• 系统优化脚本支持Ubuntu和CentOS

    系统优化脚本支持Ubuntu和CentOS

    经常会部署各种用途的操作系统,但在这些工作中,我们会发现很多工作其实是重复性的劳动,操作的内容也是大同小异,基于这类情况,我们可以把相同的操作做成统一执行的脚本,不同的东西作为变量手动输入。节约下来的时间不就可以做更多有意义的事情吗。

    仓库地址:https://github.com/cby-chen/OS

    后续可能会继续更新脚本,当前实现了禁用SELINUX、 关闭firewalld、关闭ufw、修改文件描述符、开始修改YUM源、开始修改APT源、禁用ctrl+alt+del重启、history优化、欢迎界面优化、设置root密码,后续可能会继续增加更多的功能。

    84b8e06481c6cbe19c3bbe9f5fb28b20.png

    可以通过我的一键命令执行 

    bash -c "$(curl -L https://www.oiox.cn/os.sh)"

    shell脚本如下

    
 
    1. #!/bin/bash
    2. os=$(cat /etc/os-release 2>/dev/null | grep ^ID= | awk -F= '{print $2}')
    3.  
    4.  
    5. function selinuxset(){
    6.     selinux_status=$(grep -c "SELINUX=disabled" /etc/sysconfig/selinux)
    7.     echo "========================禁用SELINUX========================"
    8.  if [ "$selinux_status" -eq 0 ];then
    9.     sed  -i "s#SELINUX=enforcing#SELINUX=disabled#g" /etc/sysconfig/selinux
    10.     setenforce 0
    11.     grep SELINUX=disabled /etc/sysconfig/selinux
    12.     getenforce
    13.  else
    14.     echo 'SELINUX已处于关闭状态'
    15.     grep SELINUX=disabled /etc/sysconfig/selinux
    16.     getenforce
    17.  fi
    18.     action "完成禁用SELINUX" /bin/true
    19.     echo "==========================================================="
    20.     sleep 3
    21. }
    22.  
    23.  
    24. function firewalldset(){
    25.     echo "========================关闭firewalld======================="
    26.     echo '关闭防火墙'
    27.     systemctl  disable --now firewalld
    28.     echo '验证如下'
    29.     systemctl list-unit-files | grep firewalld
    30.     echo '生产环境下建议启用'
    31.     echo "==========================================================="
    32.     sleep 3
    33. }
    34.  
    35.  
    36. function ufwset(){
    37.     echo "========================关闭ufw============================"
    38.     echo '关闭防火墙'
    39.     systemctl  disable --now ufw
    40.     echo '验证如下'
    41.     systemctl list-unit-files | grep ufw
    42.     echo '生产环境下建议启用'
    43.     echo "==========================================================="
    44.     sleep 3
    45. }
    46.  
    47.  
    48. function limitsset(){
    49.     echo "======================修改文件描述符========================"
    50.     echo '加大系统文件描述符最大值'
    51.     {
    52.     echo '* soft nofile 65536'
    53.     echo '* hard nofile 65536'
    54.     echo '* soft nproc 65536'
    55.     echo '* hard nproc 65536'
    56.     } >> file
    57.     echo '查看配置内容'
    58.     cat /etc/security/limits.conf
    59.     echo '设置软硬资源限制'
    60.     ulimit -Sn ; ulimit -Hn
    61.     echo "==========================================================="
    62.     sleep 3
    63. }
    64.  
    65.  
    66. function yumset(){
    67.     echo "======================开始修改YUM源========================"
    68.     echo '开始修改YUM源'
    69.     sudo sed -e 's|^mirrorlist=|#mirrorlist=|g' -e 's|^#baseurl=http://mirror.centos.org|baseurl=https://mirrors.tuna.tsinghua.edu.cn|g' -i.bak /etc/yum.repos.d/CentOS-*.repo
    70.     echo '开始安装常规软件'
    71.     yum update -y
    72.     yum install curl git wget ntpdate lsof net-tools telnet vim lrzsz tree nmap nc sysstat epel* -y
    73.     echo "==========================================================="
    74.     sleep 3
    75. }
    76.  
    77.  
    78. function aptset(){
    79.     echo "======================开始修改APT源========================"
    80.     echo '开始修改APT源'
    81.     apt_stat=$(cat /etc/apt/sources.list | grep -v ^\# | awk -F/ '{print $3}' | grep -v ^$  | awk 'NR==1{print}')
    82.     sudo sed -i "s/$apt_stat/mirrors.ustc.edu.cn/g" /etc/apt/sources.list
    83.     echo '开始安装常规软件'
    84.     apt update -y
    85.     apt upgrade -y
    86.     apt install vim htop net-tools lrzsz nmap telnet ntpdate sysstat curl git wget -y
    87.     echo "==========================================================="
    88.     sleep 3
    89. }
    90.  
    91.  
    92. function restartset(){
    93.     echo "===================禁用ctrl+alt+del重启===================="
    94.     rm -rf /usr/lib/systemd/system/ctrl-alt-del.target
    95.     echo "完成禁用ctrl+alt+del重启"
    96.     echo "==========================================================="
    97.     sleep 3
    98. }
    99.  
    100.  
    101. function historyset(){
    102.     echo "========================history优化========================"
    103.     chk_his=$(cat /etc/profile | grep HISTTIMEFORMAT |wc -l)
    104.     if [ $chk_his -eq 0 ];then
    105.     cat >> /etc/profile <<'EOF'
    106. #设置history格式
    107. export HISTTIMEFORMAT="[%Y-%m-%d %H:%M:%S] [`whoami`] [`who am i|awk '{print $NF}'|sed -r 's#[()]##g'`]: "
    108. #记录shell执行的每一条命令
    109. export PROMPT_COMMAND='\
    110. if [ -z "$OLD_PWD" ];then
    111.     export OLD_PWD=$PWD;
    112. fi;
    113. if [ ! -z "$LAST_CMD" ] && [ "$(history 1)" != "$LAST_CMD" ]; then
    114.     logger -t `whoami`_shell_dir "[$OLD_PWD]$(history 1)";
    115. fi;
    116. export LAST_CMD="$(history 1)";
    117. export OLD_PWD=$PWD;'
    118. EOF
    119.     source /etc/profile
    120.     else
    121.     echo "优化项已存在。"
    122.     fi
    123.     echo "完成history优化" 
    124.     echo "==========================================================="
    125.     sleep 3
    126. }
    127.  
    128.  
    129. function helloset(){
    130.     echo "========================欢迎界面优化========================"
    131.     cat << EOF > /etc/profile.d/login-info.sh
    132. #!/bin/sh
    133. #
    134. # @Time    : 2022-04-21
    135. # @Author  : chenby
    136. # @Desc    : ssh login banner
    137. export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
    138. shopt -q login_shell && : || return 0
    139. echo -e "\033[0;32m
    142.  #    #  ######  #       #        ####
    143.  #    #  #       #       #       #    #
    144.  ######  #####   #       #       #    #
    145.  #    #  #       #       #       #    #
    146.  #    #  #       #       #       #    #
    147.  #    #  ######  ######  ######   ####        by chenby\033[0m"
    148. # os
    149. upSeconds="\$(cut -d. -f1 /proc/uptime)"
    150. secs=\$((\${upSeconds}%60))
    151. mins=\$((\${upSeconds}/60%60))
    152. hours=\$((\${upSeconds}/3600%24))
    153. days=\$((\${upSeconds}/86400))
    154. UPTIME_INFO=\$(printf "%d days, %02dh %02dm %02ds" "\$days" "\$hours" "\$mins" "\$secs")
    155. if [ -f /etc/redhat-release ] ; then
    156.     PRETTY_NAME=\$(< /etc/redhat-release)
    157. elif [ -f /etc/debian_version ]; then
    158.    DIST_VER=\$(
    159.    PRETTY_NAME="\$(grep PRETTY_NAME /etc/os-release | sed -e 's/PRETTY_NAME=//g' -e  's/"//g') (\$DIST_VER)"
    160. else
    161.     PRETTY_NAME=\$(cat /etc/*-release | grep "PRETTY_NAME" | sed -e 's/PRETTY_NAME=//g' -e 's/"//g')
    162. fi
    163. if [[ -d "/system/app/" && -d "/system/priv-app" ]]; then
    164.     model="\$(getprop ro.product.brand) \$(getprop ro.product.model)"
    165. elif [[ -f /sys/devices/virtual/dmi/id/product_name ||
    166.         -f /sys/devices/virtual/dmi/id/product_version ]]; then
    167.     model="\$(< /sys/devices/virtual/dmi/id/product_name)"
    168.     model+=" \$(< /sys/devices/virtual/dmi/id/product_version)"
    169. elif [[ -f /sys/firmware/devicetree/base/model ]]; then
    170.     model="\$(< /sys/firmware/devicetree/base/model)"
    171. elif [[ -f /tmp/sysinfo/model ]]; then
    172.     model="\$(< /tmp/sysinfo/model)"
    173. fi
    174. MODEL_INFO=\${model}
    175. KERNEL=\$(uname -srmo)
    176. USER_NUM=\$(who -u | wc -l)
    177. RUNNING=\$(ps ax | wc -l | tr -d " ")
    178. # disk
    179. totaldisk=\$(df -h -x devtmpfs -x tmpfs -x debugfs -x aufs -x overlay --total 2>/dev/null | tail -1)
    180. disktotal=\$(awk '{print \$2}' <<< "\${totaldisk}")
    181. diskused=\$(awk '{print \$3}' <<< "\${totaldisk}")
    182. diskusedper=\$(awk '{print \$5}' <<< "\${totaldisk}")
    183. DISK_INFO="\033[0;33m\${diskused}\033[0m of \033[1;34m\${disktotal}\033[0m disk space used (\033[0;33m\${diskusedper}\033[0m)"
    184. # cpu
    185. cpu=\$(awk -F':' '/^model name/ {print \$2}' /proc/cpuinfo | uniq | sed -e 's/^[ \t]*//')
    186. cpun=\$(grep -c '^processor' /proc/cpuinfo)
    187. cpuc=\$(grep '^cpu cores' /proc/cpuinfo | tail -1 | awk '{print \$4}')
    188. cpup=\$(grep '^physical id' /proc/cpuinfo | wc -l)
    189. CPU_INFO="\${cpu} \${cpup}P \${cpuc}C \${cpun}L"
    190. # get the load averages
    191. read one five fifteen rest < /proc/loadavg
    192. LOADAVG_INFO="\033[0;33m\${one}\033[0m / \${five} / \${fifteen} with \033[1;34m\$(( cpun*cpuc ))\033[0m core(s) at \033[1;34m\$(grep '^cpu MHz' /proc/cpuinfo | tail -1 | awk '{print \$4}')\033 MHz"
    193. # mem
    194. MEM_INFO="\$(cat /proc/meminfo | awk '/MemTotal:/{total=\$2/1024/1024;next} /MemAvailable:/{use=total-\$2/1024/1024; printf("\033[0;33m%.2fGiB\033[0m of \033[1;34m%.2fGiB\033[0m RAM used (\033[0;33m%.2f%%\033[0m)",use,total,(use/total)*100);}')"
    195. # network
    196. # extranet_ip=" and \$(curl -s ip.cip.cc)"
    197. IP_INFO="\$(ip a | grep glo | awk '{print \$2}' | head -1 | cut -f1 -d/)\${extranet_ip:-}"
    198. # Container info
    199. CONTAINER_INFO="\$(sudo /usr/bin/crictl ps -a -o yaml 2> /dev/null | awk '/^  state: /{gsub("CONTAINER_", "", \$NF) ++S[\$NF]}END{for(m in S) printf "%s%s:%s ",substr(m,1,1),tolower(substr(m,2)),S[m]}')Images:\$(sudo /usr/bin/crictl images -q 2> /dev/null | wc -l)"
    200. # info
    201. echo -e "
    202.  Information as of: \033[1;34m\$(date +"%Y-%m-%d %T")\033[0m
    205.  \033[0;1;31mProduct\033[0m............: \${MODEL_INFO}
    206.  \033[0;1;31mOS\033[0m.................: \${PRETTY_NAME}
    207.  \033[0;1;31mKernel\033[0m.............: \${KERNEL}
    208.  \033[0;1;31mCPU\033[0m................: \${CPU_INFO}
    209.  \033[0;1;31mHostname\033[0m...........: \033[1;34m\$(hostname)\033[0m
    210.  \033[0;1;31mIP Addresses\033[0m.......: \033[1;34m\${IP_INFO}\033[0m
    211.  \033[0;1;31mUptime\033[0m.............: \033[0;33m\${UPTIME_INFO}\033[0m
    212.  \033[0;1;31mMemory\033[0m.............: \${MEM_INFO}
    213.  \033[0;1;31mLoad Averages\033[0m......: \${LOADAVG_INFO}
    214.  \033[0;1;31mDisk Usage\033[0m.........: \${DISK_INFO} 
    215.  \033[0;1;31mUsers online\033[0m.......: \033[1;34m\${USER_NUM}\033[0m
    216.  \033[0;1;31mRunning Processes\033[0m..: \033[1;34m\${RUNNING}\033[0m
    217.  \033[0;1;31mContainer Info\033[0m.....: \${CONTAINER_INFO}
    218. "
    219. EOF
    220.     echo "==========================================================="
    221.     sleep 3
    222. }
    223.  
    224.  
    225. function sshset(){
    226.     echo "========================root登录优化========================"
    227.     echo "生产环境不建议开启 设置root密码"
    228.     read -p "输入root密码" rootpw
    229.     echo "root:$rootpw" |chpasswd
    230.     echo 'PermitRootLogin yes' >> /etc/ssh/sshd_config
    231.     systemctl restart sshd
    232.     echo "root密码修改为$rootpw"
    233.     echo "==========================================================="
    234.     sleep 3
    235. }
    236.  
    237.  
    238.  
    239.  
    240. function allin() {
    241.     if [ "$os" = "\"centos\"" ]; then
    242.         selinuxset
    243.         firewalldset
    244.         limitsset
    245.         yumset
    246.         restartset
    247.         historyset
    248.         helloset
    249.     fi
    250.     if [ "$os" = "ubuntu" ]; then
    251.         sshset
    252.         ufwset
    253.         limitsset
    254.         aptset
    255.         restartset
    256.         historyset
    257.         helloset
    258.     fi
    259. }
    260.  
    261.  
    262. function menu() {
    263.     clear
    264.     echo "#####################################################################"
    265.     echo -e "#           ${RED}一键基础优化脚本${PLAIN}                        #"
    266.     echo -e "# ${GREEN}作者${PLAIN}: chenby                                   #"
    267.     echo -e "# ${GREEN}网址${PLAIN}: https://www.oiox.cn                      #"
    268.     echo -e "# ${GREEN}版本${PLAIN}: V1.0                                     #"
    269.     echo -e "# ${GREEN}说明${PLAIN}:                                          #"
    270.     echo -e "#                                                               #"
    271.     echo "####################################################################"
    272.     echo " -------------"
    273.     echo -e "  ${GREEN}1.${PLAIN}  一键优化"
    274.     echo " -------------"
    275.     echo -e "  ${GREEN}2.${PLAIN}  自定义优化"
    276.     echo " -------------"
    277.     echo -e "  ${GREEN}0.${PLAIN}   退出"
    278.     echo " -------------"
    279.  
    280.  
    281.     read -p " 请选择操作[0-2]:" chenby
    282.     case $chenby in
    283.         0)
    284.             exit 0
    285.             ;;
    286.         1)
    287.             allin
    288.             ;;
    289.         2)
    290.             setun
    291.             ;;
    292.         *)
    293.             colorEcho $RED " 请选择正确的操作!"
    294.             exit 1
    295.             ;;
    296.     esac
    297. }
    298.  
    299.  
    300. function setun() {
    301.     echo " -------------"
    302.     echo -e "  ${GREEN}1.${PLAIN}  禁用SELINUX"
    303.     echo " -------------"
    304.     echo -e "  ${GREEN}2.${PLAIN}  关闭firewalld"
    305.     echo " -------------"
    306.     echo -e "  ${GREEN}3.${PLAIN}  关闭ufw"
    307.     echo " -------------"
    308.     echo -e "  ${GREEN}4.${PLAIN}  修改文件描述符"
    309.     echo " -------------"
    310.     echo -e "  ${GREEN}5.${PLAIN}  开始修改YUM源"
    311.     echo " -------------"
    312.     echo -e "  ${GREEN}6.${PLAIN}  开始修改APT源"
    313.     echo " -------------"
    314.     echo -e "  ${GREEN}7.${PLAIN}  禁用ctrl+alt+del重启"
    315.     echo " -------------"
    316.     echo -e "  ${GREEN}8.${PLAIN}  history优化"
    317.     echo " -------------"
    318.     echo -e "  ${GREEN}9.${PLAIN}  欢迎界面优化"
    319.     echo " -------------"
    320.     echo -e "  ${GREEN}10.${PLAIN} 设置root密码"
    321.     echo " -------------"    
    322.     echo -e "  ${GREEN}0.${PLAIN}  退出"
    323.     echo " -------------"
    324.  
    325.  
    326.     read -p " 请选择操作[0-2]:" cby
    327.     case $cby in
    328.         0)
    329.             exit 0
    330.             ;;
    331.         1)
    332.             if [ "$os" = "\"centos\"" ]; then
    333.                 selinuxset
    334.             fi
    335.             if [ "$os" = "ubuntu" ]; then
    336.                 echo 'Ubuntu无需设置'
    337.             fi
    338.             ;;
    339.         2)
    340.             if [ "$os" = "\"centos\"" ]; then
    341.                 firewalldset
    342.             fi
    343.             if [ "$os" = "ubuntu" ]; then
    344.                 echo 'Ubuntu无需设置'
    345.             fi
    346.             ;;
    347.         3)
    348.             if [ "$os" = "\"centos\"" ]; then
    349.                 echo 'CentOS无需设置'
    350.             fi
    351.             if [ "$os" = "ubuntu" ]; then
    352.                 ufwset
    353.             fi
    354.             ;;
    355.         4)
    356.             limitsset
    357.             ;;
    358.         5)
    359.             if [ "$os" = "\"centos\"" ]; then
    360.                 yumset
    361.             fi
    362.             if [ "$os" = "ubuntu" ]; then
    363.                 echo 'Ubuntu无需设置'
    364.             fi
    365.             ;;
    366.         6)
    367.             if [ "$os" = "\"centos\"" ]; then
    368.                 echo 'CentOS无需设置'
    369.             fi
    370.             if [ "$os" = "ubuntu" ]; then
    371.                 aptset
    372.             fi
    373.             ;;
    374.         7)
    375.             restartset
    376.             ;;
    377.         8)
    378.             historyset
    379.             ;;
    380.         9)
    381.             helloset
    382.             ;;
    383.         10)
    384.             if [ "$os" = "\"centos\"" ]; then
    385.                 echo 'CentOS无需设置'
    386.             fi
    387.             if [ "$os" = "ubuntu" ]; then
    388.                 sshset
    389.             fi
    390.             ;;
    391.         *)
    392.             colorEcho $RED " 请选择正确的操作!"
    393.             exit 1
    394.             ;;
    395.     esac
    396. }
    397.  
    398.  
    399.  
    400.  
    401. if [ $(id -u) -eq 0 ];then
    402.     menu
    403. else
    404.     echo "非root用户!请使用root用户!!!"
    405.     exit 1
    406. fi
    
 
    技术交流
    
 
    可以在群里提出建议,相互交流学习
    
 f6372b61bb73d7e45e552f74d8fc6999.png
 
    
  
    
 
    
 
    
  
    关于
    
  
    https://www.oiox.cn/
    
  
    https://www.oiox.cn/index.php/start-page.html
    
  
    CSDN、GitHub、知乎、开源中国、思否、掘金、简书、华为云、阿里云、腾讯云、哔哩哔哩、今日头条、新浪微博、个人博客
    
  
    全网可搜《小陈运维》
    
  
    文章主要发布于微信公众号
    
 
    

    
                
    
                    
    
                
    • 

                
  • 

                    相关阅读:
    
                    
MySQL事务和锁                            
    
Centos7部署django项目                            
    
(七)笔记.net core学习之反射、加载dll、读取moudle、类、方法、特性                            
    
【iOS-界面传值方式的比较】                            
    
普及篇|云备份和云容灾,你用对了吗?                            
    
Java_网络多线程                            
    
剩余类环上可逆矩阵的计数                            
    
hyperf框架接入pgsql扩展包                            
    
JAVA 设计模式 单利 懒汉式进阶版                            
    
GitHub标星65k,阿里面试核心技术手册,我不允许还有人没看过!                            
    
                        
                
    • 
                
  • 
                    原文地址:https://blog.csdn.net/qq_33921750/article/details/126377300
                
    •