Read this one even if you skip the rest

The other books are how. This one is why — the handful of principles that shaped every decision in the lab, and the mistakes that taught them. If you're new to infrastructure work, this is the page I wish someone had handed me: not the commands, but the judgement behind them.

None of these are clever. They're the boring habits that separate a system you can sleep next to from one that surprises you at 3am. Each has its own page; here they are in one breath:

1. Least privilege — give every component exactly the access it needs and no more.
2. One edge, one door — concentrate TLS and remote access so you can actually reason about exposure.
3. Capacity is arithmetic — know your binding constraint and do the math before you provision.
4. Make things reproducible and disposable — templates, automation, clean teardown.
5. Observability before you need it — logs and metrics set up in advance, not during the fire.

The rest of this book unpacks these, and ends with the actual mistakes I made building the lab.