Created
June 11, 2022 15:50
-
-
Save kerus1024/3a67d0af3c198e0eb4e3986733fdfc4b to your computer and use it in GitHub Desktop.
debian
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -xe | |
| PWD=$(pwd) | |
| var_username="kerus1024" | |
| var_userpass="temppass1234" | |
| #var_rootpass="temppass1234" | |
| var_sshport=1234 | |
| #var_sshpublickey= | |
| #var_swapsize=4096 | |
| if [ -z "$(id -u $var_username &> /dev/null || true)" ]; then | |
| echo "${var_username}:${var_rootpass}" | chpasswd | |
| fi | |
| mkdir -p /home/$var_username/.ssh/ | |
| chmod 700 /home/$var_username/.ssh/ | |
| if [ ! -z "$var_sshpublickey" ]; then | |
| cat >> /home/$var_username/.ssh/authorized_keys <<_EOF | |
| $var_sshpublickey | |
| _EOF | |
| chmod 600 /home/$var_username/.ssh/authorized_keys | |
| fi | |
| cat > /home/$var_username/.vimrc <<_EOL_ | |
| syntax on | |
| set ts=4 | |
| set number | |
| color torte | |
| autocmd Filetype javascript setlocal ts=2 sw=2 sts=0 noexpandtab | |
| _EOL_ | |
| chown -R $var_username:$var_username /home/$var_username/ | |
| cat > /root/.vimrc <<_EOL_ | |
| syntax on | |
| set ts=4 | |
| set number | |
| color torte | |
| autocmd Filetype javascript setlocal ts=2 sw=2 sts=0 noexpandtab | |
| _EOL_ | |
| if [ ! -z "$var_userpass" ]; then | |
| echo "root:${var_rootpass}" | chpasswd | |
| fi | |
| # 내가 쓰는 소프트웨어 | |
| myutilspackage=( | |
| "build-essential" | |
| "dnsutils" | |
| "git" | |
| "vim" | |
| "sudo" | |
| "htop" | |
| "cron" | |
| "net-tools" | |
| "traceroute" | |
| "openssh-server" | |
| "wireguard" | |
| "conntrack" | |
| "screen" | |
| "tmux" | |
| "nload" | |
| "dnsutils" | |
| "whois" | |
| "telnet" | |
| "zip" | |
| "unzip" | |
| "socat" | |
| "lib32readline-dev" | |
| "libreadline-dev" | |
| "vsftpd" | |
| "cmake" | |
| "curl" | |
| "wget" | |
| "ffmpeg" | |
| "libgeoip1" | |
| "golang" | |
| "gzip" | |
| "iotop" | |
| "tcpdump" | |
| "iftop" | |
| ) | |
| apt update -y && apt upgrade -y | |
| apt install -y ${myutilspackage[@]} | |
| echo "$var_username ALL=(ALL:ALL) NOPASSWD: ALL" | EDITOR='tee -a' visudo | |
| # Iperf | |
| apt install -y build-essential lib32z1 | |
| git clone https://github.com/esnet/iperf.git /opt/iperf | |
| cd /opt/iperf | |
| ./configure --prefix=/usr | |
| make -j$(nproc) && make install | |
| cd $PWD | |
| # Nodejs | |
| curl -fsSL https://deb.nodesource.com/setup_16.x | bash - | |
| apt-get install -y nodejs | |
| npm -g install pm2 | |
| # Debian ***king mouse | |
| cat > /etc/vim/vimrc.local <<EOF | |
| " This file loads the default vim options at the beginning and prevents | |
| " that they are being loaded again later. All other options that will be set, | |
| " are added, or overwrite the default settings. Add as many options as you | |
| " whish at the end of this file. | |
| " Load the defaults | |
| source \$VIMRUNTIME/defaults.vim | |
| " Prevent the defaults from being loaded again later, if the user doesn't | |
| " have a local vimrc (~/.vimrc) | |
| let skip_defaults_vim = 1 | |
| " Set more options (overwrites settings from /usr/share/vim/vim80/defaults.vim) | |
| " Add as many options as you whish | |
| " Set the mouse mode to 'r' | |
| if has('mouse') | |
| set mouse=r | |
| endif | |
| EOF | |
| # Debian Shell color | |
| sed -i "s/#force_color_prompt=yes/force_color_prompt=yes/" /home/$var_username/.bashrc | |
| # SSH Port | |
| sed -e "s/#Port 22/Port 22/" /etc/ssh/sshd_config | |
| sed -e "s/Port 22/Port $var_sshport/" /etc/ssh/sshd_config | |
| systemctl restart sshd | |
| # Time | |
| timedatectl set-timezone Asia/Tokyo | |
| # on OpenVZ/LXC | |
| ln -sf /usr/share/zoneinfo/Asia/Tokyo /etc/localtime | |
| # swap | |
| if [ ! -z "$var_swapsize" ]; then | |
| dd if=/dev/zero of=/swapfile bs=1M count=$var_swapsize | |
| mkswap /swapfile | |
| swapon /swapfile | |
| chmod 600 /swapfile | |
| echo "/swapfile none swap sw 0 0" >> /etc/fstab | |
| fi | |
| # TCP BBR, MAX BOOST socket buffer size | |
| tee /etc/sysctl.d/11-kerus.conf <<EOF | |
| net.ipv4.tcp_congestion_control = bbr | |
| net.ipv4.ip_forward = 1 | |
| net.ipv4.conf.all.forwarding=1 | |
| net.core.rmem_default = 262144 | |
| net.core.wmem_default = 262144 | |
| net.core.rmem_max = 16777216 | |
| net.core.wmem_max = 16777216 | |
| net.ipv4.tcp_mem= 262144 262144 16777216 | |
| net.ipv4.tcp_rmem = 4096 262144 16777216 | |
| net.ipv4.tcp_wmem = 4096 262144 16777216 | |
| net.ipv4.udp_mem = 4096 262144 16777216 | |
| net.ipv4.udp_rmem_min = 524288 | |
| net.ipv4.udp_wmem_min = 524288 | |
| vm.overcommit_memory = 1 | |
| vm.swappiness = 60 | |
| EOF | |
| # TCP window size | |
| tee /etc/cron.daily/tcpwindow <<EOF | |
| #/bin/bash | |
| ip route | while read p; do \`echo ip route change \$p initcwnd 46 initrwnd 46\`; done | |
| ip -6 route | while read p; do \`echo ip -6 route change \$p initcwnd 46 initrwnd 46\`; done | |
| EOF | |
| chmod 755 /etc/cron.daily/tcpwindow | |
| # Debian DNS Resolver | |
| set +e | |
| apt install -y resolvconf | |
| cat > /etc/resolvconf/resolv.conf.d/head << _EOL_ | |
| nameserver 8.8.8.8 | |
| nameserver 1.1.1.1 | |
| _EOL_ | |
| systemctl start resolvconf.service | |
| systemctl restart resolvconf.service | |
| systemctl enable resolvconf.service | |
| cat /etc/resolvconf/resolv.conf.d/head > /etc/resolv.conf |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment