linux安装
1.服务器版最小化安装 CentOS-7-x86_64-Minimal-2009.iso
网卡配置
注意要配置DNS 8.8.8.8
centos7优化
- 关闭selinux
- 关闭防火墙
- 备份新仓库
- 优化ssh
- 修改最大文件打开数
- 时间同步
- 安装常用软件
- 优化用户名
#!/bin/bash
#关闭selinux
selinux_close(){
setenforce 0
sed -i 's/^SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
}
#关闭防火墙
stop_firewalld(){
systemctl stop firewalld
systemctl disable firewalld
}
repo_mv(){
#备份仓库
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
#下载新仓库
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
}
#修改默认文件打开数 #EOF前面不能缩进
openfile_count(){
cat >> /etc/security/limits.conf << EOF
root soft nofile 102400
root hard nofile 102400
EOF
}
#设置系统DNS解析服务器
set_nameserver(){
echo "nameserver 8.8.8.8" >> /etc/resolv.conf
}
#设置系统时区
set_zone(){
timedatectl set-timezone Asia/Shanghai
}
#调整内核参数
set_kernel(){
echo "vm.swappiness = 10" >> /etc/sysctl.conf # 降低内存交换频率
echo "net.ipv4.tcp_syncookies = 1" >> /etc/sysctl.conf # 启用 SYN Cookie 防止 SYN 攻击
echo "net.ipv4.tcp_fin_timeout = 30" >> /etc/sysctl.conf # 缩短 FIN 超时时间,释放更多连接
sysctl -p
}
#安装常用软件
yum_install(){
yum clean all
yum update
yum -y install net-tools htop iftop lrzsz unzip telnet httpd-tools tcpdump ntpdata vim
yum makecache
}
#优化用户名
set_hostname(){
echo "export PS1='[\[\033[1;32m\]\u\[\033[1;37m\]@\[\033[1;36m\]\h\[\033[00m\]:\[\033[1;34m\]\W\[\033[00m\]]\$ '" >> /etc/profile
source /etc/profile
}
print(){
selinux_close
stop_firewalld
repo_mv
openfile_count
set_nameserver
set_zone
set_kernel
yum_install\
set_hostname
echo"优化完成"
}
print
以下是ubuntu的优化
#!/bin/bash
#更换源
set_repo(){
cp /etc/apt/sources.list{,.bak}
sleep 10
cat > /etc/apt/sourlist<<'EOF'
deb https://mirrors.aliyun.com/ubuntu/ jammy main restricted universe multiverse
deb-src https://mirrors.aliyun.com/ubuntu/ jammy main restricted universe multiverse
deb https://mirrors.aliyun.com/ubuntu/ jammy-security main restricted universe multiverse
deb-src https://mirrors.aliyun.com/ubuntu/ jammy-security main restricted universe multiverse
deb https://mirrors.aliyun.com/ubuntu/ jammy-updates main restricted universe multiverse
deb-src https://mirrors.aliyun.com/ubuntu/ jammy-updates main restricted universe multiverse
# deb https://mirrors.aliyun.com/ubuntu/ jammy-proposed main restricted universe multiverse
# deb-src https://mirrors.aliyun.com/ubuntu/ jammy-proposed main restricted universe multiverse
deb https://mirrors.aliyun.com/ubuntu/ jammy-backports main restricted universe multiverse
deb-src https://mirrors.aliyun.com/ubuntu/ jammy-backports main restricted universe multiverse
EOF
}
#设置系统DNS解析服务器
set_nameserver(){
echo "nameserver 8.8.8.8" >> /etc/resolv.conf
}
#设置系统时区
set_zone(){
timedatectl set-timezone Asia/Shanghai
ln -svf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
}
# 安装常用软件
install_apt(){
apt update
apt install -y net-tools htop iftop lrzsz unzip telnet tcpdump vim wget
}
#关闭防火墙
stop_firewalld(){
systemctl stop ufw
systemctl disable ufw
}
#关闭apporamor
appro_close(){
systemctl disable --now apparmor
}
#设置字体
set_font(){
cat <<EOF >> ~/.bashrc
PS1='[\[\e[34;1m\]\u@\[\e[0m\]\[\e[32;1m\]\H\[\e[0m\]\[\e[31;1m\] \W\[\e[0m\]]# '
EOF
source ~/.bashrc
}
#优化sshd
set_sshd(){
sed -i 's@#UseDNS yes@UseDNS no@g' /etc/ssh/sshd_config
sed -i 's@^GSSAPIAuthentication yes@GSSAPIAuthentication no@g' /etc/ssh/sshd_config
systemctl restart sshd
}
#优化内核
set_limmit(){
cat >> /etc/security/limits.conf <<'EOF'
* soft nofile 655360
* hard nofile 131072
* soft nproc 655350
* hard nproc 655350
* soft memlock unlimited
* hard memlock unlimited
EOF
}
print(){
set_repo
set_nameserver
set_zone
install_apt
stop_firewalld
appro_close
set_font
set_sshd
set_limmit
echo "优化完成"
}
print
本文来自博客园,作者:小二jerry,转载请注明原文链接:https://www.cnblogs.com/jassonWang/p/18869905
浙公网安备 33010602011771号