144 lines
3.5 KiB
Bash
144 lines
3.5 KiB
Bash
#!/usr/bin/env bash
|
||
|
||
# ---------------------------------------------------------------------------------
|
||
# 控制台颜色
|
||
BLACK="\033[1;30m"
|
||
RED="\033[1;31m"
|
||
GREEN="\033[1;32m"
|
||
YELLOW="\033[1;33m"
|
||
BLUE="\033[1;34m"
|
||
PURPLE="\033[1;35m"
|
||
CYAN="\033[1;36m"
|
||
RESET="$(tput sgr0)"
|
||
# ---------------------------------------------------------------------------------
|
||
|
||
printHeadInfo() {
|
||
printf "${BLUE}\n"
|
||
cat << EOF
|
||
###################################################################################
|
||
# Linux Centos7 系统配置脚本(根据需要选择)
|
||
# @author: Zhang Peng
|
||
###################################################################################
|
||
EOF
|
||
printf "${RESET}\n"
|
||
}
|
||
|
||
setLimit() {
|
||
cat >> /etc/security/limits.conf << EOF
|
||
* - nofile 65535
|
||
* - nproc 65535
|
||
EOF
|
||
}
|
||
|
||
setLang() {
|
||
cat > /etc/sysconfig/i18n << EOF
|
||
LANG="zh_CN.UTF-8"
|
||
EOF
|
||
}
|
||
|
||
closeShutdownShortkey() {
|
||
printf "\n${CYAN}>>>> 关闭 Ctrl+Alt+Del 快捷键防止重新启动${RESET}\n"
|
||
sed -i 's#exec /sbin/shutdown -r now#\#exec /sbin/shutdown -r now#' /etc/init/control-alt-delete.conf
|
||
}
|
||
|
||
closeSelinux() {
|
||
# see http://blog.51cto.com/13570193/2093299
|
||
printf "\n${CYAN}>>>> 关闭 selinux${RESET}\n"
|
||
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
|
||
}
|
||
|
||
setBootMode() {
|
||
# 1. 停机(记得不要把 initdefault 配置为 0,因为这样会使 Linux 不能启动)
|
||
# 2. 单用户模式,就像 Win9X 下的安全模式
|
||
# 3. 多用户,但是没有 NFS
|
||
# 4. 完全多用户模式,准则的运行级
|
||
# 5. 通常不用,在一些特殊情况下可以用它来做一些事情
|
||
# 6. X11,即进到 X-Window 系统
|
||
# 7. 重新启动 (记得不要把 initdefault 配置为 6,因为这样会使 Linux 不断地重新启动)
|
||
printf "\n${CYAN}>>>> 配置 Linux 启动模式${RESET}\n"
|
||
sed -i 's/id:5:initdefault:/id:3:initdefault:/' /etc/inittab
|
||
}
|
||
|
||
# 配置 IPv4
|
||
configIpv4() {
|
||
printf "\n${CYAN}>>>> 配置 IPv4${RESET}\n"
|
||
|
||
cat >> /etc/sysctl.conf << EOF
|
||
net.ipv4.tcp_tw_reuse = 1
|
||
net.ipv4.tcp_tw_recycle = 1
|
||
net.ipv4.tcp_fin_timeout = 2
|
||
net.ipv4.tcp_syncookies = 1
|
||
net.ipv4.tcp_keepalive_time = 1200
|
||
net.ipv4.tcp_max_syn_backlog = 16384
|
||
net.core.netdev_max_backlog = 16384
|
||
net.core.somaxconn = 32768
|
||
net.core.wmem_default = 8388608
|
||
net.core.rmem_default = 8388608
|
||
net.core.rmem_max = 16777216
|
||
net.core.wmem_max = 16777216
|
||
net.ipv4.tcp_timestamps = 0
|
||
net.ipv4.route.gc_timeout = 100
|
||
net.ipv4.tcp_synack_retries = 1
|
||
net.ipv4.tcp_syn_retries = 1
|
||
net.ipv4.tcp_mem = 94500000 915000000 927000000
|
||
net.ipv4.tcp_max_orphans = 3276800
|
||
net.ipv4.ip_local_port_range = 2000 65535
|
||
net.ipv4.tcp_max_tw_buckets = 5000
|
||
vm.swappiness=10
|
||
EOF
|
||
}
|
||
|
||
# 关闭 IPv6
|
||
closeIpv6() {
|
||
printf "\n${CYAN}>>>> 关闭 IPv6${RESET}\n"
|
||
|
||
cat > /etc/modprobe.d/ipv6.conf << EOF
|
||
alias net-pf-10 off
|
||
options ipv6 disable=1
|
||
EOF
|
||
|
||
echo "NETWORKING_IPV6=off" >> /etc/sysconfig/network
|
||
}
|
||
|
||
# 入口函数
|
||
main() {
|
||
PS3="请选择要执行的操作:"
|
||
select ITEM in "配置 DNS" "配置 NTP" "关闭防火墙" "配置 IPv4" "关闭 IPv6" "全部执行"
|
||
do
|
||
|
||
case ${ITEM} in
|
||
"配置 DNS")
|
||
sh ${root}/set-dns.sh ;;
|
||
"配置 NTP")
|
||
sh ${root}/set-ntp.sh ;;
|
||
"关闭防火墙")
|
||
sh ${root}/stop-firewall.sh ;;
|
||
"配置 IPv4")
|
||
configIpv4 ;;
|
||
"关闭 IPv6")
|
||
closeIpv6 ;;
|
||
"全部执行")
|
||
sh ${root}/set-dns.sh
|
||
sh ${root}/set-ntp.sh
|
||
sh ${root}/stop-firewall.sh
|
||
configIpv4
|
||
closeIpv6
|
||
;;
|
||
*)
|
||
printf "\n${RED}输入项不支持${RESET}\n"
|
||
main
|
||
;;
|
||
esac
|
||
break
|
||
done
|
||
}
|
||
|
||
######################################## MAIN ########################################
|
||
root=$(pwd)
|
||
if [[ -n $1 ]]; then
|
||
root=$1
|
||
fi
|
||
|
||
printHeadInfo
|
||
main
|