装系统太多,这种工具还是有必要的,自己视情况修改和调整吧
里面我牵涉到的密码,请自行修改为自己的设置
#!/bin/bash
if [[ "$(whoami)" != "root" ]]; then
echo "请切换root用户 ." >&2
exit 1
fi
echo "适用CENTOS 7.6+"
echo -e "\033[31m 修改selinux 关闭防火墙 系统参数等,有需要可自己微调 5秒后执行 \033[0m"
#sleep 1
#echo "1秒"
#sleep 1
#echo "2秒"
#sleep 1
#echo "3秒"
#sleep 1
#echo "4秒"
#sleep 1
echo "开始执行中请勿操作,结束后会有提示"
#下载yumepel源 ,获取阿里源
yum_config(){
yum install wget epel-release -y
cd /etc/yum.repos.d/ && mkdir bak && mv -f *.repo bak/
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
yum clean all && yum makecache
#选装,如需自行调整 yum -y install iotop iftop net-tools lrzsz gcc gcc-c++ make cmake libxml2-devel openssl-devel curl curl-devel unzip sudo ntp libaio-devel wget vim ncurses-devel autoconf automake zlib-devel python-devel bash-completion
}
#防火墙关闭
iptables_config(){
systemctl stop firewalld.service
systemctl disable firewalld.service
systemctl stop iptables
systemctl disable iptables
}
#修改默认端口
ssh2_config(){
sed -i "s/Port 22$/Port 2222/g" /etc/ssh/sshd_config
systemctl restart sshd.service
}
#selinux关闭 时区 时间服务器chrony(需要自己删除注释)
system_config(){
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
#timedatectl set-local-rtc 1 && timedatectl set-timezone Asia/Shanghai
#yum -y install chrony && systemctl start chronyd.service && systemctl enable chronyd.service
}
#打开文件限制
ulimit_config(){
echo "ulimit -SHn 102400" >> /etc/rc.local
cat >> /etc/security/limits.conf << EOF
* soft nofile 102400
* hard nofile 102400
* soft nproc 102400
* hard nproc 102400
EOF
}
#mac下打开报
lang_config(){
cat >> /etc/locale.conf << EOF
LC_ALL=en_US.utf8
LC_CTYPE=en_US.utf8
EOF
}
#安装一些常用yum包
yum_pkg_config(){
yum -y install lshw pciutils gdisk install bash-completion zip unzip bzip2 tree tmpwatch pinfo man-pages install nano vim-enhanced tmux screen install net-tools psmisclsof sysstat install yum-plugin-security yum-utils createrepo install get wget curl eliks lynx lftp mailx mutt reync install libaio make cmake gcc-c++ gcc zib zlib-devel open openssl-devel pcre pcre-devel
}
#时区同步配置,主要用于非国内服务器
ntp_config(){
yum -y install ntp
systemctl enable ntpd
service ntpd restart
timedatectl set-timezone Asia/Shanghai
#上海,北京时间
#ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
#悉尼
#ln -sf /usr/share/zoneinfo/Australia/Sydney /etc/localtime
}
#安装和自动配置redis
redis_config(){
yum install -y epel-release yum-utils
yum install -y http://rpms.remirepo.net/enterprise/remi-release-7.rpm
yum-config-manager --enable remi
yum install -y redis
chkconfig redis on
sed -i 's/bind 127.0.0.1/bind 0.0.0.0/g' /etc/redis.conf
sed -i 's/# requirepass foobared/requirepass xxxxx/g' /etc/redis.conf
systemctl start redis
}
#jdk
jdk_config(){
yum install -y java-1.8.0-openjdk-devel.x86_64
}
main(){
yum_config &>/dev/mull
iptables_config &>/dev/mull
system_config &>/dev/mull
ulimit_config &>/dev/mull
#lang_config &>/dev/mull
yum_pkg_config &>/dev/mull
#ntp_config &>/dev/mull
redis_config &>/dev/mull
jdk_config &>/dev/mull
echo "初始化完成!"
}
main
mysql8自动安装
#!/bin/bash
yum -y install expect
rpm -Uvh https://dev.mysql.com/get/mysql80-community-release-el7-1.noarch.rpm
yum --enablerepo=mysql80-community install -y mysql-community-server --nogpgcheck
cat >> /etc/my.cnf << EOF
lower_case_table_names=1
default-authentication-plugin=mysql_native_password
max_connections=5000
wait_timeout = 600
interactive_timeout = 600
back_log=128
max_user_connections= 600
max_connect_errors = 2000
character-set-server = utf8mb4
sql_mode=STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION
EOF
mysqld --initialize --lower-case-table-names=1 --user=mysql --console
service mysqld start
pwd=$(grep 'temporary password' /var/log/mysqld.log |grep -P '[^\s]+$' -o)
expect << EOF
set timeout 1
spawn mysql -u root -p
expect "*password:"
send "$pwd\r"
expect 'mysql>*'
send "ALTER USER 'root'@'localhost' IDENTIFIED BY 'xxx';\r"
expect 'mysql>*'
send "flush privileges;\r"
expect 'mysql>*'
send "create USER 'root'@'%' IDENTIFIED BY 'xxx' PASSWORD EXPIRE NEVER;\r"
expect 'mysql>*'
send "GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;\r"
expect 'mysql>*'
send "flush privileges;\r"
expect 'mysql>*'
send "quit\r";
interact
EOF
nginx自动安装
!/bin/bash
rpm -Uvh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
yum install -y nginx
systemctl enable nginx.service
cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bk
> /etc/nginx/nginx.conf
cat /etc/nginx/nginx.conf << EOF
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
worker_rlimit_nofile 65536;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
server_tokens off;
keepalive_timeout 65;
types_hash_max_size 2048;
client_max_body_size 10m;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 32k;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript application/javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png application/vnd.ms-fontobject font/ttf application/json font/opentype font/x-woff image/svg+xml;
gzip_vary on;
gzip_disable "MSIE [1-6]\.";
proxy_headers_hash_max_size 51200;
proxy_headers_hash_bucket_size 6400;
include conf.d/*.conf;
}
EOF
service nginx start