CentOS 7.6 系统初始化
-
- 环境变量
- 更换 yum 源
- 设置centos语言为中文
- 本地yum
- 安装依赖包
- 时间同步脚本
- 设置防火墙为 Iptables 并设置空规则
- 关闭 selinux,swap
- 设置时间同步
- 磁盘初始化
- 升级内核
- Pure-ftpd安装
环境变量
cat > /etc/profile.d/my_env.sh <<'EOF'
JAVA_HOME=/usr/local/jdk1.8
MAVEN_HOME=/usr/local/maven
NODE_HOME=/usr/local/node
PATH=$PATH:$JAVA_HOME/bin:$MAVEN_HOME/bin:$NODE_HOME/bin
export PATH JAVA_HOME MAVEN_HOME NODE_HOME
EOF
source /etc/profile
npm config set registry http://registry.npmmirror.com
npm install -g yarn
yarn config set registry http://registry.npmmirror.com
更换 yum 源
mkdir -p /etc/yum.repos.d/repo.bak && mv /etc/yum.repos.d/* /etc/yum.repos.d/repo.bak
rm -rf /etc/yum.repos.d/*
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
curl -o /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
yum clean all && yum makecache
设置centos语言为中文
localectl set-locale LANG=zh_CN.utf8
localectl set-x11-keymap cn
localectl status
本地yum
rm -rf /etc/yum.repos.d/*
cat > /etc/yum.repos.d/local-base.repo << 'EOF'
[base]
name=CentOS-$releasever - Base - Local
baseurl=http://10.3.6.56/base
gpgcheck=0
enabled=1
[updates]
name=CentOS-$releasever - Updates - Local
baseurl=http://10.3.6.56/updates
gpgcheck=0
enabled=1
[extras]
name=CentOS-$releasever - Extras - Local
baseurl=http://10.3.6.56/extras
gpgcheck=0
enabled=1
EOF
cat > /etc/yum.repos.d/local-epel.repo << 'EOF'
[epel]
name=Extra Packages for Enterprise Linux 7 - $basearch - Local
baseurl=http://10.3.6.56/epel
gpgcheck=0
enabled=1
EOF
cat > /etc/yum.repos.d/local-docker-ce.repo << 'EOF'
[docker-ce-stable]
name=docker-ce-stable
baseurl=http://10.3.6.56/docker-ce-stable
enabled=1
gpgcheck=0
EOF
cat > /etc/yum.repos.d/local-elrepo-kernel.repo << 'EOF'
[elrepo-kernel]
name=aliyun Community Enterprise Linux Kernel Repository - el7
baseurl=http://10.3.6.56/elrepo-kernel
enabled=0
gpgcheck=0
EOF
cat > /etc/yum.repos.d/local-gluster-9.repo << 'EOF'
[centos-gluster9]
name=CentOS-$releasever - Gluster 9
baseurl=http://10.3.6.56/centos-gluster9
gpgcheck=0
enabled=1
EOF
yum clean all && yum makecache
安装依赖包
yum install -y vim net-tools lrzsz bash-completion zip unzip wget ntp ntpdate rsync telnet tree yum-utils git wget socat conntrack ebtables ipset ipvsadm createrepo device-mapper-persistent-data lvm2 lftp jq
yum install -y gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel libidn libidn-devel openssl openssl-devel openldap openldap-devel nss_ldap openldap-clients openldap-servers
时间同步脚本
mkdir /cron
cat > /cron/date.sh << 'EOF'
#!/bin/bash
/usr/sbin/ntpdate -u ntp1.aliyun.com
endDate=`date +"%Y-%m-%d %H:%M:%S"`
echo "★[$endDate] 同步时间完成"
EOF
chmod 755 /cron/date.sh
00 */1 * * * /cron/date.sh >> /cron/date.log 2>&1
00 02 * * * /usr/sbin/ntpdate ntp.aliyun.com &> /dev/null
ntpdate ntp.aliyun.com
echo '00 02 * * * /usr/sbin/ntpdate ntp.aliyun.com &> /dev/null' >> /var/spool/cron/root
ntpdate ntp.aliyun.com
设置防火墙为 Iptables 并设置空规则
systemctl stop firewalld && systemctl disable firewalld
yum install -y iptables-services && systemctl start iptables && systemctl enable iptables && iptables -F && service iptables save
关闭 selinux,swap
swapoff -a && sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
setenforce 0 && sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config
设置时间同步
#!/bin/bash
yum install ntpdate ntp -y
systemctl enable ntpd
timedatectl set-timezone Asia/Shanghai
timedatectl set-ntp yes
systemctl stop ntpd
ntpdate -u ntp1.aliyun.com
hwclock --systohc --localtime
hwclock -w
systemctl start ntpd
磁盘初始化
fdisk -l
fdisk /dev/vdb
parted /dev/vdb
mkfs.ext4 /dev/vdb1
mkdir /data
mount /dev/vdb1 /data
df -TH
blkid /dev/vdb1
vim /etc/fstab
echo "/dev/vdb1 /data ext4 defaults 0 0" >> /etc/fstab
pvcreate /dev/vdb
vgcreate vg_jason /dev/vdb
lvcreate -n lv_01 -L 5G vg_jason
升级内核
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
yum install https://www.elrepo.org/elrepo-release-7.el7.elrepo.noarch.rpm -y
yum --enablerepo=elrepo-kernel install kernel-ml -y
sudo awk -F\' '$1=="menuentry " {print i++ " : " $2}' /etc/grub2.cfg
grub2-set-default 0
grub2-mkconfig -o /boot/grub2/grub.cfg
uname -r
yum -y remove kernel kernel-tools
cat > /etc/yum.repos.d/elrepo-kernel.repo << 'EOF'
[elrepo-kernel]
name=aliyun Community Enterprise Linux Kernel Repository - el7
baseurl=https://mirrors.aliyun.com/elrepo/kernel/el7/x86_64/
enabled=0
gpgcheck=0
EOF
reboot
Pure-ftpd安装
yum install -y pure-ftpd
VerboseLog yes
NoAnonymous yes
PureDB /etc/pure-ftpd/pureftpd.pdb
Bind 0.0.0.0,9812
useradd -d /pure -s /sbin/nologin -M pure
pure-pw useradd zhoushun -u pure -d /pure/zhoushun
pure-pw mkdb
pure-pw list
mkdir /pure/zhoushun -p
chown -R pure:pure /pure
chmod -R 750 /pure
systemctl enable pure-ftpd && systemctl restart pure-ftpd
useradd -d /dev/null -s /sbin/nologin viewer
usermod -aG pure viewer
pure-pw useradd jason -u viewer -d /data/ftp/zhoushun