Linux & DevOps Quick Reference

Study notes and cheatsheets for Linux, SSH, Git, Ansible, certificates, and common services. Built to be used in order — read Start Here first.

When something breaks, work through this list
  • What is the symptom exactly?
  • Is the service running?
  • What do the logs say?
  • Is the config valid?
  • Is the network working?
  • Is DNS working?
  • Is auth, a cert, or time involved?

Core Skills

01

Linux CLI

Navigation, files, permissions, processes, services, networking, DNS, packages, and one-liners — with explanations.
02

SSH Keys

What SSH keys are, how to generate and use them, the ssh-agent, config file, and common errors.
03

Git Basics

What Git is, branching, staging, committing, pushing, rebasing, undoing mistakes.
04

GitLab Basics

SSH setup, the merge request workflow, pipelines, protected branches, common problems.
05

YAML Basics

What YAML is, why indentation matters, dicts, lists, nested data, booleans, common mistakes.
06

Ansible

What Ansible is, inventory, playbooks, modules, handlers, idempotency, lint, best practices.
07

Jinja2

Template language used by Ansible. Variables, conditionals, loops, filters, and examples.
08

Certificates

Private keys, CSRs, CAs, openssl commands, checking expiry, converting formats, common issues.
09

FreeIPA

Users, groups, hosts, services, Kerberos, HBAC, client enrolment, troubleshooting.

Services

10

Chrony

Time sync. Why time matters, config, commands, service checks.
11

Rsyslog

Local logging and remote forwarding. Config, facilities, severities, service checks.
12

Postfix

Mail transfer. main.cf, relay, queue, useful commands, service checks.
13

Dovecot

IMAP/POP3 and mailbox access. Useful commands and service checks.
14

Squid

Proxy server. What a proxy and reverse proxy are, ACL example, service checks.
15

Nginx

Web server and reverse proxy. Server blocks, proxy setup, config test, service checks.
16

Apache

Web server. VirtualHosts, config test, apachectl, service checks.

Workflow & Reference

17

Troubleshooting Workflow

A repeatable step-by-step process: symptom → service → config → network → DNS → auth.
18

Glossary

Key terms across Linux, Git, YAML, Ansible, Jinja2, certificates, and FreeIPA.

Ansible Collection

Production-ready Ansible collection structure for a standard Linux stack.

Ansible Deep Dives

Roles in Practice

Role directory layout, defaults vs vars, tasks, handlers, templates, and calling a role from a playbook.

Project Structure

Production repo layout: inventories, group_vars, host_vars, ansible.cfg, and how to navigate a real repo.

Variable Precedence

The full priority chain from role defaults to extra vars, and how to debug variable values.

Debugging

Verbose mode, --check --diff, the debug module, common errors, and ansible-lint.

Deploy Flow

End-to-end trace from variable → template → deployed file → handler → service restart.

Handlers & Templates

Multiple handlers, listen, flush_handlers, OS-aware templates, and whitespace control.

GitLab & CI

CI/CD Pipelines

.gitlab-ci.yml structure, running Ansible in CI, SSH keys, vault in CI, reading failed job logs.

Merge Requests

Creating MRs, reviewing infra diffs, approvals, responding to comments, squash and merge.

Git for Infra

Branch conventions, finding what to edit, clean commits, hotfixes, and reverting bad merges.

Platform

SELinux

Modes, contexts, reading denials, booleans, file context fixes, and Ansible management.

firewalld

Zones, services, ports, rich rules, runtime vs permanent, and Ansible management.

systemd & journalctl

Unit file anatomy, writing services, overrides, and reading logs with journalctl.

Linux Networking

ip, routes, DNS tools, ss, nc, tcpdump, nmcli, and the networking troubleshoot checklist.

Identity & Auth

SSSD & Auth Flow

The Linux auth stack: PAM, NSS, SSSD, sssd.conf, cache, and login failure diagnosis.

Kerberos

Tickets, TGTs, kinit/klist/kdestroy, keytabs, clock requirements, and common errors.

FreeIPA HBAC & Sudo

HBAC rules, testing access with hbactest, and centrally managed sudo rules.

Config Literacy

Nginx Config

Context hierarchy, server blocks, location matching, proxy directives, TLS, and logging.

Postfix Config

main.cf directives, relay, TLS, SASL auth, maps, queue management, and annotated example.

File Sharing

Samba / SMB

Set up an SMB file share on Linux. smb.conf, users, permissions, SELinux, firewalld, and Ansible.

Linux Tools

Bash Scripting

Variables, conditionals, loops, functions, set -euo pipefail, error handling, and common production patterns.

cron & systemd Timers

Schedule recurring tasks with cron or the modern systemd timer alternative. Syntax, logging, and Ansible.

rsync

Efficient file sync and backup — SSH transport, --delete, excludes, dry run, and deploy patterns.

User & Group Management

useradd, usermod, groupadd, passwd, visudo, /etc/sudoers.d/, and service accounts.

lsof & strace

Find what's listening on a port, debug open file handles, and trace system calls to diagnose hard problems.

Guides

Infra Change Lifecycle

End-to-end: understand → branch → lint → dry-run → MR → CI → review → merge → verify.

Service Troubleshooting

Concrete diagnosis steps for nginx, postfix, SSH, NTP, auth, DNS, SELinux, and disk full.