Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uptime Kuma for website monitoring with SSL and email alerts
monitoringRecently published
Configure custom SNMP MIBs for vendor-specific monitoring with SNMP v2c and v3
monitoringImplement NGINX Plus active health checks for enterprise environments
hostingSetup Prometheus Blackbox Exporter for endpoint monitoring with SSL and alerting
monitoringConfigure Prometheus alerting with AlertManager notifications and webhook integration
monitoringConfigure Elasticsearch cross-cluster replication for disaster recovery
databasesConfigure ClickHouse materialized views for real-time analytics with performance optimization
Set up ClickHouse materialized views to transform raw data into real-time aggregations. Configure performance optimization with memory tuning and monitoring for high-throughput analytics workloads.
Configure Fluentd with Kubernetes DaemonSet and log routing for centralized collection
Deploy Fluentd as a DaemonSet on Kubernetes for centralized log collection with multi-format parsing, routing to multiple outputs, and RBAC security. Includes configuration for Elasticsearch, S3, and custom log sources.
Configure Apache Airflow with SSL certificates and NGINX reverse proxy for secure production deployment
Set up Apache Airflow behind NGINX with SSL certificates, security headers, and reverse proxy configuration for production-grade deployments with HTTPS termination.
Configure Jaeger with NGINX reverse proxy and SSL termination
Set up Jaeger distributed tracing behind an NGINX reverse proxy with SSL termination and authentication. Learn to configure secure access, performance optimization, and production-ready monitoring for your microservices.
Implement Istio circuit breaker and retry policies for microservices resilience and fault tolerance
Configure Istio destination rules with circuit breaker patterns, implement retry policies with exponential backoff, and set up comprehensive fault injection testing for microservices resilience in Kubernetes service mesh environments.
Configure SSL certificates and security hardening for Nexus Repository Manager
Secure your Nexus Repository Manager with SSL/TLS certificates, enforce HTTPS connections, and implement comprehensive security hardening including authentication controls, access policies, and audit logging for production environments.
Set up Grafana Enterprise high availability clustering with PostgreSQL backend and load balancing
Build a production-ready Grafana Enterprise cluster with PostgreSQL shared storage, HAProxy load balancing, and SSL encryption. Includes automated failover, session persistence, and comprehensive monitoring for enterprise observability platforms.
Configure Keycloak high availability clustering for production with load balancing and failover
Set up a production-ready Keycloak cluster with PostgreSQL backend, HAProxy load balancing, and automatic failover to ensure identity services remain available during node failures and high traffic.
Configure SonarQube quality gates and custom rules for automated code quality enforcement
Set up SonarQube quality gates with custom conditions, create language-specific rules, and integrate automated quality enforcement into CI/CD pipelines for continuous code quality monitoring.
Configure advanced iptables firewall rules with logging, port knocking, and DDoS protection
Build a production-grade iptables firewall with connection tracking, rate limiting, and port knocking. Includes automated DDoS protection, detailed logging, and security hardening for enterprise environments.
Setup Keycloak SAML integration for enterprise single sign-on with identity providers
Configure Keycloak as a SAML identity provider for enterprise SSO, integrate with external identity providers, and implement secure SAML service provider connections with attribute mapping.
Configure Keycloak OAuth2 integration with web applications using OIDC and JWT tokens
Set up Keycloak as an OAuth2 identity provider with OIDC authentication flows. Configure client applications, implement JWT token validation, and secure NGINX reverse proxy with lua-resty-openidc for production web applications.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer