Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uptime Kuma for website monitoring with SSL and email alerts
monitoringRecently published
Configure custom SNMP MIBs for vendor-specific monitoring with SNMP v2c and v3
monitoringImplement NGINX Plus active health checks for enterprise environments
hostingSetup Prometheus Blackbox Exporter for endpoint monitoring with SSL and alerting
monitoringConfigure Prometheus alerting with AlertManager notifications and webhook integration
monitoringConfigure Elasticsearch cross-cluster replication for disaster recovery
databasesSet up GitLab container registry mirror and proxy cache for improved performance
Configure GitLab's built-in container registry as a mirror and proxy cache to reduce Docker Hub rate limits, speed up image pulls, and improve CI/CD pipeline performance across your organization.
Configure Falco runtime security for Kubernetes threat detection with eBPF monitoring
Set up Falco with eBPF monitoring to detect runtime security threats in Kubernetes clusters. Configure custom rules, integrate Prometheus metrics, and establish comprehensive threat detection for container workloads.
Configure Podman image scanning with Trivy security vulnerability detection
Set up automated container image security scanning using Trivy with Podman to detect vulnerabilities, misconfigurations, and security issues before deploying containers to production.
Implement Ansible AWX Tower for enterprise automation workflows with RBAC and inventory management
Deploy Ansible AWX with Docker Compose for centralized automation management. Configure enterprise RBAC, dynamic inventory sources, and workflow templates for scalable infrastructure orchestration across multiple environments.
Configure Ansible Vault for secret management and encryption with playbook automation
Set up Ansible Vault to encrypt sensitive data like passwords, API keys, and certificates in your playbooks. Learn to create encrypted variables, manage vault passwords, and integrate secure secret handling into automated deployments.
Install and configure ArgoCD Image Updater for automatic Kubernetes deployments with GitOps automation
Set up ArgoCD Image Updater to automatically monitor container registries and update Kubernetes deployments when new image versions are available. Configure GitOps workflows with automated Git commits and Prometheus monitoring for seamless CI/CD integration.
Set up Zabbix 7 distributed monitoring with proxy servers for scalable infrastructure oversight
Configure Zabbix proxy servers to distribute monitoring loads across multiple network segments with encrypted communication, automated discovery, and centralized management for enterprise-scale infrastructure monitoring.
Configure SSL certificates and security hardening for Nexus Repository Manager
Secure your Nexus Repository Manager with SSL/TLS certificates, enforce HTTPS connections, and implement comprehensive security hardening including authentication controls, access policies, and audit logging for production environments.
Configure advanced iptables firewall rules with logging, port knocking, and DDoS protection
Build a production-grade iptables firewall with connection tracking, rate limiting, and port knocking. Includes automated DDoS protection, detailed logging, and security hardening for enterprise environments.
Secure Grafana with OAuth authentication and RBAC integration
Configure Grafana with OAuth SSO authentication, implement role-based access control (RBAC), and harden security with SSL certificates for enterprise-grade monitoring dashboard access.
Implement two-factor authentication for SSH with Google Authenticator and TOTP
Secure your SSH connections by adding TOTP-based two-factor authentication using Google Authenticator and PAM modules for an additional layer of protection beyond passwords and keys.
Set up SSH bastion host with jump server configuration for secure network access
Configure an SSH bastion host to secure access to private networks, implementing jump server functionality with key-based authentication and access controls for enhanced security.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer