平时写的各种linux shell脚本
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

128 lines
3.7 KiB

2 years ago
#!/bin/bash
##### name:debian初始化脚本 #####
##### author:xiaoz #####
##### date:2022/08/18 #####
#获取SSH端口
ssh_port=$1
#初始化软件
init_soft(){
echo '--------------------------------------------------------------';
2 years ago
echo 'Install curl/wget and ufw.'
2 years ago
echo '--------------------------------------------------------------';
#更新软件
apt-get update
2 years ago
#使用nftables
2 years ago
#update-alternatives --set iptables /usr/sbin/iptables-nft
#update-alternatives --set ip6tables /usr/sbin/ip6tables-nft
#update-alternatives --set arptables /usr/sbin/arptables-nft
#update-alternatives --set ebtables /usr/sbin/ebtables-nft
2 years ago
2 years ago
#安装必要软件
2 years ago
apt-get -y install curl wget ufw net-tools
2 years ago
#apt-get -y install firewalld
2 years ago
#启动firewalld
2 years ago
#systemctl start firewalld && systemctl enable firewalld
2 years ago
#FirewallBackend # Selects the firewall backend implementation. # Choices are: # - nftables (default) # - iptables (iptables, ip6tables, ebtables and ipset) FirewallBackend=iptables
#针对上面的错误,需要将iptables更换为nftables
2 years ago
#sed -i "s/FirewallBackend=iptables/FirewallBackend=nftables/g" /etc/firewalld/firewalld.conf
2 years ago
2 years ago
#放行常见端口
2 years ago
ufw allow 80
ufw allow 443
2 years ago
ufw allow 22
ufw enable
systemctl enable ufw
2 years ago
}
#初始化SSH配置
#修改端口和允许root登录
init_ssh(){
echo '--------------------------------------------------------------';
echo 'Modifying SSH port.'
echo '--------------------------------------------------------------';
#先放行端口
2 years ago
ufw allow ${ssh_port}
2 years ago
#修改ssh配置文件
#修改SSH端口
echo "Port ${ssh_port}" >> /etc/ssh/sshd_config
#允许root登录
echo 'PermitRootLogin yes' >> /etc/ssh/sshd_config
#重启SSH服务
systemctl restart sshd
}
#初始化时区
init_timezone(){
echo '--------------------------------------------------------------';
echo 'Setting time zone.'
echo '--------------------------------------------------------------';
#设置时区为上海
timedatectl set-timezone Asia/Shanghai
#同步时间
apt-get install ntpdate
ntp_path=$(which ntpdate)
#写入定时任务
2 years ago
echo "*/20 * * * * ${ntp_path} -u pool.ntp.org > /dev/null 2>&1" >> /var/spool/cron/crontabs/root
2 years ago
#重载定时任务
/etc/init.d/cron reload
}
#设置虚拟内存,如果存在虚拟内存,则不设置
set_swap() {
echo '--------------------------------------------------------------';
echo 'Setting swap.'
echo '--------------------------------------------------------------';
curl -s "https://raw.githubusercontent.com/helloxz/shell/master/set_swap.sh" | bash
}
#开启BBR
enable_bbr(){
echo '--------------------------------------------------------------';
echo 'Enabling BBR.'
echo '--------------------------------------------------------------';
#写入配置文件
echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf
echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf
#使内核参数生效
sysctl -p
}
#修改默认的描述符限制
change_ulimit() {
echo '--------------------------------------------------------------';
echo 'Modifying ulimit.'
echo '--------------------------------------------------------------';
echo 'fs.file-max = 65535' >> /etc/sysctl.conf
echo '* soft nofile 65535' >> /etc/security/limits.conf
echo '* hard nofile 65535' >> /etc/security/limits.conf
echo 'ulimit -SHn 65535' >> /etc/profile
#使内核参数生效
sysctl -p
}
2 years ago
#安装vim
install_vim() {
apt-get remove vim-common -y
apt-get install vim -y
sed -i 's/mouse=a/mouse-=a/g' /usr/share/vim/vim*/defaults.vim
}
# add_lias
add_alias() {
cp ~/.bashrc ~/.bashrc.bak
echo "alias ll='ls -l'" >> ~/.bashrc
source ~/.bashrc
}
2 years ago
#调用函数执行
2 years ago
init_soft && init_timezone && set_swap && enable_bbr && change_ulimit && install_vim && add_alias