nginx安装脚本
#!/bin/bash
# Date: 2023-1-19
# Author: lizexin
# version: 2.0
export LANG="zh_CN.UTF-8"
echo -e "\033[31m ############Nginx安装脚本############### \033[0m"
echo -e "\033[31m 请将安装包放在/data/soft中 \033[0m"
echo -e "\033[31m 开始检查安装包路径是否存在 \033[0m"
# 软件包位置
if [ -d "/data/soft" ];then
echo -e "\033[32m 存在,不需要创建! \033[0m"
else
read -p "不存在,是否需要创建? 请输入(y/n)" yes_no
if [ "$yes_no" = "y" ];then
mkdir -p /data/soft
elif [ "$yes_no" = "n" ];then
echo -e "\033[31m 不创建,退出 \033[0m"
exit 1
else
echo -e "\033[31m 输入有误! \033[0m"
exit 1
fi
fi
# 检查gcc依赖,影响make
echo -e "\033[31m 开始检查是否有gcc依赖 \033[0m"
gcc_num=`rpm -qa |grep ^gcc|wc -l`
if [ "$gcc_num" -ge 2 ];then
echo -e "\033[32m gcc依赖存在,无需安装 \033[0m"
else
echo -e "\033[31m gcc依赖不存在或者不全,检查安装"
yum -y install gcc gcc-c++
fi
# 检查perl是否存在,在安装openssl是容易报错
echo -e "\033[31m 开始检查是否有perl依赖 \033[0m"
perl_num=`rpm -qa |grep perl-[1-9]|wc -l`
perl_version=`rpm -qa |grep perl-[1-9]|awk -F [-] '{print $2}'|awk -F [.] '{print $1}'`
if [ "$perl_num" -ge 1 ] && [ "$perl_version" -ge 5 ];then
echo -e "\033[32m perl依赖存在,无需安装 \033[0m"
elif [ "$perl_num" -ge 1 ] && [ "$perl_version" -le 5 ];then
echo -e "033[31m perl版本低于5,检查安装"
else
echo -e "\033[31m perl不存在,开始安装"
yum -y install perl
fi
# 安装pcre
echo -e "\033[32m 进入目录:/data/soft \033[0m"
cd /data/soft
echo -e "\033[32m 开始解压pcre \033[0m"
read -p "请输入版本,例如(8.45): " pcre_version
echo -e "\033[35m 解压:pcre-"$pcre_version".tar.gz \033[0m"
tar -zxvf pcre-"$pcre_version".tar.gz 2>&1 >/dev/null
sleep 1
cd /data/soft
# 安装zlib
echo -e "\033[32m 开始解压zlib \033[0m"
read -p "请输入zlib版本,例如(1.2.10): " zlib_version
echo -e "\033[35m 解压:zlib-"$zlib_version".tar.gz \033[0m"
tar -zxvf zlib-"$zlib_version".tar.gz 2>&1 >/dev/null
sleep 1
cd /data/soft
# 安装openssl
echo -e "\033[32m 开始解压openssl \033[0m"
read -p "请输入openssl版本,例如(1.1.1l): " openssl_version
echo -e "\033[35m 解压:openssl-"$openssl_version".tar.gz \033[0m"
tar -zxvf openssl-"$openssl_version".tar.gz 2>&1 >/dev/null
sleep 1
cd /data/soft
# 安装nginx
echo -e "\033[32m 开始解压nginx \033[0m"
read -p "请输入nginx版本,例如(1.12.2): " nginx_version
echo -e "\033[35m 解压:nginx-"$nginx_version".tar.gz \033[0m"
tar -zxvf nginx-"$nginx_version".tar.gz 2>&1 >/dev/null
cd nginx-"$nginx_version"
read -p "请输入nginx安装路径,例如(/data/nginx): " nginx_path
echo -e "\033[35m 开始加载.... \033[0m"
./configure --user=root --group=root --prefix=${nginx_path} --with-http_stub_status_module --with-http_gzip_static_module --with-http_realip_module --with-http_sub_module --with-http_ssl_module --with-pcre=/data/soft/pcre-"$pcre_version" --with-zlib=/data/soft/zlib-"$zlib_version" --with-openssl=/data/soft/openssl-"$openssl_version" 2>&1 >/dev/null
echo -e "\033[35m 开始安装,请稍等... \033[0m"
make 2>&1 >>/dev/null
make install 2>&1 >>/dev/null
echo -e "\033[32m 创建日志目录:${nginx_path}/logs \033[0m"
mkdir -p ${nginx_path}/logs
if [ "$?" -eq "0" ];then
echo -e "\033[32m 安装完成! \033[0m"
else
echo -e "\033[31m 安装失败! \033[0m"
exit 1
fi
sleep 3
cd /data/soft
read -p "是否需要删除下载的安装(输入y/Y删除,其他不删除):" inputMsg
if [ "$inputMsg" == 'y' ] || [ "$inputMsg" == 'Y' ] ;then
rm -rf nginx-"$nginx_version".tar.gz pcre-"$pcre_version".tar.gz openssl-"$openssl_version".tar.gz zlib-"$zlib_version".tar.gz
echo -e "\033[32m 删除完成 \033[0m"
else
echo -e "\033[32m 不删除 \033[0m"
fi
read -p "是否需要启动nginx(输入y/Y启动,其他不启动):" startNginxMsg
if [ "$startNginxMsg" == 'y' ] || [ "$startNginxMsg" == 'Y' ] ;then
${nginx_path}/sbin/nginx
if [ $? -eq 0 ];then
localIp=`ifconfig -a |grep inet|grep -v inet6|grep -v 127|awk '{print $2}'|tr -d "addr:"`
echo -e "\033[32m 启动成功,请访问: http://$localIp \033[0m"
else
echo -e "\033[31m 启动失败,请查看异常信息确定失败原因 \033[0m"
fi
else
echo -e "\033[35m 不启动 \033[0m"
fi
echo -e "\033[32m nginx安装完成! \033[0m"
echo -e "\033[32m 版本信息: \033[0m"
echo -e "\033[35m pcre: \033[0m" $pcre_version
echo -e "\033[35m zlib: \033[0m" $zlib_version
echo -e "\033[35m openssl: \033[0m" $openssl_version
echo -e "\033[35m nginx: \033[0m" $nginx_version
echo -e "\033[32m 安装路径: \033[0m" ${nginx_path}
echo "end"
逻辑卷安装与扩容脚本
#!/bin/bash
# Date:2023-1-16
# Author:lizexin
# Version:2.0
echo -e "\033[31m 磁盘创建与扩容,此版本将磁盘所有空间添加 \033[0m"
cat <<END
1.[新建磁盘分区]
2.[磁盘扩容]
3.[退出]
请输入您需要执行的序号:
END
read num
expr $num + 1 &> /dev/null
[ $? -ne 0 ] && {
echo -e "\033[31m 序号必须输入{1|2|3}.. \033[0m"
exit 1
}
[ "$num" -eq "1" ] && {
echo -e "\033[31m 开始新建分区...请等待... \033[0m"
sleep 2;
# 创建物理卷
read -p "请输入需要创建的物理卷,例如(/dev/vdb): " Physical_Volume
pvcreate $Physical_Volume &>/dev/null
if [ $? -ne 0 ];then
echo -e "\033[31m 创建${Physical_Volume}错误,请检查是否存在... \033[0m"
exit 1
else
echo -e "\033[32m 创建成功,物理卷为${Physical_Volume} \033[0m"
fi
# 创建卷组
read -p "请输入需要创建的卷组名称,例如(vg_data): " Volume_Group
vgcreate $Volume_Group $Physical_Volume 2>&1 >/dev/null
if [ $? -ne 0 ];then
echo -e "\033[31m 创建${Volume_Group}错误,请检查是否已存在... \033[0m"
exit 1
else
echo -e "\033[32m 创建成功,卷组为${Volume_Group}... \033[0m"
fi
# 创建逻辑卷
read -p "请输入需要创建的逻辑卷名称,例如(lv_data): " Logical_Volume
lvcreate -l 100%vg -n $Logical_Volume $Volume_Group 2>&1 >/dev/null
if [ $? -ne 0 ];then
echo -e "\033[31m 创建${Logical_Volume}错误,请检查是否正确... \033[0m"
exit 1
else
echo -e "\033[32m 创建成功,逻辑卷为${Logical_Volume} \033[0m"
fi
# 格式化
read -p "请选择格式化方式,请输入{ext4|xfs} " MKFS
if [ $MKFS = "ext4" ];then
mkfs."${MKFS}" /dev/${Volume_Group}/${Logical_Volume} 2>&1 >/dev/null
echo -e "\033[32m 格式化成功,类型为${MKFS} \033[0m"
elif [ $MKFS = "xfs" ];then
mkfs."${MKFS}" /dev/${Volume_Group}/${Logical_Volume}
echo -e "\033[32m 格式化成功,类型为${MKFS} \033[0m" 2>&1 >/dev/null
else
echo -e "输入有误!"
exit 2
fi
# 挂载点创建
read -p "创建挂载目录,请输入目录名称(例如:/data): " Dir
[ -d $Dir ] && echo -e "\033[31m 目录已存在 \033[0m" || mkdir $Dir
# 临时挂载
echo -e "\033[32m 开始挂载 \033[0m"
mount /dev/${Volume_Group}/${Logical_Volume} $Dir
# 永久挂载
echo "/dev/mapper/${Volume_Group}-${Logical_Volume} ${Dir} ${MKFS} defaults 0 0 " >>/etc/fstab
if [ $? -ne 0 ];then
echo -e "\033[31m 挂载失败,请查看是否有误! \033[0m"
exit 1
else
echo -e "\033[31m 创建成功,请用以下命令自行查看(df -hT && cat /etc/fstab) \033[0m"
fi
echo -e "\033[31m 磁盘分配完成... \033[0m"
exit 0
}
[ "$num" -eq "2" ] && {
echo -e "\033[31m 开始磁盘扩容...请等待... \033[0m"
sleep 2;
# 创建物理卷
read -p "请输入需要创建的物理卷,例如(/dev/vdb): " Physical_Volume
pvcreate $Physical_Volume 2>&1 >/dev/null
if [ $? -ne 0 ];then
echo -e "\033[31m 创建${Physical_Volume}错误,请检查是否存在... \033[0m"
exit 1
else
echo -e "\033[32m 创建成功,物理卷为${Physical_Volume} \033[0m"
fi
# 将物理卷/dev/vdc加入卷组
read -p "是否需要查看现有卷组,请输入(y/n): " VG_display
while [ "1" -eq "1" ];do
if [ "$VG_display" = "y" ];then
vgs
break
elif [ "$VG_display" = "n" ];then
echo -e "\033[31m 退出查看! \033[0m"
break
else
echo -e "\033[31m 您的输入有误,已退出! \033[0m"
break
fi
done
read -p "请输入要扩容的卷组名称,例如(vg_data): " Volume_Group
vgextend $Volume_Group $Physical_Volume 2>&1 >/dev/null
if [ $? -ne 0 ];then
echo -e "\033[31m 输入有误,请检查是否存在... \033[0m"
exit 1
else
echo -e "\033[32m 加入成功! \033[0m"
fi
read -p "请输入要添加的逻辑卷名称,例如(lv_data):" Logical_Volume
echo -e "\033[32m 开始添加! \033[0m"
lvextend -l +100%FREE -n /dev/mapper/${Volume_Group}-${Logical_Volume} 2>&1 >/dev/null
sleep 2;
if [ $? -ne 0 ];then
echo -e "\033[31m 添加失败,请检查是否存在... \033[0m"
exit 1
else
echo -e "\033[32m 加入成功! \033[0m"
fi
read -p "请选择文件类型格式,请输入{ext4|xfs} " MKFS
if [ $MKFS = "ext4" ];then
resize2fs /dev/mapper/${Volume_Group}-${Logical_Volume}
echo -e "\033[32m 扩容成功,类型为${MKFS} \033[0m" 2>&1 >/dev/null
elif [ $MKFS = "xfs" ];then
xfs_growfs /dev/mapper/${Volume_Group}-${Logical_Volume} 2>&1 >/dev/null
echo -e "\033[32m 扩容成功,类型为${MKFS} \033[0m"
else
echo -e "输入有误!"
exit 2
fi
echo -e "\033[31m 磁盘分配完成,验证请用df -hT \033[0m"
exit 0
}
# 退出
[ "$num" -eq "3" ] && {
echo "bye!"
exit 3
}
# 限制用户输入的必须是1,2,3
[[ ! "$num" =~ [1-3] ]] && {
echo "序号必须输入{1|2|3}"
exit 4
}
tomcat重启
#!/bin/bash
# Date:2023-1-9
# Author:lizexin
# Version:1.0
# 路径
App_Path=$(cd `dirname $0`;pwd)
# 获取Old_PID
PID=`ps -ef|grep java|grep -v grep|grep $App_Path |awk '{print $2}'`
function RESTART() {
echo -e "\033[35m Tomcat restarting! \033[0m"
if [[ -n $PID ]];then
echo -e "\033[35m Stop App! \033[0m"
kill -9 $PID
sleep 5
echo -e "\033[35m Start clearing the cache! \033[0m"
rm -rf ${App_Path}/../work/Catalina
sleep 3
echo -e "\033[35m Start App! \033[0m"
${App_Path}/startup.sh 2>&1 >/dev/null
New_PID=`ps -ef|grep java|grep -v grep|grep $App_Path |awk '{print $2}'`
echo -e "\033[35m Application startup completed,New PID is ${New_PID} \033[0m"
else
echo -e "\033[35m There are no running processes \033[0m"
echo -e "\033[35m Start clearing the cache! \033[0m"
rm -rf ${App_Path}/../work/Catalina
echo -e "\033[35m Start App! \033[0m"
${App_Path}/startup.sh 2>&1 >/dev/null
New_PID=`ps -ef|grep java|grep -v grep|grep $App_Path |awk '{print $2}'`
sleep 10
echo -e "\033[35m Application startup completed,New PID is ${New_PID} \033[0m"
fi
exit
}
RESTARTnginx升级脚本
#!/bin/bash
# Date: 2022-11-22
# Author: lizexin
# Explain: Nginx Upgrade script
echo -e "\033[35m 请将安装包放在/data/soft \033[0m"
read -p "请输入现有Nginx安装路径,如(/data/nginx): " Old_nginx_path
echo -e "\033[32m 开始获取旧Nginx安装参数 \033[0m"
Param=`${Old_nginx_path}/sbin/nginx -V |& awk -F [:] '/^configure/{print $2}'`
echo -e "\033[35m 旧版本安装参数为: \033[0m" $Param
cd /data/soft
read -p "请输入准备更新的Nginx版本,如(1.10.2): " New_Nginx_version
echo -e "\033[35m 开始解压 \033[0m"
tar -zxvf nginx-${New_Nginx_version}.tar.gz
echo -e "\033[32m 开始编译新nginx源码包,请等待... \033[0m"
cd nginx-${New_Nginx_version}
./configure ${Param} >> /dev/null 2>&1
make >> /dev/null 2>&1
if [ $? -eq 0 ];then
echo -e "\033[32m 编译完成,继续进行... \033[0m"
else
echo -e "\033[31m 编译失败,请检查失败原因... \033[0m"
exit 1
fi
echo -e "\033[32m 开始备份旧nginx二进制配置文件 \033[0m"
# 备份旧nginx二进制文件的配置文件(期间nginx服务不停止)
mv ${Old_nginx_path}/sbin/nginx ${Old_nginx_path}/sbin/nginx_$(date +%F)
# 复制新nginx二进制文件
echo -e "\033[32m 开始复制新nginx二进制配置文件 \033[0m"
cp /data/soft/nginx-${New_Nginx_version}/objs/nginx ${Old_nginx_path}/sbin/nginx
# 测试新版本nginx是否正常
echo -e "\033[32m 开始验证新版本nginx是否正常... \033[0m"
successful=`${Old_nginx_path}/sbin/nginx -t |& awk '/successful/{print $NF}'`
if [ "$successful" == "successful" ];then
echo -e "\033[32m 版本正常,继续进行... \033[0m"
sleep 3;
else
echo -e "\033[31m 版本异常,请检查失败原因... \033[0m"
exit 2
fi
# 给nginx发送平滑迁移信号
echo -e "\033[32m 开始给nginx发送平滑迁移信号... \033[0m"
kill -USR2 `cat ${Old_nginx_path}/logs/nginx.pid`
sleep 3;
# 关闭旧的nginx进程
echo -e "\033[32m 开始关闭旧的nginx进程... \033[0m"
kill -WINCH `cat ${Old_nginx_path}/logs/nginx.pid.oldbin`
sleep 3;
# 结束工作进程
kill -HUP `cat ${Old_nginx_path}/logs/nginx.pid.oldbin`
kill -QUIT `cat ${Old_nginx_path}/logs/nginx.pid.oldbin`
sleep 3;
# 验证nginx升级是否完成
echo -e "\033[32m 验证升级是否完成... \033[0m"
${Old_nginx_path}/sbin/nginx -V
sleep 3;
echo -e "\033[32m 升级结束... \033[0m"
exit 0
openssh升级
1.安装步骤
- 安装pam-devel依赖包
- 系统/etc/ssh/sshd_config 这个文件提前放到了/servyou/install/ssh_update下,把之前的换掉
- mkdir -p /servyou/install/ssh_update
- chmod 777 /servyou/install/ssh_update/*
2.先升级openssl
#!/bin/sh
install_path=/servyou/install/ssh_update
#限定启动用户为root
if [ `whoami` != 'root' ]; then
echo -e '\033[32m启动用户错误,请确认。\033[0m'
exit 9
fi
#限定服务器类型为linux6/7 64位
if [[ ! `uname -r` =~ .*x86_64 ]]; then
echo -e '\033[32m您当前的操作系统内核不是7.x86_64,此安装文件仅适用linux6/7 64位系统。\033[0m'
exit 9
fi
#判断当前ssl版本是否需要升级
if [[ `openssl version` =~ 1.1.1l ]]; then
echo -e '\033[32m您当前的ssl版本为已进行过升级,不需要再进行升级。\033[0m'
exit 9
fi
#检查gcc环境
yum -y install gcc* gcc-c++*
if [[ `rpm -qa|grep gcc|wc -l` = '0' ]]; then
echo -e '\033[31m您的环境缺少gcc依赖包,请确认yum源正常并进行安装。\033[0m'
exit 9
fi
#检查zlib环境
yum -y install zlib-devel
if [[ `rpm -qa|grep zlib-devel|wc -l` = '0' ]]; then
echo -e '\033[31m您的环境缺少zlib-devel依赖包,请确认yum源正常并进行安装。\033[0m'
exit 9
fi
#限定已经安装并开启了telnet-server作为ssh安装失败的备用方案
yum -y install zlib
if [ `rpm -qa |grep xinetd |wc -l` -eq 0 ];then
yum -y install xinetd*
fi
if [ `rpm -qa |grep telnet-server |wc -l` -eq 0 ];then
yum -y install telnet-server*
fi
if [ `rpm -qa |grep telnet |grep -v telnet-server |wc -l` -eq 0 ];then
yum -y install telnet*
fi
sed -i 's/disable.*/disable = no/g' /etc/xinetd.d/telnet
sed -i 's/^.*pam_securetty.so/#&/g' /etc/pam.d/login
sed -i 's/^.*pam_securetty.so/#&/g' /etc/pam.d/remote
if [[ `uname -r` =~ el6.*x86_64 ]]; then
service xinetd restart
chkconfig xinetd on
elif [[ `uname -r` =~ el7.*x86_64 ]]; then
systemctl enable xinetd.service
systemctl enable telnet.socket
systemctl start telnet.socket
systemctl start xinetd
else
echo -e '\033[32m您当前的操作系统内核不是x86_64,此安装文件仅适用linux6/7 64位系统。\033[0m'
fi
#判断telnet-server是否启动成功
if [ `ps -ef |grep xinetd |grep -v grep |wc -l` -eq 0 ];then
echo -e '\033[32mtelnet-server安装启动失败,请检查!\033[0m'
exit 9
fi
#开始安装ssl
if [ ! -f $install_path/openssl*.tar.gz ];then
echo -e "\033[31m请确认目录下$install_path下安装包正常。\033[0m"
exit 9
fi
cd $install_path
tar -zxvf openssl*.tar.gz
cd openssl*
./config shared zlib --prefix=/usr/local/openssl && make && make install|tee openssl_install.log
./config -t|tee -a openssl_install.log
make depend|tee -a openssl_install.log
mv /usr/bin/openssl /usr/bin/openssl.old
mv /usr/include/openssl /usr/include/openssl.old
mv /usr/local/bin/openssl /usr/local/bin/openssl.old
ln -s /usr/local/openssl/bin/openssl /usr/bin/openssl
ln -s /usr/local/openssl/include/openssl /usr/include/openssl
rm -rf /usr/lib64/libssl.so
ln -s /usr/local/openssl/lib/libssl.so /usr/lib64/libssl.so
rm -rf /usr/lib64/libcrypto.so
ln -s /usr/local/openssl/lib/libcrypto.so /usr/lib64/libcrypto.so
ln -sf /usr/local/openssl/lib/libcrypto.so.1.0.0 /lib64/libcrypto.so.6
\cp -ra /usr/bin/openssl /usr/local/bin/
echo "/usr/local/openssl/lib" >>/etc/ld.so.conf
ldconfig -v|tee -a openssl_install.log
ldd /usr/local/openssl/bin/openssl|tee -a openssl_install.log
which openssl|tee -a openssl_install.log
openssl version|tee -a openssl_install.log
#安装成功与否判断
if [[ `openssl version` =~ 1.1.1q ]]; then
echo -e '\033[32m您当前的ssl版本已完成升级。\033[0m'
else
echo -e '\033[31m您当前的ssl版本升级失败,请检查。\033[0m'
exit 9
fi3.升级openssh
#!/bin/sh
#限定启动用户为root
install_path=/servyou/install/ssh_update
echo $install_path
if [ `whoami` != 'root' ]; then
echo -e '\033[32m启动用户错误,请确认。\033[0m'
exit 9
fi
#限定服务器类型为linux6/7 64位
if [[ ! `uname -r` =~ .*x86_64 ]]; then
echo -e '\033[32m您当前的操作系统内核不是.x86_64,此安装文件仅适用linux6/7 64位系统。\033[0m'
exit 9
fi
#判断当前ssh版本是否需要升级
if [[ `strings /usr/bin/ssh | grep OpenSSH` =~ OpenSSH_8.8 ]]; then
echo -e '\033[32m您当前的ssh版本为8.6p1,不需要进行升级。\033[0m'
exit 9
fi
#判断当前ssl版本是否适合安装
if [[ ! `openssl version` =~ 1.1.1l ]]; then
echo -e '\033[32m您当前的openssl未进行升级,建议升级后继续升级ssh。\033[0m'
exit 9
fi
#判断ssl动态链接库是否正常
if [ ! -e /usr/lib64/libssl.so ];then
echo "/usr/lib64/libssl.so失效,请检查!"
exit 9
fi
if [ ! -e /usr/lib64/libssl.so.10 ];then
echo "/usr/lib64/libssl.so.10 失效,请检查!"
exit 9
fi
if [ ! -e /usr/lib64/libcrypto.so ];then
echo "/usr/lib64/libcrypto.so 失效,请检查!"
exit 9
fi
if [ ! -e /usr/lib64/libcrypto.so.10 ];then
echo "/usr/lib64/libcrypto.so.10 失效,请检查!"
exit 9
fi
#限定已经安装并开启了telnet-server作为ssh安装失败的备用方案
yum -y install zlib
if [ `rpm -qa |grep xinetd |wc -l` -eq 0 ];then
yum -y install xinetd*
fi
if [ `rpm -qa |grep telnet-server |wc -l` -eq 0 ];then
yum -y install telnet-server*
fi
if [ `rpm -qa |grep telnet |grep -v telnet-server |wc -l` -eq 0 ];then
yum -y install telnet*
fi
sed -i 's/disable.*/disable = no/g' /etc/xinetd.d/telnet
sed -i 's/^.*pam_securetty.so/#&/g' /etc/pam.d/login
sed -i 's/^.*pam_securetty.so/#&/g' /etc/pam.d/remote
if [[ `uname -r` =~ el6.*x86_64 ]]; then
service xinetd restart
chkconfig xinetd on
elif [[ `uname -r` =~ el7.*x86_64 ]]; then
systemctl enable xinetd.service
systemctl enable telnet.socket
systemctl start telnet.socket
systemctl start xinetd
else
echo -e '\033[32m您当前的操作系统内核不是x86_64,此安装文件仅适用linux6/7 64位系统。\033[0m'
fi
#echo "pts/0" >> /etc/securetty
#echo "pts/1" >> /etc/securetty
#判断telnet-server是否启动成功
if [ `ps -ef |grep xinetd |grep -v grep |wc -l` -eq 0 ];then
echo -e '\033[32mtelnet-server安装启动失败,请检查!\033[0m'
exit 9
fi
#进行ssh升级安装:
cd $install_path
pwd
tar -xzvf openssh*.tar.gz
cd openssh*
./configure --prefix=/usr --sysconfdir=/etc/ssh --with-md5-passwords --with-pam --with-tcp-wrappers --with-ssl-dir=$install_path/openssl-1.1.1l --without-hardening |tee install_ssh.log
if [[ `uname -r` =~ el6.*x86_64 ]]; then
service sshd stop
elif [[ `uname -r` =~ el7.*x86_64 ]]; then
systemctl stop sshd
else
echo -e '\033[32m您当前的操作系统内核不是x86_64,此安装文件仅适用linux6/7 64位系统。\033[0m'
fi
mv /etc/ssh /etc/ssh.bak
rpm -qa|grep openssh|xargs rpm -e --nodeps
./configure --prefix=/usr --sysconfdir=/etc/ssh --with-md5-passwords--with-pam --with-tcp-wrappers --with-ssl-dir=$install_path/openssl-1.1.1l --without-hardening
make && make install|tee -a install_ssh.log
\cp ./contrib/redhat/sshd.init /etc/init.d/sshd
chmod u+x /etc/init.d/sshd
chmod 755 /usr/local/openssl -R
#安装成功判断,成功则关闭telnet-server服务
chkconfig --add sshd
chkconfig sshd on
#sed -i 's/^Subsystem.*$/Subsystem sftp internal-sftp/g' /etc/ssh/sshd_config
#echo 'Protocol 2'>>/etc/ssh/sshd_config
#echo 'UseLogin yes'>>/etc/ssh/sshd_config
#echo 'PermitRootLogin yes'>>/etc/ssh/sshd_config
#echo 'IgnoreRhosts yes'>>/etc/ssh/sshd_config
#echo 'X11Forwarding yes'>>/etc/ssh/sshd_config
\cp -ra /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
\cp -ra $install_path/sshd_config /etc/ssh/sshd_config
ssh -V
#service sshd restart
if [[ `uname -r` =~ el6.*x86_64 ]]; then
/etc/init.d/sshd restart >/dev/null 2>&1 &
elif [[ `uname -r` =~ el7.*x86_64 ]]; then
systemctl restart sshd
else
echo -e '\033[32m您当前的操作系统内核不是x86_64,此安装文件仅适用linux6/7 64位系统。\033[0m'
firedis安装脚本
#!/bin/bash
#shell脚本路径为:/data/tool/shell。redis文件路径为:/data/soft/redis
#shell脚本执行时需要定义redis路径、端口参数。
#判断使用root用户
if [[ $UID -ne 0 ]];then
echo "使用root 执行此脚本"
exit 1
fi
#定义安装文件路径和临时目录
#redisversion=redis-5.0.9
redisfile=/data/soft/redis
#redisport=16379
tempfile=redistempfile
#安装redis
read -p "请输入redis安装目录名(如:/data/redis):" redisversion
echo -e "redis部署路径:$redisversion\n"
read -p "请输入redis端口号(如:16379):" redisport
echo -e "redis端口修改为$redisport\n"
read -p "请输入redisIP(填写服务器本机ip地址):" redisip
echo -e "redis端口修改为$redisip\n"
read -p "请按[Enter]键开始安装redis程序" een
rm -f /var/run/yum.pid
rm -rf $redisversion
rm -rf data/soft/redis/$tempfile
echo "清理环境"
#yum安装依赖包
echo -e "\n\n\n Yum 安装依赖包"
yum install -y mpfr cpp ppl cloog-ppl libstdc++-devel gcc gcc-c++ zlib-devel
echo -e "\n\n\n Yum 安装依赖包完成"
chown -R root.root $redisfile
cd $redisfile
mkdir $tempfile
tar zxvf redis*.tar.gz -C $tempfile
mv $tempfile/redis* $redisversion
cd $redisversion
make
sed -i -r -e "/^bind 127.0.0.1/c \bind $redisip" $redisversion/redis.conf
sed -i -r -e '/^protected-mode/c \protected-mode no' $redisversion/redis.conf
sed -i -r -e "/^port 6379/c \port $redisport" $redisversion/redis.conf
sed -i -r -e '/^daemonize no/c \daemonize yes' $redisversion/redis.conf
#防火墙策略
echo "防火墙Iptable,添加端口策略:$redisport"
sed -i -r -e "12i \#redis端口\n-A INPUT -p tcp -m state --state NEW -m tcp --dport $redisport -j ACCEPT\n" /etc/sysconfig/iptables
systemctl restart iptables.service
echo -e "\n\nredis部署完成,部署路径:\n$redisversion\n启动命令:\ncd $redisversion/src/\n./redis-server ../redis.conf"
-
1 2
今日剩余
59.6%
本周剩余
37.1%
本月剩余
22.0%
本年剩余
52.2%