Server Setup
Web servers, databases, containers, systemd services and TLS certificates.
Write an Ansible Role
Learn to build a reusable Ansible role from scratch: directory layout, defaults vs vars, handlers, templates, dependencies, and publishing to Ansible Galaxy.
Ship Logs with Vector
Configure Vector to collect systemd-journald logs, reshape events with VRL transforms, and ship structured data to Grafana Loki and Elasticsearch.
Use Kustomize (Without Templates)
Manage Kubernetes manifests without templates using Kustomize bases, overlays, patches, and generators — applied with plain kubectl -k.
Use Helm Charts on Linux
Install Helm 3, manage chart repos, override values, render manifests locally with helm template, and package your own chart for Kubernetes.
Tune PHP-FPM Pools for Production
Configure PHP-FPM pool process managers (dynamic, static, ondemand), calculate max_children from real memory usage, enable slowlog, and monitor with the status page.
Terraform State Management
Migrate Terraform from local to S3+DynamoDB remote state, enable locking, and master state surgery commands to handle drift and refactors safely.
Self-Host a GitHub Actions Runner on Linux
Install a GitHub Actions self-hosted runner on Linux, configure it as a systemd service, assign labels, register at org level, and harden the execution environment.
Rootless Podman for Server Workloads
Run production containers without root using Podman's user namespaces, systemd Quadlets, subuid/subgid mapping, and rootless networking on Linux servers.
Use a Raspberry Pi as a Headless Server
Turn a Raspberry Pi into a reliable headless server: configure SSH-only access, set a static IP, mount USB storage persistently, enable the hardware watchdog, and tune swap.
PostgreSQL Streaming Replication
Set up PostgreSQL 16 streaming replication with a primary and hot standby, covering WAL configuration, pg_basebackup, sync vs async modes, and manual failover.
PostgreSQL Backup and Point-in-Time Recovery
Learn PostgreSQL PITR: configure WAL archiving, take base backups with pg_basebackup, manage production backups with pgBackRest, and restore to a specific timestamp.
A Modern nginx TLS Configuration
Configure nginx with TLS 1.2/1.3, Mozilla Intermediate cipher suites, OCSP stapling, HSTS, and DH parameters for a production-ready HTTPS setup.
nginx as a Reverse Proxy: Best Practices
Configure nginx as a production-grade reverse proxy: upstream keepalive pools, buffering tuning, WebSocket upgrades, and correct X-Forwarded-* header handling.
Set Up a MariaDB Galera Cluster
Set up a synchronous three-node MariaDB Galera Cluster: gcomm addressing, bootstrap sequence, SST with mariabackup, garbd arbitrator, and split-brain prevention.
Install Uptime Kuma for Uptime Monitoring
Self-host Uptime Kuma with Docker Compose to monitor websites, TCP ports, and services — then configure alerts and a public status page in under 30 minutes.
Install Typesense on Linux
Install Typesense on Debian, Ubuntu, Fedora, or Arch; configure a secure API key; define a collection schema; index documents; and run filtered search queries.
Install TimescaleDB on PostgreSQL
Install TimescaleDB on PostgreSQL, create hypertables, automate continuous aggregates, and enforce data-retention policies on Ubuntu, Fedora, and Arch.
Install the gcloud SDK on Linux
Install the Google Cloud CLI on Linux via package repository or tarball, then configure authentication, optional components, and kubectl for GKE.
Install the Azure CLI (az) on Linux
Install the Azure CLI on Debian, Ubuntu, Fedora, RHEL, and Arch Linux using package repos, then authenticate, switch subscriptions, and add extensions.
Install and Configure the AWS CLI
Install AWS CLI v2 on Linux, configure IAM credentials, named profiles, SSO login, MFA-backed roles, region defaults, and shell tab completions.
Install and Use Terraform on Linux
Install Terraform on Debian, Fedora, and Arch Linux, configure AWS, Hetzner, and DigitalOcean providers, and manage infrastructure with plan, apply, and remote state backends.
Distributed Tracing with Tempo or Jaeger
Set up OpenTelemetry Collector with Grafana Tempo or Jaeger, instrument a Python service with OTLP exporters, and verify end-to-end distributed traces.
Try Stalwart, a Modern Rust Mail Server
Install Stalwart, a single-binary Rust mail server, with SMTP, IMAP4, JMAP, DKIM, SPF, and DMARC configured end-to-end on a Linux VPS.
Install Pulumi on Linux
Install Pulumi on Debian, Fedora, or Arch Linux, pick a language runtime, configure a state backend, manage secrets, and compare Pulumi to Terraform.
Install Prometheus on Linux
Install Prometheus on Linux from tarball or distro packages, configure scrape targets and retention, and run it securely under a hardened systemd unit.
Use OpenTofu (the Terraform Fork)
Install OpenTofu, the MPL-licensed Terraform fork, migrate existing projects safely, and understand provider compatibility and new features like state encryption.
Install MongoDB on Linux
Install MongoDB 7.0 on Linux via the official apt/dnf repo, configure mongod, enable authentication, and set up a single-node replica set ready for production.
Install Meilisearch on Linux
Install Meilisearch on Linux, secure it with a master key, create indexes, tune typo tolerance, and sync data from PostgreSQL using a systemd timer.
Self-Host Mail with Mailcow Dockerized
Deploy a full self-hosted mail server with Mailcow Dockerized: DNS setup, DKIM, SOGo groupware, Let's Encrypt TLS, automated backups, and monitoring.
Install Mail-in-a-Box
Set up a self-hosted mail server on Ubuntu 22.04 with one command. Covers the MiaB installer, DNS records (SPF, DKIM, DMARC), admin panel, and verification.
Install Loki and Promtail for Logs
Install Grafana Loki and Promtail as single binaries, ship systemd-journald logs, and create log-based metric rules — managed with systemd.
Build a Kubernetes Cluster with kubeadm
Bootstrap a production Kubernetes cluster with kubeadm: control-plane init, Calico or Cilium CNI, worker joins, kubelet hardening, and safe minor-version upgrades.
Install k3s on a Single Linux Node
Install k3s on a single Linux node in minutes: covers the curl installer, kubeconfig setup, built-in Traefik ingress, and essential kubectl commands.
Set Up a Multi-Node k3s Cluster
Deploy a production-ready k3s cluster with embedded etcd HA across server and agent nodes — covering installation, joining, kubeconfig, and safe rolling upgrades.
Install Grafana on Linux
Install Grafana from the official repo on Debian, Ubuntu, Fedora, RHEL, or Arch, then configure datasources, dashboards, alert rules, and authentication.
Install and Configure a GitLab Runner
Install GitLab Runner on Linux, register Shell and Docker executors, configure caches, route jobs with tags, and understand autoscaling with the fleeting plugin.
Install Flux on k3s
Bootstrap Flux CD on a k3s cluster, set up GitRepository and Kustomization reconciliation, and deploy applications via HelmRelease — step by step.
Install Drone / Woodpecker CI
Deploy Woodpecker CI (or Drone) with Docker Compose, wire OAuth to Gitea or GitHub, connect agents, and run your first pipeline in under an hour.
Install ClickHouse on Linux
Install ClickHouse on Linux from the official repo, configure users and storage, design an efficient MergeTree schema, ingest data, and tune for query performance.
Install Argo CD on k3s
Install Argo CD on a k3s single-node cluster using Helm, then create and auto-sync your first GitOps Application from a Git repository.
Install Ansible and Run Your First Playbook
Install Ansible via pip or your distro package manager, build an inventory file, then write and run your first idempotent playbook with privilege escalation.
Install and Tune Redis for Production
Install Redis on Linux, configure RDB and AOF persistence, set maxmemory eviction policies, and add replication with Sentinel for production HA.
Auto-Deploy a Static Site with Caddy + Git Hooks
Set up a zero-CI deploy pipeline: push to a bare Git repo, run a build hook, and let Caddy serve your static site with automatic TLS.
Set Up a Hetzner Cloud Server from Scratch
Create a Hetzner Cloud server from scratch: project setup, SSH key upload, cloud-init bootstrapping, cloud firewall, IPv6, and snapshots in one structured guide.
Set Up a DigitalOcean Droplet for Production
Create a hardened, production-ready DigitalOcean Droplet: SSH keys, doctl, cloud and host firewalls, monitoring agents, backups, and Reserved IPs explained step by step.
Container Image Best Practices
Reduce container attack surface with multi-stage builds, distroless base images, non-root users, and automated CVE scanning using Trivy, Scout, and Grype.
cloud-init Explained (with worked examples)
Learn how cloud-init bootstraps cloud VMs: user-data formats, key modules, datasource detection, and hands-on debugging on Hetzner, EC2, and DigitalOcean.
Caddy as a Reverse Proxy
Set up Caddy as a reverse proxy with automatic HTTPS, load balancing, WebSocket passthrough, reusable snippets, and header control — no certbot required.
Configure Prometheus Alertmanager
Configure Prometheus Alertmanager with routing trees, receivers, inhibition rules, grouping, Go templates, and PagerDuty/Slack on-call integrations.
Set Up a WireGuard VPN Server
Configure a WireGuard VPN server from scratch: key generation, server and client configs, NAT with nftables, IP forwarding, firewall rules, and MTU tuning.
Self-Host Nextcloud
Install a production Nextcloud server using Nginx, PHP-FPM, MariaDB, and Redis — including systemd-managed cron and performance tuning.
Mail Server Deliverability Checklist
A step-by-step advanced checklist covering PTR records, HELO identity, SPF, DKIM, DMARC, TLS, blocklist remediation, and IP warm-up for a deliverable mail server.
Install Python with pyenv
Install pyenv on Linux to manage multiple Python versions safely alongside your distro Python, with build deps, version switching, and virtualenv setup.
Install PostgreSQL with Sensible Tuning
Install PostgreSQL from PGDG repos and apply evidence-based tuning for shared_buffers, work_mem, effective_cache_size, and WAL settings on any Linux server.
Install and Use Podman (Docker without a daemon)
Run OCI containers without a daemon using Podman. Covers rootless setup, podman-compose, and systemd Quadlet units for production-grade container management.
Install Pi-hole for Network-Wide Ad Blocking
Install Pi-hole on Linux to block ads and trackers network-wide via DNS. Covers install, blocklists, router DNS setup, whitelisting, and keeping it updated.
Install Node.js with nvm on Linux
Install nvm on Linux to manage multiple Node.js versions per project, set defaults, pin versions with .nvmrc, and choose the right approach for servers and CI.
Install and Configure HAProxy
Install HAProxy and configure frontends, backends, ACL-based routing, TLS termination, sticky sessions, and HTTP health checks on modern Linux distros.
Install Go and Rust on Linux
Install Go via the official tarball and Rust via rustup on Linux. Covers PATH setup, multiple versions side by side, and keeping both toolchains updated.
Self-Host Git with Gitea or Forgejo
Install Forgejo or Gitea on Linux, configure Caddy as a reverse proxy, enable SSH access on a custom port, push your first repository, and register an Actions runner.
Install Elasticsearch or OpenSearch
Install Elasticsearch 8 or OpenSearch 2 on Linux, tune JVM heap, configure security, set up single-node or cluster mode, and verify with live index operations.
Install and Configure Caddy
Install Caddy on Linux, configure auto-HTTPS, set up reverse proxying and static file serving, and extend Caddy with third-party modules — all via the Caddyfile.
Host Static Sites with nginx
Install nginx on Linux, host multiple static sites with SSL, gzip/brotli compression, long-lived caching headers, and HTTP-to-HTTPS redirects.
Host Multiple Sites on One Linux Server
Host multiple websites on one Linux server using Nginx as a reverse proxy, systemd-managed app services, per-domain TLS, and isolated system users.
Docker Compose in Production
Deploy Docker Compose in production with compose.yaml, explicit networks, named volumes, restart policies, journald logging, and file-based secrets.
Set Up a Mail Server with Postfix
Build a complete self-hosted mail server with Postfix, Dovecot IMAP, OpenDKIM signing, SPF, and DMARC—step by step for Debian, Fedora, and Arch.
Build an nftables Firewall Script
Build a complete nftables firewall from scratch: tables, chains, sets, default-deny input policy, service allowlisting, and persistent systemd configuration.
How to Set Up Tailscale on Linux
Install Tailscale on Linux, authenticate devices, configure ACLs, and enable MagicDNS to build a secure WireGuard mesh VPN in minutes.
How to Run Rootless Containers with Podman
Run OCI containers without root or a daemon. Learn Podman installation, user namespace setup, rootless networking, and systemd Quadlet unit files for production use.
How to Set Up Pi-hole on a Linux Server
Set up Pi-hole on Linux for network-wide ad and tracker blocking — covers installation, blocklists, gravity updates, conditional forwarding, and DHCP.
How to Set Up Kubernetes with k3s
Set up a lightweight Kubernetes cluster with k3s on Linux: single-node or multi-node, kubectl config, and your first real deployment in under 30 minutes.
How to Set Up and Use Docker Compose
Learn how to write Compose files, define networks and volumes, manage environment variables, and control multi-container Docker stacks with the modern Compose CLI plugin.
How to Install Traefik as a Reverse Proxy
Install Traefik v3 as a Docker-based reverse proxy with automatic Let's Encrypt TLS, static and dynamic config, and label-driven service routing.
How to Install and Configure Redis
Install Redis on Debian, Ubuntu, Fedora, and Arch; configure persistence, memory limits, authentication, and manage the service with systemd for production use.
How to Install RabbitMQ on Linux
Install RabbitMQ on Debian, Ubuntu, Fedora, Rocky, and Arch using official repos, enable the management UI, create users, and test a live queue.
How to Install Prometheus and Grafana on Linux
Install Prometheus and Grafana on Linux, configure node_exporter scraping, connect the datasource, and build your first system metrics dashboard.
How to Set Up HAProxy as a Load Balancer
Set up HAProxy as an HTTP load balancer with active health checks, stick tables for session persistence, and a live stats dashboard — step by step.
How to Install Caddy: The TLS-Automatic Web Server
Install Caddy web server, configure the Caddyfile, get automatic HTTPS from Let's Encrypt, and set up reverse proxying in under 15 minutes.
Webmin: The Complete Setup Guide
Install Webmin on Debian/Ubuntu and RHEL-family Linux, configure core modules, and harden it with TLS, 2FA, and IP restrictions for production use.
Squid Debug Logging: Turn It On and Read It
Learn how to enable Squid debug_options, navigate cache.log and access.log, and trace the exact cause of a denied or failed proxy request.
Set Up Squid as a Caching Web Proxy
Install and configure Squid as a forward caching proxy on Linux — covering ACLs, cache tuning, firewall rules, and explicit vs transparent intercept mode.
How to Set Up an NFS Server
Set up a production-ready NFSv4 server on Linux: configure exports, mount shares on clients, lock down permissions, and tune read/write performance.
How to Set Up a Samba File Share
Step-by-step guide to installing Samba, creating a share user, configuring smb.conf, opening the firewall, and mounting the share from Windows and Linux clients.
How to Set Up a LEMP Stack
Install and configure Nginx, MariaDB, and PHP-FPM on a fresh Linux server. Covers Debian, Ubuntu, Fedora, RHEL, Rocky, and Arch with systemd service management.
How to Run a Node.js App in Production with PM2
Deploy a Node.js application with PM2: process management, ecosystem config files, systemd startup integration, and structured log rotation.
Building Linux Thin Clients
Deploy Linux thin clients using modern LTSP, PXE boot, and NFS root setups. Covers server config, squashfs images, UEFI/BIOS PXE, and Wayland caveats.
How to Install and Configure PostgreSQL
Install PostgreSQL on Debian, Fedora, or Arch, then configure roles, databases, pg_hba.conf authentication, and secure remote access in clear, production-ready steps.
How to Install MySQL or MariaDB
Install MySQL or MariaDB on Debian, Fedora, or Arch; secure it with mysql_secure_installation; create users with least-privilege grants; and automate backups.
How to Install Docker on Linux
Install Docker Engine on Ubuntu, Debian, Fedora, RHEL, or Arch from the official repository, configure the docker group, run a first container, and get Compose working.
How to Install the Apache Web Server
Install Apache on Linux, enable modules, configure named virtual hosts, use .htaccess, and verify your setup — covering Debian, Ubuntu, Fedora, RHEL, and Arch.
How to Install and Configure nginx
Install nginx, configure server blocks and document roots, set up a reverse proxy to a local application, and verify everything with nginx -t and curl.
How to Host a Website on a Linux Server
From a fresh VPS to a live HTTPS site: configure DNS, install Nginx, set up a virtual host, and issue a free Let's Encrypt TLS certificate with Certbot.
Free SSL Certificates with Let’s Encrypt
Issue and auto-renew free TLS certificates with Let's Encrypt and Certbot for Nginx or Apache on Ubuntu, Fedora, and Arch Linux.
How to Create a systemd Service
Learn to write systemd service unit files from scratch: unit types, dependency directives, restart policies, enabling at boot, and reading logs with journalctl.
Configure a Squid Proxy with Webmin
Install Squid and the Webmin Squid module, configure disk and memory caching, set LAN access controls, and verify the proxy is serving cached responses.
How to Configure the SMTP HELO/EHLO Name
Set the correct SMTP HELO/EHLO hostname in Postfix and Sendmail, configure FCrDNS records, and verify your mail server won't be rejected or spam-flagged.
Configure a UPS on Linux with NUT
Install and configure Network UPS Tools (NUT) on Linux to detect your UPS, load the right driver, and trigger a safe automatic shutdown when battery runs low.
How to Change the Webmin Port
Move Webmin off its default port 10000 by editing miniserv.conf, updating your firewall (ufw, firewalld, or nftables), and restarting the service.
Build an Intranet Server on Linux
Set up a complete small-office intranet on one Linux box: Nginx web server, dnsmasq local DNS, Samba file sharing, and a Wiki.js team wiki.