Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure ArgoCD for GitOps continuous deployment with RBAC and SSL
devopsInstall and configure CockroachDB cluster with high availability and distributed SQL
databasesInstall and configure PostgreSQL 17 with performance tuning and security hardening
databasesInstall and configure Loki for centralized log aggregation with Grafana integration
monitoringInstall and configure WireGuard VPN server with client management
networkingRecently published
Configure Nagios SNMP monitoring for network devices with automated discovery and templates
monitoringIntegrate Elasticsearch 8 with Prometheus monitoring and Grafana dashboards
monitoringSet up NGINX web application firewall with ModSecurity 3 and OWASP Core Rule Set
securityConfigure NGINX reverse proxy with advanced caching and load balancing
hostingConfigure Netdata alerts with Slack and Microsoft Teams for real-time monitoring notifications
monitoringConfigure Nagios SNMP monitoring for network devices with automated discovery and templates
Set up comprehensive SNMP monitoring in Nagios Core with automated network device discovery, custom templates for switches and routers, and real-time alerting for network infrastructure monitoring.
Implement Deno JWT authentication with OAuth2 integration for secure API development
Set up production-grade JWT authentication middleware in Deno with OAuth2 provider integration and role-based access control. Learn to secure API endpoints with proper token validation, user management, and enterprise-ready authentication flows.
Configure Ansible dynamic inventory for AWS, Azure, and GCP with automated discovery
Set up Ansible dynamic inventory plugins for AWS EC2, Azure VMs, and Google Cloud instances with automated discovery, credential management, and performance optimization across multiple cloud providers.
Configure WireGuard VPN with DNS filtering and ad blocking using Pi-hole and Unbound
Set up a secure WireGuard VPN server with integrated Pi-hole DNS filtering and Unbound recursive resolver for ad blocking and privacy protection. This configuration provides secure remote access while filtering malicious domains and advertisements.
Backup and restore Redis Sentinel cluster data with automated strategies and monitoring
Learn to implement production-grade backup and restore procedures for Redis Sentinel clusters with automated scheduling, point-in-time recovery, and comprehensive monitoring to ensure data durability and business continuity.
Configure Varnish cache invalidation with automated purging strategies for high-performance web acceleration
Learn to configure advanced Varnish VCL for cache invalidation, implement PURGE and BAN strategies, and set up automated cache tagging for optimal performance. Master selective invalidation techniques and monitoring for production-grade web acceleration.
Implement Apache web application firewall with ModSecurity 3 and OWASP Core Rule Set
Deploy ModSecurity 3 as an Apache module with OWASP Core Rule Set to protect web applications from common attacks. Configure real-time logging, custom rules, and automated threat detection for production environments.
Configure Ansible dynamic inventory for AWS, Azure, and GCP with automated discovery
Set up Ansible dynamic inventory plugins for AWS EC2, Azure, and Google Cloud Platform to automatically discover and manage cloud resources. This tutorial covers authentication, filtering, and unified inventory management across multiple cloud providers.
Implement TimescaleDB backup strategies and point-in-time recovery with automated failover
Configure comprehensive TimescaleDB backup solutions with continuous WAL archiving, automated point-in-time recovery procedures, and monitoring systems to ensure data protection and business continuity.
Implement Jaeger security with TLS encryption and authentication for distributed tracing
Secure your Jaeger distributed tracing infrastructure with TLS encryption, JWT-based authentication, and RBAC policies. This tutorial covers certificate generation, collector/query service encryption, and UI authentication through reverse proxy integration.
Implement Kubernetes Pod Security Standards and admission controllers for policy enforcement
Configure Pod Security Standards with baseline and restricted profiles, deploy OPA Gatekeeper admission controller with custom policies, and implement ValidatingAdmissionWebhooks for comprehensive security enforcement in production Kubernetes clusters.
Configure advanced iptables QoS with DSCP marking and traffic classification
Set up Quality of Service (QoS) on Linux servers using iptables DSCP marking, HTB queuing, and traffic classification. This tutorial shows you how to prioritize network traffic, implement bandwidth limits, and ensure critical applications get the network resources they need for optimal performance.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer