#!/bin/bash
# 此脚本主要针对系统刚完成安装,对系统完成参数调优
##### check id root #####
if [ $(id -u) != "0" ]; then
echo "You must be root to run this script ..."
exit 1
fi
##### set function #####
CentOS6 ()
{
yum install -y wget
/usr/bin/wget -qO /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo
/usr/bin/wget -qO /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
yum install -y tree screen make cmake vim ntpdate telnet nc lrzsz gcc gcc-c++
/etc/init.d/iptables stop && chkconfig iptables off
}
CentOS7 ()
{
yum install -y wget
/usr/bin/wget -qO /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
/usr/bin/wget -qO /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
yum install -y tree screen make cmake vim ntpdate telnet nc lrzsz gcc gcc-c++
systemctl stop firewalld.service && systemctl disable firewalld.service
}
##### get system Edition #####
Edition=`grep -o '[[:digit:]]' /etc/redhat-release |head -1`
if [ $Edition == '6' ];then
echo -e "\n\033[34mStart CentOS6 installation……\033[0m\n"
CentOS6
elif [ $Edition == '7' ]; then
echo -e "\n\033[34mStart CentOS7 installation……\033[0m\n"
CentOS7
else
echo "This system is not CentOS 6, script execution failed ..."
exit 2
fi
####################华丽的分割线 6 与7 命令不同的写在上面函数中 命令相同的写在下面####################################
##### disable selinux && iptables #####
sed -i '/SELINUX/s/enforcing/disabled/' /etc/selinux/config
setenforce 0
##### set vim #####
sed -i "7a alias vi='vim'" /root/.bashrc
sed -i "8a alias grep='grep --color'" /root/.bashrc
##### set ssh #####
ssh_cf="/etc/ssh/sshd_config"
sed -i 's/#GSSAPIAuthentication no/GSSAPIAuthentication no/g' $ssh_cf
sed -i 's/GSSAPIAuthentication yes/#GSSAPIAuthentication yes/g' $ssh_cf
sed -i "s/#UseDNS yes/UseDNS no/" $ssh_cf
##### set ntpdate #####
echo '*/4 * * * * /usr/sbin/ntpdate time.windows.com >/dev/null 2>&1' >> /var/spool/cron/root
\cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
# \cp /usr/share/zoneinfo/America/New_York /etc/localtime 纽约(西5区)
# \cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime 中国(东8区)
# \cp /usr/share/zoneinfo/Asia/Bangkok /etc/localtime 泰国(东7区)
# \cp /usr/share/zoneinfo/Asia/Korea /etc/localtime 韩国(东9区)
# \cp /usr/share/zoneinfo/Asia/Tokyo /etc/localtime 日本(东9区)
##### set limits #####
echo -e "* soft nofile 65535\n* hard nofile 65535" >>/etc/security/limits.conf
##### set kernel #####
>/etc/sysctl.conf
cat >>/etc/sysctl.conf <
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.ip_local_port_range = 1024 65535
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.eth0.rp_filter = 0
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.eth0.arp_announce = 2
#Add
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_tw_reuse = 0
net.core.wmem_max = 327679
net.core.rmem_max = 327679
net.core.wmem_default = 327679
net.core.rmem_default = 327679
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_syn_retries = 3
net.ipv4.tcp_synack_retries = 3
net.ipv4.tcp_max_syn_backlog = 65536
net.core.netdev_max_backlog = 65536
net.core.somaxconn = 65536
net.ipv4.tcp_rmem = 4096 87380 16777216
net.ipv4.tcp_wmem = 4096 65536 16777216
EOF
/sbin/sysctl -p
echo -e "\n\033[32mSystem initialization completed, you must restart the system\033[0m\n"
成都创新互联是一家专业提供襄汾企业网站建设,专注与网站设计制作、成都网站设计、H5技术、小程序制作等业务。10年已为襄汾众多企业、政府机构等服务。创新互联专业网站设计公司优惠进行中。