Linux刚刚完成安装之后的初始化脚本

centos 7,linux 初始化脚本

#!/bin/bash
#Date 2019-09-02
#Author: Created by zgb
#Mail: 2537866416@qq.com
#Function: This scripts function is linux's Initialization
#Version: 1.0

backup=/opt/back/
/usr/bin/mkdir $backup
echo "回收站/opt/back已经创建"

#检测版本
plt=`cat /etc/redhat-release |awk -F[" "] '{print $4}'|cut -c 1`
if [ ! $plt -eq 7 ];then
   echo "此脚本仅适用于Centos7"
   exit 
else
  echo "这是centos7 版本"
fi
echo "----------CentOS 7 64位系统，开始优化----------"

#禁用selinux

sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
setenforce 0

echo "已经禁用selinux"

##关闭防火墙
#查看防火墙   ====>>   iptables -L -nv
/usr/bin/systemctl disable firewalld   #将防火墙的开机启动关闭  ====》开启防火墙 usr/bin/systemctl enable firewalld
/usr/bin/systemctl stop firewalld

echo "已经关闭防火墙"


##更新yum源
echo "正在更新yum源"
/usr/bin/yum -y install wget vim
/usr/bin/mv /etc/yum.repos.d/* /opt/back/
/usr/bin/wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

echo "yum 源更新完成"

###local本地源
#/usr/bin/mount /dev/cdrom /mnt    #将cdrom挂载到mnt目录下
#/usr/bin/echo /dev/sr0 /mnt iso9660 defaults 0 0 >>/etc/fstab

#cat >>/etc/yum.repos.d/local.repo<<EOF   #往yum.repos.d插入文本内容
#[local]
#name=local
#baseurl=file:///mnt
#enabled=1
#gpgcheck=0
#EOF

#设置最大打开文件描述符数  #可以增加人数(同时打开同一文件)
echo "ulimit -SHn 102400" >> /etc/rc.local
#往limits.conf插入内容   
cat >> /etc/security/limits.conf << EOF   
*           soft   nofile       655350         
*           hard   nofile       655350
EOF

echo "成功增加最大文件打开数"

#内核参数优化
cat >> /etc/sysctl.conf <<EOF
vm.overcommit_memory = 1
net.ipv4.ip_local_port_range = 1024  65536
net.ipv4.tcp_fin_timeout = 1
net.ipv4.tcp_keepative_time = 1200
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_abort_on_overflow = 0
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.netdev_max_backlog = 262144
net.core.somaxconn = 262144
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_max_syn_backlog = 262144
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.ipv4.netfilter.ip_conntrack_max = 2097152
net.nf_conntrack_max = 655360
net.netfilter.nf_conntrack_tcp_timeout_established = 1200
EOF
/sbin/sysctl -p

echo "已经完成内核优化"

#配置 ssh 
echo "正在禁止dns反向解析客户端"
sed -i 's/#UseDNS yes/UseDNS no/'  /etc/ssh/sshd_config  #禁止DNS方向解析客户端
systemctl restart sshd.service

echo "完成禁止dns反向解析客户端"


#时间同步
echo "正在进行时间同步"
yum -y install ntpdate
echo "*/20 * * * * /sbin/ntpdate pool.ntp.org>/dev/null 2>&1" >>/var/spool/cron/root

echo "已经把时间同步加入定时任务"

#修改字符集
echo "正在修改字符集"
sed -i 's/LANG="en_US.UTF-8"/LANG="zh_CN.UTF-8"/' /etc/locale.conf
echo "已经修改字符集"