention policies, email notifications, and monitoring. Perfect for production environments requiring reliable backup automation.
Configure Linux system firewall with nftables and security hardening
Learn how to configure nftables firewall with advanced security rules, rate limiting, and fail2ban integration. This tutorial covers migration from iptables, logging configuration, and production-grade security hardening for modern Linux systems.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer