系统初始化脚本
系统初始化脚本
适用基于红帽系、ubuntu
说明:
- 设置内核参数
- 设置pam资源
- 网卡名称标准化
- 设置vim编辑器
- 设置ssh
- 设置本地镜像源
- 设置终端提示符
#!/bin/bash
#********************************************************************
# File Name: init.sh
# Version: V2.0
# Author: dahuangji
# Email:
# Created Time : 2023-01-27 20:01:18
# Description:
#********************************************************************
set -e
RED='\E[31;2m'
GREEN='\E[32;1m'
BLUE='\E[34;1m'
END='\E[0m'
dis() {
if [ -e /etc/selinux/config ]; then
sed -ri 's/^(SELINUX=).*/\1disabled/' /etc/selinux/config
systemctl disable --now firewalld
fi
}
sysctl_conf() {
tee >/etc/sysctl.conf <<-EOF
net.ipv4.tcp_fin_timeout=30
net.ipv4.tcp_rmem=10240 87380 12582912
net.ipv4.tcp_wmem=10240 87380 12582912
net.core.somaxconn=65535
net.ipv4.tcp_syncookies=1
net.ipv4.ip_local_port_range = 10000 65000
net.ipv4.tcp_max_tw_buckets = 36000
net.ipv4.route.gc_timeout = 100
net.ipv4.tcp_synack_retries = 1
net.ipv4.conf.default.rp_filter=1
net.ipv4.ip_nonlocal_bind=1
net.ipv4.ip_forward=1
net.ipv4.conf.default.accept_source_route=0
net.ipv4.tcp_mem=786432 1048576 1572864
net.ipv4.tcp_window_scaling=1
net.ipv4.tcp_sack=1
net.core.wmem_default=8388608
net.core.rmem_default=8388608
net.core.rmem_max=16777216
net.core.wmem_max=16777216
net.core.netdev_max_backlog=262144
net.core.optmem_max=81920
net.ipv4.tcp_max_syn_backlog=262144
net.ipv4.tcp_syn_retries=3
net.ipv4.tcp_retries1=1
net.ipv4.tcp_retries2=15
net.ipv4.tcp_tw_reuse=1
net.ipv4.tcp_max_orphans=3276800
net.ipv4.tcp_keepalive_time=300
net.ipv4.tcp_keepalive_intvl=30
net.ipv4.tcp_keepalive_probes=3
# net.ipv4.tcp_tw_recycle=0
# net.bridge.bridge-nf-call-ip6tables=1
# net.bridge.bridge-nf-call-iptables=1
# net.bridge.bridge-nf-call-arptables=1
vm.overcommit_memory=0
vm.swappiness=10
kernel.sysrq=0
kernel.core_uses_pid=1
kernel.msgmnb=65536
kernel.msgmax=65536
kernel.shmmax=68719476736
kernel.shmall=4294967296
vm.max_map_count=524288
fs.file-max=1000000
EOF
sysctl -p &>/dev/null
echo -e "$GREEN 内核参数已经修改成功 $END"
}
limit_conf() {
cat >/etc/security/limits.conf <<-eof
* soft core unlimited
* soft nproc 1000000
* soft nofile 1000000
* soft memlock 32000
* soft msgqueue 8192000
* soft maxlogins 100
* soft maxsyslogins 100
* hard core unlimited
* hard nproc 1000000
* hard nofile 1000000
* hard memlock 32000
* hard msgqueue 8192000
* hard maxlogins 100
* hard maxsyslogins 100
eof
echo -e "$GREEN 系统资源限制已经修改成功 $END"
}
set_net_ifc() {
sed -ri 's/^(GRUB_CMDLINE_LINUX=.*)"$/\1 net.ifnames=0 biosdevname=0 "/' /etc/default/grub
if [ -e $(which grub2-mkconfig) ]; then
if [ -e /boot/efi/EFI/centos/grub.cfg ]; then
grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg &>/dev/null
elif [ -e /boot/grub2/grub.cfg ]; then
grub2-mkconfig -o /boot/grub2/grub.cfg &>/dev/null
fi
elif [ -e $(which grub-mkconfig) ]; then
grub-mkconfig -o /boot/grub/grub.cfg &>/dev/null
update-grub
fi
echo -e "$GREEN 网卡名改为eth系列,重启系统后生效 $END"
}
set_vim() {
cat >~/.vimrc <<-eof
set ignorecase
set nu
"set paste "粘贴模式,禁用自动、智能缩进等避免粘贴显示问题,粘贴时手动开启一下
set pastetoggle=<F3> "F3开启粘贴模式,再也不用手动输了
set tabstop=2 "tab键宽度
set shiftwidth=2 "设置缩进宽度
set softtabstop=-1 "设置按下tab键后插入的空格数
set expandtab "启用空格替换制表符
set cindent "打开用于编写C代码的自动缩进
set smartindent "启用智能缩进,对代码的缩进进行智能判断,cv代码时开启会引起缩进错乱
set autoindent "启用自动缩进,自动与上一行缩进对齐,cv代码时开启会引起缩进错乱
autocmd BufRead,BufNewFile *.json set filetype=json
autocmd BufRead,BufNewFile *.yaml set filetype=yaml
autocmd BufRead,BufNewFile *.py set filetype=python
autocmd BufRead,BufNewFile *.md set filetype=markdown
autocmd BufRead,BufNewFile *.ts set filetype=typescript
autocmd BufNewFile *.sh exec":call SetTitle()"
func SetTitle()
if expand("%:e") == 'sh'
call setline(1,"#!/bin/bash")
call setline(2,"")
call setline(3,"#********************************************************************")
call setline(4, "# File Name: ".expand("%"))
call setline(5, "# Version: V1.0")
call setline(6, "# Author: dahuangji")
call setline(7, "# Email: ")
call setline(8, "# Created Time : ".strftime("%F %T"))
call setline(9, "# Description:")
call setline(10,"#********************************************************************")
call setline(11,"")
call setline(12,"")
call setline(13,"set -e")
call setline(14,"")
call setline(15,"RED='\\\E[31;2m'")
call setline(16,"GREEN='\\\E[32;1m'")
call setline(17,"BLUE='\\\E[34;1m'")
call setline(18,"END='\\\E[0m'")
endif
endfunc
autocmd BufNewFile * normal G
eof
echo -e "$GREEN vim编辑器设置成功 $END"
}
set_yum() {
os_vs=$(awk -F'"|\\\.' '/VERSION_ID/{print $2}' /etc/os-release 2>/dev/null)
if [ -d /etc/yum.repos.d/bak ] ;then
echo -e $BLUE
echo "已存在: /etc/yum.repos.d/bak 目录,可能已经配置过镜像源"
echo "若需要继续执行,请手动复制: /etc/yum.repos.d/bak/* 目录下文件,覆盖到: /etc/yum.repos.d/ ,最后删除: bak 目录"
echo -e $END
return 0
else
install -d /etc/yum.repos.d/bak
cp /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak
fi
if [ -e /etc/yum.repos.d ]; then
if [[ ! -z $(grep -o CentOS /etc/os-release) ]]; then
if [[ $os_vs = 7 ]]; then
sed -i -e 's|^mirrorlist=|#mirrorlist=|g' \
-e 's|^#baseurl=http://mirror.centos.org/centos|baseurl=https://mirrors.ustc.edu.cn/centos|g' \
/etc/yum.repos.d/CentOS-Base.repo
yum install -y https://mirrors.ustc.edu.cn/epel/epel-release-latest-7.noarch.rpm &>/dev/null
elif [[ $os_vs = 8 ]]; then
yum install -y https://mirrors.ustc.edu.cn/epel/epel-release-latest-8.noarch.rpm &>/dev/null
fi
elif [[ ! -z $(grep -o Rocky /etc/os-release) ]]; then
if [[ $os_vs = 8 ]]; then
sed -i -e 's|^mirrorlist=|#mirrorlist=|g' \
-e 's|^#baseurl=http://dl.rockylinux.org/$contentdir|baseurl=https://mirrors.ustc.edu.cn/rocky|g' \
/etc/yum.repos.d/Rocky-AppStream.repo \
/etc/yum.repos.d/Rocky-BaseOS.repo \
/etc/yum.repos.d/Rocky-Extras.repo \
/etc/yum.repos.d/Rocky-PowerTools.repo
yum install -y https://mirrors.ustc.edu.cn/epel/epel-release-latest-8.noarch.rpm &>/dev/null
elif [[ $os_vs = 9 ]]; then
sed -i -e 's|^mirrorlist=|#mirrorlist=|g' \
-e 's|^#baseurl=http://dl.rockylinux.org/$contentdir|baseurl=https://mirrors.ustc.edu.cn/rocky|g' \
/etc/yum.repos.d/rocky-extras.repo \
/etc/yum.repos.d/rocky.repo
yum install -y https://mirrors.ustc.edu.cn/epel/epel-release-latest-9.noarch.rpm &>/dev/null
fi
fi
yum clean all &>/dev/null
yum makecache &>/dev/null
elif [ -e /etc/apt/sources.list ]; then
if [[ ! -z $(grep -o Ubuntu /etc/os-release) ]]; then
sed -i 's@//.*archive.ubuntu.com@//mirrors.ustc.edu.cn@g' /etc/apt/sources.list
sed -i 's/security.ubuntu.com/mirrors.ustc.edu.cn/g' /etc/apt/sources.list
apt update &>/dev/null
fi
fi
echo -e "$GREEN 软件仓库配置成功 $END"
}
set_ssh() {
sed -ri 's/.*(UseDNS).*/\1 no/' /etc/ssh/sshd_config
sed -ri 's/.*(GSSAPIAuthentication).*/\1 no/' /etc/ssh/sshd_config
systemctl reload-or-restart sshd
echo -e "$GREEN ssh修改成功 $END"
}
set_pst() {
echo "export PS1='\[\e[1;32m\][\u\[\e[32m\]@\h\[\e[1;32m\] \W\[\e[1;32m\]]\[\e[0m\]# '" >>/etc/profile.d/pst.sh
chmod +x /etc/profile.d/pst.sh
cat >>/etc/profile <<eof
HISTTIMEFORMAT="\`who -um |awk -F"[()]" '{print \$2}'\` %F %T \`whoami\` "
eof
echo -e "$GREEN 终端提示符修改成功,重新登录生效 $END"
}
PS3="请输入数字选项(输入任意键退出): "
select i in 关闭selinux与firewalld 设置内核参数 设置PAM资源 设置网卡名 设置VIM编辑器 配置软件仓库 设置SSH 设置终端颜色 所有; do
case $REPLY in
1)
dis ;;
2)
sysctl_conf ;;
3)
limit_conf ;;
4)
set_net_ifc ;;
5)
set_vim ;;
6)
set_pack ;;
7)
set_ssh ;;
8)
set_pst ;;
9)
dis
sysctl_conf
limit_conf
set_net_ifc
set_vim
set_yum
set_ssh
;;
*)
exit 1 ;;
esac
done
浙公网安备 33010602011771号