From a16682276a2f254fb9ccc5ad55aad3ed98aaa31b Mon Sep 17 00:00:00 2001 From: Zhang Peng Date: Fri, 22 Feb 2019 18:57:46 +0800 Subject: [PATCH] =?UTF-8?q?=E6=9B=B4=E6=96=B0=E8=84=9A=E6=9C=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- codes/linux/ops/service/elk/install-elk.sh | 21 +---- codes/linux/ops/sys/README.md | 77 +++++++++++++++++++ codes/linux/{ => ops}/sys/config-env.sh | 58 +------------- codes/linux/{ => ops}/sys/init.sh | 0 codes/linux/{ => ops}/sys/install-cmd-tool.sh | 6 ++ codes/linux/ops/sys/set-dns.sh | 32 ++++++++ codes/linux/ops/sys/set-ntp.sh | 28 +++++++ codes/linux/ops/sys/stop-firewall.sh | 10 +++ codes/linux/{ => ops}/sys/yum/Centos-5.repo | 0 codes/linux/{ => ops}/sys/yum/Centos-6.repo | 0 codes/linux/{ => ops}/sys/yum/Centos-7.repo | 0 codes/linux/{ => ops}/sys/yum/README.md | 4 +- .../{ => ops}/sys/yum/change-yum-repo.sh | 6 +- 13 files changed, 164 insertions(+), 78 deletions(-) create mode 100644 codes/linux/ops/sys/README.md rename codes/linux/{ => ops}/sys/config-env.sh (68%) rename codes/linux/{ => ops}/sys/init.sh (100%) rename codes/linux/{ => ops}/sys/install-cmd-tool.sh (94%) create mode 100644 codes/linux/ops/sys/set-dns.sh create mode 100644 codes/linux/ops/sys/set-ntp.sh create mode 100644 codes/linux/ops/sys/stop-firewall.sh rename codes/linux/{ => ops}/sys/yum/Centos-5.repo (100%) rename codes/linux/{ => ops}/sys/yum/Centos-6.repo (100%) rename codes/linux/{ => ops}/sys/yum/Centos-7.repo (100%) rename codes/linux/{ => ops}/sys/yum/README.md (75%) rename codes/linux/{ => ops}/sys/yum/change-yum-repo.sh (87%) diff --git a/codes/linux/ops/service/elk/install-elk.sh b/codes/linux/ops/service/elk/install-elk.sh index 289fdc7..0246db4 100644 --- a/codes/linux/ops/service/elk/install-elk.sh +++ b/codes/linux/ops/service/elk/install-elk.sh @@ -7,24 +7,9 @@ # passwd elk # 获取当前设备IP -IP="" -getDeviceIp() { - IP=`ifconfig eth0 | grep "inet" | awk '{ print $2}' | awk -F: '{print $2}'` - if [ "$IP" == "" ]; then - IP=`ifconfig eth0 | grep "inet" | awk '{ print $2}'` - fi - if [ "$IP" == "" ]; then - IP=`ifconfig ens32 | grep "inet"|grep "broadcast" | awk '{ print $2}' | awk -F: '{print $1}'` - fi - - if [ "${IP}" == "" ]; then - echo " " - echo " 请输入服务器IP地址................ " - echo " " - exit 0 - else - echo "当前设备IP: $IP" - fi +ipaddr='127.0.0.1' +function getDeviceIp() { + ipaddr=$(ip addr | awk '/^[0-9]+: / {}; /inet.*global/ {print gensub(/(.*)\/(.*)/, "\\1", "g", $2)}') } # 检查文件是否存在,不存在则退出脚本 diff --git a/codes/linux/ops/sys/README.md b/codes/linux/ops/sys/README.md new file mode 100644 index 0000000..f47c15d --- /dev/null +++ b/codes/linux/ops/sys/README.md @@ -0,0 +1,77 @@ +# 脚本使用说明 + +> 建议按照顺序执行本文脚本。 + + + +- [替换 yum repo 源](#替换-yum-repo-源) +- [安装基本的命令工具(可选)](#安装基本的命令工具可选) +- [关闭防火墙](#关闭防火墙) +- [设置 DNS](#设置-dns) +- [设置 ntp](#设置-ntp) + + + +## 替换 yum repo 源 + +由于 CentOS 默认 yum 源,访问速度很慢,所以推荐使用国内镜像。 + +使用方法:执行以下任意命令即可执行脚本。 + +```sh +curl -o- https://raw.githubusercontent.com/dunwu/os-tutorial/master/codes/linux/ops/sys/yum/change-yum-repo.sh | bash +wget -qO- https://raw.githubusercontent.com/dunwu/os-tutorial/master/codes/linux/ops/sys/yum/change-yum-repo.sh | bash +``` + +## 安装基本的命令工具(可选) + +工具清单(可以根据需要,在 install-cmd-tool.sh 中把不需要的工具注掉): + +``` +# 核心工具:df、du、chkconfig +# 网络工具:ifconfig、netstat、route +# IP工具:ip、ss、ping、tracepath、traceroute +# DNS工具:dig、host、nslookup、whois +# 端口工具:lsof、nc、telnet +# 下载工具:curl、wget +# 防火墙工具:iptables +# 编辑工具:emacs、vim +# 流量工具:iftop、nethogs +# 抓包工具:tcpdump +# 压缩工具:unzip、zip +# 版本控制工具:git +``` + +使用方法:执行以下任意命令即可执行脚本。 + +```sh +curl -o- https://raw.githubusercontent.com/dunwu/os-tutorial/master/codes/linux/ops/sys/install-cmd-tool.sh | bash +wget -qO- https://raw.githubusercontent.com/dunwu/os-tutorial/master/codes/linux/ops/sys/install-cmd-tool.sh | bash +``` + +## 关闭防火墙 + +使用方法:执行以下任意命令即可执行脚本。 + +```sh +curl -o- https://raw.githubusercontent.com/dunwu/os-tutorial/master/codes/linux/ops/sys/stop-firewall.sh | bash +wget -qO- https://raw.githubusercontent.com/dunwu/os-tutorial/master/codes/linux/ops/sys/stop-firewall.sh | bash +``` + +## 设置 DNS + +使用方法:执行以下任意命令即可执行脚本。 + +```sh +curl -o- https://raw.githubusercontent.com/dunwu/os-tutorial/master/codes/linux/ops/sys/set-dns.sh | bash +wget -qO- https://raw.githubusercontent.com/dunwu/os-tutorial/master/codes/linux/ops/sys/set-dns.sh | bash +``` + +## 设置 ntp + +使用方法:执行以下任意命令即可执行脚本。 + +```sh +curl -o- https://raw.githubusercontent.com/dunwu/os-tutorial/master/codes/linux/ops/sys/set-ntp.sh | bash +wget -qO- https://raw.githubusercontent.com/dunwu/os-tutorial/master/codes/linux/ops/sys/set-ntp.sh | bash +``` diff --git a/codes/linux/sys/config-env.sh b/codes/linux/ops/sys/config-env.sh similarity index 68% rename from codes/linux/sys/config-env.sh rename to codes/linux/ops/sys/config-env.sh index e9ba3a0..f17ff01 100644 --- a/codes/linux/sys/config-env.sh +++ b/codes/linux/ops/sys/config-env.sh @@ -6,49 +6,6 @@ # Author: Zhang Peng ################################################################################### -# 获取当前机器 IP -ip="" -function getDeviceIp() { - ip=`ifconfig eth0 | grep "inet addr" | awk '{ print $2}' | awk -F: '{print $2}'` - if [ "$ip" == "" ] - then - ip=`ifconfig ens32 | grep "inet"|grep "broadcast" | awk '{ print $2}' | awk -F: '{print $1}'` - fi - - if [ "$ip" == "" ] - then - ip=`echo $1` - fi - - if [ "${ip}" == "" ] - then - echo "无法获取IP地址" - exit 0 - fi -} - -function setDNS() { -getDeviceIp -host=`hostname` -cat >> /etc/hosts << EOF -${ip} ${host} -EOF -} - -function setNameServer() { - echo "添加域名服务器" - echo "nameserver 218.2.135.1" >> /etc/resolv.conf -} - -function setNtp() { -# 时钟同步工具 -yum -y install ntp -# 同步上海交通大学网络中心NTP服务器 -echo "* 4 * * * /usr/sbin/ntpdate ntp.sjtu.edu.cn > /dev/null 2>&1" >> /var/spool/cron/root -# 以一个服务器时间为标准定时更新时间(有时需要以公司中的服务器作为标准) -#echo "*/30 * * * * /usr/local/bin/ntpdate 192.168.16.182" >> /var/spool/cron/root -} - function setLimit() { cat >> /etc/security/limits.conf << EOF * - nofile 65535 @@ -74,13 +31,6 @@ function closeSelinux() { sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config } -function closeFirewall() { - echo "关闭防火墙" - - # see https://www.cnblogs.com/moxiaoan/p/5683743.html - systemctl stop firewalld - systemctl disable firewalld -} function setBootMode() { # 1. 停机(记得不要把 initdefault 配置为 0,因为这样会使 Linux 不能启动) @@ -136,15 +86,13 @@ echo "NETWORKING_IPV6=off" >> /etc/sysconfig/network ######################################## MAIN ######################################## echo -e "\n>>>>>>>>> 配置系统环境" +filepath=$(cd "$(dirname "$0")"; pwd) + # 关闭 selinux closeSelinux -# 关闭防火墙 -closeFirewall - # 设置 DNS 服务器和本机 Host -setNameServer -setDNS +${filepath}/set-dns.sh # 设置时间同步 setNtp diff --git a/codes/linux/sys/init.sh b/codes/linux/ops/sys/init.sh similarity index 100% rename from codes/linux/sys/init.sh rename to codes/linux/ops/sys/init.sh diff --git a/codes/linux/sys/install-cmd-tool.sh b/codes/linux/ops/sys/install-cmd-tool.sh similarity index 94% rename from codes/linux/sys/install-cmd-tool.sh rename to codes/linux/ops/sys/install-cmd-tool.sh index 61638b8..23b0a1c 100644 --- a/codes/linux/sys/install-cmd-tool.sh +++ b/codes/linux/ops/sys/install-cmd-tool.sh @@ -21,6 +21,7 @@ # 流量工具:iftop、nethogs # 抓包工具:tcpdump # 压缩工具:unzip、zip +# 版本控制工具:git ################################################################################### # 核心工具 echo -e "\n>>>>>>>>> install coreutils(df、du)" @@ -81,4 +82,9 @@ echo -e "\n>>>>>>>>> install tcpdump" yum install -y tcpdump # 压缩工具 +echo -e "\n>>>>>>>>> install unzip" yum install -y unzip + +# 版本控制工具 +echo -e "\n>>>>>>>>> install git" +yum install -y git diff --git a/codes/linux/ops/sys/set-dns.sh b/codes/linux/ops/sys/set-dns.sh new file mode 100644 index 0000000..1f085f2 --- /dev/null +++ b/codes/linux/ops/sys/set-dns.sh @@ -0,0 +1,32 @@ +#!/usr/bin/env bash + +################################################################################### +# 在 /etc/resolv.conf 中设置 DNS 服务器 +# 在 /etc/hosts 中设置本机域名 +# Author: Zhang Peng +################################################################################### +ip='127.0.0.1' +function getDeviceIp() { + ip=$(ip addr | awk '/^[0-9]+: / {}; /inet.*global/ {print gensub(/(.*)\/(.*)/, "\\1", "g", $2)}') +} + +function setDNSServer() { +echo -e "设置DNS服务器" +cat >> /etc/resolv.conf << EOF +nameserver 114.114.114.114 +nameserver 8.8.8.8 +EOF +} + +function setHosts() { +getDeviceIp +host=`hostname` +cat >> /etc/hosts << EOF +${ip} ${host} +EOF +} + +######################################## MAIN ######################################## +echo -e "\n>>>>>>>>> 配置系统环境" +setDNSServer +setHosts diff --git a/codes/linux/ops/sys/set-ntp.sh b/codes/linux/ops/sys/set-ntp.sh new file mode 100644 index 0000000..5cb0637 --- /dev/null +++ b/codes/linux/ops/sys/set-ntp.sh @@ -0,0 +1,28 @@ +#!/usr/bin/env bash + +################################################################################### +# 使用 NTP 进行时间同步 +# 参考:https://www.cnblogs.com/quchunhui/p/7658853.html +# Author: Zhang Peng +################################################################################### + +echo -e "\n>>>>>>>>> 设置 ntp" + +echo -e "先安装时钟同步工具 ntp" +yum -y install ntp + +ip=$(ip addr | awk '/^[0-9]+: / {}; /inet.*global/ {print gensub(/(.*)\/(.*)/, "\\1", "g", $2)}') +/sbin/iptables -A INPUT -p UDP -i eth0 -s ${ip}/24 --dport 123 -j ACCEPT + +echo -e "启动 NTP 服务" +systemctl start ntpd.service + +echo -e "立即执行时间同步" +/usr/sbin/ntpdate ntp.sjtu.edu.cn + +echo -e "自动定时同步时间" +echo "* 3 * * * /usr/sbin/ntpdate ntp.sjtu.edu.cn" >> /etc/crontab +systemctl restart crond.service + +echo -e "同步后系统时间:" +date diff --git a/codes/linux/ops/sys/stop-firewall.sh b/codes/linux/ops/sys/stop-firewall.sh new file mode 100644 index 0000000..3fba3ff --- /dev/null +++ b/codes/linux/ops/sys/stop-firewall.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env bash + +################################################################################### +# 彻底关闭防火墙 +# 参考:https://www.cnblogs.com/moxiaoan/p/5683743.html +# Author: Zhang Peng +################################################################################### + +systemctl stop firewalld +systemctl disable firewalld diff --git a/codes/linux/sys/yum/Centos-5.repo b/codes/linux/ops/sys/yum/Centos-5.repo similarity index 100% rename from codes/linux/sys/yum/Centos-5.repo rename to codes/linux/ops/sys/yum/Centos-5.repo diff --git a/codes/linux/sys/yum/Centos-6.repo b/codes/linux/ops/sys/yum/Centos-6.repo similarity index 100% rename from codes/linux/sys/yum/Centos-6.repo rename to codes/linux/ops/sys/yum/Centos-6.repo diff --git a/codes/linux/sys/yum/Centos-7.repo b/codes/linux/ops/sys/yum/Centos-7.repo similarity index 100% rename from codes/linux/sys/yum/Centos-7.repo rename to codes/linux/ops/sys/yum/Centos-7.repo diff --git a/codes/linux/sys/yum/README.md b/codes/linux/ops/sys/yum/README.md similarity index 75% rename from codes/linux/sys/yum/README.md rename to codes/linux/ops/sys/yum/README.md index f476653..cfc84db 100644 --- a/codes/linux/sys/yum/README.md +++ b/codes/linux/ops/sys/yum/README.md @@ -7,6 +7,6 @@ 使用方法:执行以下任意命令即可执行脚本。 ```sh -curl -o- https://raw.githubusercontent.com/dunwu/os-tutorial/master/codes/linux/sys/yum/change-yum-repo.sh | bash -wget -qO- https://raw.githubusercontent.com/dunwu/os-tutorial/master/codes/linux/sys/yum/change-yum-repo.sh | bash +curl -o- https://raw.githubusercontent.com/dunwu/os-tutorial/master/codes/linux/ops/sys/yum/change-yum-repo.sh | bash +wget -qO- https://raw.githubusercontent.com/dunwu/os-tutorial/master/codes/linux/ops/sys/yum/change-yum-repo.sh | bash ``` diff --git a/codes/linux/sys/yum/change-yum-repo.sh b/codes/linux/ops/sys/yum/change-yum-repo.sh similarity index 87% rename from codes/linux/sys/yum/change-yum-repo.sh rename to codes/linux/ops/sys/yum/change-yum-repo.sh index 398e60b..9f78fa8 100644 --- a/codes/linux/sys/yum/change-yum-repo.sh +++ b/codes/linux/ops/sys/yum/change-yum-repo.sh @@ -20,7 +20,7 @@ cp /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.bak # 根据发型版本选择相应 yum 镜像 if [[ ${version} == 5 ]]; then # Cento5 已废弃,只能使用 http://vault.CentOS.org/ 替换,但由于是国外镜像,速度较慢 - wget -N https://raw.githubusercontent.com/dunwu/os-tutorial/master/codes/linux/sys/yum/Centos-5.repo -O /etc/yum.repos.d/CentOS-Base.repo + wget -N https://raw.githubusercontent.com/dunwu/os-tutorial/master/codes/linux/ops/sys/yum/Centos-5.repo -O /etc/yum.repos.d/CentOS-Base.repo # 根据实际发型版本情况替换 detailVersion=`lsb_release -r | awk '{print substr($2,1,3)}'` @@ -29,9 +29,9 @@ if [[ ${version} == 5 ]]; then # 不替换下面的开关,可能会出现错误:Could not open/read repomd.xml sed -i 's/enabled=1/enabled=0/g' /etc/yum.repos.d/CentOS-Media.repo elif [[ ${version} == 6 ]]; then - wget -N https://raw.githubusercontent.com/dunwu/os-tutorial/master/codes/linux/sys/yum/Centos-6.repo -O /etc/yum.repos.d/CentOS-Base.repo + wget -N https://raw.githubusercontent.com/dunwu/os-tutorial/master/codes/linux/ops/sys/yum/Centos-6.repo -O /etc/yum.repos.d/CentOS-Base.repo elif [[ ${version} == 7 ]]; then - wget -N https://raw.githubusercontent.com/dunwu/os-tutorial/master/codes/linux/sys/yum/Centos-7.repo -O /etc/yum.repos.d/CentOS-Base.repo + wget -N https://raw.githubusercontent.com/dunwu/os-tutorial/master/codes/linux/ops/sys/yum/Centos-7.repo -O /etc/yum.repos.d/CentOS-Base.repo else echo -e "版本不支持,替换 yum repo 失败" fi