centos6——初始化脚本

服务器centos6初始化脚本，包含几个方面：

修改主机名

添加用户秘钥

ssh 端口修改

ulimit值修改

防火墙修改

添加追踪日志

时间同步

安装一些基础软件包

nagios客户端安装

zabbix客户端安装

salt客户端安装

第一个脚本：

#!/bin/bash

# DATE 2017-02-03 17:01

SPORT=51029

SURL=http://XX.XX.XX.XX

IPTBL="/etc/sysconfig/iptables"

AUTH="authorized_keys"

MD5_DIR="/root/.md5_back"

userlist="user1 user2 user3"

sudouser="user1 user2 user3"

MINION_PATH="/etc/salt/minion"

MASTER="XX.XX.XX.XX"

LANIP=`ifconfig eth0 | grep inet | awk '{print $2}'`

NagiosServer="XX.XX.XX.XX"

TNagios="XX.XX.XX.XX"

NagiosDir="/etc/nagios/nrpe.cfg"

SCRIPT="/mnt/log/script"

if [ ! -d "$MD5_DIR" ];then

    mkdir -p $MD5_DIR

fi

function get_md5() {

    md5_value=`echo -n $1|md5sum|cut -d' ' -f1`

echo "$1 ----->  $md5_value" >>$MD5_DIR/command_md5.log

}

get_md5 /bin/ls

get_md5 /bin/cp

get_md5 /bin/vi

get_md5 /usr/bin/crontab

get_md5 /etc/passwd

get_md5 /etc/crontab 

get_md5 /usr/bin/last

get_md5 /usr/bin/lastlog

INIT(){

NAME=`hostname`

sed -i '/'$NAME'/d' /etc/hosts

NEWNAME=$1

if [ $# -eq 1 -a ! -z "$NEWNAME"  ];then

    echo "Setting HOSTNAME"

    sed -i "s/$NAME/$NEWNAME/" /etc/sysconfig/network

hostname $NEWNAME

else

    echo "The hostname of this server must not be empty"

    exit 1

fi

#修改/etc/hosts 文件的主机名

echo "$LANIP  $NEWNAME" >> /etc/hosts

###sed -i 's/localhost.localdomain/$HNAME/g' /etc/sysconfig/network

sed -i 's/enforcing/disabled/g' /etc/sysconfig/selinux 

#### limit 值修改

cat >> /etc/security/limits.conf <

* soft nofile 65535

* hard nofile 65535

* soft nproc 65535

* hard nproc 65535

EOF

useradd -u 1001 -G wheel user1

useradd -u 1002 -G wheel user2

useradd -u 1003 -G wheel user3

sed -i "/# User_Alias ADMINS = jsmith, mikem/ aUser_Alias ADMINS = $sudouser" /etc/sudoers

sed -i '/^root/ aADMINS  ALL=\(ALL\)       ALL' /etc/sudoers

sed -i '/NOPASSWD: ALL$/ a%wheel          ALL=\(ALL\)       NOPASSWD\: ALL' /etc/sudoers

#sed -i 's/PasswordAuthentication yes/#PasswordAuthentication yes/g' /etc/ssh/sshd_config

#sed -i 's/#PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/sshd_config

sed -i 's/#PubkeyAuthentication yes/PubkeyAuthentication yes/g' /etc/ssh/sshd_config

sed -i '/#Port 22/a\Port $SPORT' /etc/ssh/sshd_config

service sshd restart

#添加用户登录密钥

for i in $userlist

do

wget $SURL/secret/$i/$AUTH -P /home/$i/.ssh/

chown $i.$i /home/$i/.ssh/$AUTH

chmod 600 /home/$i/.ssh/$AUTH

done

####添加防火墙

RESTART=0

HAVE=$(grep $SPORT $IPTBL | grep -c ACCEPT)

if [ $HAVE -eq 0 ]; then

sed -i "/-i\ lo\ -j\ ACCEPT/a-A INPUT -p tcp -m tcp --dport $SPORT -j ACCEPT" $IPTBL

RESTART=1

fi

if [ $RESTART -eq 1 ]; then

service iptables restart

fi

##添加追踪日志 script log

if [ ! -d $SCRIPT ];then

mkdir -p $SCRIPT

chmod 743 $SCRIPT

fi

cat >> /etc/profile <

if [ \$UID -ge 1000 ]; then

        exec /usr/bin/script -t 2>$SCRIPT/\$USER-\$UID-\`date +%Y%m%d%H%M\`.date -a -f -q $SCRIPT/\$USER-\$UID-\`date +%Y%m%d%H%M\`.log

fi      

EOF

#时间同步

yum -y install ntpdate

echo '02 3 * * * root /usr/sbin/ntpdate cn.pool.ntp.org' >> /etc/crontab

###INSTALL make 编译器

yum -y install gcc gcc-c++ make autoconf automake libtool zlib zlib-devel openssl openssl-devel pcre-devel ncurses-devel unixODBC-devel perl-ExtUtils-Embed mesa* gtk+extra-devel mesa* freeglut* lrzsz openssh-clients unzip patch 

}

nagios_client(){

yum -y install nrpe nagios-plugins nagios-plugins-nrpe nrpe nagios-plugins-load nagios-plugins-disk nagios-plugins-swap

sed -i 's/allowed_hosts=127.0.0.1/allowed_hosts='$NagiosServer','$TNagios'/g' $NagiosDir

sed -i '/check_total_procs/a \command[check_disk]=/usr/lib64/nagios/plugins/check_disk -w 15% -c 10% -p /mnt' $NagiosDir

service nrpe start

}

salt_agent(){

# Install salt 2016.03.01

yum -y install https://repo.saltstack.com/yum/redhat/salt-repo-latest-1.el6.noarch.rpm

yum -y update

if [ $? -eq 0 ];then

yum -y install salt-minion

else 

echo "yum update error"

exit 3

fi

#Config /etc/salt/minion

sed -i 's/#master: salt/master: '$MASTER'/g' $MINION_PATH

sed -i 's/#hash_type: sha256/hash_type: sha256/g' $MINION_PATH

sed -i '/#key_logfile/a\log_file: \/var\/log\/salt\/minion/' $MINION_PATH

sed -i 's/#key_logfile: \/var\/log\/salt\/key/key_logfile: \/var\/log\/salt\/key/' $MINION_PATH

service salt-minion start

}

INIT

nagios_client

salt_agent

以上为初始化脚本。

第二个脚本： 添加zabbix客户端

hname=`hostname`

SURL=http://XX.XX.XX.XX

MASTER="XX.XX.XX.XX"

#判断用户是否存在

add_user_zabbix()

{

name="zabbix"

a=`grep -c $name /etc/passwd`

if [ "$a" -eq 1 ];then

    echo  "THE user $zabbix is aready exist"

    return 1

else

   echo "Add zabbix user"

   groupadd "$name" -g 201

   useradd -g "$name" -u 201 -m "$name"

fi

}

zabbix_agentd_install()

{

log_d="/var/log/zabbix"

#安装所需软件

yum install -y ntpdate gcc gcc-c++

sleep 3

#同步时间

ntpdate asia.pool.ntp.org

sleep 3

#安装zabbix

#切换到src

cd /usr/local/src

echo "Installing zabbix_agentd"

rm -rf zabbix-3.0.4.tar.gz*

sleep 1

echo "Downloading"

wget $SURL/zabbix/zabbix-3.0.4.tar.gz

sleep 1

if [ ! -f "zabbix-3.0.4.tar.gz" ];then

echo "zabbix-3.0.4.tar.gz is not exist"

exit 1

fi

tar zxvf zabbix-3.0.4.tar.gz

cd zabbix-3.0.4

sleep 1

/bin/bash configure --prefix=/usr --sysconfdir=/etc/zabbix --enable-agent

sleep 3

if [ $? != 0 ]; then

  echo "configure was wrong!!"

  exit 1

else

  echo "The zabbix is aready installed!!"

fi 

make && make install

if [ $? != 0 ]; then

  echo "There were something wrong in make!!!"

  exit 1

fi 

#创建zabbix日志目录

if [ ! -d "$log_d" ];then

    mkdir $log_d

fi

chown zabbix.zabbix $log_d

#修改配置文件

/bin/cp misc/init.d/fedora/core/zabbix_agentd /etc/init.d/

chmod 755 /etc/init.d/zabbix_agentd

sed -i "s#BASEDIR=/usr/local#BASEDIR=/usr/#g" /etc/init.d/zabbix_agentd

sed -i "s/Server\=127.0.0.1/Server\=127.0.0.1,$MASTER/g" /etc/zabbix/zabbix_agentd.conf

sed -i "s/ServerActive\=127.0.0.1/ServerActive\=$MASTER:10051/g" /etc/zabbix/zabbix_agentd.conf

sed -i "s/Hostname=Zabbix server/Hostname=$hname/g" /etc/zabbix/zabbix_agentd.conf

sed -i "s#tmp/zabbix_agentd.log#var/log/zabbix/zabbix_agentd.log#g" /etc/zabbix/zabbix_agentd.conf

sed -i "#UnsafeUserParameters=0#aUnsafeUserParameters=1\n" /etc/zabbix/zabbix_agentd.conf

#启动服务

chkconfig zabbix_agentd on

service zabbix_agentd start

return 1

}

pid=`pgrep zabbix_agentd`

if [ -n "$pid" ];then

    echo "the zabbix_agentd is aready installed!"

echo "Do want to reload the zabbix_agentd? Y/N"

read choice

case $choice in

Y) service zabbix_agentd stop;zabbix_agentd_install ;;

N) echo "You choose N,the script will be break";exit 2;;

*) echo "UNknow anwser!";exit 3;;

esac

else

    add_user_zabbix

zabbix_agentd_install

exit 4

fi

以上为整理的初始化centos 6 服务器的脚本。隐藏了一些ip，不能直接使用于你的服务器。可以为读者提供一些思路。或者后续会完善为更简便的脚本。