centos7 一键初始化shell脚本

时间 2019-11-24

标签 centos7 centos 一键初始化 shell 脚本栏目 Tomcat 繁體版

原文原文链接

#!/bin/bash -
#关闭selinux，这个必须关闭，否则会出现各类各样的帐号权限问题
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
setenforce 0php

#安装经常使用工具vim-编辑器 wget-下载工具 tree-目录树 net-tools-网络工具套装 curl-文件传输 ntpdate-时间同步
yum -y install vim wget tree net-tools curl curl-devel ntpdatepython

#系统必备
yum -y install gcc gcc-c++ gcc-g77 make automake autoconf pkgconfig
#nginx apache等软件须要
yum -y install zlib zlib-devel openssl openssl--devel pcre pcre-devel
#编译php的时候
yum -y install libjpeg libjpeg-devel libpng libpng-devel libpng10 libpng10-devel gd gd-devel libxml2 libxml2-devel libidn libidn-devel \
freetype freetype-devel bzip2-devel libevent libevent-devel libedit-devel libtool libtool-libs libcap glib2 glib2-devel unzip bzip2
#其余
yum -y install python-docutils python-sphinx flex bison file lsof ncurses ncurses-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel \
gettext gettext-devel ncurses-devel gmp-devel pspell-devel linux

#防火墙不能够关闭，只须要放行对应的服务端口便可，以下是80端口放行，阿里云默认关闭，有安全策略
systemctl status firewalld nginx

#firewall-cmd --zone=public --add-port=80/tcp --permanentc++

#时间时区配置
cp /etc/localtime /etc/localtime.bakapache

ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtimevim

#这里同步5个时间就不信了 5个都不提供服务
ntpdate cn.ntp.org.cn
#阿里云
ntpdate 182.92.12.11
ntpdate 203.107.6.88
ntpdate 120.25.115.20
#中国教育网
ntpdate edu.ntp.org.cn安全

hwclock -wbash

#修改内核参数
sed -i '$a vm.max_map_count=655360' /etc/sysctl.confcookie

#优化内核参数
sed -i 's/net.ipv4.tcp_syncookies.*$/net.ipv4.tcp_syncookies = 1/g' /etc/sysctl.conf
cat >> /etc/sysctl.conf << ENDF
net.ipv4.tcp_max_syn_backlog = 65536
net.core.netdev_max_backlog = 32768
net.core.somaxconn = 32768
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_tw_recycle = 1
#net.ipv4.tcp_tw_len = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.ip_local_port_range = 1024 65535
fs.inotify.max_queued_events = 16384
fs.inotify.max_user_instances = 1024
fs.inotify.max_user_watches = 1048576

ENDF
sysctl -p

#修改文件打开数
sed -i '$a * soft nproc 65536' /etc/security/limits.conf
sed -i '$a * hard nproc 65536' /etc/security/limits.conf
sed -i '$a * soft nofile 65536' /etc/security/limits.conf
sed -i '$a * hard nofile 65536' /etc/security/limits.conf

#内核升级

http://elrepo.org/tiki/tiki-index.php

需关注此网址进行修改更新

#rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org

#rpm -Uvh https://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm

#yum --enablerepo=elrepo-kernel install kernel-ml-devel kernel-ml -y

#查看系统启动项：

#cat /boot/grub2/grub.cfg |grep elrepo

#把分号里面的内容复制下来，填入下面的分号中能够发现有最新版本的内核，此时能够设置最新版本内核为默认启动：

#grub2-set-default 'CentOS Linux (4.19.2-1.el7.elrepo.x86_64) 7 (Core)'