server default configure script

2016. 5. 9. 17:54

# Time sync

yum install -y rdate

/usr/bin/rdate -s time.bora.net

# yum.repo.d

/usr/bin/yum install -y vim

centos_ver=`/bin/cat /etc/redhat-release | awk '{print substr($3,1,1)}'`

case "$centos_ver" in

/bin/rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

/bin/rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm

;;

/bin/rpm -Uvh http://dl.fedoraproject.org/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm

/bin/rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-5.rpm

;;

/bin/rpm -Uvh http://dl.fedoraproject.org/pub/epel/4/i386/epel-release-4-10.noarch.rpm

/bin/rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-4.rpm

;;

esac

# system service

all_services=`chkconfig --list | awk '{print $1}'`

on_services="crond network rsyslog sshd kdump"

for i in $all_services;

/sbin/chkconfig --level 2345 $i off

done

for h in $on_services;

/sbin/chkconfig --level 2345 $h on

done

# system default tool

yum_local_tool="setuptool openssh-clients rsync rdate telnet lsof"

yum_admin_tool="glances sysstat iotop expect iptraf dmidecode cpulimit"

yum_hack_patch="bash"

yum_options="-y"

# snmp install

yum_snmpd_tool="net-snmp*"

echo ">> check system_default and install it"

for dep in $yum_local_tool $yum_admin_tool $yum_snmpd_tool $yum_hack_patch ; do

yum install ${yum_options} ${dep}

done

/sbin/chkconfig --level 23 snmpd on

/bin/mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.$TDAY

/usr/bin/wget http://10.0.0.10/system/snmpd.conf

/bin/mv /root/src/snmpd.conf /etc/snmp/snmpd.conf

/etc/init.d/snmpd start

# Hangul

yum groupinstall -y korean-support

# /etc/hosts.allw, hosts.deny (tcp_wapper)

echo "" > /etc/hosts.allow

echo "" > /etc/hosts.deny

echo ""

echo "ALL : 10.0.1." >> /etc/hosts.allow

echo "ALL : 10.0.2." >> /etc/hosts.allow

echo "ALL : 10.0.3." >> /etc/hosts.allow

echo "ALL : 10.0.4." >> /etc/hosts.allow

echo "ALL : 10.0.5." >> /etc/hosts.allow

echo "ALL : 10.0.6." >> /etc/hosts.allow

echo "ALL : ALL" >> /etc/hosts.deny

# system admin server Key input

mkdir /root/.ssh/

echo "ssh-rsa CCCCB3NzaC1yc2EAAAABIwAAAQEAwPPuh5y7XjgN11k03M+zq7jKL9pAt9bcGZ6axdLdGKUbgrMaL3C5tU6mq5OrClK26vrGfuWrF5jYs7UCE5YEXPhp11JkUthx434vdHHrdsH+iHa/W0Ub7Uajlt40Apc8FIvsNlIt8sJy9jkpT3Bzn+3Xfmtn/9MfyyDsoUqfe9w7tEAzHgYus/WJfNLhpCyiz4jKGL1OHoCwkhWAItRqSyLo4Y7uZPNs2sl9gKu7BOwk9tw3HdFr/UeZbpHEUc1H3c4oJnSicp72PWBDzK+DkI+Ps0ulFo4c5+t1jm+3+N90rmZjihq0tWocF23fqYPyBpANw25qFnAqQ9/fUh+9CQ== root@system-admin" >> /root/.ssh/authorized_keys

# User env

/bin/mv /root/.bashrc /root/bashrc_$TDAY

/usr/bin/wget http://10.0.0.10/system/bashrc_default

/bin/cat /root/src/bashrc_default > /root/.bashrc

source /root/.bashrc

#HOST env

/bin/mv /etc/hosts /etc/hosts.$TDAY

sed "s/$/ $HOSTNAME/" /etc/hosts.$TDAY > /etc/hosts

ifconfig -a | grep "inet " | grep "Bcast:" | awk '{print $2}' | awk -F: '{print $2}' | sed "s/$/ $HOSTNAME/" >> /etc/hosts

# limit.conf

cat << EOF >> "/etc/security/limits.conf"

# Limit nofile config

* soft nofile 65536

* hard nofile 65536

EOF

# HISTTIMEFORMAT add

echo "" >> /root/.bashrc

echo "### HISTTIMEFORMAT ###" >> /root/.bashrc

echo "HISTTIMEFORMAT=\"%F %T - \"" >> /root/.bashrc

echo "export HISTTIMEFORMAT" >> /root/.bashrc

# selinux disabled

/bin/sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux

/bin/sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config

/usr/sbin/setenforce 0

### time sync crontab

cat << EOF > /var/spool/cron/root

#################################################

*/30 * * * * /usr/bin/rdate -s time.bora.net && clock -w > /dev/null 2>&1

#################################################

EOF

'IT Study > script' 카테고리의 다른 글

zabbix 3.0 install scripts (0)	2016.10.10
linux server default dependencies install (0)	2016.05.09
expect (0)	2016.05.09
file create shell scripts (0)	2016.03.04
mysql schema backup scripts (0)	2016.02.19

훈스토리

server default configure script

'IT Study > script' 카테고리의 다른 글

+ Recent posts

티스토리툴바