| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100 |
- #!/bin/bash
- # Author: yeho <lj2007331 AT gmail.com>
- # BLOG: https://linuxeye.com
- #
- # Notes: OneinStack for CentOS/RedHat 7+ Debian 9+ and Ubuntu 16+
- #
- # Project home page:
- # https://oneinstack.com
- # https://github.com/oneinstack/oneinstack
- # Custom profile
- cat > /etc/profile.d/oneinstack.sh << EOF
- HISTSIZE=10000
- PS1='\${debian_chroot:+(\$debian_chroot)}\\[\\e[1;32m\\]\\u@\\h\\[\\033[00m\\]:\\[\\033[01;34m\\]\\w\\[\\033[00m\\]\\$ '
- HISTTIMEFORMAT="%F %T \$(whoami) "
- alias l='ls -AFhlt --color=auto'
- alias lh='l | head'
- alias ll='ls -l --color=auto'
- alias ls='ls --color=auto'
- alias vi=vim
- GREP_OPTIONS="--color=auto"
- alias grep='grep --color'
- alias egrep='egrep --color'
- alias fgrep='fgrep --color'
- EOF
- sed -i 's@^"syntax on@syntax on@' /etc/vim/vimrc
- # history
- [ -z "$(grep history-timestamp ~/.bashrc)" ] && echo "PROMPT_COMMAND='{ msg=\$(history 1 | { read x y; echo \$y; });user=\$(whoami); echo \$(date \"+%Y-%m-%d %H:%M:%S\"):\$user:\`pwd\`/:\$msg ---- \$(who am i); } >> /tmp/\`hostname\`.\`whoami\`.history-timestamp'" >> ~/.bashrc
- # /etc/security/limits.conf
- [ -e /etc/security/limits.d/*nproc.conf ] && rename nproc.conf nproc.conf_bk /etc/security/limits.d/*nproc.conf
- [ -z "$(grep 'session required pam_limits.so' /etc/pam.d/common-session)" ] && echo "session required pam_limits.so" >> /etc/pam.d/common-session
- sed -i '/^# End of file/,$d' /etc/security/limits.conf
- cat >> /etc/security/limits.conf <<EOF
- # End of file
- * soft nproc 1000000
- * hard nproc 1000000
- * soft nofile 1000000
- * hard nofile 1000000
- root soft nproc 1000000
- root hard nproc 1000000
- root soft nofile 1000000
- root hard nofile 1000000
- EOF
- # /etc/hosts
- [ "$(hostname -i | awk '{print $1}')" != "127.0.0.1" ] && sed -i "s@127.0.0.1.*localhost@&\n127.0.0.1 $(hostname)@g" /etc/hosts
- # Set timezone
- rm -rf /etc/localtime
- ln -s /usr/share/zoneinfo/${timezone} /etc/localtime
- # Set DNS
- #cat > /etc/resolv.conf << EOF
- #nameserver 114.114.114.114
- #nameserver 8.8.8.8
- #EOF
- # /etc/sysctl.conf
- [ -z "$(grep 'fs.file-max' /etc/sysctl.conf)" ] && cat >> /etc/sysctl.conf << EOF
- fs.file-max = 1000000
- fs.inotify.max_user_instances = 8192
- net.ipv4.tcp_syncookies = 1
- net.ipv4.tcp_fin_timeout = 30
- net.ipv4.tcp_tw_reuse = 1
- net.ipv4.ip_local_port_range = 1024 65000
- net.ipv4.tcp_max_syn_backlog = 16384
- net.ipv4.tcp_max_tw_buckets = 6000
- net.ipv4.route.gc_timeout = 100
- net.ipv4.tcp_syn_retries = 1
- net.ipv4.tcp_synack_retries = 1
- net.core.somaxconn = 32768
- net.core.netdev_max_backlog = 32768
- net.ipv4.tcp_timestamps = 0
- net.ipv4.tcp_max_orphans = 32768
- EOF
- sysctl -p
- sed -i 's@^ACTIVE_CONSOLES.*@ACTIVE_CONSOLES="/dev/tty[1-2]"@' /etc/default/console-setup
- sed -i 's@^# en_US.UTF-8@en_US.UTF-8@' /etc/locale.gen
- init q
- # ufw
- if [ "${firewall_flag}" == 'y' ]; then
- ufw allow 22/tcp
- [ "${ssh_port}" != "22" ] && ufw allow ${ssh_port}/tcp
- ufw allow 80/tcp
- ufw allow 443/tcp
- ufw --force enable
- else
- ufw --force disable
- fi
- systemctl restart rsyslog ssh
- . /etc/profile
- . ~/.bashrc
|
