Start Here

Read in order. Each page builds on the previous one.

These are study notes, not just command dumps. Each page explains what things are, what commands do, and why you would use them.

Recommended Order

1. Linux Command Cheat Sheet
   The foundation. Navigation, files, permissions, processes, networking, DNS, and package management — with explanations of what each command does and when to use it. Come back to this constantly.
2. SSH Keys and SSH Basics
   What SSH keys are, how to generate and use them, the ssh-agent, ~/.ssh/config, and common auth errors.
3. Git Basics
   What Git is and why it matters. Branching, committing, pushing, rebasing, and undoing changes safely.
4. GitLab Basics
   What GitLab adds on top of Git. Merge request workflow, pipelines, runners, and common problems.
5. YAML Basics
   What YAML is and why indentation matters. Read this before Ansible — it explains the data format Ansible uses everywhere.
6. Ansible Foundations
   What Ansible is, how automation works without agents, and how to write playbooks. Inventory, modules, handlers, idempotency, and lint.
7. Jinja2 Foundations
   Template language used by Ansible. Variable output, conditionals, loops, and filters. Used whenever you have a config template.
8. Certificate Basics
   What certificates are and why they matter. Private keys, CSRs, CAs, and essential openssl commands.
9. FreeIPA Core Basics
   Centralised identity management. Users, groups, hosts, Kerberos, HBAC, client enrolment.
10. Chrony Basics
    Time synchronisation. Why time matters more than it looks (Kerberos, certs, logs), config, and service checks.
11. Rsyslog Basics
    Local and remote log handling. Config, facilities, severities, forwarding.
12. Postfix Basics
    Mail transfer agent. What it does, key config, relay, queue management.
13. Dovecot Basics
    IMAP/POP3 server. Mailbox access and authentication.
14. Squid Basics
    Proxy server. What a proxy and a reverse proxy are, ACLs, service checks.
15. Nginx Basics
    Web server and reverse proxy. Server blocks, proxy setup, config testing.
16. Apache Basics
    Web server. VirtualHosts, config testing, apachectl tools.
17. Troubleshooting Workflow
    A repeatable step-by-step process for diagnosing almost any Linux service problem.
18. Glossary
    Key terms across all topics. Clear up confusion between similar-sounding concepts.

Advanced & Deep Dives

Ansible Collection — Typical Linux Stack
A production-ready Ansible collection structure covering Chrony, Rsyslog, Postfix, Dovecot, and Squid roles — with argument specs, FQCN, tags, assertions, and flush_handlers.

Ansible Deep Dives

Read these after finishing Ansible Foundations and Jinja2. They go progressively deeper into how Ansible is actually used on the job:

1. Roles in Practice — role directory layout, defaults, vars, tasks, handlers, templates
2. Project Structure — how a real infra repo is organised, inventories, group_vars, ansible.cfg
3. Variable Precedence — the full priority chain; debugging "why does the variable have the wrong value?"
4. Debugging — verbose mode, --check --diff, debug module, common errors
5. Deploy Flow — tracing a change from group_vars to rendered config to running service
6. Handlers & Templates in Practice — multiple handlers, listen, flush_handlers, OS-aware templates

GitLab & CI

1. CI/CD Pipelines — .gitlab-ci.yml, running Ansible in CI, SSH keys, vault, reading failed jobs
2. Merge Requests — creating MRs, reviewing infra diffs, approvals, responding to comments
3. Git for Infra — branch conventions, finding what to change, clean commits, hotfixes

Platform

1. SELinux — modes, contexts, reading denials, booleans, file context fixes
2. firewalld — zones, services, ports, rich rules, runtime vs permanent
3. systemd & journalctl — unit file anatomy, writing services, overrides, reading logs
4. Linux Networking — ip, routes, DNS, ss, nc, tcpdump, nmcli, troubleshoot checklist

Identity & Auth

1. SSSD & Auth Flow — PAM, NSS, SSSD, cache, and login failure diagnosis
2. Kerberos — tickets, TGTs, kinit/klist, keytabs, clock requirements, errors
3. FreeIPA HBAC & Sudo — access rules, hbactest, and centrally managed sudo

Config Literacy

1. Nginx Config File — every directive and context explained with an annotated full config
2. Postfix Config File — main.cf directives, relay, TLS, SASL, maps, queue management

File Sharing

• Samba / SMB — smb.conf from scratch, share types, Linux permissions, Samba users, SELinux labels, firewalld, mounting from clients, and an Ansible role pattern

Linux Tools

• Bash Scripting — variables, loops, functions, set -euo pipefail, error handling, temp files, lock files, and flag parsing
• cron & systemd Timers — crontab syntax, @reboot, /etc/cron.d/, systemd timer units, OnCalendar, and Ansible
• rsync — -avz, trailing slash rule, SSH transport, --delete, excludes, dry run, and backup patterns
• User & Group Management — useradd/usermod, groupadd, passwd, chage, visudo, /etc/sudoers.d/, service accounts
• lsof & strace — find what's listening on a port, trace open files, diagnose syscall-level failures

Guides

1. Infra Change Lifecycle — end-to-end: understand → branch → lint → dry-run → MR → CI → review → deploy → verify
2. Service Troubleshooting — concrete diagnosis steps for nginx, postfix, SSH, NTP, auth, DNS, SELinux, disk full

How to Use This Site

Every page has a table of contents and anchor links so you can jump to the section you need. Code blocks have copy buttons. The sidebar is accessible on every page.