配置环境:linode vps CentOS 6.2 32位
配置yum 只留CentOS-Base.repo中[base]、[updates]其他禁用加enabled=0
CentOS-Base.repo、CentOS-Debuginfo.repo、CentOS-Media.repo
yum clean all
rpm --rebuilddb
yum update
使用方法:将其复制,保存为一个shell文件,比如init.sh。将其上传到linux服务器上,执行sh init.sh。建议大家在系统安装后立即执行。
初始化脚本内容:
#!/bin/bash #by LinuxEye #BLOG: http://blog.linuxeye.com #系统瘦身 yum -y groupremove "Console internet tools" "E-mail server" "Graphical Administration Tools" #安装依赖包 yum -y --skip-broken install crontabs gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5-devel libidn libidn-devel openssl openssl-devel nss_ldap openldap openldap-devel openldap-clients openldap-servers libxslt-devel libevent-devel ntp libtool-ltdl bison libtool vim-enhanced #关闭不必要的服务 chkconfig --list | awk '{print "chkconfig " $1 " off"}' > /tmp/chkconfiglist.sh;/bin/sh /tmp/chkconfiglist.sh;rm -rf /tmp/chkconfiglist.sh chkconfig crond on chkconfig irqbalance on chkconfig network on chkconfig sshd on chkconfig rsyslog on chkconfig iptables on #i18n sed -i 's@LANG=.*$@LANG="en_US.UTF-8"@g' /etc/sysconfig/i18n #修改启动模式 sed -i 's/id:.*$/id:3:initdefault:/g' /etc/inittab /sbin/init q #修改PS1 echo 'PS1="\[\e[37;40m\][\[\e[32;40m\]\u\[\e[37;40m\]@\h \[\e[35;40m\]\W\[\e[0m\]]\\$ \[\e[33;40m\]"' >> /etc/profile #修改shell命令的history记录个数 sed -i 's/HISTSIZE=.*$/HISTSIZE=100/g' /etc/profile source /etc/profile #记录每个命令 mkdir /root/logs echo "export PROMPT_COMMAND='{ msg=\$(history 1 | { read x y; echo \$y; });user=\$(whoami); echo \$(date \"+%Y-%m-%d %H:%M:%S\"):\$user:\`pwd\`/:\$msg ---- \$(who am i); } >> \$HOME/logs/\`hostname\`.\`whoami\`.history-timestamp'" >> /root/.bash_profile #密码输错5次锁定180s sed -i '4a auth required pam_tally2.so deny=5 unlock_time=180' /etc/pam.d/system-auth #alias设置 sed -i '7a alias vi=vim' /root/.bashrc #调整Linux的最大文件打开数 echo "* soft nofile 60000" >> /etc/security/limits.conf echo "* hard nofile 65535" >> /etc/security/limits.conf echo "ulimit -SH 65535" >> /etc/rc.local #网络参数调整 sed -i 's/net.ipv4.tcp_syncookies.*$/net.ipv4.tcp_syncookies = 1/g' /etc/sysctl.conf echo 'net.ipv4.tcp_tw_reuse = 1' >> /etc/sysctl.conf echo 'net.ipv4.tcp_tw_recycle = 1' >> /etc/sysctl.conf echo 'net.ipv4.ip_local_port_range = 1024 65000' >> /etc/sysctl.conf sysctl -p #校正时间 /usr/sbin/ntpdate ntp.api.bz echo '*/5 * * * * /usr/sbin/ntpdate ntp.api.bz > /dev/null 2>&1' > /var/spool/cron/root;chmod 600 /var/spool/cron/root /sbin/service crond restart #iptables配置 sed -i 's/IPTABLES_MODULES="ip_conntrack_netbios_ns"/#IPTABLES_MODULES="ip_conntrack_netbios_ns"/g' /etc/sysconfig/iptables-config cat > /etc/sysconfig/iptables << EOF # Firewall configuration written by system-config-securitylevel # Manual customization of this file is not recommended. *filter :INPUT DROP [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -i lo -j ACCEPT -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT -A INPUT -p icmp -m limit --limit 100/sec --limit-burst 100 -j ACCEPT -A INPUT -p icmp -m limit --limit 1/s --limit-burst 10 -j ACCEPT # -A INPUT -p udp -m udp --dport 20 -j ACCEPT COMMIT EOF /sbin/service iptables restart
LNMP源码安装包下载地址 http://blog.linuxeye.com/wp-content/uploads/lnmp.tar.gz
使用方法如下: cd /root/ wget http://blog.linuxeye.com/wp-content/uploads/lnmp.tar.gz unzip lnmp.zip cd lnmp sh lnmp_install.sh
参考:
http://blog.linuxeye.com//1.html #初始化脚本
http://blog.linuxeye.com/31.html #LNMP一键安装包
转载请保留固定链接: https://linuxeye.com/jianzhan/591.html |