0
点赞
收藏
分享

微信扫一扫

Liunx系统初始化脚本

斗米 2022-12-30 阅读 107

作为运维人员,经常会初始化系统,系统在安装过程中基本都会选择最小化安装,这样安装好的系统里会缺少很多环境。

此脚本是系统初始化脚本,有需要朋友可以参考,脚本内容如下:

系统环境:CentOS 7.4

[root@localhost ~]# vim auto_config_system_initializ.sh

#脚本内容如下

  1. #!/bin/bash
  2. #2017-5-20 13:14:00
  3. #Author blog:
  4. #https://www.yangxingzhen.com
  5. #Author site:
  6. #https://www.yangxingzhen.com/sitemap.html
  7. #Author mirrors site:
  8. # https://mirrors.yangxingzhen.com
  9. #About the Author
  10. #BY:、、、小柒
  11. #QQ:675583110
  12. #Automatic configuration system initialization

  13. SYS_VERSION=`awk -F. '{print $1}' /etc/redhat-release |awk '{print $NF}'`
  14. YUM_SOFT="vim wget lrzsz openssh-server openssh ntp ntpdate gcc gcc-c++ cmake unzip make curl openssl openssl-devel rsync gd zip perl sysstat man mtr lsof iotop net-tools openssl-perl iostat subversion nscd iotop htop iftop"
  15. #Configuring the YUM source
  16. if [ $SYS_VERSION -eq 7 ];then
  17.     yum -y install wget
  18.     mkdir -p /etc/yum.repos.d/back
  19.     mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/back
  20.     wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.163.com/.help/CentOS7-Base-163.repo
  21.     yum clean all
  22. else
  23.     yum -y install wget
  24.     mkdir -p /etc/yum.repos.d/back
  25.     mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/back
  26.     wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.163.com/.help/CentOS6-Base-163.repo
  27.     yum clean all
  28. fi
  29. #install base rpm package
  30. yum -y install epel-release
  31. yum -y install $YUM_SOFT
  32. #Change the ulimit parameter
  33. \cp /etc/security/limits.conf /etc/security/limits.conf.back
  34. cat >>/etc/security/limits.conf <<EOF
  35. * soft nproc 65535
  36. * hard nproc 65535
  37. * soft nofile 65535
  38. * hard nofile 65535
  39. EOF
  40. echo "ulimit -SHn 65535" >> /etc/profile
  41. echo "ulimit -SHn 65535" >> /etc/rc.local
  42. #Time zone
  43. if [ "`cat /etc/crontab | grep ntpdate`" = "" ]; then
  44. echo "10 * * * * root /usr/sbin/ntpdate cn.pool.ntp.org >> /var/log/ntpdate.log" >> /etc/crontab
  45. fi
  46. rm -f /etc/localtime
  47. ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
  48. ntpdate cn.pool.ntp.org && hwclock -w
  49. #Config SSH
  50. sed -i "s/\#UseDNS yes/UseDNS no/g" /etc/ssh/sshd_config
  51. sed -i "s/GSSAPIAuthentication yes/GSSAPIAuthentication no/g" /etc/ssh/sshd_config
  52. #Config Selinux And iptables(firewalld)
  53. if [ $SYS_VERSION -eq 7 ];then
  54.     systemctl stop firewalld.service
  55.     systemctl disable firewalld.service
  56.     sed -i '/SELINUX/s/enforcing/disabled/g' /etc/selinux/config
  57.     setenforce 0
  58. else
  59.     service iptables stop
  60.     chkconfig iptables off
  61.     sed -i '/SELINUX/s/enforcing/disabled/g' /etc/selinux/config
  62.     setenforce 0
  63. fi
  64. #Config sysctl
  65. SYSCONF="net.ipv6.conf.all.disable_ipv6 = 1
  66. net.ipv6.conf.default.disable_ipv6 = 1
  67. net.core.netdev_max_backlog = 32768
  68. net.core.somaxconn = 32768
  69. net.core.wmem_default = 8388608
  70. net.core.rmem_default = 8388608
  71. net.core.rmem_max = 16777216
  72. net.core.wmem_max = 16777216
  73. net.ipv4.tcp_max_syn_backlog = 65536
  74. net.ipv4.tcp_timestamps = 0
  75. net.ipv4.tcp_synack_retries = 2
  76. net.ipv4.tcp_syn_retries = 2
  77. net.ipv4.tcp_tw_recycle = 1
  78. #net.ipv4.tcp_tw_len = 1
  79. net.ipv4.tcp_tw_reuse = 1
  80. net.ipv4.tcp_mem = 94500000 915000000 927000000
  81. net.ipv4.tcp_max_orphans = 3276800
  82. net.ipv4.tcp_fin_timeout = 120
  83. net.ipv4.tcp_keepalive_time = 120
  84. net.ipv4.ip_local_port_range = 1024 65535
  85. net.nf_conntrack_max = 16404388
  86. net.netfilter.nf_conntrack_tcp_timeout_established = 10800
  87. #kernel: TCP: time wait bucket table overflow
  88. net.ipv4.tcp_max_tw_buckets = 30000
  89. fs.file-max = 655350
  90. kernel.sysrq = 0"
  91. if [ $SYS_VERSION -eq 6 ];then
  92.     service sshd restart
  93.     if [ `cat /etc/sysctl.conf | grep -wc net.ipv4.tcp_max_tw_buckets` -eq 0 ];then
  94.         echo "$SYSCONF" >>/etc/sysctl.conf
  95.         /sbin/sysctl -p
  96.     fi
  97. else
  98.     systemctl restart sshd.service
  99.     if [ ! -f /etc/sysctl.d/system.conf ];then
  100.         touch /etc/sysctl.d/system.conf
  101.         echo "$SYSCONF" >>/etc/sysctl.d/system.conf
  102.         /usr/sbin/sysctl -p
  103.     fi
  104. fi
  105. if [ $? -eq 0 ];then
  106.     echo -e "\033[32m Completion of system initialization \033[0m"
  107. fi

保存退出,上传到服务器即可使用。

举报

相关推荐

0 条评论