因为工作的原因,博客很久没有更新了,觉得挺对不起大伙和自己的,决定逐渐开始更新吧。
最近几个VPS装的是CentOS系统,觉得这个系统比较高大上,其实内心还是忠于debian的,但是学习嘛,不局限于哪个系统,有兴趣的都学学。
这个脚本是基于debian的脚本改的,基本上都一样,就是软件安装的命令换了换。
本脚本具有以下功能:
1.初始化系统,删除不必要的软件,基本的优化;
2.安装lnmp套件,非编译安装,速度快,秒装;
3.添加虚拟主机;
4.修改ssh端口号,nginx php-fpm进程数;
5.添加ssh账号,具体你懂得。
上代码:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
|
#!/bin/bash
function check_sanity {
# Do some sanity checking.
if [ $(/usr/bin/id -u) != "0" ]
then
die 'Must be run by root user'
fi
if [ ! -f /etc/redhat-release ]
then
die "Distribution is not supported"
fi
}
function die {
echo "ERROR: $1" > /dev/null 1>&2
exit 1
}
function get_password() {
# Check whether our local salt is present.
SALT=/var/lib/random-seed
if [ ! -f "$SALT" ]
then
head -c 512 /dev/urandom > "$SALT"
chmod 400 "$SALT"
fi
password=`(cat "$SALT"; echo $1) | md5sum | base64`
echo ${password:0:13}
}
function install_lnmp() {
yum -y install mysql-server nginx php-fpm php-curl php-gd php-sqlite php-mysql
service mysqld stop
service php-fpm stop
service nginx stop
# setup php5
rm -rf /var/www
mkdir -p /var/www
wget -P "/var/www/" http://kwxiaozhu.googlecode.com/svn/tz.php
chown apache:apache -R /var/www
sed -i s/'listen = 127.0.0.1:9000'/'listen = \/var\/run\/php5-fpm.sock'/ /etc/php-fpm.d/www.conf
# sed -i s/'pm = dynamic'/'pm = static'/ /etc/php-fpm.d/www.conf
sed -i s/'^pm.max_children = [0-9]*'/'pm.max_children = 5'/ /etc/php-fpm.d/www.conf
sed -i s/'^pm.start_servers = [0-9]*'/'pm.start_servers = 3'/ /etc/php-fpm.d/www.conf
sed -i s/'^pm.min_spare_servers = [0-9]*'/'pm.min_spare_servers = 2'/ /etc/php-fpm.d/www.conf
sed -i s/'^pm.max_spare_servers = [0-9]*'/'pm.max_spare_servers = 5'/ /etc/php-fpm.d/www.conf
sed -i s/'user = apache'/'user = nobody'/ /etc/php-fpm.d/www.conf
sed -i s/'group = apache'/'group = nobody'/ /etc/php-fpm.d/www.conf
sed -i s/'memory_limit = 128M'/'memory_limit = 64M'/ /etc/php.ini
sed -i s/'short_open_tag = Off'/'short_open_tag = On'/ /etc/php.ini
sed -i s/'upload_max_filesize = 2M'/'upload_max_filesize = 8M'/ /etc/php.ini
# setup nginx
mkdir -p /etc/nginx/sites-enabled
cat > /etc/nginx/php.conf <<END
location ~* \.(ico|css|js|gif|jpeg|jpg|png)(\?[0-9]+)?\$ {
expires max;
break;
}
location ~ .*\.php\$
{
fastcgi_pass_request_body off;
client_body_temp_path /tmp/client_body_temp;
client_body_in_file_only clean;
fastcgi_param REQUEST_BODY_FILE \$request_body_file;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
}
END
cat > /etc/nginx/wp.conf <<END
location / {
if (!-e \$request_filename) {
rewrite ^(.+)\$ /index.php?q=\$1 last;
}
}
END
cat > /etc/nginx/fastcgi_params <<END
fastcgi_param QUERY_STRING \$query_string;
fastcgi_param REQUEST_METHOD \$request_method;
fastcgi_param CONTENT_TYPE \$content_type;
fastcgi_param CONTENT_LENGTH \$content_length;
fastcgi_param SCRIPT_FILENAME \$request_filename;
fastcgi_param SCRIPT_NAME \$fastcgi_script_name;
fastcgi_param REQUEST_URI \$request_uri;
fastcgi_param DOCUMENT_URI \$document_uri;
fastcgi_param DOCUMENT_ROOT \$document_root;
fastcgi_param SERVER_PROTOCOL \$server_protocol;
fastcgi_param HTTPS \$https if_not_empty;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE Apache/2.1.4;
fastcgi_param REMOTE_ADDR \$remote_addr;
fastcgi_param REMOTE_PORT \$remote_port;
fastcgi_param SERVER_ADDR \$server_addr;
fastcgi_param SERVER_PORT \$server_port;
fastcgi_param SERVER_NAME \$server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
END
cat > /etc/nginx/nginx.conf <<END
user nobody;
worker_processes 1;
#worker_cpu_affinity 01 10 01 10 01 10 01 10;
error_log /var/log/nginx/error_log crit;
pid /var/run/nginx.pid;
worker_rlimit_nofile 65535;
events
{
use epoll;
worker_connections 4096;
}
http
{
# include /etc/nginx/deny.iplist;
include /etc/nginx/mime.types;
default_type application/octet-stream;
server_name_in_redirect off;
server_names_hash_bucket_size 64;
server_tokens off;
client_header_buffer_size 4k;
large_client_header_buffers 4 16k;
client_max_body_size 8m;
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
tcp_nodelay off;
client_body_timeout 10;
client_header_timeout 10;
send_timeout 60;
output_buffers 1 32k;
postpone_output 1460;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 4k;
fastcgi_buffers 8 4k;
fastcgi_busy_buffers_size 8k;
fastcgi_temp_file_write_size 8k;
log_format main '\$remote_addr - \$remote_user [\$time_local] "\$request" '
'\$status \$body_bytes_sent "\$http_referer" '
'"\$http_user_agent" \$http_x_forwarded_for';
gzip on;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 3;
gzip_types text/plain application/x-javascript text/css application/xml;
include /etc/nginx/sites-enabled/*;
}
END
cat >/etc/nginx/sites-enabled/default <<END
server {
listen 80 default;
index index.php index.htm index.html;
# autoindex on;
# autoindex_exact_size off;
# autoindex_localtime on;
root /var/www;
access_log /var/log/nginx/access.log main;
# limit_rate_after 10m;
# limit_rate 512k;
# location ~ \.flv
# {
# flv;
# }
include php.conf;
}
END
# setup mysql
rm -f /var/lib/mysql/ib*
cat > /etc/my.cnf <<END
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql
# Disabling symbolic-links is recommended to prevent assorted security risks
bind-address=127.0.0.1
symbolic-links=0
key_buffer = 8M
query_cache_size = 0
skip-innodb
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
END
service mysqld start
# Generating a new password for the root user.
cat > ~/temp.sql <<END
delete from user where user='' or password='';
flush privileges;
END
mysql -uroot mysql<temp.sql
rm -rf ~/temp.sql
passwd=`get_password root@mysql`
mysqladmin -uroot password "$passwd"
cat > ~/.my.cnf <<END
[client]
user = root
password = $passwd
END
# mysql -uroot -p"$passwd" <temp.sql
chmod 600 ~/.my.cnf
service mysqld restart
# setup complete
service mysqld start
service php-fpm start
service nginx start
chkconfig mysqld on
chkconfig php-fpm on
chkconfig nginx on
}
function install_vhost {
if [ ! -d /home/www ];
then
mkdir /home/www
fi
if [ -z "$1" ]
then
die "Usage: `basename $0` <hostname>"
fi
mkdir "/home/www/$1"
chown -R nginx "/home/www/$1"
chmod -R 755 "/home/www/$1"
wget -P "/home/www/$1" http://kwxiaozhu.googlecode.com/svn/tz.php
# Setting up Nginx
cat > "/etc/nginx/sites-enabled/$1.conf" <<END
server {
listen 80;
server_name $1;
index index.php index.htm index.html;
root /home/www/$1;
access_log /var/log/nginx/access_$1.log main;
include php.conf;
}
END
service nginx reload
}
function install_vsftpd {
yum -y install vsftpd db4-utils
service vsftpd stop
mv /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.bak
if [ ! -d /home/www ];
then
mkdir /home/www
fi
chown nobody:nobody -R /home/www
cat >/etc/vsftpd/vsftpd.conf <<END
listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=NO
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=YES
ftpd_banner=Welcome to FTP service.
chroot_local_user=YES
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd.vu
rsa_cert_file=/etc/ssl/private/vsftpd.pem
user_config_dir=/etc/vsftpd_user_conf
guest_enable=YES
guest_username=nginx
END
cat >/etc/pam.d/vsftpd.vu <<END
auth required pam_userdb.so db=/etc/vsftpd_login
account required pam_userdb.so db=/etc/vsftpd_login
END
if [ ! -d /etc/vsftpd_user_conf ];
then
mkdir /etc/vsftpd_user_conf
fi
if [ ! -d /var/run/vsftpd/empty ];
then
mkdir -p /var/run/vsftpd/empty
fi
passwd=`get_password vsftpd`
cat >~/.loguser.txt <<END
admin
$passwd
END
db_load -T -t hash -f ~/.loguser.txt /etc/vsftpd_login.db
cat >/etc/vsftpd_user_conf/admin <<END
local_root=/home/www/
write_enable=YES
anon_umask=022
anon_world_readable_only=NO
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
END
chmod 600 ~/.loguser.txt
chmod 600 /etc/vsftpd_login.db
chmod 600 /etc/vsftpd_user_conf -R
service vsftpd start
echo 'vsftpd setup complete!'
echo 'admin account is admin,password is in password file,home directory is /home/www'
echo 'password file stored in .loguser.txt'
}
function remove_unneeded {
yum -y remove httpd* php* samba* bind9* nscd
service saslauthd stop
service xinetd stop
service udev-post stop
chkconfig udev-post off
chkconfig saslauthd off
chkconfig xinetd off
}
function update_upgrade {
# Run through the yum update first. This should be done before
# we try to install any package
cat > /etc/yum.repos.d/nginx.repo <<END
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/\$releasever/\$basearch/
gpgcheck=0
enabled=1
END
yum update -y
}
########################################################################
# START OF PROGRAM
########################################################################
export PATH=/bin:/usr/bin:/sbin:/usr/sbin
check_sanity
case "$1" in
lnmp)
install_lnmp
;;
system)
remove_unneeded
update_upgrade
;;
vhost)
install_vhost $2
;;
ssh)
# cat >> /etc/shells <<END
#/bin/false
#END
useradd $2 -M -s /bin/false
echo $2:$3 | chpasswd
;;
vsftpd)
install_vsftpd
;;
addnginx)
sed -i s/'^worker_processes [0-9];'/'worker_processes kwxiaozhu;'/g /etc/nginx/nginx.conf
sed -i s/kwxiaozhu/$2/g /etc/nginx/nginx.conf
service nginx restart
;;
addfpm)
sed -i s/'^pm.max_children = [0-9]*'/'pm.max_children = kwxiaozhu'/ /etc/php-fpm.d/www.conf
sed -i s/kwxiaozhu/$2/ /etc/php-fpm.d/www.conf
service php-fpm restart
;;
sshport)
#sed -i s/'Port 22'/'Port kwxiaozhu'/ /etc/ssh/sshd_config
sed -i s/'^#Port [0-9]*'/'Port kwxiaozhu'/ /etc/ssh/sshd_config
sed -i s/kwxiaozhu/$2/ /etc/ssh/sshd_config
service sshd restart
;;
*)
echo 'Usage:' `basename $0` '[option]'
echo 'Available option:'
for option in system lnmp vhost vsftpd ssh addnginx addfpm sshport
do
echo ' -' $option
done
;;
esac
|
顺便提供下下载链接
centos-init.sh下载
debian-init.sh下载
下载下来bash centos.sh会有使用提示