bash脚本配置服务器基础及LNMP---运维自动化之路

最新推荐文章于 2024-10-09 17:01:26 发布

weixin_34250434

最新推荐文章于 2024-10-09 17:01:26 发布

阅读量169

点赞数

文章标签：运维 php c/c++

原文链接：http://blog.51cto.com/kevinzhang91/2146848

版权

前提：经常会做一些小网站给分公司
所以总是新购阿里云服务器
然后把，每台都给安装一样的东西
很费时间，又麻烦
一看自己写个自动安装脚本，基于centos7

大家不要拿来直接用，自己看看，有一些需要改的地方
比如目录，版本，软件是不是需要

下面直接贴脚本了

安装脚本初始页面，每次执行后，选1234就行
install.sh

#!/bin/bash

echo "
1.  yum update 
2.  iptables
3.  history
5.  clamd
6.  mailx
7.  
11. nginx
22. mysql
33. php-fpm
55. mkdir touch echo
66.
88. yunsuo
99. exit
"
read num

if [ $num == 1 ]
then
        bash yumupdate.sh
elif [ $num == 2 ]
then
        bash iptables.sh
elif [ $num == 3 ]
then
        bash history.sh
elif [ $num == 5 ]
then
        bash clamd.sh
elif [ $num == 6 ]
then
        bash mailx.sh
elif [ $num == 11 ]
then
        bash nginx.sh
elif [ $num == 22 ]
then
        bash mysql.sh
elif [ $num == 33 ]
then
        bash php.sh
elif [ $num == 55 ]
then
        bash mkdir.sh
elif [ $num == 88 ]
then
        bash yunsuo.sh          
elif [ $num == 99 ]
then
        exit1
else
        echo "error:no find num!!!"
fi

bash install.sh

字面意思，yum升级
yumupdate.sh

#!/bin/bash

function check {
if [ $? != 0 ]
then
echo "error!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
exit 1
fi
}

echo "=============install epel================="
yum install epel-release -y
check
echo ""

echo "===============update====================="
yum update
check
echo ""

echo "================ruanjian=================="
yum install -y lrzsz 
check
echo ""

echo "wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww"

配置iptables防火墙
iptables.sh

#!/bin/bash

function check {
if [ $? != 0 ]
then
echo "error!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
exit 1
fi
}

echo "==============stop firewalld================"
systemctl stop firewalld.service
check
echo ""

systemctl disable firewalld.service
check
echo ""

echo "==============install iptables================"
yum install iptables-services -y
check
echo ""

echo "==============back iptables config================"
cp /etc/sysconfig/iptables /etc/sysconfig/iptables.default
check
echo ""

echo "==============vi iptables config================"
cat>/etc/sysconfig/iptables<<EOF
*filter
:INPUT DROP [0:0]
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5555 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT

EOF
echo ""

echo "==============start iptables================"
systemctl restart iptables.service
check
echo ""

systemctl enable iptables.service
check
echo ""

systemctl status iptables.service
check
echo ""

echo "wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww"

安装杀毒软件
clamd.sh

#!/bin/bash

function check {
if [ $? != 0 ]
then
echo "error!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
exit 1
fi
}

echo "==============install clamav================"
yum install -y clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd
check
echo ""

echo "==============bak config================"
cp /etc/freshclam.conf /etc/freshclam.conf.default
cp /etc/clamd.d/scan.conf /etc/clamd.d/scan.conf.default
check
echo ""

echo "==============#Example==================="
sed -i -e 's/^Example/#Example/' /etc/freshclam.conf
check
echo ""

sed -i -e 's/^Example/#Example/' /etc/clamd.d/scan.conf
check
echo ""

echo "==============vi conf================="
sed -i 's|#LogFile /var/log/clamd.scan|LogFile /opt/clamav/clamd.log|' /etc/clamd.d/scan.conf
check
echo ""

sed -i 's|#PidFile /var/run/clamd.scan/clamd.pid|PidFile /opt/clamav/clamd.pid|' /etc/clamd.d/scan.conf
check
echo ""

sed -i 's|#LocalSocket /var/run/clamd.scan/clamd.sock|LocalSocket /opt/clamav/clamd.sock|' /etc/clamd.d/scan.conf
check
echo ""

sed -i 's|LogSyslog yes|LogSyslog no|' /etc/clamd.d/scan.conf
check
echo ""

sed -i 's|#ScanArchive yes|ScanArchive no|' /etc/clamd.d/scan.conf
check
echo ""

sed -i 's|User clamscan|#User clamscan|' /etc/clamd.d/scan.conf
check
echo ""

sed -i 's|#UpdateLogFile /var/log/freshclam.log|UpdateLogFile /opt/clamav/freshclam.log|' /etc/freshclam.conf
check
echo ""

sed -i 's|LogSyslog yes|LogSyslog no|' /etc/freshclam.conf
check
echo ""

sed -i 's|#PidFile /var/run/freshclam.pid|PidFile /opt/clamav/freshclam.pid|' /etc/freshclam.conf
check
echo ""

sed -i 's|#Checks 24|Checks 4|' /etc/freshclam.conf
check
echo ""

echo "==============mkdir /opt/clamav================="
mkdir /opt/clamav
chmod 700 /opt/clamav
touch /opt/clamav/bingdu.log
touch /opt/clamav/freshclam.log
chmod 777 /opt/clamav/freshclam.log
check
echo ""

echo "==============enable clamd================="
systemctl enable clamd@scan
check
echo ""

echo "==============start clamd================="
systemctl restart clamd@scan
systemctl status clamd@scan
check
echo ""

echo "==============freshclam==================="
freshclam
check
echo ""

echo "wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww"

安装nginx,其他版本直接改变量var
nginx.sh

#!/bin/bash

function check {
if [ $? != 0 ]
then
echo "error!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
exit 1
fi
}

var = 1.12.2

echo "==============download================"
if  [ -e  nginx-$var.tar.gz ]
then
        echo "wget youle"
else
        wget http://nginx.org/download/nginx-$var.tar.gz
fi

echo "==============tar================"
if  [ -d  nginx-$var ]
then
        echo "dir youle"
else
        tar -zxvf nginx-$var.tar.gz
fi

echo "==============cd================"
cd nginx-$var
check
echo ""

echo "==============groupadd================"
if  grep tab /etc/shadow
then
        echo "group yijing you le"
else
        groupadd tab
fi

echo "==============useradd================"
if  grep nginx /etc/passwd
then
        echo "user yijing you le"
else
        useradd nginx -g tab -s /sbin/nologin -M
fi

if  grep tab /etc/passwd
then
        echo "user yijing you le"
else
        useradd -m tab -d /opt/www/ -s /bin/bash -g tab
        passwd tab
fi

echo "==============yum================"
yum -y install zlib pcre pcre-devel openssl openssl-devel gcc-c++
check
echo ""

echo "==============configure================"
./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_auth_request_module --with-http_random_index_module --with-http_secure_link_module --with-http_degradation_module --with-http_slice_module --with-http_stub_status_module --with-mail --with-mail_ssl_module --with-stream --with-stream_ssl_module --with-stream_realip_module --with-stream_ssl_preread_module --with-threads --user=nginx --group=tab
check
echo ""

echo "==============make -j 2================"
make -j 2
check
echo ""

echo "==============make install================"
make install
check
echo ""

echo "==============nginx -t================"
/usr/local/nginx/sbin/nginx -t
check
echo ""

echo "==============ln -s================"
if [ -e /usr/local/bin/nginx ]
        then
        rm -rf /usr/local/bin/nginx
fi

ln -s /usr/local/nginx/sbin/nginx /usr/local/bin/nginx
check
echo ""

echo "==============touch nginx.service================"
if [ -e /etc/systemd/system/nginx.service ]
        then
        rm -rf /etc/systemd/system/nginx.service
fi
touch /etc/systemd/system/nginx.service
check
echo ""

echo "==============vi nginx.service================"
echo "
[Unit]
Description=The nginx HTTP and reverse proxy server
After=syslog.target network.target remote-fs.target nss-lookup.target

[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
ExecStartPre=/usr/local/nginx/sbin/nginx -t
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/bin/kill -s HUP /usr/local/nginx/logs/nginx.pid
ExecStop=/bin/kill -s QUIT /usr/local/nginx/logs/nginx.pid
PrivateTmp=true

[Install]
WantedBy=multi-user.target" > /etc/systemd/system/nginx.service
check
echo ""

echo "==============start================"
systemctl enable nginx
check
echo ""
systemctl start nginx
check
echo ""
systemctl status nginx
check
echo ""

echo "==============nginx -V================"
/usr/local/nginx/sbin/nginx -v
check
echo ""

echo "wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww"

安装数据库
mysql.sh

#!/bin/bash

function check {
if [ $? != 0 ]
then
echo "error!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
exit 1
fi
}

var=5.7.22

echo "\\\\\\\\\\\\\\\\\\\boost\\\\\\\\\\\\\\\\\\\\\\\\\"
check
echo ""

echo "==============download================"
if  [ -e  boost_1_59_0.tar.gz ]
then
        echo "wget youle"
else
        wget https://newcontinuum.dl.sourceforge.net/project/boost/boost/1.59.0/boost_1_59_0.tar.gz
fi

echo "==============tar================"
if  [ -d  boost_1_59_0 ]
then
        echo "dir youle"
else
        tar -zxvf boost_1_59_0.tar.gz
fi

echo "==============mv================"
if [-d  /usr/local/boost ]
then
        echo "mv youle"
else
        mv boost_1_59_0 /usr/local/boost
fi

echo "\\\\\\\\\\\\\\\\\\\mysql\\\\\\\\\\\\\\\\\\\\\\\\\"

echo "==============yum================"
yum install -y gcc gcc-c++ ncurses ncurses-devel bison libgcrypt perl cmake
check
echo ""

echo "==============download================"
if  [ -e  mysql-$var.tar.gz ]
then
        echo "wget youle"
else
        wget  https://cdn.mysql.com//Downloads/MySQL-5.7/mysql-$var.tar.gz
fi

echo "==============tar================"
if  [ -d  mysql-$var ]
then
        echo "dir youle"
else
        tar -zxvf mysql-$var.tar.gz
fi

echo "==============cd================"
cd mysql-$var
check
echo ""

echo "==============groupadd================"
if  grep mysql /etc/shadow
then
        echo "group yijing you le"
else
        groupadd mysql
fi

echo "==============useradd================"
if  grep mysql /etc/passwd
then
        echo "user yijing you le"
else
        useradd -g mysql -s /sbin/nologin -M mysql
fi

echo "==============mkdir================"
if  [ -d /opt/logs ]
then
        chmod 755 /opt/logs
else
        mkdir /opt/logs
        chmod 755 /opt/logs
fi

if  [ -d /opt/logs/mysql ]
then
        echo "111"
else
        mkdir -p /opt/logs/mysql
fi

if  [ -d /usr/local/mysql/data ]
then
        echo "111"
else
        mkdir /usr/local/mysql/data
fi

if  [ -d /usr/local/mysql/logs ]
then
        echo "111"
else
        mkdir /usr/local/mysql/logs
fi

if  [ -d /usr/local/mysql/logs ]
then
        echo "111"
else
        mkdir /usr/local/mysql/logs
fi

if  [ -d /usr/local/mysql/pids ]
then
        echo "111"
else
        mkdir /usr/local/mysql/pids
fi

echo "==============configure================"
cmake . -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DMYSQL_DATADIR=/usr/local/mysql/data -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci -DMYSQL_TCP_PORT=3306 -DMYSQL_USER=mysql -DWITH_MYISAM_STORAGE_ENGINE=1 -DWITH_INNOBASE_STORAGE_ENGINE=1 -DWITH_ARCHIVE_STORAGE_ENGINE=1 -DWITH_BLACKHOLE_STORAGE_ENGINE=1 -DWITH_MEMORY_STORAGE_ENGINE=1 -DENABLE_DOWNLOADS=1 -DDOWNLOAD_BOOST=1 -DWITH_BOOST=/usr/local/boost
check
echo ""

echo "==============make -j 2================"
make -j 2
check
echo ""

echo "==============make install================"
make install
check
echo ""

echo "==============back conf================"
cp /etc/my.cnf /etc/my.cnf.default
check
echo ""
cp /etc/profile /etc/profile.mysqldefault
check
echo ""

echo "==============vi conf================"
echo "
[client]

port = 3306
socket=/usr/local/mysql/mysql.sock

[mysqld]

user=mysql
port = 3306

basedir = /usr/local/mysql
datadir=/usr/local/mysql/data
socket=/usr/local/mysql/mysql.sock
pid-file=/usr/local/mysql/pids/mysqld.pid

server-id=1
log-bin=/opt/logs/mysql/mysql-bin

log-error=/opt/logs/mysql/mysqlerror.log

slow_query_log=On
slow_query_log_file=/opt/logs/mysql/mysqlslow.log
long_query_time=1

explicit_defaults_for_timestamp=true

sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES

symbolic-links=0

[mysqld_safe]

log-error=/opt/logs/mysql/mysqlerror.log
pid-file=/usr/local/mysql/pids/mysqld.pid

[mysqldump]

user=root
password=''"  >  /etc/my.cnf

check
echo ""

echo "==============chmod================"
chown -R  mysql:mysql /usr/local/mysql
check
echo ""
chown mysql:mysql -R /opt/logs/mysql
check
echo ""
chmod 700 /opt/logs/mysql
check
echo ""

echo "==============initialize================"
/usr/local/mysql/bin/mysqld  --initialize --user=mysql --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data
check
echo ""

echo "==============mysql_ssl_rsa_setup================"
/usr/local/mysql/bin/mysql_ssl_rsa_setup --datadir=/usr/local/mysql/data
check
echo ""

if [ -f /etc/systemd/system/mysql.service ]
        then
        rm -rf /etc/systemd/system/mysql.service
fi

echo "==============touch service================"
if [ -e  /etc/systemd/system/mysql.service ]
then
        rm -rf /etc/systemd/system/mysql.service

fi

touch /etc/systemd/system/mysql.service
check
echo ""

echo "==============vi service================"
echo "
[Unit]
Description=MySQL Server
Documentation=man:mysqld(8)
Documentation=http://dev.mysql.com/doc/refman/en/using-systemd.html
After=network.target
After=syslog.target

[Install]
WantedBy=multi-user.target

[Service]
User=mysql
Group=mysql
ExecStart=/usr/local/mysql/bin/mysqld --defaults-file=/etc/my.cnf
LimitNOFILE = 5000
#Restart=on-failure
#RestartPreventExitStatus=1
#PrivateTmp=false"  >  /etc/systemd/system/mysql.service
check
echo ""

echo "==============systemctl enable mysql================"
systemctl enable mysql
check
echo ""

echo "==============ln -s================"
if [ -e /usr/bin/mysqladmin ]
then
        echo "111"
else
        ln -s /usr/local/mysql/bin/* /usr/bin
        check
        echo ""
fi

echo "==============profile================"
if grep /usr/local/mysql/bin  /etc/profile
then
        echo "111"
else
        echo "
        PATH=$PATH:/usr/local/mysql/bin
        export PATH"  >>  /etc/profile
fi

echo "==============source================"
source /etc/profile

chown -R  mysql:mysql /usr/local/mysql
check
echo ""

echo "==============restart================"
systemctl restart mysql
check
echo ""

echo "==============cat password================"
grep password  /opt/logs/mysql/mysqlerror.log
check
echo ""

echo "==============mysql_secure_installation==============="
/usr/local/mysql/bin/mysql_secure_installation
check
echo ""

echo "==============restart================"
systemctl restart mysql
check
echo ""
systemctl status mysql
check
echo ""

echo "wwwwwwwwwwwwwwwwwwwwwwwwwwwwww-----my.cnf tianshang  mima-----wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww"

安装PHP
php.sh

#!/bin/bash

function check {
if [ $? != 0 ]
then
echo "error!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
exit 1
fi
}

var=5.6.35

echo "==============groupadd================"
if  grep tab /etc/shadow
then
        echo "tab yijing you le"
else
        groupadd tab
fi

echo "==============useradd================"
if  grep apache /etc/passwd
then
        echo "tab yijing you le"
else
        useradd -M apache -g tab -s /sbin/nologin
fi

echo "==============wget================"
if  [ -e  php-$var.tar.gz ]
then
        echo "wget youle"
else
        wget http://cn.php.net/distributions/php-$var.tar.gz
fi

echo "==============tar================"
if  [ -d  php-$var ]
then
        echo "dir youle"
else
        tar -zxvf php-$var.tar.gz 
fi

echo "==============cd================"
cd php-$var
check
echo ""

echo "==============yum================"
yum  install -y net-snmp-devel libicu-devel wget pcre pcre-devel gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel libidn libidn-devel openssl openssl-devel openldap openldap-devel nss_ldap openldap-clients openldap-servers make jemalloc-devel cmake  openssl* lrzsz bison unzip automake libevent libevent-devel gd php-gd php-common libtool* libmcrypt libmcrypt-devel php-mcrypt mcrypt mhash libxslt libxslt-devel readline readline-devel gmp gmp-devel libcurl libcurl-devel openjpeg-devel gd-devel
check
echo ""

echo "==============configure================"
./configure --prefix=/usr/local/php \
--with-config-file-path=/usr/local/php/etc \
--enable-fpm \
--with-fpm-user=apache \
--with-fpm-group=tab \
--with-mysql=mysqlnd \
--with-mysqli=mysqlnd \
--with-pdo-mysql=mysqlnd  \
--with-iconv  \
--with-libdir=lib64 \
--with-pcre-regex \
--with-zlib \
--with-bz2 \
--enable-calendar \
--with-curl \
--enable-dba \
--with-libxml-dir \
--enable-ftp \
--disable-rpath \
--with-gd \
--enable-gd-jis-conv \
--enable-gd-native-ttf \
--with-jpeg-dir \
--with-png-dir \
--with-zlib-dir \
--with-freetype-dir \
--with-mhash \
--enable-mbstring \
--with-mcrypt \
--enable-pcntl \
--enable-xml \
--disable-rpath \
--enable-shmop \
--enable-sockets \
--enable-zip \
--enable-cli \
--enable-pdo \
--enable-bcmath \
--with-snmp \
--disable-ipv6 \
--enable-mbregex \
--enable-soap \
--with-gettext
check
echo ""

echo "==============make -j 2================"
make -j 2
check
echo ""

echo "==============make install================"
make install
check
echo ""

echo "==============cp conf================"
touch /usr/local/php/var/run/php-fpm.pid
check
echo ""
cp php.ini-development /usr/local/php/etc/php.ini
check
echo ""
cp /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf
check
echo ""
chown apache:tab -R /usr/local/php
check
echo ""
chmod 740 -R /usr/local/php
check
echo ""

echo "==============php-fpm.service================"
if [ -e  /etc/systemd/system/php-fpm.service ]
then
        rm -rf /etc/systemd/system/php-fpm.service
fi

touch /etc/systemd/system/php-fpm.service
check
echo ""

echo "
[Unit]
Description=The PHP FastCGI Process Manager
After=syslog.target network.target

[Service]
Type=simple
PIDFile=/usr/local/php/var/run/php-fpm.pid
ExecStart=/usr/local/php/sbin/php-fpm --nodaemonize --fpm-config /usr/local/php/etc/php-fpm.conf
ExecReload=/bin/kill -USR2 $MAINPID

[Install]
WantedBy=multi-user.target"  >  /etc/systemd/system/php-fpm.service
check
echo ""

echo "==============start================"
systemctl enable php-fpm.service
check
echo ""
systemctl restart php-fpm.service
check
echo ""
systemctl status php-fpm.service
check
echo ""

echo "==============www================"
if [ -d /opt/www ]
then
        echo "/opt/www youle"
else
        mkdir /opt/www
fi

chown tab:tab /opt/www
check
echo ""

chmod 750 /opt/www
check
echo ""

echo "wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww"

安装云锁
yunsuo.sh

#!/bin/bash

function check {
if [ $? != 0 ]
then
echo "error!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
exit 1
fi
}

echo "==============download yunsuo================"
wget http://download.yunsuo.com.cn/v3/yunsuo_agent_64bit.tar.gz
check
echo ""

echo "==============tar==================="
tar xvzf yunsuo_agent_64bit.tar.gz
check
echo ""

echo "==============+x==================="
chmod +x yunsuo_install/install
check
echo ""

echo "==============install================="
yunsuo_install/install
check
echo ""

echo "wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww"

OK，到这里就结束了，目前服务器就需要这些东西
大家如果有什么需要也可以留言给我！ TAB

转载于:https://blog.51cto.com/kevinzhang91/2146848