linux初始化脚本

平常少不了进行新系统的安装,每次安装完新系统后都需要一个一个手动设置,异常繁琐,于是写了个脚本,每次安装完后直接运行就可以了

#CentOS安装iptables
centos_iptables_install ()
{
	read -p "是否安装iptables?[Y/n] " iptables_bool_path
	case $iptables_bool_path in
	y|Y|yes|YES)
		echo -e "现在开始安装iptables\n"
		yum install iptables-services -y
		return 1
		;;
	n|N|no|NO)
		echo -e "不安装iptables\n"
		return 0
		;;
	*)
		echo -e "输入有误,请重新输入\n"
		centos_iptables_install
		;;
	esac
}

#Ubuntu安装iptables
ubuntu_iptables_install ()
{
	read -p "是否安装iptables?[Y/n] " iptables_bool_path
	case $iptables_bool_path in
	y|Y|yes|YES)
		echo -e "现在开始安装iptables\n"
		#iptables脚本
		touch /etc/iptables.rules
		#设置开机启动
		touch /etc/network/interfaces.d/interfaces.tail
		echo "pre-up iptables-restore < /etc/iptables.rules" >> /etc/network/interfaces.d/interfaces.tail
		echo "iptables配置文件路径:/etc/iptables.rules"
		return 1
		;;
	n|N|no|NO)
		echo -e "不安装iptables\n"
		return 0
		;;
	*)
		echo -e "输入有误,请重新输入\n"
		ubuntu_iptables_install
		;;
	esac
	
}

#CentOS安装open-vm-tools
centos_vm_tools_install ()
{
	read -p "当前系统是否为虚拟机?[Y/n] " vm_bool
	case $vm_bool in
	y|Y|yes|YES)
		echo -e "现在开始安装open-vm-tools\n"
		yum install open-vm-tools* -y
		;;
	n|N|no|NO)
		echo -e "不安装open-vm-tools\n"
		;;
	*)
		echo -e "输入有误,请重新输入\n"
		centos_vm_tools_install
		;;
	esac
}

#Ubuntu安装open-vm-tools
ubuntu_vm_tools_install ()
{
	read -p "当前系统是否为虚拟机?[Y/n] " vm_bool
	case $vm_bool in
	y|Y|yes|YES)
		echo -e "现在开始安装open-vm-tools\n"
		apt install open-vm-tools* -y
		;;
	n|N|no|NO)
		echo -e "不安装open-vm-tools\n"
		;;
	*)
		echo -e "输入有误,请重新输入\n"
		ubuntu_vm_tools_install
		;;
	esac
}

#CentOS设置openssh-server
centos_ssh_server ()
{
	echo "禁止DNS反向解析"
	sed -i 's/#UseDNS yes/UseDNS no/' /etc/ssh/sshd_config
	systemctl start sshd
}

#Ubuntu安装openssh-server
ubuntu_ssh_server_install ()
{
	echo "开始安装openssh-server"
	apt install openssh-server -y
	read -p "是否开启ssh根用户登陆?[Y/n] " ssh_root_bool
	case $ssh_root_bool in
	y|Y|yes|YES)
		sed -i 's/PermitRootLogin prohibit-password/#PermitRootLogin prohibit-password/' /etc/ssh/sshd_config
		sed -i '/#PermitRootLogin prohibit-password/a\PermitRootLogin yes' /etc/ssh/sshd_config
		systemctl start ssh
		systemctl enable ssh
		;;
	n|N|no|NO)
		sed -i 's/PermitRootLogin prohibit-password/#PermitRootLogin prohibit-password/' /etc/ssh/sshd_config
		sed -i '/#PermitRootLogin prohibit-password/a\PermitRootLogin no' /etc/ssh/sshd_config
		systemctl start ssh
		systemctl enable ssh
		;;
	*)
		echo -e "输入有误,请重新输入\n"
		ubuntu_ssh_server_install
		;;
	esac
}

#关闭SELINUX
selinux ()
{
	read -p "是否关闭SELinux?[Y/n] " selinux_bool
	case $selinux_bool in
	y|Y|yes|YES)
		echo -e "正在关闭SELinux"
		sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/sysconfig/selinux
		;;
	n|N|no|NO)
		echo -e "不关闭SELinux\n"
		;;
	*)
		echo -e "输入有误,请重新输入\n"
		selinux
		;;
	esac
}

#关闭ufw
ufw_status ()
{
	read -p "是否关闭ufw?[Y/n] " ufw_bool
	case $ufw_bool in
	y|Y|yes|YES)
		echo -e "正在关闭ufw"
		ufw disable
		;;
	n|N|no|NO)
		echo -e "不关闭ufw\n"
		;;
	*)
		echo -e "输入有误,请重新输入\n"
		ufw_status
		;;
	esac
}

#关闭firewalld
firewalld_status ()
{
	read -p "是否关闭firewalld?[Y/n] " ufw_bool
	case $ufw_bool in
	y|Y|yes|YES)
		echo -e "正在关闭firewalld"
		systemctl stop firewalld.service
		systemctl disable firewalld.service
		;;
	n|N|no|NO)
		echo -e "不关闭firewalld\n"
		;;
	*)
		echo -e "输入有误,请重新输入\n"
		firewalld_status
		;;
	esac
}

#系统选择
system_choice ()
{
    if [ -z $# ]
    then
        echo "==============================================="
        echo "               请选择系统发行版                "
        echo "                1.Ubuntu 16.04                 "
        echo "                2.CentOS 7                     "
        echo "==============================================="

        read -p "请选择[1/2] " system_release_num
            case $system_release_num in
            1)
                system_release="ubuntu"
                echo -e "系统为Ubuntu,现在开始执行"
                ;;
            2)
                system_release="centos"
                echo -e "系统为CentOS,现在开始执行"
                ;;
            *)
                echo -e "输入有误,请重新输入\n"
                system_choice
                ;;
            esac
    elif [[ $# -eq 1 && $1 -eq 1 ]]
    then
        system_release="ubuntu"
    elif [[ $# -eq 1 && $1 -eq 2 ]]
    then
        system_release="centos"
    fi
}

#检测root身份
if [[ "$(whoami)" != "root" ]]
then
    echo -e "\033[41;37m 请使用root用户运行 \033[0m"
    exit 1
fi

#获取系统发行版名称
if grep -Eqi "CentOS" /etc/issue || grep -Eq "CentOS" /etc/*-release; then
    release='CentOS'
elif grep -Eqi "Ubuntu" /etc/issue || grep -Eq "Ubuntu" /etc/*-release; then
    release='Ubuntu'
else
    release='unknow'
    echo -e "\033[41;37m 您的系统发行版不是CentOS或Ubuntu,若要继续安装,请选择以哪个系统方式安装 \033[0m"
    system_choice
fi

if [[ -s /etc/redhat-release ]];then
    version=`grep -oE  "[0-9.]+" /etc/redhat-release | awk -F . '{ print $1 }'`
else
    version=`grep -oE  "[0-9.]+" /etc/issue| awk -F . '{ print $1 }'`
fi

if [[ $release == "Ubuntu" &&  $version -ge 16 ]]
then
    system_choice 1
elif  [[ $release == "CentOS" && $version -ge 7 ]]
then
    system_choice 2
fi

case $system_release in
ubuntu)
	kill -9 `ps -ef | grep /var/lib/dpkg/ | grep -v grep | awk '{print $2}'`

	echo -e "系统发行版为ubuntu,现在执行安装\n"

	ubuntu_ssh_server_install

	ubuntu_vm_tools_install

	ufw_status

	ubuntu_iptables_install
	if [[ $? -eq 1 ]]
	then
		echo -e "\033[41;37m 已安装iptables \033[0m"
	else
		echo -e "\033[41;37m 未进行安装iptables \033[0m"
	fi

	apt install lrzsz vim wget -y

	#个性化.bashrc
	echo > /root/.bashrc
	cat >> /root/.bashrc << 'EOF'
# ~/.bashrc: executed by bash(1) for non-login shells.
# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
# for examples

# If not running interactively, don't do anything
case $- in
    *i*) ;;
      *) return;;
esac

# don't put duplicate lines or lines starting with space in the history.
# See bash(1) for more options
HISTCONTROL=ignoreboth

# append to the history file, don't overwrite it
shopt -s histappend

# for setting history length see HISTSIZE and HISTFILESIZE in bash(1)
HISTSIZE=1000
HISTFILESIZE=2000

# check the window size after each command and, if necessary,
# update the values of LINES and COLUMNS.
shopt -s checkwinsize

# If set, the pattern "**" used in a pathname expansion context will
# match all files and zero or more directories and subdirectories.
#shopt -s globstar

# make less more friendly for non-text input files, see lesspipe(1)
[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)"

# set variable identifying the chroot you work in (used in the prompt below)
if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then
    debian_chroot=$(cat /etc/debian_chroot)
fi

# set a fancy prompt (non-color, unless we know we "want" color)
case "$TERM" in
    xterm-color|*-256color) color_prompt=yes;;
esac

# uncomment for a colored prompt, if the terminal has the capability; turned
# off by default to not distract the user: the focus in a terminal window
# should be on the output of commands, not on the prompt
force_color_prompt=yes

if [ -n "$force_color_prompt" ]; then
    if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then
	# We have color support; assume it's compliant with Ecma-48
	# (ISO/IEC-6429). (Lack of such support is extremely rare, and such
	# a case would tend to support setf rather than setaf.)
	color_prompt=yes
    else
	color_prompt=
    fi
fi

if [ "$color_prompt" = yes ]; then
    PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
else
    PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '
fi
unset color_prompt force_color_prompt

# If this is an xterm set the title to user@host:dir
case "$TERM" in
xterm*|rxvt*)
    PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1"
    ;;
*)
    ;;
esac

# enable color support of ls and also add handy aliases
if [ -x /usr/bin/dircolors ]; then
    test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)"
    alias ls='ls --color=auto'
    #alias dir='dir --color=auto'
    #alias vdir='vdir --color=auto'

    alias grep='grep --color=auto'
    alias fgrep='fgrep --color=auto'
    alias egrep='egrep --color=auto'
fi

# colored GCC warnings and errors
export GCC_COLORS='error=01;31:warning=01;35:note=01;36:caret=01;32:locus=01:quote=01'

# some more ls aliases
alias ll='ls -alhF'
alias la='ls -A'
alias l='ls -CF'
alias nano='nano -$'

# Add an "alert" alias for long running commands.  Use like so:
#   sleep 10; alert
alias alert='notify-send --urgency=low -i "$([ $? = 0 ] && echo terminal || echo error)" "$(history|tail -n1|sed -e '\''s/^\s*[0-9]\+\s*//;s/[;&|]\s*alert$//'\'')"'

# Alias definitions.
# You may want to put all your additions into a separate file like
# ~/.bash_aliases, instead of adding them here directly.
# See /usr/share/doc/bash-doc/examples in the bash-doc package.

if [ -f ~/.bash_aliases ]; then
    . ~/.bash_aliases
fi

# enable programmable completion features (you don't need to enable
# this, if it's already enabled in /etc/bash.bashrc and /etc/profile
# sources /etc/bash.bashrc).
if ! shopt -oq posix; then
  if [ -f /usr/share/bash-completion/bash_completion ]; then
    . /usr/share/bash-completion/bash_completion
  elif [ -f /etc/bash_completion ]; then
    . /etc/bash_completion
  fi
fi


#set time style
export TIME_STYLE='+%Y-%m-%d %H:%M:%S'

#history格式化 用户-IP-时间-命令
USER_IP=`who -u am i 2>/dev/null| awk '{print $NF}'|sed -e 's/[()]//g'`
if [ -z $USER_IP  ]
then
  USER_IP="NO_client_IP"
fi
export HISTTIMEFORMAT="$USER from $USER_IP %F %T "

man() {
env \
LESS_TERMCAP_mb=$(printf "\e[1;31m") \
LESS_TERMCAP_md=$(printf "\e[1;31m") \
LESS_TERMCAP_me=$(printf "\e[0m") \
LESS_TERMCAP_se=$(printf "\e[0m") \
LESS_TERMCAP_so=$(printf "\e[1;44;33m") \
LESS_TERMCAP_ue=$(printf "\e[0m") \
LESS_TERMCAP_us=$(printf "\e[1;32m") \
man "$@"
}
EOF
	
	#root用户添加.profile
	cp /etc/skel/.profile /root/
	#开启root用户桌面登录
	sudo echo -e "[SeatDefaults]\n#autologin-user=root\nuser-session=ubuntu\ngreeter-show-manual-login=true" > /usr/share/lightdm/lightdm.conf.d/50-ubuntu.conf
	;;
centos)
	kill -9 `ps -ef | grep yum | grep -v grep | awk '{print $2}'`

	#配置源
	echo -e "系统发行版为centos,现在执行安装\n"
	echo "开始配置yum源"
	echo "正在配置163源"
	mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
	wget  -O /etc/yum.repos.d/CentOS7-Base-163.repo http://mirrors.163.com/.help/CentOS7-Base-163.repo
	echo "正在配置aliyun源"
	wget -O /etc/yum.repos.d/CentOS-Base-Aliyun.repo http://mirrors.aliyun.com/repo/Centos-7.repo
	wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

	selinux

	centos_ssh_server

	centos_vm_tools_install

	firewalld_status

	centos_iptables_install
	if [[ $? -eq 1 ]]
	then
		echo -e "\033[41;37m 已安装iptables \033[0m"
	else
		echo -e "\033[41;37m 未进行安装iptables \033[0m"
	fi

	yum install lrzsz nano vim -y

	#个性化.bashrc
	echo > /root/.bashrc
	cat >> /root/.bashrc << 'EOF'
# ~/.bashrc: executed by bash(1) for non-login shells.
# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
# for examples

# If not running interactively, don't do anything
case $- in
    *i*) ;;
      *) return;;
esac

# don't put duplicate lines or lines starting with space in the history.
# See bash(1) for more options
HISTCONTROL=ignoreboth

# append to the history file, don't overwrite it
shopt -s histappend

# for setting history length see HISTSIZE and HISTFILESIZE in bash(1)
HISTSIZE=1000
HISTFILESIZE=2000

# check the window size after each command and, if necessary,
# update the values of LINES and COLUMNS.
shopt -s checkwinsize

# If set, the pattern "**" used in a pathname expansion context will
# match all files and zero or more directories and subdirectories.
#shopt -s globstar

# make less more friendly for non-text input files, see lesspipe(1)
[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)"

# set variable identifying the chroot you work in (used in the prompt below)
if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then
    debian_chroot=$(cat /etc/debian_chroot)
fi

# set a fancy prompt (non-color, unless we know we "want" color)
case "$TERM" in
    xterm-color|*-256color) color_prompt=yes;;
esac

# uncomment for a colored prompt, if the terminal has the capability; turned
# off by default to not distract the user: the focus in a terminal window
# should be on the output of commands, not on the prompt
force_color_prompt=yes

if [ -n "$force_color_prompt" ]; then
    if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then
	# We have color support; assume it's compliant with Ecma-48
	# (ISO/IEC-6429). (Lack of such support is extremely rare, and such
	# a case would tend to support setf rather than setaf.)
	color_prompt=yes
    else
	color_prompt=
    fi
fi

if [ "$color_prompt" = yes ]; then
    PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
else
    PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '
fi
unset color_prompt force_color_prompt

# If this is an xterm set the title to user@host:dir
case "$TERM" in
xterm*|rxvt*)
    PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1"
    ;;
*)
    ;;
esac

# enable color support of ls and also add handy aliases
if [ -x /usr/bin/dircolors ]; then
    test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)"
    alias ls='ls --color=auto'
    #alias dir='dir --color=auto'
    #alias vdir='vdir --color=auto'

    alias grep='grep --color=auto'
    alias fgrep='fgrep --color=auto'
    alias egrep='egrep --color=auto'
fi

# colored GCC warnings and errors
export GCC_COLORS='error=01;31:warning=01;35:note=01;36:caret=01;32:locus=01:quote=01'

# some more ls aliases
alias ll='ls -alhF'
alias la='ls -A'
alias l='ls -CF'
alias nano='nano -$'

# Add an "alert" alias for long running commands.  Use like so:
#   sleep 10; alert
alias alert='notify-send --urgency=low -i "$([ $? = 0 ] && echo terminal || echo error)" "$(history|tail -n1|sed -e '\''s/^\s*[0-9]\+\s*//;s/[;&|]\s*alert$//'\'')"'

# Alias definitions.
# You may want to put all your additions into a separate file like
# ~/.bash_aliases, instead of adding them here directly.
# See /usr/share/doc/bash-doc/examples in the bash-doc package.

if [ -f ~/.bash_aliases ]; then
    . ~/.bash_aliases
fi

# enable programmable completion features (you don't need to enable
# this, if it's already enabled in /etc/bash.bashrc and /etc/profile
# sources /etc/bash.bashrc).
if ! shopt -oq posix; then
  if [ -f /usr/share/bash-completion/bash_completion ]; then
    . /usr/share/bash-completion/bash_completion
  elif [ -f /etc/bash_completion ]; then
    . /etc/bash_completion
  fi
fi


#set time style
export TIME_STYLE='+%Y-%m-%d %H:%M:%S'

#history格式化 用户-IP-时间-命令
USER_IP=`who -u am i 2>/dev/null| awk '{print $NF}'|sed -e 's/[()]//g'`
if [ -z $USER_IP  ]
then
  USER_IP="NO_client_IP"
fi
export HISTTIMEFORMAT="$USER from $USER_IP %F %T "

man() {
env \
LESS_TERMCAP_mb=$(printf "\e[1;31m") \
LESS_TERMCAP_md=$(printf "\e[1;31m") \
LESS_TERMCAP_me=$(printf "\e[0m") \
LESS_TERMCAP_se=$(printf "\e[0m") \
LESS_TERMCAP_so=$(printf "\e[1;44;33m") \
LESS_TERMCAP_ue=$(printf "\e[0m") \
LESS_TERMCAP_us=$(printf "\e[1;32m") \
man "$@"
}
EOF

	;;
*)
	echo -e "传入参数有误"
	;;
esac

发表评论

您的邮箱地址不会被公开。 必填项已用 * 标注