新装Ubuntu22初始化配置脚本
#!/usr/bin/env bash
set -e
# export PS4='+${LINENO}: '
replace_sources() {
echo -n "replace the sources with Tsinghua University .."
cat << 'END' > /etc/apt/sources.list
# 默认注释了源码镜像以提高 apt update 速度,如有需要可自行取消注释
deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu-ports/ jammy main restricted universe multiverse
# deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu-ports/ jammy main restricted universe multiverse
deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu-ports/ jammy-updates main restricted universe multiverse
# deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu-ports/ jammy-updates main restricted universe multiverse
deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu-ports/ jammy-backports main restricted universe multiverse
# deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu-ports/ jammy-backports main restricted universe multiverse
deb http://ports.ubuntu.com/ubuntu-ports/ jammy-security main restricted universe multiverse
# deb-src http://ports.ubuntu.com/ubuntu-ports/ jammy-security main restricted universe multiverse
# 预发布软件源,不建议启用
# deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu-ports/ jammy-proposed main restricted universe multiverse
# # deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu-ports/ jammy-proposed main restricted universe multiverse
END
echo "done."
}
install_base_pkg () {
apt_update(){
# 关闭自动更新
sed -i 's/1/0/g' /etc/apt/apt.conf.d/20auto-upgrades
# 取消apt update时的服务升级提示,便于静默安装
sed -i '/^#\?$nrconf{kernelhints}/s/.*/$nrconf{kernelhints} = 0;/' /etc/needrestart/needrestart.conf
sed -i '/^#\?$nrconf{restart}/s/.*/$nrconf{restart} = "l";/' /etc/needrestart/needrestart.conf
apt-get -qqq update -y && apt-get upgrade -y -qqq && \
apt-get install -y -qqq apt-transport-https ca-certificates apt-utils dialog && \
apt-get install -y -qqq vim curl gnupg-agent software-properties-common \
python3 python3-pip nginx samba neofetch net-tools ipvsadm \
nload nethogs htop policycoreutils lsb-release \
selinux-utils selinux-basics tree iotop chrony \
testdisk acl cpu-checker && \
apt-get -qqq remove ufw && \
apt-get -qqq autoremove
}
apt_update 2>&1 >/dev/null
}
ssh_conf() {
sed -i '/^#\?PermitRootLogin/s/.*/PermitRootLogin yes/' /etc/ssh/sshd_config
sed -i '/^#\?PubkeyAuthentication/s/.*/PubkeyAuthentication yes/' /etc/ssh/sshd_config
sed -i '/^#\?ClientAliveInterval/s/.*/ClientAliveInterval 60/' /etc/ssh/sshd_config
sed -i '/^#\?ClientAliveCountMax/s/.*/ClientAliveCountMax 3/' /etc/ssh/sshd_config
systemctl restart ssh
}
disable_selinux() {
sed -i '/^SELINUX/s/.*/SELINUX=disabled/' /etc/selinux/config
}
swap_off() {
swapoff -a
sed -i '/swap.img/s/^/# /' /etc/fstab
}
sysctl_conf() {
cat << EOF > /etc/sysctl.d/address_forward.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
sysctl -p
modprobe nf_conntrack >/dev/null
# lsmod | grep nf_conntrack >/dev/null
}
k8s_service() {
cat << EOF > /etc/sysconfig/modules/ipvs.modules
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF
}
install_docker() {
func(){
mkdir -m 0755 -p /etc/apt/keyrings
curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo \
"deb [signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://mirrors.aliyun.com/docker-ce/linux/ubuntu \
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
apt-get update -y -qqq &&
apt-get install -y -qqq docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
systemctl enable --now docker >/dev/null
}
func 2>&1 >/dev/null
}
openfile_config () {
cat << EOF > /etc/security/limits.d/openfiles.conf
root soft nofile 65535
root hard nofile 65535
EOF
}
progress_bar() {
func_name=$1
trap 'onCtrlC' INT
onCtrlC () {
#捕获CTRL+C,当脚本被ctrl+c的形式终止时同时终止程序的后台进程
kill -9 ${do_sth_pid} ${progress_pid}
echo
echo 'Ctrl+C is captured'
exit 1
}
progress() {
#进度条程序
local main_pid=$1
local length=30
local ratio=1
while [ "$(ps -p ${main_pid} | wc -l)" -ne "1" ] ; do
mark='#'
progress_bar=
for i in $(seq 1 "${length}"); do
if [ "$i" -gt "${ratio}" ] ; then
mark='.'
fi
progress_bar="${progress_bar}${mark}"
done
printf "Progress: ${progress_bar}\r"
ratio=$((ratio+1))
#ratio=`expr ${ratio} + 1`
if [ "${ratio}" -gt "${length}" ] ; then
ratio=1
fi
sleep 0.1
done
}
$func_name &
do_sth_pid=$(jobs -p | tail -1)
progress "${do_sth_pid}" &
progress_pid=$(jobs -p | tail -1)
wait "${do_sth_pid}"
printf "Progress: done \n"
}
is_rebot() {
read -p "You are advised to restart the server for the command to take effect [y/n] " input
case ${input} in
[yY]*)
echo "reboot.."
reboot
break
;;
[nN]*)
eco "init ok, exit"
break
;;
*)
echo "just enter y or n, please."
;;
esac
}
set_hostname() {
read -p "Please input your hostname: " input
hostnamectl set-hostname $input
}
stop_desktop() {
read -p "Whether to uninstall the desktop, just use the command line [y/n] " input
case ${input} in
[yY]*)
# systemctl stop gdm
# apt-get remove -y -qqq ubuntu-desktop
# apt-get purge -y -qqq ubuntu-desktop
# apt-get autoremove -qqq >/dev/null
systemctl set-default multi-user >/dev/null
;;
[nN]*)
;;
*)
echo "just enter y or n, please."
;;
esac
}
replace_sources
progress_bar install_base_pkg
ssh_conf
disable_selinux
swap_off
sysctl_conf
# k8s_service
install_docker
openfile_config
set_hostname
stop_desktop
is_rebot