#!/bin/bash
# Install epel extend
yum install -y epel-release
yum clean all
yum -y update
# packages
yum install -y gcc gcc-c++ vim vim-enhanced nethogs telnet sysstat iftop htop lsof rsync expect mlocate bc sysstat ntpdate git ntpdate bc bzip2 curl curl-devel openssl openssl-devel readline-devel pcre-devel zip unzip
# Close SELINUX
setenforce 0
sed -i 's/^SELINUX=.*$/SELINUX=disabled/' /etc/selinux/config
# systemd targets
systemctl set-default multi-user.target
# set history
[ -z "`cat ~/.bashrc | grep history-timestamp`" ] && echo "export PROMPT_COMMAND='{ msg=\$(history 1 | { read x y; echo \$y; });user=\$(whoami); echo \$(date \"+%Y-%m-%d %H:%M:%S\"):\$user:\`pwd\`/:\$msg ---- \$(who am i); } >> /tmp/\`hostname\`.\`whoami\`.history-timestamp'" >> ~/.bashrc
# restart sshd
sed -i '/UseDNS/s/#UseDNS.*/UseDNS no/' /etc/ssh/sshd_config
systemctl restart sshd
# /etc/security/limits.conf
[ -e /etc/security/limits.d/*nproc.conf ] && rename nproc.conf nproc.conf_bk /etc/security/limits.d/*nproc.conf
sed -i '/^# End of file/,$d' /etc/security/limits.conf
cat >> /etc/security/limits.conf <<EOF
# End of file
* soft nproc 65535
* hard nproc 65535
* soft nofile 65535
* hard nofile 65535
EOF
# Set timezone and ntp
yum install -y chrony
systemctl enable chronyd
systemctl start chronyd
timedatectl set-timezone Asia/Shanghai
timedatectl set-ntp true
# /etc/sysctl.conf
[ -z "`cat /etc/sysctl.conf | grep 'net.ipv4.tcp_max_tw_buckets'`" ] && cat >> /etc/sysctl.conf << EOF
fs.file-max=999999
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_keepalive_time = 600
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_max_tw_buckets = 8192
net.core.netdev_max_backlog = 8096
net.ipv4.ip_local_port_range = 1024 61000
net.core.rmem_default = 262144
net.core.wmem_default = 262144
net.core.rmem_max = 2097152
net.core.wmem_max = 2097152
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_syn_backlog = 1024
EOF
sysctl -p
最后手动reboot OS