Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure Ollama for local AI models on Linux servers
devopsConfigure Linux system time synchronization with chrony and NTP hardening
linuxRecently published
Configure Kafka Schema Registry with Avro serialization for data processing
devopsSetup Elasticsearch 8 index lifecycle management for automated log retention and storage optimization
devopsConfigure Kafka Streams state stores and RocksDB optimization for high-performance streaming applications
devopsImplement Django continuous deployment with Git hooks and automated testing
devopsConfigure Django Redis caching and session storage for high-performance web applications
performanceImplement two-factor authentication for SSH with Google Authenticator and TOTP
Secure your SSH connections by adding TOTP-based two-factor authentication using Google Authenticator and PAM modules for an additional layer of protection beyond passwords and keys.
Integrate HashiCorp Vault with Kubernetes secrets management for secure container orchestration
Configure HashiCorp Vault integration with Kubernetes using the Vault CSI driver and Secrets Operator for automated secret injection and synchronization. This setup enables secure secret management for containerized applications with dynamic secret rotation and policy-based access controls.
Configure Vault dynamic secrets for databases with PostgreSQL and MySQL integration
Set up HashiCorp Vault's database secrets engine to automatically generate short-lived credentials for PostgreSQL and MySQL databases, improving security by eliminating static passwords and enabling automated credential rotation.
Set up Vault as a PKI certificate authority with SSL automation and intermediate CA
Build a production-grade PKI infrastructure using HashiCorp Vault with root and intermediate certificate authorities. Enable automated SSL certificate generation and renewal for your applications with RBAC policies.
Integrate MinIO with Kubernetes for persistent storage and object data management
Deploy MinIO on Kubernetes using the operator for scalable object storage. Configure persistent volumes, high availability tenants, and secure ingress with SSL certificates.
Set up SSH bastion host with jump server configuration for secure network access
Configure an SSH bastion host to secure access to private networks, implementing jump server functionality with key-based authentication and access controls for enhanced security.
Configure Apache HTTP Server clustering with mod_cluster and JBoss EAP for enterprise load balancing
Set up Apache HTTP Server with mod_cluster module to create an intelligent load balancing cluster with JBoss EAP application servers, featuring automatic node discovery, session clustering, and health monitoring.
Implement container security monitoring with Falco runtime detection
Set up Falco for real-time container security monitoring with runtime threat detection, Kubernetes integration, and automated alerting through Grafana dashboards.
Configure intrusion detection with OSSEC and Wazuh for real-time security monitoring
Set up comprehensive host-based intrusion detection with OSSEC HIDS and Wazuh manager for real-time security monitoring, file integrity checking, and automated threat response across your infrastructure.
Implement MongoDB 8.0 change streams for real-time data processing and application synchronization
Set up MongoDB 8.0 change streams to monitor database changes in real-time. Configure replica sets, implement Python and Node.js clients, and add filtering and resumability for production applications.
Integrate MinIO with Prometheus monitoring for performance metrics and observability
Set up comprehensive monitoring for your MinIO object storage cluster with Prometheus metrics collection, Grafana visualization dashboards, and automated alerting rules for production environments.
Configure Airflow DAG security and isolation with RBAC policies
Set up comprehensive security for Apache Airflow with role-based access control, DAG-level permissions, and resource isolation. Configure user authentication, implement fine-grained security policies, and establish monitoring for production-grade workflow orchestration.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer