注意EOF不能有空格tab键

#get os version

release=$(rpm -q --qf "%{VERSION}" $(rpm -q --whatprovides redhat-release))

#

#configure yum base source  and epel source

cd /etc/yum.repos.d/

test -d /etc/yum.repos.d/bak || mkdir /etc/yum.repos.d/bak

mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak

if [ $release == 6 ];then

        curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo

        wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo

fi

if [ $release == 7 ];then

        curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

        wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

fi

yum clean all

yum makecache

#install base rpm package

yum -y install nc git vim iftop iotop dstat tcpdump

yum -y install ipmitool bind-libs bind-utils

yum -y install libselinux-python ntpdate

yum -y tree nmap sysstat lrzsz dos2unix unix2dos

#update rpm package and kernel

#yum update

#rm -rf /etc/yum.repos.d/CentOS*

#vim优化

cat >>/etc/vimrc<<EOF

set ic

set ai

EOF

#alias

cat >>/etc/bashrc<<EOF

alias grep='grep --color=auto'

alias ll='ls -l --time-style=long-iso'

alias iptable='iptables -L -n --line-number'

EOF

#update ulimit configure

if [ $release == 6 ];then

	test -f /etc/security/limits.d/90-nproc.conf && rm -rf /etc/security/limits.d/90-nproc.conf && touch  /etc/security/limits.d/90-nproc.conf

fi

if [ $release == 7 ];then

	test -f /etc/security/limits.d/20-nproc.conf && rm -rf /etc/security/limits.d/20-nproc.conf && touch  /etc/security/limits.d/20-nproc.conf

fi

>/etc/security/limits.conf

cat >> /etc/security/limits.conf <<EOF

*	soft	nproc 	65535

*	hard	nproc	65535

*	soft 	nofile 	65535

*	hard 	nofile 	65535

EOF

#set timezone

test -f /etc/localtime && rm -rf /etc/localtime

ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime 

#set LANG

if [ $release == 6 ];then

	sed -i 's@LANG=.*$@LANG="en_US.UTF-8"@g' /etc/sysconfig/i18n

fi

if [ $release == 7 ];then

	sed -i 's@LANG=.*$@LANG="en_US.UTF-8"@g' /etc/locale.conf

fi

#uptime time

if [ $release == 6 ];then

	/usr/sbin/ntpdate -b ntp1.aliyun.com

	grep -q ntpdate /var/spool/cron/root

	if [ $? -ne 0 ];then

		echo "*	* * * * /usr/sbin/ntpdate ntp1.aliyun.com &>/dev/null" >>/var/spool/cron/root

		chmod 600 /var/spool/cron/root

	fi

	/etc/init.d/crond restart

fi

if [ $release == 7 ];then

yum -y install chrony

>/etc/chrony.conf

cat >>/etc/chrony.conf <<EOF

server ntp1.aliyun.com iburst

server ntp2.aliyun.com iburst

stratumweight 0

driftfile /var/lib/chrony/drift

rtcsync

makestep 10 3

bindcmdaddress 127.0.0.1

bindcmdaddress ::1

keyfile /etc/chrony.keys

generatecommandkey

noclientlog

logchange 0.5

logdir /var/log/chrony

EOF

systemctl restart chronyd

systemctl enable chronyd

fi 

#clean iptables default rules

if [ $release == 6 ];then

	/sbin/iptables -F

	/etc/inti.d/iptables save

	chkconfig ip6tables off

fi

if [ $release == 7 ];then

	systemctl disable firewalld

	systemctl stop firewalld

fi 

#disable unused service

chkconfig auditd off 

#disable ipv6

cd /etc/modprobe.d/ && touch ipv6.conf

>/etc/modprobe.d/ipv6.conf

cat >>/etc/modprobe.d/ipv6.conf<<EOF

alias net-pf-10 off

alias ipv6 off

EOF

#disable selinux

setenforce 0

sed -i 's/^SELINUX=.*$/SELINUX=disabled/' /etc/selinux/config 

#update record command

sed -i 's/^HISTSIZE=.*$/HISTSIZE=100000/' /etc/profile

grep -q 'HISTTIMEFORMAT' /etc/profile

if [ $? -eq 0 ];then

	sed -i 's/HISTTIMEFORMAT=.*$/HISTTIMEFORMAT="%F %T "/' /etc/profile

else

	echo 'HISTTIMEFORMAT="%F %T "' >> /etc/profile

fi

source /etc/profile

#set dns

>/etc/resolv.conf

cat >> /etc/resolv.conf <<EOF

nameserver 114.114.114.114

EOF

#ssh优化

sed -i 's/#UseDNS yes/UseDNS no/g' /etc/ssh/sshd_config

sed -i 's/GSSAPIAuthentication yes/GSSAPIAuthentication no/g' /etc/ssh/sshd_config

#内核优化

sed -i 's/net.ipv4.tcp_syncookies.*/net.ipv4.tcp_syncookies = 1/g' /etc/sysctl.conf

cat >>/etc/sysctl.conf <<EOF

kernel.core_uses_pid=1

kernel.core_pattern=/tmp/core-%e-%p

fs.suid_dumpable=2

net.ipv4.tcp_tw_reuse=1

net.ipv4.tcp_tw_recycle=0

net.ipv4.tcp_timestamps=1

EOF

sysctl -p

CentOS系统初始化---不断更新中的更多相关文章

  1. centos 系统初始化

    centos 系统初始化 #!/bin/bash # author cfwl create date of 2012-10-21 # blog http://cfwlxf.blog.51cto.com ...

  2. centos系统初始化流程及实现系统裁剪

    Linux系统的初始化流程: POST:ROM+RAM BIOS: Boot Sequence MBR: 446:bootloader 64: 分区表 2: 5A kernel文件:基本磁盘分区 /s ...

  3. CentOS 7 使用经验(更新中)

    首先说一下写这篇博客的初衷. 由于公司这一期的产品准备支持的环境有CentOS 7.MySql 5.6.Java 8.Tomcat 8等等,并且因为人员严重不足,我本月的开发任务在原有的基础上又加上了 ...

  4. centos系统初始化配置

    .改主机名: sed -i 's#HOSTNAME=.*#HOSTNAME=u05mix06.yaya.corp#g' /etc/sysconfig/network && hostna ...

  5. centos系统初始化脚本

    #!/bin/bash #检测是否为root用户 ];then echo "Must be root can do this." exit fi #检测网络 echo " ...

  6. centos系统python2.7更新到3.5

    1. 下载Python-3.5.2 wget https://www.python.org/ftp/python/3.5.2/Python-3.5.2.tgz 2.安装 (报错no acceptabl ...

  7. 安装Linux Centos系统硬盘分区方法

    一.硬盘回顾 无论是安装Windows还是Linux操作系统,硬盘分区都是整个系统安装过程中最为棘手的环节.硬盘一般分为IDE硬盘.SCSI硬盘和SATA硬盘三种,在Linux系统中,IDE接口的硬盘 ...

  8. Rookey.Frame之系统初始化

    昨天介绍了数据库的配置,今天继续介绍系统的初始化功能:针对系统初始化在开发中也是很重要的一部分,它可以提前将相关数据提前自动初始化到系统中,同时也可以为上线测试提供方便,可以很方便进行系统测试演练,防 ...

  9. bash-1 初始化CentOS系统的初始化脚本

    初始化CentOS系统的初始化脚本 #!/bin/bash # #******************************************************************* ...

随机推荐

  1. AES和RSA混合加密技术在网络数据传输中的应用

    原文:http://www.fx361.com/page/2017/0110/519967.shtml          摘要:文章通过分析和比较AES加密算法和RsA加密算法的实现过程和各自的特点, ...

  2. Bootstrap 按钮下拉菜单

    向下拉 <div class="dropdown"> <button class="btn btn-default" data-toggle= ...

  3. OpenCV---Numpy数组的使用以及创建图片

    一:对头像的所有像素进行访问,并UI图像进行像素取反 (一)for循环取反 import cv2 as cv import numpy as np def access_pixels(image): ...

  4. 维护前面的position+主席树 Codeforces Round #406 (Div. 2) E

    http://codeforces.com/contest/787/problem/E 题目大意:给你n块,每个块都有一个颜色,定义一个k,表示在区间[l,r]中最多有k中不同的颜色.另k=1,2,3 ...

  5. MongoDB - MongoDB CRUD Operations, Update Documents

    Update Methods MongoDB provides the following methods for updating documents in a collection: Method ...

  6. cmd 使用gii的命令行用法

    1.生成模型 php yii gii/model --ns=common\models --tableName=contract_supplemental --modelClass=ContractS ...

  7. 【洛谷 P3338】 [ZJOI2014]力(FFT)

    题目链接 \[\Huge{E_i=\sum_{j=1}^{i-1}\frac{q_j}{(i-j)^2}-\sum_{j=i+1}^{n}\frac{q_j}{(i-j)^2}}\] 设\(A[i]= ...

  8. php常用代码段

    点击换验证码 <a href=" src="{:U('Reglog/vcode')}" /></a> TP上一条下一条 $prev=$artica ...

  9. PyCharm 自定义文件和代码模板

    PyCharm提供了文件和代码模板功能,可以利用此模板来快捷新建代码或文件.比如在PyCharm中新建一个html文件,新的文件并不是空的,而是会自动填充了一些基础的必备的内容,就像这样: <! ...

  10. flask插件系列之flask_session会话机制

    flask_session是flask框架实现session功能的一个插件,用来替代flask自带的session实现机制. 配置参数详解 SESSION_COOKIE_NAME 设置返回给客户端的c ...