190 lines
6.6 KiB
Bash
190 lines
6.6 KiB
Bash
#!/usr/bin/env bash
|
||
#
|
||
# ...
|
||
#
|
||
# 使用方法:
|
||
# URL="https://git.1-h.cc/Scripts/Linux/raw/branch/main/1.sh"; curl -fsSL "$URL" | bash
|
||
# URL="https://git.1-h.cc/Scripts/Linux/raw/branch/main/1.sh"; wget -q -O - "$URL" | bash
|
||
|
||
set -e # 遇到错误即退出
|
||
trap 'echo "Error on line $LINENO"' ERR
|
||
|
||
print_red() { echo -e "\033[31m\033[01m$1$2\033[0m"; }
|
||
print_green() { echo -e "\033[32m\033[01m$1$2\033[0m"; }
|
||
print_yellow() { echo -e "\033[33m\033[01m$1$2\033[0m"; }
|
||
|
||
# 设置 bash 为默认 shell
|
||
print_green "###################"
|
||
print_green "##### shell ######"
|
||
print_green "###################"
|
||
if [ -f /etc/debian_version ]; then
|
||
chsh -s $(which bash)
|
||
print_green "已将 bash 设置为默认 shell"
|
||
elif [ -f /etc/alpine-release ]; then
|
||
apk add --no-cache shadow
|
||
chsh -s $(which bash) root
|
||
# sed -i 's|^\(root:.*\):[^:]*$|\1:/bin/bash|' /etc/passwd
|
||
# sed -i 's|^\(root:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*\):[^:]*$|\1:/bin/bash|' /etc/passwd
|
||
print_yellow "已将 bash 设置为默认 shell"
|
||
apk del shadow
|
||
fi
|
||
|
||
# 先检查是 Debian 还是 Alpine
|
||
if [ -f /etc/debian_version ]; then
|
||
SYSTEM_TYPE="debian"
|
||
echo "检测到 Debian 系统"
|
||
elif [ -f /etc/alpine-release ]; then
|
||
SYSTEM_TYPE="alpine"
|
||
echo "检测到 Alpine 系统"
|
||
else
|
||
echo "不支持的系统类型"
|
||
exit 1
|
||
fi
|
||
|
||
sysctl_config() {
|
||
print_green "###################"
|
||
print_green "##### sysctl ######"
|
||
print_green "###################"
|
||
SYSCTL_SETTINGS=(
|
||
"net.core.rmem_max=16777216"
|
||
"net.core.wmem_max=16777216"
|
||
"net.core.default_qdisc=fq_codel"
|
||
# "net.core.default_qdisc=fq"
|
||
"net.ipv4.tcp_congestion_control=bbr"
|
||
"net.ipv4.tcp_slow_start_after_idle=0"
|
||
"net.ipv4.tcp_notsent_lowat=16384"
|
||
# "net.ipv4.tcp_notsent_lowat=131072"
|
||
)
|
||
for SETTING in "${SYSCTL_SETTINGS[@]}"; do # 遍历数组
|
||
KEY=$(echo "$SETTING" | cut -d '=' -f 1) # 截取=左边的字符串
|
||
sed -i "/^$KEY *= *[0-9]*/d" /etc/sysctl.conf # 删除已有的配置
|
||
echo "$SETTING" >>/etc/sysctl.conf # 追加新的配置
|
||
# echo "已添加系统配置: $SETTING" # 输出提示信息
|
||
done # 循环结束
|
||
sysctl -p
|
||
}
|
||
|
||
install_docker() {
|
||
print_green "###################"
|
||
print_green "##### docker ######"
|
||
print_green "###################"
|
||
if [ -x "$(command -v docker)" ]; then
|
||
echo "Docker 已安装"
|
||
else
|
||
echo "Docker 未安装,正在安装中..."
|
||
if [ "$SYSTEM_TYPE" = "debian" ]; then
|
||
echo "在 Debian 系统上安装 Docker..."
|
||
curl -fsSL https://get.docker.com/ | sh
|
||
elif [ "$SYSTEM_TYPE" = "alpine" ]; then
|
||
echo "在 Alpine 系统上安装 Docker..."
|
||
apk add --no-cache docker
|
||
apk add --no-cache docker-cli-compose
|
||
rc-update add docker default
|
||
rc-service docker start
|
||
else
|
||
print_red "不支持的系统类型"
|
||
exit 1
|
||
fi
|
||
fi
|
||
|
||
docker network create --attachable h-common || true
|
||
}
|
||
|
||
modify_authorized_keys() {
|
||
print_green "###################"
|
||
print_green "# authorized_keys #"
|
||
print_green "###################"
|
||
echo "正在修改 authorized_keys"
|
||
mkdir -p /root/.ssh/
|
||
AUTHORIZED_KEY="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDi6fLhEYp2mmUUBOB/6CA0iQYcwhAUVBwpbJJhK0fZmvmtrCrfkDvFtqw4WH0D/DgRtJNyoDfrQ2gm67FtFzu2ZfH0PtIEI6JWrh432qjQnAT5cuKbN3ghrjTHf08vjh0axxilSFtCXf5Gyv+ZnABil7GZAhJB5K/yBUMr6OD5fp4tvjAYe0t6ZIQb8vgd0dCXDGA3Rak1B7W24vDA1Col+Qvx5I7pfqiebkof7BbkfBYX5KZ/ArK0n1RV7wBjf6g/XkwRPvpCR5rz7s+UnMr2FFYqfQ1wkpKjo74KzAahFyy7UicM3e7OKfZvd8EmWBysIdKCcl9s/H9Z4Q/TDZsmnr68KweCvpqFVHfKS9CZ/7w/7zQhrXDhnysqt6nmp/moQLMax6b62++4X6E0gyopc2nlMT+QjIwRPl+DPC2UicWniOSAuSvpPxt8YXF4Zbpsg0efMQvHDrjQF6Ws9UIKVQeTBqij+TJ3w5aUbLEjPhrP5ia7Dtn7u/3IsosxW00= yanhao@yanhaodeMacBook-Pro.local"
|
||
echo $AUTHORIZED_KEY >/root/.ssh/authorized_keys
|
||
chmod 600 /root/.ssh/authorized_keys
|
||
# wget -q -O /tmp/sshd_config https://script.yanhao.ren/downloads/sshd_config
|
||
# mv /tmp/sshd_config /etc/ssh/sshd_config
|
||
# service sshd restart
|
||
}
|
||
|
||
bash_aliases() {
|
||
print_green "###################"
|
||
print_green "## bash_aliases ###"
|
||
print_green "###################"
|
||
rm -f /root/.bash_aliases
|
||
# 确保 .bashrc 包含别名加载代码
|
||
touch /root/.bash_aliases
|
||
grep -q "/root/.bash_aliases" /root/.bashrc || echo '
|
||
if [ -f /root/.bash_aliases ]; then
|
||
. ~/.bash_aliases
|
||
fi' >>/root/.bashrc
|
||
|
||
cat <<'EOF' >/root/.bash_aliases
|
||
alias maddy='docker exec -it maddy maddy'
|
||
alias l='ls -l'
|
||
alias ll='ls -alF'
|
||
alias telnet='docker run --quiet --rm --network host --entrypoint telnet busybox:latest'
|
||
alias dstats='docker stats --no-stream'
|
||
alias dps='docker ps --format "table {{.Names}}\t{{.Status}}\t{{.Size}}"'
|
||
alias dpull='docker compose pull'
|
||
alias ddown='docker compose down'
|
||
alias dcreate='docker compose create'
|
||
alias dup='docker compose up --remove-orphans'
|
||
alias iperf3='docker run --rm -it --network host networkstatic/iperf3'
|
||
EOF
|
||
|
||
# 如果是 Alpine 系统,创建一个软链接。
|
||
# /etc/profile.d/00-bashrc.sh
|
||
# . /etc/bash/bashrc
|
||
# . /etc/bash/*.sh
|
||
if [ "$SYSTEM_TYPE" = "alpine" ]; then
|
||
if [ ! -e "/etc/bash/root-bashrc.sh" ]; then
|
||
ln -s /root/.bashrc /etc/bash/root-bashrc.sh
|
||
echo "已创建软链接: /etc/bash/root-bashrc.sh"
|
||
else
|
||
echo "软链接已存在: /etc/bash/root-bashrc.sh"
|
||
fi
|
||
fi
|
||
|
||
print_yellow "别名配置已完成"
|
||
print_yellow "请执行以下命令使配置生效:"
|
||
print_yellow "source /root/.bashrc"
|
||
}
|
||
|
||
start_watchtower() {
|
||
WATCHTOWER_RUN_ONCE=false # 是否只运行一次
|
||
WATCHTOWER_NAME="" # 如果不设置 container_name,则会监控所有容器
|
||
WATCHTOWER_DOCKER_ARGS=()
|
||
WATCHTOWER_ARGS=()
|
||
WATCHTOWER_ARGS+=(--cleanup)
|
||
# WATCHTOWER_ARGS+=(--remove-volumes)
|
||
WATCHTOWER_ARGS+=(--rolling-restart)
|
||
|
||
if [ "$WATCHTOWER_RUN_ONCE" = true ]; then
|
||
WATCHTOWER_ARGS+=(--run-once)
|
||
WATCHTOWER_DOCKER_ARGS+=(--rm)
|
||
else
|
||
WATCHTOWER_ARGS+=(--label-enable) # 仅监控并更新标签为 com.centurylinklabs.watchtower.enable 设置为 true 的容器。
|
||
WATCHTOWER_ARGS+=(--schedule "0 0 3 * * *") # 每天凌晨 3 点执行
|
||
WATCHTOWER_DOCKER_ARGS+=(-d)
|
||
WATCHTOWER_DOCKER_ARGS+=(--restart unless-stopped)
|
||
WATCHTOWER_DOCKER_ARGS+=(--name watchtower)
|
||
fi
|
||
|
||
if [ -f ~/.docker/config.json ]; then # 如果 ~/.docker/config.json 存在
|
||
WATCHTOWER_DOCKER_ARGS+=(-v ~/.docker/config.json:/config.json)
|
||
fi
|
||
|
||
docker rm -f watchtower
|
||
docker run "${WATCHTOWER_DOCKER_ARGS[@]}" \
|
||
-e WATCHTOWER_NO_STARTUP_MESSAGE \
|
||
-e TZ=Asia/Shanghai \
|
||
-v /var/run/docker.sock:/var/run/docker.sock \
|
||
containrrr/watchtower "${WATCHTOWER_ARGS[@]}" $WATCHTOWER_NAME
|
||
}
|
||
|
||
modify_authorized_keys
|
||
bash_aliases
|
||
install_docker
|
||
start_watchtower
|
||
sysctl_config
|
||
|
||
# source <(curl -fsSL scripts.oo1.dev/nezha-v1.sh)
|