zeaslity/shell-scripts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[Public] 重构通用脚本

Browse Source
This commit is contained in:
zeaslity
2023-09-28 14:42:16 +08:00
parent 1646ae1c3d
commit 65cb700649
17 changed files with 2481 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
Public/dep/ssh_key_pub.txt Normal file
View File

@@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDL9S6CSAjTFe2fy4bAIfqu90ft6E+GBRvS59kno6LDeAbqUQNYf9hEnIg07Ee/x5DlnYE0S3Ykv3WCHuVyBH2zANnC0P87SqphDGmoqdqF3r6uDaCr4lBsUqEai9X2q6dyjZj6ym+r4zQhMApNDzbhcyfKQ54tKFylGIdx6siyktuU/VbOzWc6G8r+BfFsQpMCA1ihmCY1jGjsKPqFlZGLeTrlBb1Zk0OV+GtDhlf/t0cd0kRPJoydm2juTXrZO+tFmf9turfKZsBnRYKtQBLJG5mF1hsjIqo8DHr+PUL2wRrSxEhGTZiJL4rNJo/kHhKXXsomc5RM/AnfgAfxrLlH zeasl@DESKTOP-K2F9GG3

29
Public/dep/wdd-server-host.txt Normal file
View File

@@ -0,0 +1,29 @@
146.56.147.12 arm-s-1 s0
10.0.0.91 arm-s-1 s0
146.56.159.175 arm-s-2 s5
10.0.0.173 arm-s-2 s5
140.238.8.73 seoul-1 s1
10.0.0.3 seoul-1 s1
140.238.30.110 seoul-2 s2
10.0.0.14 seoul-2 s2
140.238.29.102 seoul-3 s3
10.0.0.2 seoul-3 s3
140.238.14.103 seoul-4 s4
10.0.0.3 seoul-4 s4
150.230.198.103 tokyo-0 t0
140.238.63.37 tokyo-1 t1
140.238.52.228 tokyo-2 t2
42.192.52.227 tc-sh
43.128.39.232 tc-hk
114.117.165.222 tc-cd

796
Public/init-script-wdd.sh Normal file
View File

@@ -0,0 +1,796 @@
#!/bin/bash
# set -o errexit
# set -o nounset
# set -o pipefail
echo ""
echo ""
mkdir -p /root/wdd/lib/
lib_file_list=(wdd-lib-log.sh wdd-lib-sys.sh)
for lib_file in ${lib_file_list[@]} ; do
wget "https://oss-s1.107421.xyz/${lib_file}" -qO "/root/wdd/lib/${lib_file}"
echo "加载库文件 < /root/wdd/lib/${lib_file}"
. "/root/wdd/lib/${lib_file}"
done
# debug
#lib_file_list=(wdd-lib-sys.sh wdd-lib-log.sh )
#for lib_file in ${lib_file_list[@]} ; do
# echo "加载库文件 < /root/wdd/lib/${lib_file}"
# . "/root/wdd/lib/${lib_file}"
#done
docker_version=20.10.10
oss_url_prefix="https://oss-s1.107421.xyz"
# 脚本执行内容
deploy_in_cn=0
is_shutdown_firewall=0
is_disable_swap=0
is_common_tool_install=0
is_install_docker=0
is_install_docker_compose=0
is_install_zsh=0
is_install_host=0
is_modify_ssh_login=0
is_modify_ssh_port=0
# 脚本执行内容
## 安装所需要的程序,及依赖程序
install_demand_softwares() {
local software=""
for software in $@; do
## 安装该软件
if [[ -n $(command -v "${software}") ]]; then
colorEchoGreen "${software}已经安装了...跳过..."
echo ""
else
log "正在安装 ${software}..."
## 判断该软件是否安装成功
if ! $CMD_INSTALL "${software}"; then
error "安装 ${software} 失败。"
error "如果是重要软件,本脚本会自动终止!!"
colorEchoPurple "一般软件,本脚本会忽略错误并继续运行,请之后手动安装该程序。"
return 1
else
log "已经成功安装 ${software}"
SplitGreen
fi
fi
done
return 0
}
#######################################
# description
# Globals:
# BLUE
# GREEN
# LinuxReleaseVersion
# Arguments:
# None
#######################################
shutdown_firewall() {
## 关闭防火墙、SElinux、Swap
FunctionStart "关闭系统的防火墙"
systemctl stop firewalld
systemctl disable firewalld
SplitBlue
if [ "${LinuxReleaseVersion}" = "centos" ]; then
colorEchoGreen "当前系统的发行版为-- ${LinuxReleaseVersion}"
SplitGreen
log "开始关闭SELinux……"
setenforce 0
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
colorEchoGreen " SELinux关闭完成 "
else
colorEchoGreen "当前系统的发行版为-- ${LinuxReleaseVersion}"
systemctl stop ufw
systemctl disable ufw
colorEchoGreen "无需关闭SELinux现在 跳过"
fi
FunctionEnd
}
#######################################
# description
# Globals:
# oss_url_prefix
# Arguments:
# None
#######################################
add_octopus_host() {
FunctionStart "添加Octopus自定义Hosts"
if grep -q "140.238" < /etc/hosts; then
warn "自定义的Hosts已经配置完成 跳过!"
else
log "开始下载 自定义的Hosts文件"
wget "$oss_url_prefix/wdd-server-host.txt" -O /tmp/wdd-server-host.txt
cat /tmp/wdd-server-host.txt >> /etc/hosts
fi
if grep -q "140.238" < /etc/hosts; then
colorEchoGreen "自定义hosts添加成功"
SplitGreen
fi
FunctionEnd
}
#######################################
# description
# Globals:
# BLUE
# GREEN
# Arguments:
# None
#######################################
disable_swap() {
FunctionStart "关闭系统的虚拟内存"
swapoff -a
colorEchoGreen " 虚拟内存关闭完成 "
SplitGreen
log "正在备份系统的文件系统表……"
cp -f /etc/fstab /etc/fstab_bak
colorEchoGreen " 备份完成 "
echo ""
log "正在修改文件系统表,去除虚拟内存的部分……"
grep -v swap < /etc/fstab_bak >/etc/fstab
colorEchoGreen " 修改完成 "
FunctionEnd
}
## 安装docker时修改系统的配置文件
modify_system_config_docker() {
FunctionStart "修改系统内核参数"
## 配置内核参数
cat >/etc/sysctl.d/k8s.conf <<EOF
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
## 执行命令以应用
sysctl -p /etc/sysctl.d/k8s.conf
colorEchoGreen "--------------系统内核参数修改的结果如上所示----------------"
SplitGreen
log "系统参数修改成功开始重启docker的服务"
systemctl daemon-reload
systemctl restart docker
FunctionEnd
}
#######################################
# description
# Globals:
# BLUE
# CMD_REMOVE
# deploy_in_cn
# docker_version
# GREEN
# LinuxReleaseVersion
# RED
# pre_one
# Arguments:
# None
# Returns:
# $? ...
#######################################
install_docker() {
### 依赖colorEcho
FunctionStart "安装Docker => 版本为 ${docker_version}"
SplitBlue
## 清理docker环境
log "开始清理docker环境卸载先前的相关安装内容"
systemctl stop docker
systemctl disable docker
local pre_soft_ware=(docker-ce containerd.io docker-ce-cli docker-compose kubelet kubeadm kubectl)
local pre_one=""
for pre_one in ${pre_soft_ware[@]}; do
$CMD_REMOVE "$pre_one"
done
colorEchoGreen "----------docker环境清理完成----------"
SplitGreen
colorEchoGreen "当前系统的发行版为-- ${LinuxReleaseVersion}"
SplitLine
if [[ $LinuxReleaseVersion == "centos" ]]; then
## 安装docker的依赖
log "正在安装安装docker的依赖"
install_demand_softwares yum-utils device-mapper-persistent-data lvm2 || return $?
colorEchoGreen "----------docker的依赖安装完成----------"
SplitGreen
log "清理docker的源信息"
rm -rf /etc/yum.repos.d/docker-ce.repo
SplitBlue
if [[ $deploy_in_cn -eq 1 ]]; then
## 添加docker的yum源
log "正在添加中科院的docker的yum源…………"
yum-config-manager --add-repo https://mirrors.ustc.edu.cn/docker-ce/linux/centos/docker-ce.repo
else
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
fi
echo ""
if [[ -f /etc/yum.repos.d/docker-ce.repo ]]; then
if [[ $deploy_in_cn -eq 1 ]]; then
log "替换docker的下载地址为ustc的镜像"
sed -i 's/download.docker.com/mirrors.ustc.edu.cn\/docker-ce/g' /etc/yum.repos.d/docker-ce.repo
fi
echo ""
log "可以安装的docker-ce的 ${docker_version} 版本为:"
colorEchoGreen "--------------------------------------------------------------"
yum list docker-ce --showduplicates | grep -w "${docker_version}" | awk '{print$2}' | cut -d ":" -f2 | sort -n -t - -k 1.7
colorEchoGreen "--------------------------------------------------------------"
echo ""
colorEchoGreen "开始安装docker-ce版本为${docker_version}"
install_demand_softwares docker-ce-"${docker_version}" docker-ce-cli-"${docker_version}" containerd.io || return $?
else
error "docker的yum源添加失败请手动添加"
fi
else
log "开始安装相关的Docker基础组件"
install_demand_softwares apt-transport-https ca-certificates curl gnupg-agent software-properties-common lsb-release
colorEchoGreen " 基础组件安装成功 "
echo ""
log "清理docker的源信息"
rm -rf /etc/apt/sources.list.d/docker.list
SplitBlue
if [[ $deploy_in_cn -eq 1 ]]; then
log "开始添加中科大的docker源的apt-key"
curl -fsSL https://mirrors.ustc.edu.cn/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
colorEchoGreen " 添加成功 "
echo ""
log "开始添加中科大的docker源的apt源"
add-apt-repository \
"deb [arch=$(dpkg --print-architecture)] https://mirrors.ustc.edu.cn/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
colorEchoGreen " 添加成功 "
echo ""
else
log "开始添加Docker官方的docker源的apt-key"
install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
chmod a+r /etc/apt/keyrings/docker.gpg
colorEchoGreen " apt-key 添加成功 "
echo ""
log "开始添加 Docker官方 的docker源的apt源"
echo \
"deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
"$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
colorEchoGreen " apt源添加成功 "
echo ""
fi
log "正在执行更新操作!!"
apt-get update
colorEchoGreen "----------更新完成----------"
SplitGreen
log "可以安装的docker-ce的${docker_version}版本为:"
colorEchoGreen "--------------------------------------------------------------"
apt-cache madison docker-ce | grep -w "${docker_version}" | awk '{print$3}'
colorEchoGreen "--------------------------------------------------------------"
echo ""
colorEchoGreen "开始安装docker-ce版本为${docker_version}"
local real_docker_stag=$(apt-cache madison docker-ce-cli | grep -w "${docker_version}" | awk '{print$3}' | grep "${docker_version}")
log "需要安装的docker版本为=> $real_docker_stag"
install_demand_softwares "docker-ce-cli=${real_docker_stag}" "docker-ce=${real_docker_stag}" containerd.io || return $?
fi
echo ""
colorEchoGreen "----------安装完成----------"
SplitGreen
log "正在启动docker的服务进程…………"
systemctl enable docker.service
systemctl start docker.service
colorEchoGreen "----------启动完成----------"
echo ""
FunctionEnd
}
#######################################
# description
# Globals:
# BLUE
# GREEN
# PURPLE
# RED
# Arguments:
# None
#######################################
install_docker_compose() {
FunctionStart "开始安装 docker-compose "
log "开始下载 +++++++++++++ docker-compose文件 ++++++++++++++"
local docker_compose_oss_url="https://b2.107421.xyz/docker-compose-linux-x86_64-v2.18.0"
curl -L "${docker_compose_oss_url}" \
-o /usr/local/bin/docker-compose
if [[ -e /usr/local/bin/docker-compose ]]; then
log "docker-compose文件下载成功"
echo ""
chmod +x /usr/local/bin/docker-compose
if docker-compose --version &>/dev/null; then
colorEchoGreen "docker-compose安装成功版本为 $(docker-compose --version | cut -d" " -f4) 尽情享用"
else
ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
fi
else
error "docker-compose文件下载失败 无法访问github的资源。。"
error "请手动下载docker-compose的安装文件"
fi
FunctionEnd
}
#######################################
# description
# Globals:
# BLUE
# deploy_in_cn
# RED
# i
# Arguments:
# None
# Returns:
# $? ...
#######################################
install_zsh() {
FunctionStart "安装宇宙第一shell工具zsh"
SplitLine
install_demand_softwares zsh git || return $?
# 脚本会自动更换默认的shell
if [[ $deploy_in_cn -eq 1 ]]; then
echo y | REMOTE=https://gitee.com/mirrors/oh-my-zsh.git sh -c "$(curl -fsSL https://gitee.com/mirrors/oh-my-zsh/raw/master/tools/install.sh)"
else
echo y | sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"
fi
SplitLine
log
if modify_zsh; then
log "开始修改默认shell为zsh……"
local i
for i in {6..1..-1}; do
log "倒计时开始 ->> $i 秒 <<-准备切换shell下文的日志输出将会消失"
sleep 2
done
chsh -s /bin/zsh
zsh
else
error "zsh 安装失败大概率是已经安装小概率是无法连接GitHub服务器~~"
fi
FunctionEnd
}
#######################################
# description
# Globals:
# BLUE
# deploy_in_cn
# GREEN
# PURPLE
# Arguments:
# None
#######################################
modify_zsh() {
FunctionStart "修改zsh的相关配置信息"
SplitLine
cat >~/oh-my-zsh-plugins-list.txt <<EOF
https://cdn.jsdelivr.net/gh/ohmyzsh/ohmyzsh/plugins/command-not-found/command-not-found.plugin.zsh
https://cdn.jsdelivr.net/gh/ohmyzsh/ohmyzsh/plugins/autojump/autojump.plugin.zsh
https://cdn.jsdelivr.net/gh/ohmyzsh/ohmyzsh/plugins/themes/themes.plugin.zsh
EOF
log "正在下载zsh的一些好用的插件"
echo ""
if [[ $deploy_in_cn -eq 1 ]]; then
log "开始从 Gitee 下载 自动补全 插件…………"
git clone https://gitee.com/githubClone/zsh-autosuggestions.git ~/.oh-my-zsh/plugins/zsh-autosuggestions
else
log "开始从 GitHub 下载 自动补全 插件…………"
git clone https://github.com/zsh-users/zsh-autosuggestions ~/.oh-my-zsh/plugins/zsh-autosuggestions
fi
SplitGreen
if [[ $deploy_in_cn -eq 1 ]]; then
log "开始从 Gitee 下载 命令高亮 插件…………"
git clone https://gitee.com/mo2/zsh-syntax-highlighting.git ~/.oh-my-zsh/plugins/zsh-syntax-highlighting
else
log "开始从 GitHub 下载 命令高亮 插件…………"
git clone https://github.com/zsh-users/zsh-syntax-highlighting.git ~/.oh-my-zsh/plugins/zsh-syntax-highlighting
fi
SplitGreen
log "开始从JSDeliver下载插件…………"
wget -c -i ~/oh-my-zsh-plugins-list.txt -P ~/.oh-my-zsh/plugins/
SplitGreen
colorEchoGreen "插件已经下载完毕现在开始修改zsh的配置文件…………"
echo ""
log "开始修改zsh的主题为 agnoster "
sed -i "s/robbyrussell/agnoster/g" ~/.zshrc
sed -i 's/^# DISABLE_AUTO_UPDATE="true"/DISABLE_AUTO_UPDATE="true"/g' ~/.zshrc
sed -i 's/plugins=(git)/plugins=(git zsh-autosuggestions zsh-syntax-highlighting command-not-found z themes)/g' ~/.zshrc
echo ""
colorEchoGreen "请检查当前zsh的插件开启情况"
colorEchoGreen "------------------------------------------"
grep "plugins=" < /root/.zshrc| grep -v "\#"
grep "plugins=" < /root/.zshrc| grep -v "\#"
grep "plugins=" < /root/.zshrc| grep -v "\#"
colorEchoGreen "------------------------------------------"
echo ""
echo "----------------------------------------------------"
echo "这里的错误输出无需在意"
source /root/.zshrc
echo "这里的错误输出无需在意"
echo "----------------------------------------------------"
echo ""
colorEchoGreen "zsh 安装成功,已更换主题,禁止更新,尽情享用~~~"
SplitGreen
colorEchoPurple "宇宙第一shell的zsh已经安装成功了"
colorEchoGreen "宇宙第一shell的zsh已经安装成功了"
log "宇宙第一shell的zsh已经安装成功了"
SplitGreen
FunctionEnd
}
# 更换CentOS7的默认源
change_cent_os7default_repo() {
FunctionStart
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
curl -o /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
# curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.cloud.tencent.com/repo/centos7_base.repo
yum clean all && yum makecache && yum update
FunctionEnd
}
# 修改docker的国内加速镜像
change_docker_register_mirror() {
FunctionStart "配置docker的国内加速镜像"
SplitLine
if [[ -e /etc/docker/daemon.json ]]; then
log "已经存在docker的daemeon文件。。"
mv /etc/docker/daemon.json /etc/docker/daemon.backup.json
colorEchoGreen "已经将daemeon文件备份"
fi
log "正在写入docker的daemon配置文件……"
cat >>/etc/docker/daemon.json <<EOF
{
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"default-ulimits": {
"nofile": {
"Name": "nofile",
"Hard": 655360,
"Soft": 655360
},
"nproc": {
"Name": "nproc",
"Hard": 655360,
"Soft": 655360
}
},
"live-restore": true,
"max-concurrent-downloads": 10,
"max-concurrent-uploads": 10,
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
],
"registry-mirrors": [
"https://jxlws3de.mirror.aliyuncs.com",
"https://docker.mirrors.ustc.edu.cn",
"https://hub-mirror.c.163.com",
"https://registry.docker-cn.com"
]
}
EOF
echo ""
colorEchoGreen "配置文件写入完成开始重启docker的服务"
systemctl restart docker.service
colorEchoGreen "----------docker服务重启完成----------"
SplitGreen
log "下面输出Docker加速镜像源的相关信息"
echo "--------------------------------------------------------------------------------------"
docker info | grep "https://" | grep -v "Registry"
echo "--------------------------------------------------------------------------------------"
colorEchoGreen "请查看上文是否存在添加的国内的镜像!!!"
echo ""
FunctionEnd
}
# 使用chrony进行NTP时间同步
time_sync_to_ali_by_chrony() {
FunctionStart "使用 chrony 工具进行时间同步"
log "开始安装chrony工具……"
install_demand_softwares chrony || return $?
colorEchoGreen "----------安装完成----------"
# 这里使用的是 默认的NTP源又不是不能用为啥要换啊。
sed -i "s/server 0.centos.pool.ntp.org iburst/server ntp2.aliyun.com iburst/g" /etc/chrony.conf
systemctl restart chronyd
if systemctl status chronyd -l | grep "active (running)" -q; then
chronyc -n sources -v
chronyc tracking
colorEchoGreen "时间同步配置完成,已与阿里云进行时间同步!!"
colorEchoGreen "NTP同步时间完成。现在时间为"
colorEchoGreen "--------------------------------------------------"
colorEchoPurple "$(date -R)"
colorEchoGreen "--------------------------------------------------"
else
error "时间同步服务器启动失败!!"
error "时间同步服务器启动失败!!"
error "时间同步服务器启动失败!!"
return 1
fi
change_time_zone_and_ntp
FunctionEnd
}
#######################################
# description
# Globals:
# BLUE
# GREEN
# PURPLE
# RED
# Arguments:
# None
#######################################
change_time_zone_and_ntp() {
FunctionStart "使用 timedatectl 工具进行时间同步"
if [[ -n $(command -v timedatectl) ]]; then
log "检测到工具存在,正在设置时间和时区为 上海(UTC+8)时间"
timedatectl set-timezone Asia/Shanghai && timedatectl set-ntp true
colorEchoGreen "同步时间完成。现在时间为:"
colorEchoGreen "--------------------------------------------------"
colorEchoPurple "$(date -R)"
colorEchoGreen "--------------------------------------------------"
log "开始重启系统日志服务,使得系统日志的时间戳也立即生效"
systemctl restart rsyslog
colorEchoGreen "----------重启完成----------"
else
error "timedatectl 工具不存在,时间同步失败!! 请手动更换时间!"
fi
FunctionEnd
}
modify_ssh_port(){
}
modify_ssh_login(){
FunctionStart "开始配置SSH 登录密钥!"
if [[ ! -f /root/.ssh/id_rsa ]]; then
log "未检测到 ssh rsa 密钥信息,开始生成!"
ssh-keygen -t rsa -P "" -f /root/.ssh/id_rsa
fi
cat ~/.ssh/id_rsa.pub >>~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
SplitLine
log "下载公共id_rsa.pub文件"
wget https://oss-s1.107421.xyz/ssh_key_pub.txt -qO /tmp/ssh_key_pub.txt
if [[ ! -s /tmp/ssh_key_pub.txt ]]; then
error "下载 ssh-key 失败!"
return 1
fi
log "开始写入ssh-key信息"
cat /tmp/ssh_key_pub.txt >> ~/.ssh/authorized_keys
if grep -q "DESKTOP-K2F9GG3" < ~/.ssh/authorized_keys; then
colorEchoGreen "公共SSH-Key已经写入成功"
SplitGreen
fi
FunctionEnd
}
## 为了本脚本能够满足Ubuntu系统做出设当的更改
common_tool_install() {
FunctionStart "安装Linux常用工具"
colorEchoGreen "当前系统的发行版为-- ${LinuxReleaseVersion} "
colorEchoGreen "当前系统的发行版为-- ${LinuxReleaseVersion} "
colorEchoGreen "当前系统的发行版为-- ${LinuxReleaseVersion} "
echo ""
if [[ ${LinuxReleaseVersion} == "centos" ]]; then
local centos_common_tool=(deltarpm net-tools iputils bind-utils lsof curl wget vim mtr htop)
install_demand_softwares ${centos_common_tool[@]}
elif [[ ${LinuxReleaseVersion} == "ubuntu" ]] || [[ ${LinuxReleaseVersion} == "debian" ]]; then
local ubuntu_common_tool=(iputils-ping net-tools dnsutils lsof curl wget mtr-tiny vim htop lrzsz)
install_demand_softwares ${ubuntu_common_tool[@]}
fi
FunctionEnd
}
#######################################
# description
# Arguments:
# None
#######################################
help() {
cat - 1>&2 <<EOF
# 安装docker docker-compose的初始化
source <(curl -sL https://oss-s1.107421.xyz/init-script-wdd.sh) --firewall --tools --docker 20.10.10 --docker-compose --zsh --host --cn
# 不安装docker的初始化
source <(curl -sL https://oss-s1.107421.xyz/init-script-wdd.sh) --firewall --tools --zsh --host --cn
-h, --help 打印本说明文档
--firewall 关闭防火墙
--swap 关闭Swap
--tools 安装通用的实用工具
--docker <version> 安装docker并且指定相应的版本
--docker-compose 安装docker-compose 2.18.0
--zsh 安装并且配置ZSH
--cn 是否在国内安装
--host 是否配置服务器的Host解析
--time 是否配置时间同步
--ssh-login 修改ssh的登录密钥
--ssh-port <port> 修改ssh的登录端口
EOF
}
#########################
while [[ $# -gt 0 ]]; do
case "$1" in
-h | --help)
help
exit 0
;;
--cn)
deploy_in_cn=1
;;
--firewall)
is_shutdown_firewall=1
;;
--swap)
is_disable_swap=1
;;
--tools)
is_common_tool_install=1
;;
--docker)
is_install_docker=1
docker_version="$2"
shift
;;
--docker-compose)
is_install_docker_compose=1
;;
--zsh)
is_install_zsh=1
;;
--host)
is_install_host=1
;;
--ssh-login)
is_modify_ssh_login=1
;;
--ssh-port)
is_modify_ssh_login=1
;;
*)
# unknown option
;;
esac
shift # past argument or value
done
#######################################
# description
# Globals:
# is_common_tool_install
# is_disable_swap
# is_install_docker
# is_install_docker_compose
# is_install_host
# is_install_zsh
# is_shutdown_firewall
# Arguments:
# None
# Returns:
# $? ...
#######################################
main() {
check_root
check_sys
if [[ "$is_shutdown_firewall" -eq "1" ]]; then
shutdown_firewall
fi
if [[ $is_disable_swap -eq 1 ]]; then
# 关闭虚拟缓存k8s安装的时候才需要
disable_swap
fi
if [[ $is_modify_ssh_login -eq 1 ]]; then
modify_ssh_login
fi
if [[ $is_modify_ssh_port -eq 1 ]]; then
modify_ssh_port
fi
if [[ $is_install_host -eq 1 ]]; then
# 安装宇宙第一shell的zsh
add_octopus_host
fi
if [[ $is_common_tool_install -eq 1 ]]; then
# 安装一些常用的小工具
common_tool_install
fi
if [[ $is_install_docker -eq 1 ]]; then
install_docker
fi
if [[ $is_install_docker_compose -eq 1 ]]; then
install_docker_compose
fi
if [[ $deploy_in_cn -eq 1 ]]; then
change_docker_register_mirror
fi
if [[ $is_install_zsh -eq 1 ]]; then
# 安装宇宙第一shell的zsh
install_zsh
fi
# 使用chrony进行NTP时间同步--包含下面的设置
# time_sync_to_ali_by_chrony || return $?
# 使用timedatactl修改时间与时区【推荐】
# change_time_zone_and_ntp || return $?
}
main

38
Public/lib/wdd-lib-clean.sh Normal file
View File

@@ -0,0 +1,38 @@
#!/bin/bash
if [[ ! -f /root/wdd/lib/wdd-lib-log.sh ]]; then
wget https://oss-s1.107421.xyz/wdd-lib-log.sh -O /root/wdd/lib/wdd-lib-log.sh
fi
source /root/wdd/lib/wdd-lib-log.sh
. ./wdd-lib-log.sh
CleanOracleAgent() {
FunctionStart
colorEchoBlue "准备清理 Oracle Agent的相关内容 "
snap info oracle-cloud-agent
snap stop oracle-cloud-agent
snap remove oracle-cloud-agent
systemctl status snapd.service
for i in $(ls /lib/systemd/system/ | grep snapd | awk '{print$1}'); do
echo $i
systemctl stop $i
systemctl disable $i
done
rm -rf /root/snap
FunctionSuccess
FunctionEnd
}
CleanIpPersist() {
FunctionStart
colorEchoBlue "开始关闭 防火墙持久化存储 …………"
systemctl stop systemd-resolved.service && systemctl disable systemd-resolved.service
systemctl stop netfilter-persistent.service && systemctl disable netfilter-persistent.service
FunctionEnd
FunctionSuccess
}

406
Public/lib/wdd-lib-env.sh Normal file
View File

@@ -0,0 +1,406 @@
#!/bin/bash
. /octopus-agent/shell/lib/wdd-lib-log.sh
. /octopus-agent/shell/lib/wdd-lib-sys.sh
#. .wdd-lib-log.sh
#. .wdd-lib-sys.sh
hostArchVersion=""
hostArch=""
#### CollectSystemInfo ####
serverName=""
serverIpPbV4=""
serverIpInV4=""
serverIpPbV6=""
serverIpInV6=""
location=""
provider=""
managePort=""
cpuBrand=""
cpuCore=""
memoryTotal=""
diskTotal=""
diskUsage=""
osInfo=""
osKernelInfo=""
tcpControl=""
virtualization=""
ioSpeed=""
machineId=""
archInfo=""
agentVersion=""
### tmp usage
ioavg=""
public_ipv4=""
inner_ipv4=""
public_ipv6=""
inner_ipv6=""
country=""
region=""
city=""
org=""
managePort=""
#### CollectSystemInfo ####
#######################################
# description
# Arguments:
# 1
#######################################
GoIOTest() {
(LANG=C dd if=/dev/zero of=benchtest_$$ bs=512k count=$1 conv=fdatasync && rm -f benchtest_$$) 2>&1 | awk -F, '{io=$NF} END { print io}' | sed 's/^[ \t]*//;s/[ \t]*$//'
}
#######################################
# description
# Arguments:
# 1
# Returns:
# <unknown> ...
#######################################
calc_size() {
local raw=$1
local total_size=0
local num=1
local unit="KB"
if ! [[ ${raw} =~ ^[0-9]+$ ]]; then
echo ""
return
fi
if [ "${raw}" -ge 1073741824 ]; then
num=1073741824
unit="TB"
elif [ "${raw}" -ge 1048576 ]; then
num=1048576
unit="GB"
elif [ "${raw}" -ge 1024 ]; then
num=1024
unit="MB"
elif [ "${raw}" -eq 0 ]; then
echo "${total_size}"
return
fi
total_size=$(awk 'BEGIN{printf "%.1f", '$raw' / '$num'}')
echo "${total_size} ${unit}"
}
#######################################
# description
# Arguments:
# None
# Returns:
# <unknown> ...
#######################################
GethostArchInfo() {
[ -f /etc/redhat-release ] && awk '{print $0}' /etc/redhat-release && return
[ -f /etc/os-release ] && awk -F'[= "]' '/PRETTY_NAME/{print $3,$4,$5}' /etc/os-release && return
[ -f /etc/lsb-release ] && awk -F'[="]+' '/DESCRIPTION/{print $2}' /etc/lsb-release && return
}
#######################################
# description
# Globals:
# freespace
# io1
# io2
# io3
# ioall
# ioavg
# ioraw1
# ioraw2
# ioraw3
# writemb
# Arguments:
# None
#######################################
StartIOTest() {
log "start IO speed test !"
freespace=$(df -m . | awk 'NR==2 {print $4}')
if [ -z "${freespace}" ]; then
freespace=$(df -m . | awk 'NR==3 {print $3}')
fi
if [ ${freespace} -gt 1024 ]; then
writemb=2048
io1=$(GoIOTest ${writemb})
log "I/O Speed(1st run) : $io1)"
io2=$(GoIOTest ${writemb})
log "I/O Speed(2st run) : $io2)"
io3=$(GoIOTest ${writemb})
log "I/O Speed(3st run) : $io3)"
ioraw1=$(echo $io1 | awk 'NR==1 {print $1}')
[ "$(echo $io1 | awk 'NR==1 {print $2}')" == "GB/s" ] && ioraw1=$(awk 'BEGIN{print '$ioraw1' * 1024}')
ioraw2=$(echo $io2 | awk 'NR==1 {print $1}')
[ "$(echo $io2 | awk 'NR==1 {print $2}')" == "GB/s" ] && ioraw2=$(awk 'BEGIN{print '$ioraw2' * 1024}')
ioraw3=$(echo $io3 | awk 'NR==1 {print $1}')
[ "$(echo $io3 | awk 'NR==1 {print $2}')" == "GB/s" ] && ioraw3=$(awk 'BEGIN{print '$ioraw3' * 1024}')
ioall=$(awk 'BEGIN{print '$ioraw1' + '$ioraw2' + '$ioraw3'}')
ioavg=$(awk 'BEGIN{printf "%.1f", '$ioall' / 3}')
log "I/O Speed(average) : $ioavg MB/s)"
else
echo " $(_red "Not enough space for I/O Speed test!")"
fi
}
#######################################
# description
# Arguments:
# None
#######################################
GetAgentLatestVersion() {
ls /octopus-agent | grep "octopus-agent" | cut -d "-" -f3- | cut -d"." -f1
}
#######################################
# description
# Globals:
# cpuName
# sys_manu
# sys_product
# sys_ver
# virt
# virtualx
# Arguments:
# None
#######################################
Check_Virtualization() {
log "start to check host virtualization !"
command_exists "dmesg" && virtualx="$(dmesg 2>/dev/null)"
if command_exists "dmidecode"; then
sys_manu="$(dmidecode -s system-manufacturer 2>/dev/null)"
sys_product="$(dmidecode -s system-product-name 2>/dev/null)"
sys_ver="$(dmidecode -s system-version 2>/dev/null)"
else
sys_manu=""
sys_product=""
sys_ver=""
fi
if grep -qa docker /proc/1/cgroup; then
virt="Docker"
elif grep -qa lxc /proc/1/cgroup; then
virt="LXC"
elif grep -qa container=lxc /proc/1/environ; then
virt="LXC"
elif [[ -f /proc/user_beancounters ]]; then
virt="OpenVZ"
elif [[ ${virtualx} == *kvm-clock* ]]; then
virt="KVM"
elif [[ ${sys_product} == *KVM* ]]; then
virt="KVM"
elif [[ ${cpuName} == *KVM* ]]; then
virt="KVM"
elif [[ ${cpuName} == *QEMU* ]]; then
virt="KVM"
elif [[ ${virtualx} == *"VMware Virtual Platform"* ]]; then
virt="VMware"
elif [[ ${sys_product} == *"VMware Virtual Platform"* ]]; then
virt="VMware"
elif [[ ${virtualx} == *"Parallels Software International"* ]]; then
virt="Parallels"
elif [[ ${virtualx} == *VirtualBox* ]]; then
virt="VirtualBox"
elif [[ -e /proc/xen ]]; then
if grep -q "control_d" "/proc/xen/capabilities" 2>/dev/null; then
virt="Xen-Dom0"
else
virt="Xen-DomU"
fi
elif [ -f "/sys/hypervisor/type" ] && grep -q "xen" "/sys/hypervisor/type"; then
virt="Xen"
elif [[ ${sys_manu} == *"Microsoft Corporation"* ]]; then
if [[ ${sys_product} == *"Virtual Machine"* ]]; then
if [[ ${sys_ver} == *"7.0"* || ${sys_ver} == *"Hyper-V" ]]; then
virt="Hyper-V"
else
virt="Microsoft Virtual Machine"
fi
fi
else
virt="Dedicated"
fi
}
GetManagePort(){
tmpManagePorts=$(netstat -ntulp | grep sshd | grep -w tcp | grep -v "127.0.0.1"| awk '{print$4}' | cut -d":" -f2)
managePort=$(echo $tmpManagePorts | tr '\n' ' ')
log "manage Port is => $managePort"
}
#######################################
# description
# Globals:
# city
# country
# org
# public_ipv4
# region
# Arguments:
# None
#######################################
GetIpv4Info() {
log "start to get system public ip info !"
# public ip info
org="$(wget -q -T10 -O- ipinfo.io/org)"
city="$(wget -q -T10 -O- ipinfo.io/city)"
country="$(wget -q -T10 -O- ipinfo.io/country)"
region="$(wget -q -T10 -O- ipinfo.io/region)"
public_ipv4="$(wget -q -T10 -O- ipinfo.io/ip)"
public_ipv6="$(curl -q --max-time 5 -6 https://ifconfig.co/ip)"
if [ -z "$public_ipv4" ] ; then
public_ipv4=" "
fi
if [ -z "$public_ipv6" ] ; then
public_ipv6=" "
fi
# inner ipinfo
export interface_prefix=("[[:space:]]eth[0-9]{1,2}" "[[:space:]]ens[0-9]{1,3}" "[[:space:]]eno[0-9]{1,3}" "[[:space:]]enp[0-9]{1,2}")
export real_interface="eth90"
for interface in "${interface_prefix[@]}"; do
echo $(ip link show) | grep -oE ${interface} | head -1
if [[ $? -eq 0 ]]; then
real_interface=$(echo $(ip link show) | grep -oE ${interface} | head -1 | cut -d" " -f2)
echo "当前主机的真实内网网卡为 => [$real_interface]"
break
fi
done
# 提取IPv4地址CIDR格式
ipv4_regex="inet[[:space:]](25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/[0-9]{1,2}"
# 提取IPv6地址CIDR格式
ipv6_regex="inet6[[:space:]]([0-9a-fA-F]{0,4}(:[0-9a-fA-F]{0,4}){1,7})\/[0-9]{1,3}"
# 查找IPv4地址
inner_ipv4=$(echo $(ip addr show $real_interface) | grep -oE $ipv4_regex | cut -d" " -f2)
echo "Interface: $real_interface, IPv4 Address: $inner_ipv4"
# 查找IPv6地址
inner_ipv6=$(echo $(ip addr show $real_interface) | grep -oE $ipv6_regex | cut -d" " -f2)
echo "Interface: $real_interface, IPv4 Address: $inner_ipv6"
}
log "start to collect system info !"
check_sys
cpuName=$(awk -F: '/model name/ {name=$2} END {print name}' /proc/cpuinfo | sed 's/^[ \t]*//;s/[ \t]*$//')
cores=$(awk -F: '/processor/ {core++} END {print core}' /proc/cpuinfo)
freq=$(awk -F'[ :]' '/cpu MHz/ {print $4;exit}' /proc/cpuinfo)
ccache=$(awk -F: '/cache size/ {cache=$2} END {print cache}' /proc/cpuinfo | sed 's/^[ \t]*//;s/[ \t]*$//')
cpu_aes=$(grep -i 'aes' /proc/cpuinfo)
cpu_virt=$(grep -Ei 'vmx|svm' /proc/cpuinfo)
tram=$(
LANG=C
free | awk '/Mem/ {print $2}'
)
tram=$(calc_size $tram)
uram=$(
LANG=C
free | awk '/Mem/ {print $3}'
)
uram=$(calc_size $uram)
swap=$(
LANG=C
free | awk '/Swap/ {print $2}'
)
swap=$(calc_size $swap)
uswap=$(
LANG=C
free | awk '/Swap/ {print $3}'
)
uswap=$(calc_size $uswap)
up=$(awk '{a=$1/86400;b=($1%86400)/3600;c=($1%3600)/60} {printf("%d days, %d hour %d min\n",a,b,c)}' /proc/uptime)
if command_exists "w"; then
load=$(
LANG=C
w | head -1 | awk -F'load average:' '{print $2}' | sed 's/^[ \t]*//;s/[ \t]*$//'
)
elif command_exists "uptime"; then
load=$(
LANG=C
uptime | head -1 | awk -F'load average:' '{print $2}' | sed 's/^[ \t]*//;s/[ \t]*$//'
)
fi
opsy=$(GethostArchInfo)
arch=$(uname -m)
if command_exists "getconf"; then
lbit=$(getconf LONG_BIT)
else
echo ${arch} | grep -q "64" && lbit="64" || lbit="32"
fi
kern=$(uname -r)
disk_total_size=$(
LANG=C
df -t simfs -t ext2 -t ext3 -t ext4 -t btrfs -t xfs -t vfat -t ntfs -t swap --total 2>/dev/null | grep total | awk '{ print $2 }'
)
disk_total_size=$(calc_size $disk_total_size)
disk_used_size=$(
LANG=C
df -t simfs -t ext2 -t ext3 -t ext4 -t btrfs -t xfs -t vfat -t ntfs -t swap --total 2>/dev/null | grep total | awk '{ print $3 }'
)
disk_used_size=$(calc_size $disk_used_size)
tcpctrl=$(sysctl net.ipv4.tcp_congestion_control | awk -F ' ' '{print $3}')
# todo
# StartIOTest
GetManagePort
GetIpv4Info
Check_Virtualization
machineNumber=""
if [[ $(cat /etc/hostname | cut -d"-" -f 3 | grep -c '^[0-9][0-9]') -gt 0 ]]; then
machineNumber=$(cat /etc/hostname | cut -d"-" -f 3)
else
machineNumber=99
fi
agentServerInfoFile="/octopus-agent/octopus-agent.conf"
#cat >/etc/environment.d/octopus-agent.conf <<EOF
touch $ageagentServerInfoFile
cat >"$agentServerInfoFile"<<EOF
serverName: ${city}-${hostArch}-${machineNumber}
serverIpPbV4: $public_ipv4
serverIpInV4: $inner_ipv4
serverIpPbV6: $public_ipv6
serverIpInV6: $inner_ipv6
location: "$city $region $country"
provider: $org
managePort: $managePort
cpuCore: "$cores @ $freq MHz"
cpuBrand: "$cpuName"
memoryTotal: $tram
diskTotal: $disk_total_size
diskUsage: $disk_used_size
archInfo: "$arch ($lbit Bit)"
osInfo: "$opsy"
osKernelInfo: $kern
tcpControl: $tcpctrl
virtualization: $virt
ioSpeed: "$ioavg MB/s"
machineId: $(cat /etc/machine-id)
agentVersion: $(ls /octopus-agent | grep "octopus-agent_" | cut -d "_" -f4-)
EOF
log "agent server info has collect complete!"
log "file is => $agentServerInfoFile"

191
Public/lib/wdd-lib-file.sh Normal file
View File

@@ -0,0 +1,191 @@
#!/bin/bash
#
# Library for file system actions
# shellcheck disable=SC1091
# Load Generic Libraries
. /octopus-agent/shell/lib/wdd-lib-log.sh
# Functions
########################
# Ensure a file/directory is owned (user and group) but the given user
# Arguments:
# $1 - filepath
# $2 - owner
# Returns:
# None
#########################
owned_by() {
local path="${1:?path is missing}"
local owner="${2:?owner is missing}"
local group="${3:-}"
if [[ -n $group ]]; then
chown "$owner":"$group" "$path"
else
chown "$owner":"$owner" "$path"
fi
}
########################
# Ensure a directory exists and, optionally, is owned by the given user
# Arguments:
# $1 - directory
# $2 - owner
# Returns:
# None
#########################
ensure_dir_exists() {
local dir="${1:?directory is missing}"
local owner_user="${2:-}"
local owner_group="${3:-}"
mkdir -p "${dir}"
if [[ -n $owner_user ]]; then
owned_by "$dir" "$owner_user" "$owner_group"
fi
}
########################
# Checks whether a directory is empty or not
# arguments:
# $1 - directory
# returns:
# boolean
#########################
is_dir_empty() {
local -r path="${1:?missing directory}"
# Calculate real path in order to avoid issues with symlinks
local -r dir="$(realpath "$path")"
if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then
true
else
false
fi
}
########################
# Checks whether a mounted directory is empty or not
# arguments:
# $1 - directory
# returns:
# boolean
#########################
is_mounted_dir_empty() {
local dir="${1:?missing directory}"
if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then
true
else
false
fi
}
########################
# Checks whether a file can be written to or not
# arguments:
# $1 - file
# returns:
# boolean
#########################
is_file_writable() {
local file="${1:?missing file}"
local dir
dir="$(dirname "$file")"
if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then
true
else
false
fi
}
########################
# Relativize a path
# arguments:
# $1 - path
# $2 - base
# returns:
# None
#########################
relativize() {
local -r path="${1:?missing path}"
local -r base="${2:?missing base}"
pushd "$base" >/dev/null || exit
realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||'
popd >/dev/null || exit
}
########################
# Configure permisions and ownership recursively
# Globals:
# None
# Arguments:
# $1 - paths (as a string).
# Flags:
# -f|--file-mode - mode for directories.
# -d|--dir-mode - mode for files.
# -u|--user - user
# -g|--group - group
# Returns:
# None
#########################
configure_permissions_ownership() {
local -r paths="${1:?paths is missing}"
local dir_mode=""
local file_mode=""
local user=""
local group=""
# Validate arguments
shift 1
while [ "$#" -gt 0 ]; do
case "$1" in
-f | --file-mode)
shift
file_mode="${1:?missing mode for files}"
;;
-d | --dir-mode)
shift
dir_mode="${1:?missing mode for directories}"
;;
-u | --user)
shift
user="${1:?missing user}"
;;
-g | --group)
shift
group="${1:?missing group}"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
read -r -a filepaths <<<"$paths"
for p in "${filepaths[@]}"; do
if [[ -e "$p" ]]; then
find -L "$p" -printf ""
if [[ -n $dir_mode ]]; then
find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode"
fi
if [[ -n $file_mode ]]; then
find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode"
fi
if [[ -n $user ]] && [[ -n $group ]]; then
find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}"
elif [[ -n $user ]] && [[ -z $group ]]; then
find -L "$p" -print0 | xargs -r -0 chown "${user}"
elif [[ -z $user ]] && [[ -n $group ]]; then
find -L "$p" -print0 | xargs -r -0 chgrp "${group}"
fi
else
stderr_print "$p does not exist"
fi
done
}

191
Public/lib/wdd-lib-log.sh Normal file
View File

@@ -0,0 +1,191 @@
#!/bin/bash
#
# 日志模块
# Constants
RESET='\033[0m' ## 普通黑
RED='\033[38;5;1m' ## 姨妈红
GREEN='\033[38;5;2m' ## 水鸭青
YELLOW='\033[38;5;3m' ## 鸭屎黄
MAGENTA='\033[38;5;5m' ## 基佬紫
CYAN='\033[38;5;6m' ## 天依蓝
SplitLine="--------------------------------------------------------------------------------"
# Functions
########################
# Print to STDERR
# Arguments:
# Message to print
# Returns:
# None
#########################
stderr_print() {
# 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it
local bool="${BITNAMI_QUIET:-false}"
# comparison is performed without regard to the case of alphabetic characters
shopt -s nocasematch
if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then
printf "%b\\n" "${*}" >&2
fi
}
########################
# Log message
# Arguments:
# Message to log
# Returns:
# None
#########################
log() {
stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%Y-%m-%d %H:%M:%S.%2N ")${RESET}${*}"
}
########################
# Log an 'info' message
# Arguments:
# Message to log
# Returns:
# None
#########################
info() {
log "${GREEN}INFO ${RESET} ==> ${*}"
}
########################
# Log message
# Arguments:
# Message to log
# Returns:
# None
#########################
warn() {
log "${YELLOW}WARN ${RESET} ==> ${*}"
}
########################
# Log an 'error' message
# Arguments:
# Message to log
# Returns:
# None
#########################
error() {
log "${RED}ERROR${RESET} ==> ${*}"
}
########################
# Log a 'debug' message
# Globals:
# BITNAMI_DEBUG
# Arguments:
# None
# Returns:
# None
#########################
debug() {
# 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it
local bool="${BITNAMI_DEBUG:-true}"
# comparison is performed without regard to the case of alphabetic characters
shopt -s nocasematch
if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then
log "${MAGENTA}DEBUG${RESET} ==> ${*}"
fi
}
########################
# Indent a string
# Arguments:
# $1 - string
# $2 - number of indentation characters (default: 4)
# $3 - indentation character (default: " ")
# Returns:
# None
#########################
indent() {
local string="${1:-}"
local num="${2:?missing num}"
local char="${3:-" "}"
# Build the indentation unit string
local indent_unit=""
for ((i = 0; i < num; i++)); do
indent_unit="${indent_unit}${char}"
done
# shellcheck disable=SC2001
# Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions
echo "$string" | sed "s/^/${indent_unit}/"
}
RED_COLOR="31m" ## 姨妈红
GREEN_COLOR="32m" ## 水鸭青
YELLOW_COLOR="33m" ## 鸭屎黄
PURPLE_COLOR="35m" ## 基佬紫
BLUE_COLOR="36m" ## 天依蓝
BlinkGreen_COLOR="32;5m" ## 闪烁的水鸭青
BlinkRed_COLOR="31;5m" ## 闪烁的姨妈红
BlickPurple_COLOR="35;5m" ## 闪烁的基佬紫
BackRed_COLOR="41m" ## 背景红色
######## 颜色函数方法很精妙 ############
colorEcho() {
echo -e "\033[${1}${@:2}\033[0m" 1>&2
}
colorEchoGreen() {
echo -e "\033[32m${@:1}\033[0m" 1>&2
}
colorEchoBlue() {
echo -e "\033[36m${@:1}\033[0m" 1>&2
}
colorEchoYellow() {
echo -e "\033[33m${@:1}\033[0m" 1>&2
}
colorEchoRed() {
echo -e "\033[31m${@:1}\033[0m" 1>&2
}
colorEchoPurple() {
echo -e "\033[35m${@:1}\033[0m" 1>&2
}
SplitLine(){
echo ""
}
SplitBlue(){
colorEchoBlue ${SplitLine}
echo ""
}
SplitGreen(){
colorEchoGreen ${SplitLine}
echo ""
}
SplitRed(){
colorEchoRed ${SplitLine}
echo ""
}
SplitPurple(){
colorEchoPurple ${SplitLine}
echo ""
}
FunctionStart() {
colorEcho ${PURPLE_COLOR} ${SplitLine}
if [[ $# -gt 0 ]]
then
colorEchoBlue " $1 "
fi
echo ""
}
FunctionSuccess() {
colorEcho ${GREEN_COLOR} ${SplitLine}
echo ""
}
FunctionEnd() {
colorEcho ${BlinkGreen_COLOR} ${SplitLine}
echo ""
}

134
Public/lib/wdd-lib-sys.sh Normal file
View File

@@ -0,0 +1,134 @@
#!/bin/bash
if [[ ! -f /root/wdd/lib/wdd-lib-log.sh ]]; then
wget https://oss-s1.107421.xyz/wdd-lib-log.sh -O /root/wdd/lib/wdd-lib-log.sh
fi
. /root/wdd/lib/wdd-lib-log.sh
# 系统相关
LinuxReleaseVersion=""
LinuxRelease=""
OS_BIT=""
CMD_INSTALL="apt-get -y -qq install"
CMD_UPDATE="apt-get -qq update"
CMD_REMOVE="apt-get -y remove"
SOFTWARE_UPDATED=0
# 判断命令是否存在
command_exists() {
command -v "$@" >/dev/null 2>&1
}
# 判定是否是root用户
check_root() {
FunctionStart "判定Root用户"
if [[ $EUID != 0 ]]; then
colorEchoRed "当前非root账号(或没有root权限)无法继续操作请更换root账号!"
colorEcho ${YELLOW} "使用sudo -命令获取临时root权限执行后可能会提示输入root密码"
exit 1
else
log "当前为root账号 "
fi
FunctionEnd
}
####### 获取系统版本及64位或32位信息
check_sys() {
FunctionStart "获取系统参数"
# 获取当前终端的宽度,动态调整分割线的长度
# local shell_width=$(stty size | awk '{print $2}')
# SplitLine=$(yes "-" | sed "${shell_width}"'q' | tr -d '\n')
sys_bit=$(uname -m)
case $sys_bit in
i[36]86)
OS_BIT="32"
LinuxRelease="386"
;;
x86_64)
OS_BIT="64"
LinuxRelease="amd64"
;;
*armv6*)
OS_BIT="arm"
LinuxRelease="arm6"
;;
*armv7*)
OS_BIT="arm"
LinuxRelease="arm7"
;;
*aarch64* | *armv8*)
OS_BIT="arm64"
LinuxRelease="arm64"
;;
*)
error "
哈哈……这个 辣鸡脚本 不支持你的系统。 (-_-) \n
备注: 仅支持 Ubuntu 16+ / Debian 8+ / CentOS 7+ 系统
" && exit 1
;;
esac
log "获取的系统信息如下: OS_BIT => ${OS_BIT} LinuxRelease => $LinuxRelease"
## 判定Linux的发行版本
if [ -f /etc/redhat-release ]; then
LinuxReleaseVersion="centos"
elif cat /etc/issue | grep -Eqi "debian"; then
LinuxReleaseVersion="debian"
elif cat /etc/issue | grep -Eqi "ubuntu"; then
LinuxReleaseVersion="ubuntu"
elif cat /etc/issue | grep -Eqi "centos|red hat|redhat"; then
LinuxReleaseVersion="centos"
elif cat /proc/version | grep -Eqi "debian"; then
LinuxReleaseVersion="debian"
elif cat /proc/version | grep -Eqi "ubuntu"; then
LinuxReleaseVersion="ubuntu"
elif cat /proc/version | grep -Eqi "centos|red hat|redhat"; then
LinuxReleaseVersion="centos"
else
LinuxReleaseVersion=""
fi
log "系统参数信息如下: LinuxReleaseVersion => $LinuxReleaseVersion"
# 判断系统的包管理工具 apt, yum, or zypper
getPackageManageTool() {
if [[ -n $(command -v apt-get) ]]; then
CMD_INSTALL="apt-get -y -qq install"
CMD_UPDATE="apt-get -qq update"
CMD_REMOVE="apt-get -y remove"
elif [[ -n $(command -v yum) ]]; then
CMD_INSTALL="yum -y -q install"
CMD_UPDATE="yum -q makecache"
CMD_REMOVE="yum -y remove"
elif [[ -n $(command -v zypper) ]]; then
CMD_INSTALL="zypper -y install"
CMD_UPDATE="zypper ref"
CMD_REMOVE="zypper -y remove"
else
return 1
fi
}
# 检查系统包管理方式,更新包
getPackageManageTool
if [[ $? -eq 1 ]]; then
error "系统的包管理不是 APT or YUM, 请手动安装所需要的软件."
return 1
fi
log "系统包管理工具为 => $CMD_INSTALL"
### 更新程序引索
if [[ $SOFTWARE_UPDATED -eq 0 ]]; then
log "正在更新软件包管理...可能花费较长时间…………"
$CMD_UPDATE
SOFTWARE_UPDATED=1
fi
FunctionEnd
}

437
Public/mid-script.sh Normal file
View File

@@ -0,0 +1,437 @@
#!/bin/bash
## 对外暴露的安装Redis的主函数
InstallRedis() {
FunctionStart
RedisPort="6379"
RedisInstallMethod="binary"
RedisInstallHelp="0"
while [[ $# > 0 ]]; do
case "$1" in
-p | --port)
RedisPort="${2}"
shift # past argument
;;
-m | --method)
RedisInstallMethod="${2}"
shift # past argument
;;
-h | --help)
RedisInstallHelp="1"
;;
*)
echo "输入的内容有误,请检查!"
# unknown option
;;
esac
shift # past argument or value
done
if [ "${RedisInstallHelp}" -eq "1" ]; then
cat - 1>&2 <<EOF
./install-release.sh [-h] [-p|--port 6379] [-m|--method binary|docker]
-h, --help 打印此安装帮助说明
-p, --port 安装Redis的端口如果不指定此参数则默为6379
-m, --method 安装Redis的方式binary == 源码编译安装docker == 使用docker安装不指定则使用binary
EOF
fi
# echo $RedisPort
# echo $RedisInstallMethod
if [[ ${RedisInstallMethod} == "binary" ]]; then
installRedisBinary ${RedisPort}
else
installRedisDocker ${RedisPort}
fi
FunctionEnd
}
installRedisBinary() {
RedisPort=""
if [[ $1 -ne " " ]]; then
RedisPort="$1"
echo "Redis Port = ${RedisPort}"
fi
echo "InstallRedisBinary"
CMD_REMOVE gcc
installDemandSoftwares gcc wget
echo "开始下载 Redis 6.2.6 的二进制包!"
wget https://oss.107421.xyz/redis-6.2.6.tar.gz
if [ -e redis-6.2.6.tar.gz ]; then
echo "redis源码包下载完成"
echo ""
echo "开始解压缩redis的安装包"
tar -zvxf redis-6.2.6.tar.gz
cd redis-6.2.6
clear
echo ""
echo ""
echo "开始执行编译安装过程!!"
echo "开始执行编译安装过程!!"
echo "开始执行编译安装过程!!"
echo "取决于服务器的性能,可能花费较长的时间!!!"
sleep 3
echo ""
./configure
make && make install
cd redis-6.2.6
echo "Redis已经安装成功"
ehco "开始进行redis的配置修改"
wget https://oss.107421.xyz/redis-6.2.6.conf
wget https://oss.107421.xyz/redis-server-6.2.6.service
if [ -e redis-6.2.6.conf ] && [ -e redis-server-6.2.6.service ]; then
echo "redis配置文件下载成功开始进行修改"
echo ""
touch /var/log/redis_${RedisPort}.log
mkdir -p /var/redis/${RedisPort}
mkdir -p /etc/redis/
sed -i "s/RedisPort/${RedisPort}/g" redis-6.2.6.conf
cp redis-6.2.6.conf /etc/redis/${RedisPort}.conf
sed -i "s/RedisPort/${RedisPort}/g" redis-server-6.2.6.service
cp redis-server-6.2.6.service /etc/init.d/redisd
cd /etc/init.d
chmod +x /etc/init.d/redisd
if [ command_exists chkconfig ]; then
chkconfig redisd on
elif [ command_exists update-rc.d ]; then
update-rc.d redisd defaults
else
echo "所需要的守护程序未安装,请手动设置!!"
fi
# 启动程序
echo ""
echo "开始启动redis-server服务……"
service redisd start
service redisd status
netstat -ntlp | grep redis
else
echo "redis配置文件下载失败请手动进行修改"
return 3
fi
else
echo "redis源码包下载失败"
return 3
fi
}
installRedisDocker() {
RedisPort=""
if [[ $1 -ne " " ]]; then
RedisPort="$1"
echo "Redis Port = ${RedisPort}"
fi
echo "InstallRedisDocker"
echo ""
if [ ! command_exists "docker info" ]; then
colorEcho ${RED} "docker 未安装!! 无法使用docker的方式安装 redis"
return 3
fi
echo "## 为redis配置添加 " >>/etc/sysctl.conf
echo "vm.overcommit_memory = 1" >>/etc/sysctl.conf
sysctl -p /etc/sysctl.conf
echo "开始启动docker-redis !!"
# https://hub.docker.com/r/bitnami/redis#configuration
# 为redis设置密码 -e REDIS_PASSWORD=v2ryStr@ngPa.ss \
docker run -d \
-e ALLOW_EMPTY_PASSWORD=yes \
-e REDIS_AOF_ENABLED=no \
-e REDIS_PORT_NUMBER=${RedisPort} \
--name redis-server \
--network host \
bitnami/redis:6.2.6
}
InstallMysql() {
FunctionStart
MysqlPort="3306"
MysqlInstallMethod="binary"
MysqlInstallHelp="0"
MysqlPersistData="/var/lib/docker/mysql-data"
colorEcho ${BLUE} "本脚本默认安装版本为 8.0.27 的MySQL "
colorEcho ${BLUE} "本脚本默认安装版本为 8.0.27 的MySQL "
colorEcho ${BLUE} "本脚本默认安装版本为 8.0.27 的MySQL "
while [[ $# > 0 ]]; do
case "$1" in
-p | --port)
MysqlPort="${2}"
shift # past argument
;;
-m | --method)
MysqlInstallMethod="${2}"
shift # past argument
;;
-d | --data)
MysqlPersistData="${2}"
shift # past argument
;;
-h | --help)
MysqlInstallHelp="1"
;;
*)
echo "输入的内容有误,请检查!"
# unknown option
;;
esac
shift # past argument or value
done
if [ "${MysqlInstallHelp}" -eq "1" ]; then
cat - 1>&2 <<EOF
./install-release.sh [-h] [-p|--port 3306] [-m|--method binary|docker]
-h, --help 打印此安装帮助说明
-p, --port 安装Mysql的端口如果不指定此参数则默为3306
-m, --method 安装Mysql的方式binary == 源码编译安装docker == 使用docker安装不指定则使用binary
EOF
return 0
fi
# echo $MysqlPort
# echo $MysqlInstallMethod
if [[ ${MysqlInstallMethod} == "binary" ]]; then
installMysqlBinary ${MysqlPort}
else
installMysqlDocker ${MysqlPort} ${MysqlPersistData}
fi
FunctionEnd
}
installMysqlBinary() {
MysqlPort=""
Latest_Mysql_Version=""
if [[ $1 -ne " " ]]; then
MysqlPort="$1"
echo "mysql Port = ${MysqlPort}"
fi
echo "InstallMysqlBinary"
if [[ ${LinuxReleaseVersion} == "centos" ]]; then
colorEcho ${BLUE} "当前系统发行版为 centos !"
colorEcho ${BLUE} "开始安装mysql官方的yum源"
echo ""
rpm -Uvh https://dev.mysql.com/get/mysql80-community-release-el7-3.noarch.rpm
colorEcho ${BLUE} "可以安装的 mysql-server 版本为:"
yum list mysql-community-server | grep mysql-community-server
echo ""
Latest_Mysql_Version=$(yum list mysql-community-server | grep mysql-community-server | awk '{print $2}')
colorEcho ${BLUE} "开始安装最新版本:"
installDemandSoftwares mysql-community-server-${Latest_Mysql_Version} mysql-community-server-${Latest_Mysql_Version}
else
colorEcho ${BLUE} "当前系统发行版为 ubuntu/debain !"
colorEcho ${BLUE} "可以安装的 mysql-server 版本为:"
apt-cache madison mysql-server | awk '{print$3}'
echo ""
Latest_Mysql_Version=$(apt-cache madison mysql-server | head -n 1 | awk '{print$3}')
colorEcho ${BLUE} "开始安装最新版本:${Latest_Mysql_Version}"
installDemandSoftwares mysql-server=${Latest_Mysql_Version} mysql-client=${Latest_Mysql_Version}
fi
FunctionSuccess
colorEcho ${BLUE} "准备启动Mysql Server的服务 "
systemctl start mysqld
FunctionSuccess
colorEcho ${BLUE} "准备配置Mysql 服务的开机启动 "
systemctl enable mysqld
FunctionSuccess
}
installMysqlDocker() {
MysqlPort=""
MysqlPersistData=""
MysqlPort="$1"
echo "mysql Port = ${MysqlPort}"
MysqlPersistData="$2"
echo "mysql persist data path = ${MysqlPersistData}"
echo "InstallMysqlDocker"
echo ""
echo "开始启动docker-mysql !!"
# https://hub.docker.com/r/bitnami/mysql#configuration
# 需要准备一个目录方式 mysql.conf文件
# 目录权限需要处理
mkdir -p ${MysqlPersistData}
chown -R 1001:1001 ${MysqlPersistData}
docker run -d \
-e MYSQL_ROOT_USER=root \
-e MYSQL_ROOT_PASSWORD=v2ryStr@ngPa.ss \
-e MYSQL_CHARACTER_SET=utf8mb4 \
-e MYSQL_COLLATE=utf8mb4_bin \
-e MYSQL_DATABASE=demo \
-e MYSQL_USER=wdd \
-e MYSQL_PASSWORD=wdd14Fk@Clever \
-e MYSQL_PORT_NUMBER=${MysqlPort} \
-e MYSQL_AUTHENTICATION_PLUGIN=mysql_native_password \
-v ${MysqlPersistData}:/bitnami/mysql/data \
--name mysql-server \
--network host \
bitnami/mysql:8.0.27-debian-10-r40
}
## 对外暴露的安装JDK的主函数
InstallJDK() {
FunctionStart
JDK_VERSION="11"
JDK_Install_Method="binary"
JDKInstallHelp="0"
while [[ $# > 0 ]]; do
case "$1" in
-v | --version)
JDK_VERSION="${2}"
shift # past argument
;;
-m | --method)
JDK_Install_Method="${2}"
shift # past argument
;;
-h | --help)
JDKInstallHelp="1"
;;
*)
echo "输入的内容有误,请检查!"
# unknown option
;;
esac
shift # past argument or value
done
if [ "${JDKInstallHelp}" -eq "1" ]; then
cat - 1>&2 <<EOF
./install-release.sh [-h] [-p|--Version 6379] [-m|--method binary|docker]
-h, --help 打印此安装帮助说明
-v, --version 安装JDK的版本如果不指定此参数则默为11
-m, --method 安装JDK的方式binary == 源码编译安装package == 使用源package安装不指定则使用binary
EOF
return 0
fi
# echo $JDKVersion
# echo $JDKInstallMethod
if [[ ${JDK_Install_Method} == "binary" ]]; then
installJDKBinary ${JDK_VERSION}
else
installJDKPackage ${JDK_VERSION}
fi
FunctionEnd
}
installJDKBinary() {
JDK_VERSION=""
JDK_FILENAME=""
if [[ $1 -ne " " ]]; then
JDK_VERSION="$1"
echo "JDK Version = ${JDK_VERSION}"
fi
echo "InstallJDKBinary"
echo ""
echo "开始下载 JDK 的源码包!!"
mkdir -p /usr/local/java/
if [ "${JDK_VERSION}" -eq "11" ]; then
JDK_FILENAME="jdk-11.0.9"
wget https://oss-s1.107421.xyz/jdk-11.0.9_linux-x64_bin.tar.gz
echo "JDK 二进制文件下载成功,开始解压缩!!"
tar -zxvf jdk-11.0.9_linux-x64_bin.tar.gz -C /usr/local/java/
else
JDK_FILENAME="jdk1.8.0_271"
wget https://oss.107421.xyz/jdk-8u271-linux-x64.tar.gz
echo "JDK 二进制文件下载成功,开始解压缩!!"
tar -zxvf jdk-8u271-linux-x64.tar.gz -C /usr/local/java/
fi
echo ""
echo "开始配置JDK的环境变量"
if [ -e /etc/profile.d/jdk-env.sh ]; then
echo "jdk的配置文件已经存在将会进行覆盖操作"
cp /etc/profile.d/jdk-env.sh .jdk-env-backup.sh
rm /usr/bin/java
fi
cat >/etc/profile.d/jdk-env.sh <<EOF
export JAVA_HOME=/usr/local/java/${JDK_FILENAME}
export JRE_HOME=${JAVA_HOME}/jre
export CLASSPATH=${JAVA_HOME}/lib:${JRE_HOME}/lib:${CLASSPATH}
export PATH=${JAVA_HOME}/bin:${JRE_HOME}/bin:${PATH}
EOF
source /etc/profile
ln -s /usr/local/java/${JDK_FILENAME}/bin/java /usr/bin/java
echo ""
echo ""
echo ""
echo "请检查JDK的安装情况======================================"
java -version
}
installJDKPackage() {
JDK_VERSION=""
if [[ $1 -ne " " ]]; then
JDK_VERSION="$1"
echo "JDK Version = ${JDK_VERSION}"
fi
echo "InstallJDKDocker"
echo ""
if [[ ${LinuxReleaseVersion} == "centos" ]]; then
colorEcho ${BLUE} "当前系统发行版为 centos !"
colorEcho ${BLUE} "可以安装的 openjdk 版本为:"
yum list java-${JDK_VERSION}-openjdk | grep ${JDK_VERSION}
echo ""
colorEcho ${BLUE} "开始安装最新版本:$(yum list java-${JDK_VERSION}-openjdk | grep ${JDK_VERSION} | awk '{print $2}' | cut -d':' -f2 | head -n 1)"
installDemandSoftwares java-${JDK_VERSION}-openjdk-$(yum list java-${JDK_VERSION}-openjdk | grep ${JDK_VERSION} | awk '{print $2}' | cut -d':' -f2 | head -n 1)
else
colorEcho ${BLUE} "当前系统发行版为 ubuntu/debain !"
colorEcho ${BLUE} "可以安装的 openjdk 版本为:"
apt-cache madison openjdk-${JDK_VERSION}-jdk | awk '{print$3}'
echo ""
colorEcho ${BLUE} "开始安装最新版本:$(apt-cache madison openjdk-${JDK_VERSION}-jdk | head -n 1 | awk '{print$3}')"
installDemandSoftwares openjdk-${JDK_VERSION}-jdk=$(apt-cache madison openjdk-${JDK_VERSION}-jdk | head -n 1 | awk '{print$3}')
fi
colorEcho ${BLUE} "请检查下面的内容输出!!!"
java -version
}

70
基础脚本/获取本机的内网IP.sh
View File

@@ -1,33 +1,55 @@
#!/bin/bash
# 判断命令是否存在
command_exists() {
command -v "$@" >/dev/null 2>&1
}
InnerIPv4CIDR=""
InnerIPv6CIDR=""
InnerIPv4=""
InnerIPv6=""
# 获取服务器的公网IP地址
get_Internal_IP() {
get_Internal_IP_CIDR() {
local Internal_IP=""
local Network_Manage_Tool=""
local interface_prefix=("[[:space:]]eth[0-9]{1,2}" "[[:space:]]ens[0-9]{1,3}" "[[:space:]]eno[0-9]{1,3}" "[[:space:]]enp[0-9]{1,2}")
local real_interface="eth90"
if command_exists ip; then
Network_Manage_Tool=$(ip addr)
Ethernet_Interface_Name=$(echo "$Network_Manage_Tool" | grep -Eo "eth([0-9]{1,3})|eno([0-9]{1,3})|ens([0-9]{1,3})" | head -n 1)
echo "正在使用ip addr命令获取内网的IP地址"
Internal_IP=$(ip addr show ${Ethernet_Interface_Name} | grep 'inet ' | head -1 | awk '{print $2}' | cut -f1 -d'/')
for interface in "${interface_prefix[@]}"; do
echo $(ip link show) | grep -oE ${interface} | head -1
if [[ $? -eq 0 ]]; then
real_interface=$(echo $(ip link show) | grep -oE ${interface} | head -1 | cut -d" " -f2)
echo "当前主机的真实内网网卡为 => [$real_interface]"
break
fi
done
# 提取IPv4地址CIDR格式
local ipv4_regex="inet[[:space:]](25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/[0-9]{1,2}"
# 提取IPv6地址CIDR格式
loca ipv6_regex="inet6[[:space:]]([0-9a-fA-F]{0,4}(:[0-9a-fA-F]{0,4}){1,7})\/[0-9]{1,3}"
# 查找IPv4地址
local inner_ipv4=$(echo $(ip addr show $real_interface) | grep -oE $ipv4_regex | cut -d" " -f2)
InnerIPv4CIDR=$inner_ipv4
echo "Interface: $real_interface, IPv4 Address: $inner_ipv4"
# 查找IPv6地址
local inner_ipv6=$(echo $(ip addr show $real_interface) | grep -oE $ipv6_regex | cut -d" " -f2)
InnerIPv6CIDR=$inner_ipv6
echo "Interface: $real_interface, IPv4 Address: $inner_ipv6"
elif command_exists ifconfig; then
Network_Manage_Tool=$(ifconfig)
Ethernet_Interface_Name=$(echo "$Network_Manage_Tool" | grep -Eo "eth([0-9]{1,3})|eno([0-9]{1,3})|ens([0-9]{1,3})" | head -n 1)
echo "正在使用ifconfig命令获取内网的IP地址"
Internal_IP=$(ifconfig ${Ethernet_Interface_Name} | grep 'inet ' | head -1 | awk '{print $2}' | cut -f1 -d'/')
fi
echo ""
echo "$Internal_IP"
echo ""
}
get_Internal_IP
get_Internal_IP_() {
get_Internal_IP_CIDR
InnerIPv4=$(echo $InnerIPv4CIDR | cut -d "/" -f1)
InnerIPv6=$(echo $InnerIPv6CIDR | cut -d "/" -f1)
echo "服务器的内网IPv4地址为 $InnerIPv4"
echo "服务器的内网IPv6地址为 $InnerIPv6"
}
get_Internal_IP_CIDR

2
常用脚本/linux-init-LapPro.sh
View File

@@ -1173,7 +1173,7 @@ main() {
# modifySystemConfig_Kubernetes
# 安装宇宙第一shell的zsh
# InstallZSH cn || return $?
InstallZSH cn || return $?
# 使用chrony进行NTP时间同步--包含下面的设置
# TimeSyncToAliByChrony || return $?

40
部署应用/Oracle-Cloud/Alist离线下载中心/Seoul-0-Nginx反向代理至Seoul-1.conf Normal file
View File

@@ -0,0 +1,40 @@
server {
server_name pan.107421.xyz;
listen 80 ;
return 301 https://pan.107421.xyz$request_uri;
}
server {
listen 443 ssl;
server_name pan.107421.xyz;
ssl_certificate /etc/nginx/conf.d/ssl_key/pan.107421.xyz.cert.pem;
ssl_certificate_key /etc/nginx/conf.d/ssl_key/pan.107421.xyz.key.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m;
ssl_session_tickets off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
location / {
access_log /var/log/nginx/access.log main;
client_max_body_size 5120m;
client_body_buffer_size 5120m;
client_body_timeout 6000s;
proxy_send_timeout 10000s;
proxy_read_timeout 10000s;
proxy_connect_timeout 600s;
proxy_max_temp_file_size 5120m;
proxy_request_buffering on;
proxy_buffering off;
proxy_buffer_size 4k;
proxy_buffers 4 12k;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_pass http://10.0.0.3:5244;
}
}

24
部署应用/Oracle-Cloud/Alist离线下载中心/seoul-0-对象存储rewrite-test.conf Normal file
View File

@@ -0,0 +1,24 @@
server {
server_name oss.107421.xyz;
listen 80 ;
location ~* "^/s1/?(.*)" {
access_log /var/log/nginx/access.log main;
client_max_body_size 5120m;
client_body_buffer_size 5120m;
client_body_timeout 6000s;
proxy_send_timeout 10000s;
proxy_read_timeout 10000s;
proxy_connect_timeout 600s;
proxy_max_temp_file_size 5120m;
proxy_request_buffering on;
proxy_buffering off;
proxy_buffer_size 4k;
proxy_buffers 4 12k;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_pass https://cnk8d6fazu16.compat.objectstorage.ap-seoul-1.oraclecloud.com/seoul/$1;
}
}

40
部署应用/Oracle-Cloud/Alist离线下载中心/seoul-0-对象存储rewrite.conf Normal file
View File

@@ -0,0 +1,40 @@
server {
server_name oss.107421.xyz;
listen 80 ;
return 301 https://oss.107421.xyz$request_uri;
}
server {
listen 443 ssl;
server_name oss.107421.xyz;
ssl_certificate /etc/nginx/conf.d/ssl_key/oss.107421.xyz.cert.pem;
ssl_certificate_key /etc/nginx/conf.d/ssl_key/oss.107421.xyz.key.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m;
ssl_session_tickets off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
location ~* "^/s1/?(.*)" {
access_log /var/log/nginx/access.log main;
client_max_body_size 5120m;
client_body_buffer_size 5120m;
client_body_timeout 6000s;
proxy_send_timeout 10000s;
proxy_read_timeout 10000s;
proxy_connect_timeout 600s;
proxy_max_temp_file_size 5120m;
proxy_request_buffering on;
proxy_buffering off;
proxy_buffer_size 4k;
proxy_buffers 4 12k;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_pass https://https://cnk8d6fazu16.compat.objectstorage.ap-seoul-1.oraclecloud.com/seoul/$1;
}
}

13
部署应用/Oracle-Cloud/Alist离线下载中心/证书申请.sh Normal file
View File

@@ -0,0 +1,13 @@
#!/bin/bash
export DOMAIN_NAME=pan.107421.xyz
export CF_Token="oXJRP5XI8Zhipa_PtYtB_jy6qWL0I9BosrJEYE8p"
export CF_Account_ID="dfaadeb83406ef5ad35da02617af9191"
export CF_Zone_ID="511894a4f1357feb905e974e16241ebb"
acme.sh --issue --dns dns_cf -d ${DOMAIN_NAME} --keylength ec-256
acme.sh --install-cert -d ${DOMAIN_NAME} --ecc \
--key-file /etc/nginx/conf.d/ssl_key/${DOMAIN_NAME}.key.pem \
--fullchain-file /etc/nginx/conf.d/ssl_key/${DOMAIN_NAME}.cert.pem \
--reloadcmd "systemctl restart nginx --force"

4
部署应用/Oracle-Cloud/temp.sh
View File

@@ -32,10 +32,6 @@ do
done
docker load < cmii-uav-mqtthandler-4.0.2-2022120501-kebite.tar.gz
docker tag harbor.cdcyy.com.cn/cmii/cmii-uav-mqtthandler:4.0.2-2022120501-kebite 32.128.6.68:8033/cmii/cmii-uav-mqtthandler:4.0.2-2022120501-kebite
docker push 32.128.6.68:8033/cmii/cmii-uav-mqtthandler:4.0.2-2022120501-kebite
kubectl -n kube-system delete pod $(kubectl -n kube-system get pods | grep svclb | awk '{print$1}')

94
部署应用/证书申请/Nginx默认配置.conf Normal file
View File

@@ -0,0 +1,94 @@
user root;
worker_processes auto;
error_log /var/log/nginx/error.log info;
pid /var/run/nginx.pid;
events {
use epoll;
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
send_timeout 1200;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 600;
types_hash_max_size 2048;
client_max_body_size 2048m;
client_body_buffer_size 2048m;
underscores_in_headers on;
proxy_send_timeout 600;
proxy_read_timeout 600;
proxy_connect_timeout 600;
proxy_buffer_size 128k;
proxy_buffers 8 256k;
gzip on;
map $http_x_forwarded_proto $proxy_x_forwarded_proto {
default $http_x_forwarded_proto;
'' $scheme;
}
# If we receive X-Forwarded-Port, pass it through; otherwise, pass along the
# server port the client connected to
map $http_x_forwarded_port $proxy_x_forwarded_port {
default $http_x_forwarded_port;
'' $server_port;
}
# If we receive Upgrade, set Connection to "upgrade"; otherwise, delete any
# Connection header that may have been passed to this server
map $http_upgrade $proxy_connection {
default upgrade;
'' close;
}
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server_names_hash_bucket_size 128;
# Default dhparam
ssl_dhparam /etc/nginx/dhparam/dhparam.pem;
# Set appropriate X-Forwarded-Ssl header based on $proxy_x_forwarded_proto
map $proxy_x_forwarded_proto $proxy_x_forwarded_ssl {
default off;
https on;
}
gzip_types text/plain text/css application/javascript application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384';
ssl_prefer_server_ciphers off;
# HTTP 1.1 support
# proxy_http_version 1.1;
# proxy_buffering off;
# proxy_set_header Host $http_host;
# proxy_set_header Upgrade $http_upgrade;
# proxy_set_header Connection $proxy_connection;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $proxy_x_forwarded_proto;
# proxy_set_header X-Forwarded-Ssl $proxy_x_forwarded_ssl;
# proxy_set_header X-Forwarded-Port $proxy_x_forwarded_port;
# proxy_set_header X-Original-URI $request_uri;
include /etc/nginx/conf.d/*.conf;
}