linux-tutorial/codes/linux/sys/sys-settings.sh

144 lines
3.5 KiB
Bash
Raw Blame History

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

#!/usr/bin/env bash
# ---------------------------------------------------------------------------------
# 控制台颜色
BLACK="\033[1;30m"
RED="\033[1;31m"
GREEN="\033[1;32m"
YELLOW="\033[1;33m"
BLUE="\033[1;34m"
PURPLE="\033[1;35m"
CYAN="\033[1;36m"
RESET="$(tput sgr0)"
# ---------------------------------------------------------------------------------
printHeadInfo() {
printf "${BLUE}\n"
cat << EOF
###################################################################################
# Linux Centos7 系统配置脚本(根据需要选择)
# @author: Zhang Peng
###################################################################################
EOF
printf "${RESET}\n"
}
setLimit() {
cat >> /etc/security/limits.conf << EOF
* - nofile 65535
* - nproc 65535
EOF
}
setLang() {
cat > /etc/sysconfig/i18n << EOF
LANG="zh_CN.UTF-8"
EOF
}
closeShutdownShortkey() {
printf "\n${CYAN}>>>> 关闭 Ctrl+Alt+Del 快捷键防止重新启动${RESET}\n"
sed -i 's#exec /sbin/shutdown -r now#\#exec /sbin/shutdown -r now#' /etc/init/control-alt-delete.conf
}
closeSelinux() {
# see http://blog.51cto.com/13570193/2093299
printf "\n${CYAN}>>>> 关闭 selinux${RESET}\n"
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
}
setBootMode() {
# 1. 停机(记得不要把 initdefault 配置为 0因为这样会使 Linux 不能启动)
# 2. 单用户模式,就像 Win9X 下的安全模式
# 3. 多用户,但是没有 NFS
# 4. 完全多用户模式,准则的运行级
# 5. 通常不用,在一些特殊情况下可以用它来做一些事情
# 6. X11即进到 X-Window 系统
# 7. 重新启动 (记得不要把 initdefault 配置为 6因为这样会使 Linux 不断地重新启动)
printf "\n${CYAN}>>>> 配置 Linux 启动模式${RESET}\n"
sed -i 's/id:5:initdefault:/id:3:initdefault:/' /etc/inittab
}
# 配置 IPv4
configIpv4() {
printf "\n${CYAN}>>>> 配置 IPv4${RESET}\n"
cat >> /etc/sysctl.conf << EOF
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_fin_timeout = 2
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.tcp_max_syn_backlog = 16384
net.core.netdev_max_backlog = 16384
net.core.somaxconn = 32768
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_timestamps = 0
net.ipv4.route.gc_timeout = 100
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.ip_local_port_range = 2000 65535
net.ipv4.tcp_max_tw_buckets = 5000
vm.swappiness=10
EOF
}
# 关闭 IPv6
closeIpv6() {
printf "\n${CYAN}>>>> 关闭 IPv6${RESET}\n"
cat > /etc/modprobe.d/ipv6.conf << EOF
alias net-pf-10 off
options ipv6 disable=1
EOF
echo "NETWORKING_IPV6=off" >> /etc/sysconfig/network
}
# 入口函数
main() {
PS3="请选择要执行的操作:"
select ITEM in "配置 DNS" "配置 NTP" "关闭防火墙" "配置 IPv4" "关闭 IPv6" "全部执行"
do
case ${ITEM} in
"配置 DNS")
sh ${root}/set-dns.sh ;;
"配置 NTP")
sh ${root}/set-ntp.sh ;;
"关闭防火墙")
sh ${root}/stop-firewall.sh ;;
"配置 IPv4")
configIpv4 ;;
"关闭 IPv6")
closeIpv6 ;;
"全部执行")
sh ${root}/set-dns.sh
sh ${root}/set-ntp.sh
sh ${root}/stop-firewall.sh
configIpv4
closeIpv6
;;
*)
printf "\n${RED}输入项不支持${RESET}\n"
main
;;
esac
break
done
}
######################################## MAIN ########################################
root=$(pwd)
if [[ -n $1 ]]; then
root=$1
fi
printHeadInfo
main