Linux系统初始化脚本

#!/bin/bash
#*********************************
#Author:        LT
#Date:          2024-09-18
#Description:   仅支持RHEL、Debian系列
#Update:        
#*********************************
# 判断是否具有root权限
root_need() {
    if [[ $EUID -ne 0 ]]; then
        echo "请使用root账户运行该脚本" 1>&2
        exit 1
    fi
}

### 大致步骤解读
## 第一:判断发行分支、判断系统版本、保证软件源可用、安装基本软件
if [ -f /etc/os-release ]; then
    . /etc/os-release
    case "$ID" in
        rhel|centos|fedora|rocky|almalinux|openEuler)
            echo "This system is based on Red Hat (RHEL) family."
            OS_Family=rhel
            if [ "$ID" == "centos" ] && [ "$VERSION_ID" == "7" ]; then
                rm -rf /etc/yum.repos.d/*
                cat > /etc/yum.repos.d/CentOS-Base.repo << EOF
[base]
name=CentOS-7 - Base - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/7/os/\$basearch/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7

#released updates 
[updates]
name=CentOS-7 - Updates - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/7/updates/\$basearch/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7

#additional packages that may be useful
[extras]
name=CentOS-7 - Extras - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/7/extras/\$basearch/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7

#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-7 - Plus - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/7/centosplus/\$basearch/
gpgcheck=1
enabled=0
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7

#contrib - packages by Centos Users
[contrib]
name=CentOS-7 - Contrib - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/7/contrib/\$basearch/
gpgcheck=1
enabled=0
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
EOF
                yum makecache
                yum install tree bash-completion wget lrzsz tcpdump tar chrony -y
            else
                dnf install tree bash-completion wget lrzsz tcpdump tar chrony -y
            fi
            ;;
        debian|ubuntu)
            echo "This system is based on Debian family."
            OS_Family=debian
            if [ "$ID" == "debian" ] && [ "$VERSION_ID" == "9" ]; then
                cat > /etc/apt/sources.list << EOF
deb http://mirrors.volces.com/debian stretch main contrib non-free
deb http://mirrors.volces.com/debian stretch-backports main contrib non-free
deb http://mirrors.volces.com/debian-security stretch/updates main contrib non-free
EOF
                apt install tree wget lrzsz tcpdump tar net-tools chronyd -y
            else
                apt install tree wget lrzsz tcpdump tar net-tools chronyd -y
            fi
            ;;
        *)
            echo "本脚本不支持该系列操作系统"
            exit 1
            ;;
    esac
else
    echo "无法确定操作系统系列"
    exit 1
fi

######## 定义初始化函数  ########
# 服务优化
Share_Sysinit_01(){
    systemctl disable --now postfix
}

# 配置时间同步
Share_Sysinit_02(){
    echo "校正时区、硬件时钟、时间同步"
    timedatectl set-timezone Asia/Shanghai
    # 用系统时间同步硬件时间
    hwclock --systohc >/dev/null 2>&1
}

# 配置文件描述符 和 历史命令记录
Share_Sysinit_03(){
    echo "配置文件描述符"
    cat > /etc/security/limits.conf <<EOF
*       soft    nofile  1024000
*       hard    nofile  1024000
*       soft    nproc   655350
*       hard    nproc   655350
*       soft    core    unlimited
*       hard    core    unlimited
* -   memlock unlimited
EOF

    echo "优化历史命令记录展示规则"
    # 让历史命令带时间(也可以在 .bashrc)
    echo "export HISTTIMEFORMAT='%F %T '" >> /etc/profile
    # 增加历史命令行数
    echo "export HISTFILESIZE=3000" >> /etc/profile
    source /etc/profile
}

# sshd服务优化
Share_Sysinit_04(){
    sed -i "s/#UseDNS yes/UseDNS no/g" /etc/ssh/sshd_config
}
Share_Sysinit_05(){
    echo "占位" >/dev/null 2>&1
}
# Rhel系列,关闭防火墙
Rhel_Sysinit_01(){
    systemctl disable --now firewalld
    sed -i 's/^SELINUX=enforcing$/SELINUX=disabled/' /etc/selinux/config && setenforce 0
}
Rhel_Sysinit_02(){
    echo "占位" >/dev/null 2>&1
}
Rhel_Sysinit_03(){
    echo "占位" >/dev/null 2>&1
}
Debian_Sysinit_01(){
    echo "占位" >/dev/null 2>&1
}
Debian_Sysinit_02(){
    echo "占位" >/dev/null 2>&1
}
Debian_Sysinit_03(){
    echo "占位" >/dev/null 2>&1
}

## 第二:根据不同的发行版,进行不同的初始化动作
case "$OS_Family" in
    rhel)
        Share_Sysinit_01
        Share_Sysinit_02
        Share_Sysinit_03
        Share_Sysinit_04
        Share_Sysinit_05
        Rhel_Sysinit_01
        Rhel_Sysinit_02
        Rhel_Sysinit_03
        ;;
    debian)
        Share_Sysinit_01
        Share_Sysinit_02
        Share_Sysinit_03
        Share_Sysinit_04
        Share_Sysinit_05
        Debian_Sysinit_01
        Debian_Sysinit_02
        Debian_Sysinit_03
        ;;
    *)
        exit 1
        ;;
esac
声明:本文为原创,作者为 辣条①号,转载时请保留本声明及附带文章链接:https://boke.wsfnk.com/archives/1398.html
谢谢你请我吃辣条谢谢你请我吃辣条

如果文章对你有帮助,欢迎点击上方按钮打赏作者

最后编辑于:2024/9/18作者: 辣条①号

目标:网络规划设计师、系统工程师、ceph存储工程师、云计算工程师。 不负遇见,不谈亏欠!

暂无评论

发表回复

您的电子邮箱地址不会被公开。 必填项已用*标注

arrow grin ! ? cool roll eek evil razz mrgreen smile oops lol mad twisted wink idea cry shock neutral sad ???