最小化安装Linux系统初始化脚本

这篇具有很好参考价值的文章主要介绍了最小化安装Linux系统初始化脚本。希望对大家有所帮助。如果存在错误或未考虑完全的地方,请大家不吝赐教,您也可以点击"举报违法"按钮提交疑问。

目录
  • 最小化安装Linux系统初始化脚本

最小化安装Linux系统初始化脚本

注:此脚本适用于centos 7/8、Ubuntu1804,具体需要根据实际情况进行测试调整。

此脚本包含的功能:

  1. 允许 root 用户使用 ssh 登录
  2. 关闭 selinux
  3. 关闭防火墙
  4. 设置 ps1
  5. 设置默认编辑器为 vim
  6. 自定义 vim
  7. 自定义历史命令
  8. 修改内核参数
  9. 设置资源限制
  10. 修改软件源
  11. 安装常用包
  12. 设置时间同步
  13. 修改网卡为传统命令格式
  14. 设置IP地址等
[root@centos8 ~]# cat init_v1.sh
#!/bin/bash
#
#**************************************************
#Author:                Xan_Yum
#QQ:                    7993167
#Email:                 waluna@qq.com
#Version:               1.0
#Date:                  2021-11-03
#FileName:              init_v1.sh
#Description:           system init
#URL:                   https://blog.waluna.top
#Copyroght (C):         2021 ALL rights reserved
#**************************************************

OS=`awk -F'"' '/PRETTY_NAME/{print $2}' /etc/os-release|tr ' ' '-'`

#1
set_ssh () {
    if [[ $OS == Ubuntu-18.04* ]];then
        sed -i.bak '/#PermitRootLogin/a PermitRootLogin yes' /etc/ssh/sshd_config
        systemctl restart sshd
    fi
    echo -e "\e[32;1mPermit root login set complete\e[0m"
}

#2
disable_selinux () {
    if [[ $OS == CentOS* ]];then
        sed -i.bak 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
    fi
    echo -e "\e[32;1mSElinux already disabled,Restart to take effect\e[0m"

}

#3
disbale_firewall () {
    systemctl disable --now firewalld &> /dev/null
    echo -e "\e[32;1mFirewall already disabled\e[0m"
}

#4
set_ps1 () {
    if [[ $OS == CentOS* ]];then
        echo "PS1='\[\e[1;36m\][\u@\h \W]\\$ \[\e[0m\]'" >> /etc/profile.d/env.sh
        . /etc/profile.d/env.sh
    elif [[ $OS == Ubuntu* ]];then
        echo 'PS1="\[\e[1;32m\][${debian_chroot:+($debian_chroot)}\u@\h \w]\\$ \[\e[0m\]"' >> .bashrc
        . .bashrc
    fi
    echo -e "\e[32;1mPS1 already modify,Please login again\e[0m"

}

#5
set_default_text_editor_vim () {
    echo "export EDITOR=vim" >> /etc/profile.d/env.sh
    . /etc/profile.d/env.sh
    echo -e "\e[32;1mdefault_text_editor already modify vim,Please login again\e[0m"
}

#6
set_vim () {
cat > ~/.vimrc <<EOF
set ts=4
set expandtab
set ignorecase
set cursorline
set autoindent
autocmd BufNewFile *.sh exec ":call SetTitle()"
func SetTitle()
    if expand("%:e")=='sh'
    call setline(1,"#!/bin/bash")
    call setline(2,"#")
    call setline(3,"#**************************************************")
    call setline(4,"#Author:                Xan_Yum")
    call setline(5,"#QQ:                    7993167")
    call setline(6,"#Email:                 waluna@qq.com")
    call setline(7,"#Version:               1.0")
    call setline(8,"#Date:                  ".strftime("%Y-%m-%d"))
    call setline(9,"#FileName:              ".expand("%"))
    call setline(10,"#Description:           The test script")
    call setline(11,"#URL:                   https://blog.waluna.top")
    call setline(12,"#Copyroght (C):         ".strftime("%Y")." ALL rights reserved")
    call setline(13,"#**************************************************")
    endif
endfunc
autocmd BufNewFile * normal G
EOF
    echo -e "\e[32;1mVim already modify\e[0m"
}

#7
set_history () {
    echo 'export HISTTIMEFORMAT="%F %T `whoami` "' >> /etc/profile.d/env.sh
    echo -e "\e[32;1mHistory modify\e[0m"
}

#8
modify_kernel_parameters () {
    mv /etc/sysctl.conf{,.bak}
cat > /etc/sysctl.conf <<EOF
# Controls source route verification
net.ipv4.conf.default.rp_filter = 1
net.ipv4.ip_nonlocal_bind = 1
net.ipv4.ip_forward = 1

# Do not accept source routing
net.ipv4.conf.default.accept_source_route = 0

# Controls the System Request debugging functionality of the kernel
kernel.sysrq = 0

# Controls whether core dumps will append the PID to the core filename.
# Useful for debugging multi-threaded applications.
kernel.core_uses_pid = 1

# Controls the use of TCP syncookies
# 表示是否打开TCP同步标签(syncookie),内核必须打开了CONFIG_SYN_COOKIES项进行编译,同步标签可以防止一个套接字在有过多试图连接到达时引起过载。	
net.ipv4.tcp_syncookies = 1

# Disable netfilter on bridges.
# net.bridge.bridge-nf-call-arptables:是否在arptables的FORWARD中过滤网桥的ARP包
# net.bridge.bridge-nf-call-ip6tables:是否在ip6tables链中过滤IPv6包
# net.bridge.bridge-nf-call-iptables:是否在iptables链中过滤IPv4包
# net.bridge.bridge-nf-filter-vlan-tagged:是否在iptables/arptables中过滤打了vlan标签的包

net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0

# Controls the default maxmimum size of a mesage queue
kernel.msgmnb = 65536

# # Controls the maximum size of a message, in bytes
kernel.msgmax = 65536

# Controls the maximum shared segment size, in bytes
kernel.shmmax = 68719476736

# # Controls the maximum number of shared memory segments, in pages
kernel.shmall = 4294967296

# TCP kernel paramater
net.ipv4.tcp_mem = 786432 1048576 1572864
net.ipv4.tcp_rmem = 4096        87380   4194304
net.ipv4.tcp_wmem = 4096        16384   4194304
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_sack = 1

# socket buffer
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.netdev_max_backlog = 262144
net.core.somaxconn = 20480
net.core.optmem_max = 81920

# TCP conn
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_syn_retries = 3
net.ipv4.tcp_retries1 = 3
net.ipv4.tcp_retries2 = 15

# tcp conn reuse
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_fin_timeout = 1

net.ipv4.tcp_max_tw_buckets = 20000
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_timestamps = 1 #?
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syncookies = 1

# keepalive conn
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_keepalive_intvl = 30
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.ip_local_port_range = 10001    65000

# swap
vm.overcommit_memory = 0
vm.swappiness = 10

#net.ipv4.conf.eth1.rp_filter = 0
#net.ipv4.conf.lo.arp_ignore = 1
#net.ipv4.conf.lo.arp_announce = 2
#net.ipv4.conf.all.arp_ignore = 1
#net.ipv4.conf.all.arp_announce = 2

EOF
    echo -e "\e[32;1mKernel parameters modify complete\e[0m"
}

#9
modify_resource_limits () {
cat >> /etc/security/limits.conf <<EOF

*	-	core		unlimited
*	-	nproc		1000000
*	-	nofile		1000000
*	-	memlock		32000
*	-	msgqueue	8192000
root    -       core            unlimited
root    -       nproc           1000000
root    -       nofile          1000000
root    -       memlock         32000
root    -       msgqueue        8192000
EOF
    echo -e "\e[32;1mResource limits modify complete\e[0m"
}

#10
set_software_source () {
    if [[ $OS == CentOS-Linux-7* ]];then
        mkdir /etc/yum.repos.d/backup && mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/backup
        curl -o /etc/yum.repos.d/Centos-7.repo https://mirrors.aliyun.com/repo/Centos-7.repo
        curl -o /etc/yum.repos.d/epel-7.repo https://mirrors.aliyun.com/repo/epel-7.repo
        yum clean all && yum makecache
    elif [[ $OS == CentOS-Linux-8* ]];then
        mkdir /etc/yum.repos.d/backup && mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/backup
        curl -o /etc/yum.repos.d/Centos-8.repo https://mirrors.aliyun.com/repo/Centos-8.repo
        yum clean all && yum makecache
        yum install -y https://mirrors.aliyun.com/epel/epel-release-latest-8.noarch.rpm
        sed -i 's|^#baseurl=https://download.example/pub|baseurl=https://mirrors.aliyun.com|' /etc/yum.repos.d/epel*
        sed -i 's|^metalink|#metalink|' /etc/yum.repos.d/epel*
    elif [[ $OS == Ubuntu-18.04* ]];then
        mkdir /etc/apt/backup && mv /etc/apt/sources.list /etc/apt/backup
cat > /etc/apt/sources.list <<EOF
deb http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse

deb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse

deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse

deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse

deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
EOF
        rm -f /var/lib/apt/lists/lock && apt update
    fi
    echo -e "\e[32;1mSoftware source set complete\e[0m"

}

#11
install_package () {
    if [[ $OS == CentOS-Linux-7* ]];then
        yum install bash-completion vim-enhanced tree psmisc wget bc iotop gcc make gcc-c++ glibc glibc-devel pcre pcre-devel openssl openssl-devel zip unzip zlib-devel net-tools lrzsz ntpdate telnet lsof tcpdump libevent libevent-devel openssh-server openssh-clients postfix -y
    elif [[ $OS == CentOS-Linux-8* ]];then
        dnf install bash-completion vim-enhanced tree psmisc wget bc iotop gcc make gcc-c++ glibc glibc-devel pcre pcre-devel openssl openssl-devel zip unzip zlib-devel net-tools lrzsz chrony telnet lsof tcpdump libevent libevent-devel openssh-server openssh-clients postfix -y
	elif [[ $OS == Ubuntu-18.04* ]];then
        apt install make gcc iproute2 ntpdate tcpdump telnet traceroute nfs-kernel-server nfs-common lrzsz tree zip unzip openssl libssl-dev libpcre3 libpcre3-dev zlib1g-dev iotop libreadline-dev libsystemd-dev -y
    fi
    echo -e "\e[32;1mCommon Package already install\e[0m"
}

#12
set_time_sync () {
    if [[ $OS == CentOS-Linux-7* ]];then
        echo '*/5 * * * * ntpdate time1.aliyun.com &> /dev/null && hwclock -w' >> /var/spool/cron/root
        systemctl restart crond
    elif [[ $OS == CentOS-Linux-8* ]];then
        sed -i.bak '/^pool /c pool time1.aliyun.com iburst' /etc/chrony.conf
        systemctl restart chronyd && systemctl enable chronyd
        echo '*/5 * * * * chronyc -a makestep &> /dev/null && hwclock -w' >> /var/spool/cron/root
        systemctl restart crond
    elif [[ $OS == Ubuntu-18.04* ]];then
        echo '*/5 * * * * ntpdate time1.aliyun.com &> /dev/null && hwclock -w' >> /var/spool/cron/root
        systemctl restart cron
    fi
    echo -e "\e[32;1mTime sync complete\e[0m"
}

#13
set_eth () {
    if [[ $OS == CentOS* ]];then
        sed -i.bak '/GRUB_CMDLINE_LINUX/s#"$# net.ifnames=0"#' /etc/default/grub
        grub2-mkconfig -o /boot/grub2/grub.cfg &> /dev/null
    elif [[ $OS == Ubuntu-18.04* ]];then
        sed -i.bak '/GRUB_CMDLINE_LINUX/s#"$#net.ifnames=0"#' /etc/default/grub
        grub-mkconfig -o /boot/grub/grub.cfg &> /dev/null
    fi
    
    echo -e "\e[32;1mNetname already modify,Restart to take effect\e[0m"
}

set_eth0 () {
    if [[ $OS == Ubuntu-18.04* ]];then
        mv /etc/netplan/01-netcfg.yaml{,.bak}
cat > /etc/netplan/01-netcfg.yaml <<EOF
network:
  version: 2
  renderer: networkd
  ethernets:
    eth0:
      dhcp4: no
      addresses: [10.0.0.9/24]
      gateway4: 10.0.0.2
      nameservers:
        addresses: [223.5.5.5,114.114.114.114]
EOF
    fi
    echo -e "\e[32;1mIP already set\e[0m"
}

#14
set_ip () {
    if [[ $OS == CentOS-Linux-8* ]];then
        mv /etc/sysconfig/network-scripts/ifcfg-ens160{,.bak}
    read -p "Please input IP: " IP
    read -p "Please input Prefix: " PREFIX
    read -p "Please input Gateway: " GATEWAY
    read -p "Please input DNS1: " DNS1
    read -p "Please input DNS2: " DNS2
cat > /etc/sysconfig/network-scripts/ifcfg-eth0 <<EOF
TYPE=Ethernet
NAME=eth0
DEVICE=eth0
BOOTPROTO=static
ONBOOT=yes
IPADDR=$IP
PREFIX=$PREFIX
GATEWAY=$GATEWAY
DNS1=$DNS1
DNS2=$DNS2
EOF
    elif [[ $OS == CentOS-Linux-7* ]];then
        mv /etc/sysconfig/network-scripts/ifcfg-ens33{,.bak}
    read -p "Please input IP: " IP
    read -p "Please input Prefix: " PREFIX
    read -p "Please input Gateway: " GATEWAY
    read -p "Please input DNS1: " DNS1
    read -p "Please input DNS2: " DNS2
cat > /etc/sysconfig/network-scripts/ifcfg-eth0 <<EOF
TYPE=Ethernet
NAME=eth0
DEVICE=eth0
BOOTPROTO=static
ONBOOT=yes
IPADDR=$IP
PREFIX=$PREFIX
GATEWAY=$GATEWAY
DNS1=$DNS1
DNS2=$DNS2
EOF
    elif [[ $OS == Ubuntu-18.04* ]];then
        mv /etc/netplan/01-netcfg.yaml{,.bak}
        read -p "Please input IP/PREFIX: " IP_MASK
        read -p "Please input Gateway: " GATEWAY
        read -p "Please input DNS: " DNS
cat > /etc/netplan/01-netcfg.yaml <<EOF
network:
  version: 2
  renderer: networkd
  ethernets:
    eth0:
      dhcp4: no
      addresses: [$IP_MASK]
      gateway4: $GATEWAY
      nameservers:
        addresses: [$DNS]
EOF
    fi
    echo -e "\e[32;1mIP already set\e[0m"
}



echo -en "\e[32;1m"
cat <<EOF

This script applies to centos7 centos8 ubuntu1804!!!

Please select: 
1)Perimtrootlogin
2)Disable SElinux
3)Disable Firewall
4)Modify PS1
5)Set default text editor
6)Modify vim
7)Set History
8)Modify kernel parameters
9)Modify resource limits
10)set_software_source
11)Install Common Package
12)Set Time Sync
13)Modify NetName
14)Set IP
15)All realized
EOF
echo -en '\e[0m'
read -p "Please input number 1-15: " MENU
case $MENU in
1)
    set_ssh
    ;;
2)
    disable_selinux
    ;;
3)
    disbale_firewall
    ;;
4)
    set_ps1
    ;;
5)
    set_default_text_editor_vim
    ;;
6)
    set_vim
    ;;
7)
    set_history
    ;;
8)
    modify_kernel_parameters
    ;;
9)
    modify_resource_limits
    ;;
10)
    set_software_source
    ;;
11)
    install_package
    ;;
12)
    set_time_sync
    ;;
13)
    set_eth
    set_eth0
    ;;
14)
    set_ip
    ;;
15)
    #set_ssh
    disable_selinux
    disbale_firewall
    set_ps1
    set_default_text_editor_vim
    set_vim
    set_history
    modify_kernel_parameters
    modify_resource_limits
    set_software_source
    install_package
    set_time_sync
    set_eth
    set_eth0
    #set_ip
    echo -e "\e[32;1mAll done\e[0m"
    ;;
*)
    echo -e "\e[32;1mINPUY FLASE!\e[0m"
    ;;
esac

关于我
全网可搜《阿贤Linux》
CSDN、知乎、哔哩哔哩、博客园、51CTO、开源中国、思否、掘金、阿里云、腾讯云、华为云、今日头条、GitHub、个人博客
公众号:阿贤Linux
个人博客:blog.waluna.top
https://blog.waluna.top/


原文链接: 最小化安装系统初始化脚本.文章来源地址https://www.toymoban.com/news/detail-662346.html

到了这里,关于最小化安装Linux系统初始化脚本的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处: 如若内容造成侵权/违法违规/事实不符,请点击违法举报进行投诉反馈,一经查实,立即删除!

领支付宝红包 赞助服务器费用

相关文章

  • debian12 最小化安装桌面 i3wm

    怕记不住,先临时记录一下,还未整理,先凑合着看 debian12 最小安装 i3wm 一、先安装 debian12 最小安装 软件包只选择最后的两个 SSH服务,和管理工具 安装后查看IP,并用另一台电脑 ssh 连接操作,这样比较方便 ip address 更新为国内源,并更新系统 apt update apt upgrade -y 二、安装

    2024年02月04日
    浏览(45)
  • C# 实现winform软件最小化到系统托盘,开机自启动

      问题描述   用户的电脑是win7系统,应用系统在用户电脑上运行时部分功能需要访问注册表,但是使用这些功能时会提示用户没有权限访问注册表。 原因分析   win7及后续高版本系统对用户的权限控制比较严,就算用户的权限较高,但用户启动程序时默认还是以普通用

    2024年02月03日
    浏览(44)
  • VMware workstation安装debian-12.1.0虚拟机(最小化安装)并配置网络

    Debian 是一个完全自由的操作系统!Debian 有一个由普罗大众组成的社区!该文档适用于在VMware workstation平台安装最小化安装debian-12.1.0虚拟机。 1.1安装平台 Windows 11 1.2软件信息 软件名称 软件版本 安装路径 VMware-workstation 17 pro VMware-workstation-full-17.5.0-22583795 D:software debian-12.1.0

    2024年01月19日
    浏览(48)
  • 机器学习的学习准则(期望风险最小化、经验风险最小化、结构风险最小化)

    训练集是有N个独立同分布的样本组成,即每个样本(x,y)是独立的从相同的分布中抽取的。这个真实的分布未知 输入空间X和输出空间Y构成样本空间,对于样本空间中的样本(x, y)∈X x Y,假定x和y之间可通过一个未知的真实隐射y=g(x)来描述,或者通过真实条件概率分布来描述。

    2024年02月09日
    浏览(53)
  • DFA的最小化

    一、实验目的 1.熟练掌握DFA与NFA的定义与有关概念。 2.理解并掌握确定的有穷自动机的最小化等算法。 二、实验要求 输入:DFA 输出:最小化的DFA 三、实验过程 1.化简DFA关键在于把它的状态集分成一些两两互不相交的子集,使得任何两个不相交的子集间的状态都是可区分

    2024年02月09日
    浏览(52)
  • 捕获最小化窗口的缩略图画面

    : capture minimized window window thumbnail IsIconic  最小化的窗口,API GetClientRect 返回的窗口尺寸是0x0,故无法通过GetDC+BitBlt捕获到窗口画面。 但是 Agora/zoom/tencentMeeting 都可以拿到最小化窗口的缩略图。经确认这个程序并没有注入任何dll到目标窗口,且也没有临时显示最小化了

    2024年02月07日
    浏览(50)
  • LeetCode——最小化字符串长度

    目录 一、题目 二、题目解读  三、代码  1、set去重 2、用一个二进制数记录每个字母是否出现过 6462. 最小化字符串长度 - 力扣(Leetcode) 给你一个下标从  0  开始的字符串  s  ,重复执行下述操作  任意  次: 在字符串中选出一个下标  i  ,并使  c  为字符串下标  i

    2024年02月08日
    浏览(61)
  • QT最小化程序到托盘运行

    实现程序关闭时最小化托盘的功能 托盘实现显示主页面和退出的功能 支持扩展,直接引用TrayIcon类即可,对外暴露接口 单例实现,可复用 注:博主所有资源永久免费,若有帮助,请点赞转发是对我莫大的帮助 注:博主本人学习过程的分享,引用他人的文章皆会标注原作者

    2024年02月05日
    浏览(50)
  • Qt实现最小化窗口到托盘图标

    目录 前言: 1.先看效果图 2.大致思路以及实现流程 3.具体代码以及解释 4.总结 使用QT开发桌面软件,将软件最小化至托盘这样的功能的是比较常见的,今天自己实现一下这个功能,并进行记录总结。  主要功能就是当软件开始运行, 在系统托盘会自动出现一个关于本软件的

    2023年04月08日
    浏览(47)
  • unity发布设置(最小化、置顶、限制单开)

    1. 勾上下图标红处,发布后可防止按windows键缩小  2.发布后程序默认最小化 3.发布的程序只能开一个进程

    2024年02月12日
    浏览(41)

觉得文章有用就打赏一下文章作者

支付宝扫一扫打赏

博客赞助

微信扫一扫打赏

请作者喝杯咖啡吧~博客赞助

支付宝扫一扫领取红包,优惠每天领

二维码1

领取红包

二维码2

领红包