Centos7 系统初始化脚本

一键初始化，解决一切不纯洁服务器

#!/usr/bin/bash
#
#
#关闭防火墙及selinux
firewalld(){
	systemctl stop firewalld
	systemctl disable firewalld
	setenforce 0
	sed -i '7s/enforcing/disable/' /etc/selinux/config 
	echo "firewalld和selinux 已关闭"
}
#对服务器进行时间日期校准
date_cab(){
	yum -y install ntpdate  > /dev/null
	ntpdate -s pool.ntp.org
	echo "时间校准中请等待"
}
#更换为国内的yum源 
#!/usr/bin/bash
yum_change(){
        mv /etc/yum.repos.d/*   /dev/null
        curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo > /dev/null
        yum clean all  > /dev/null
        yum makecache >/dev/null
        yum -y install epel-release >/dev/null
        echo "更换yum源中请等待"

}
     
#添加默认普通用户
user(){
	useradd other 
	echo "默认用户othert已添，为了账户安全请自行修改密码"
}
#提权-禁止root
nologin(){
	echo "other  ALL=(ALL)       NOPASSWD: ALL" >> /etc/sudoers 
	sed -i '38cPermitRootLogin no' /etc/ssh/sshd_config
	echo "other用户提权完成，root远程登陆已禁止"
}
# dns配置 
dns(){
        yum -y install net-tools > /dev/null
        geteway=`route -n |grep 'UG' |awk '{print $2}'|head -1`
        echo "nameserver  $geteway" >>  /etc/resolv.conf
        echo "DNS 服务配置已完成"
}
#安装基础服务
systemctl_install(){
	yum -y install lsof > /dev/null
	echo "基础服务安装中，请等待"
}
#内核参数调优
kentel(){
cat <<-EOF >> /etc/security/limits.conf 
	* soft nofile 65535
	* hard nofile 65535
EOF
cat <<-EOF >> /etc/sysctl.conf
	net.ipv4.tcp_syncookies= 1
	net.ipv4.tcp_tw_reuse= 1
	net.ipv4.tcp_tw_recycle= 1
	net.ipv4.tcp_fin_timeout= 30
EOF
sysctl -p
	echo "调优完成"

} 
firewalld
date_cab
user
nologin
dns
systemctl_install
kentel