Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uptime Kuma for website monitoring with SSL and email alerts
monitoringRecently published
Configure custom SNMP MIBs for vendor-specific monitoring with SNMP v2c and v3
monitoringImplement NGINX Plus active health checks for enterprise environments
hostingSetup Prometheus Blackbox Exporter for endpoint monitoring with SSL and alerting
monitoringConfigure Prometheus alerting with AlertManager notifications and webhook integration
monitoringConfigure Elasticsearch cross-cluster replication for disaster recovery
databasesConfigure Linux NUMA optimization for multi-socket servers with memory policy tuning and CPU affinity
Optimize multi-socket server performance by configuring NUMA memory policies, CPU affinity, and topology-aware application placement. Achieve significant performance gains through proper NUMA optimization.
Configure NGINX rate limiting and DDoS protection with advanced security rules
Set up NGINX rate limiting modules, implement connection limits, and configure geographic blocking to protect your web applications from DDoS attacks and abuse.
Configure centralized logging with rsyslog and logrotate for system monitoring and log management
Set up a centralized logging system using rsyslog server to collect logs from multiple clients, implement TLS encryption for secure transmission, and configure logrotate for automated log rotation and management.
Implement WireGuard multi-site mesh networking with automatic routing and failover
Deploy a scalable WireGuard mesh network across multiple sites with automatic routing, failover mechanisms, and centralized management for high-availability site-to-site connectivity.
Configure Elasticsearch 8 index lifecycle management with hot-warm-cold architecture for automated data tiering
Set up Elasticsearch 8 with hot-warm-cold node architecture and automated index lifecycle management policies to optimize storage costs and query performance. Configure ILM policies that automatically move data through different tiers based on age and usage patterns.
Implement Grafana advanced alerting with webhooks and notification channels
Set up comprehensive Grafana alerting with webhook endpoints, Slack and Teams notifications, and advanced alert conditions. Configure data sources, create alert rules, and implement custom notification channels for production monitoring.
Implement GitLab CI/CD security scanning for Docker images
Set up automated container vulnerability scanning in GitLab CI/CD pipelines with Trivy and registry integration. Implement security gates, quality controls, and automated reporting for production-ready DevSecOps workflows.
Implement Airflow DAG security scanning with Bandit and safety checks
Set up automated security scanning for Apache Airflow DAGs using Bandit for Python code analysis and Safety for vulnerability detection. Configure pre-commit hooks and CI/CD integration for continuous security monitoring.
Set up Zabbix 7 distributed monitoring with proxy servers for scalable infrastructure oversight
Configure Zabbix proxy servers to distribute monitoring loads across multiple network segments with encrypted communication, automated discovery, and centralized management for enterprise-scale infrastructure monitoring.
Configure SonarQube quality gates and custom rules for automated code quality enforcement
Set up SonarQube quality gates with custom conditions, create language-specific rules, and integrate automated quality enforcement into CI/CD pipelines for continuous code quality monitoring.
Configure advanced iptables firewall rules with logging, port knocking, and DDoS protection
Build a production-grade iptables firewall with connection tracking, rate limiting, and port knocking. Includes automated DDoS protection, detailed logging, and security hardening for enterprise environments.
Secure Docker containers with Traefik reverse proxy and Authelia authentication
Set up a production-grade security stack using Traefik v3 reverse proxy with SSL automation and Authelia for multi-factor authentication. This tutorial covers Docker hardening, LDAP integration, and container security monitoring.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer