linux系统最小化安装之基础优化

话题2：linux之centos系统常用基础优化

1. 设置命令提示符颜色

echo 'PS1="\[\e[1;31m\][\u@\h \W]\\$\[\e[0m\]"' >> /etc/profile.d/env.sh
#使其立即生效
. /etc/profile.d/env.sh

2. 设置系统默认编辑器为vim

echo export EDITOR=vim >> /etc/profile.d/env.sh
. /etc/profile.d/env.sh

3. 禁用SELinux

sed -ri 's/^(SELINUX=)enforcing/\1disabled/'  /etc/selinux/config
setenforce 0

4. 禁用防火墙

systemctl stop firewalld.service
systemctl disable firewalld.service

5. 优化ssh登录

sed -ri 's/GSSAPIAuthentication yes/GSSAPIAuthentication no/' /etc/ssh/sshd_config
sed -ri 's/#UseDNS yes/UseDNS no/' /etc/ssh/sshd_config
#ubuntu修改允许root登录 
sed -ri 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
systemctl restart ssh

6. 修改网卡名称并最小化网卡配置

#1. 修改网卡名称为传统的网卡名称eth0，eth...
sed -ri '/CMDLINE/s#(.*)"#\1 net.ifnames=0"#' /etc/default/grub
grub2-mkconfig -o /etc/grub2.cfg
#2. 需要修改/etc/sysconfig/network-scripts/ifcfg-???文件名
#3. 需要重启系统
echo -e "\033[1;32m System initialization is complete and will be reboot in 10s...\033[0m"
sleep 10
reboot


#网卡最小配置范例
[root@centos7 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0 
TYPE="Ethernet" 
NAME="eth0" 
DEVICE="eth0" 
ONBOOT="yes" 
BOOTPROTO="static" 
IPADDR=192.168.2.196 
GATEWAY=192.168.2.1 
PREFIX=24 
DNS1=192.168.2.1 


#加入alias 
[root@centos7 ~]# alias vieth0='vim /etc/sysconfig/network-scripts/ifcfg-eth0'

 

7. yum源配置

#安装wget工具
yum -y install wget

#配置系统使用阿里云yum源和EPEL源
mkdir /etc/yum.repos.d/bak
mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak/
wget -P /etc/yum.repos.d http://mirrors.aliyun.com/repo/Centos-7.repo
wget -P /etc/yum.repos.d http://mirrors.aliyun.com/repo/epel-7.repo
yum makecache

9. 时间同步

#安装chrony时间同步服务
yum -y install chrony && systemctl enable --now chronyd.service
#配置chrony时间同步阿里云ntp服务器
sed -i -e '/^server/s/^/#/'  -e '1a server ntp.aliyun.com iburst' /etc/chrony.conf
systemctl restart chronyd.service

10. 编写脚本的自动开头

vim ~/.vimrc
#复制如下代码修改称自己的即可
set ignorecase
set cursorline
set autoindent
autocmd BufNewFile *.sh exec ":call SetTitle()"
func SetTitle()
    if expand("%:e") == 'sh'
    call setline(1,"#!/bin/bash") 
    call setline(2,"#") 
    call setline(3,"#********************************************************************") 
    call setline(4,"#Author:        zouyongbing") 
    call setline(5,"#QQ:                         273838882") 
    call setline(6,"#Date:             ".strftime("%Y-%m-%d"))
    call setline(7,"#FileName：        ".expand("%"))
    call setline(8,"#URL:             https://www.cnblogs.com/zouyongbing/")
    call setline(9,"#Description：        The test script") 
    call setline(10,"#Copyright (C):     ".strftime("%Y")." All rights reserved")
    call setline(11,"#********************************************************************") 
    call setline(12,"") 
    endif
endfunc
autocmd BufNewFile * normal G

写一个脚本完成上述过程

[root@centos7 scripts]# cat baseset.sh 
#!/bin/bash
#
#********************************************************************
#Author:zouyongbing
#QQ:                 273838882
#Date: 2021-11-03
#FileName：baseset.sh
#URL: https://home.cnblogs.com/zouyongbing
#Description：The test script
#Copyright (C): 2021 All rights reserved
#********************************************************************
#1.set yum base and epel
sudo sed -e 's|^mirrorlist=|#mirrorlist=|g' \
         -e 's|^#baseurl=http://mirror.centos.org|baseurl=https://mirrors.tuna.tsinghua.edu.cn|g' \
         -i.bak \
         /etc/yum.repos.d/CentOS-*.repo
 
yum install epel-release -y && 
sed -e 's!^metalink=!#metalink=!g' \
    -e 's!^#baseurl=!baseurl=!g' \
    -e 's!//download\.fedoraproject.org/pub!//mirrors.tuna.tsinghua.edu.cn!g' \
    -e 's!//download\.example/pub!//mirrors.tuna.tsinghua.edu.cn!g' \
    -e 's!http://mirrors!https://mirrors!g' \
    -i.bak  \
    /etc/yum.repos.d/epel.repo /etc/yum.repos.d/epel-testing.repo

#2. set alias vinet0
echo "alias vinet0='vim /etc/sysconfig/network-scripts/ifcfg-eth0'" >> /etc/profile  && source /etc/profile
#3. stop firewalld
systemctl stop firewalld && systemctl disable firewalld

#4. stop selinux
sed -i 's#SELINUX=enforcing#SELINUX=disabled#' /etc/selinux/config 
#sed -ri 's/^(SELINUX=)enforcing/\1disabled/'  /etc/selinux/config

#5. ssh ora
sed -ri 's/GSSAPIAuthentication yes/GSSAPIAuthentication no/' /etc/ssh/sshd_config
sed -ri 's/#UseDNS yes/UseDNS no/' /etc/ssh/sshd_config

#6. setup tools
yum install  vim iotop bc gcc gcc-c++ glibc glibc-devel pcre \
pcre-devel openssl  openssl-devel zip unzip zlib-devel  net-tools \
lrzsz tree  telnet lsof tcpdump wget libevent libevent-devel \
bc  systemd-devel bash-completion traceroute -y

#7. set scripts format
cat > ~/.vimrc <<-EOF
set ignorecase
set cursorline
set autoindent
autocmd BufNewFile *.sh exec ":call SetTitle()"
func SetTitle()
    if expand("%:e") == 'sh'
    call setline(1,"#!/bin/bash") 
    call setline(2,"#") 
    call setline(3,"#********************************************************************") 
    call setline(4,"#Author:        zouyongbing") 
    call setline(5,"#QQ:                         273838882") 
    call setline(6,"#Date:             ".strftime("%Y-%m-%d"))
    call setline(7,"#FileName：        ".expand("%"))
    call setline(8,"#URL:             https://home.cnblogs.com/zouyongbing")
    call setline(9,"#Description：        The test script") 
    call setline(10,"#Copyright (C):     ".strftime("%Y")." All rights reserved")
    call setline(11,"#********************************************************************") 
    call setline(12,"") 
    endif
endfunc
autocmd BufNewFile * normal G
EOF

#8. echo network
echo "TYPE=Ethernet
BOOTPROTO=none
NAME=eth0
DEVICE=eth0
ONBOOT=yes
#modify this ip
IPADDR=10.1.100.7
PREFIX=24
GATEWAY=10.1.100.254
DNS1=10.1.100.254
" > /etc/sysconfig/network-scripts/ifcfg-eth0

echo "base optimize is complete!!!"