Nginx 源码安装脚本(debian版本)

#!/bin/bash
## install nginx
WORK_DIR=`mktemp -d`
apt install wget libpcre3 libpcre3-dev zlib1g-dev \
    openssl libssl-dev libxml2 libxml2-dev libxslt-dev  \
    gcc  make libgd-dev  libgeoip-dev libpcre3-dev libperl-dev -y
cd $WORK_DIR
wget http://nginx.org/download/nginx-1.27.2.tar.gz

tar zxvf nginx-1.27.2.tar.gz && cd nginx-1.27.2
./configure --prefix=/opt/nginx --user=apache --group=apache \
    --with-http_ssl_module --with-http_stub_status_module --with-http_gzip_static_module \
    --with-pcre --with-http_v2_module --with-http_dav_module \
    --with-http_flv_module --with-http_realip_module --with-http_addition_module \
    --with-http_xslt_module --with-http_sub_module --with-http_random_index_module \
    --with-http_degradation_module --with-http_secure_link_module --with-http_perl_module \
    --with-debug --with-file-aio --with-stream --with-ld-opt=-Wl,-E
make && make install
[ -d $WORK_DIR ] && rm $WORK_DIR -rf

## 添加nginx运行账户
cat /etc/passwd | grep apache
if [ $? -ne 0 ];then
    groupadd apache
    useradd -g apache -s /sbin/nologin -c "apache" apache
fi

使用git方式更新还原代码脚本

  • 因为工作需要,需要使用shell通过git来更新还原代码
#/bin/bash
CURRENTTIME=`date +%Y%m%d%H%M`
ADMINDIR=/data/develop/hicoopay/admin/
ADMINBACKUPDIR=/root/backup/admin/

ADSDIR=/data/develop/hicoopay/ads/
ADSBACKUPDIR=/root/backup/ads/

update_admin(){
    [ ! -d ${ADMINBACKUPDIR} ] && mkdir -p ${ADMINBACKUPDIR}
    rsync -avz  --exclude=runtime/logs ${ADMINDIR}  ${ADMINBACKUPDIR}${CURRENTTIME}
    cd ${ADMINDIR}
    git checkout . && git pull
}

update_ads(){
    [ ! -d ${ADSBACKUPDIR} ] && mkdir -p ${ADSBACKUPDIR}
    rsync -avz  --exclude=storage/logs ${ADSDIR}  ${ADSBACKUPDIR}${CURRENTTIME}
    cd ${ADSDIR}
    git checkout . && git pull
}

rollback_admin(){
    echo -e "\033[33m 选择你需要还原的日期  :  \033[0m"
    select var in `ls ${ADMINBACKUPDIR}`
    do
        rsync -avz  --delete --exclude=runtime/logs ${ADMINBACKUPDIR}${var}/ ${ADMINDIR} 
        exit
    done
}

rollback_ads(){
    echo -e "\033[33m 选择你需要还原的日期  :  \033[0m"
    select var in `ls ${ADSBACKUPDIR}`
    do
        rsync -avz  --delete --exclude=storage/logs ${ADSBACKUPDIR}${var}/ ${ADSDIR} 
        exit
    done
}

admin(){
    echo -e "\033[32m 选择你是要更新还是回滚  :  \033[0m"
    select i in "update" "rollback" "Exit"
    do 
        case $i in
        "update")
            update_admin
            exit
            ;;
        "rollback")
            rollback_admin
            exit
            ;;
        "Exit")
            exit
            ;;
        *)
            echo "Please choose 1 || 2 || 3"
            ;;
        esac
    done 
}

ads(){
    echo -e "\033[32m 选择你是要更新还是回滚  :  \033[0m"
    select i in "update" "rollback" "Exit"
    do 
        case $i in
        "update")
            update_ads
            exit
            ;;
        "rollback")
            rollback_ads
            exit
            ;;
        "Exit")
            exit
            ;;
        *)
            echo "Please choose 1 || 2 || 3"
            ;;
        esac
    done 
}

echo -e "\033[32m 选择你需要操作的项目  :  \033[0m"
select var in "admin" "ads" "Exit"
do
    case $var in
        "admin")
            admin
            exit
            ;;
        "ads")
            ads
            exit
            ;;
        "Exit")
            exit
            ;;
        *)
            echo "Please chose 1 || 2 || 3 "
            ;;
    esac
done

删除备份脚本

这个脚本的主要功能就是读取配置文件,然后根据需求保留备份的个数(备份的文件是以时间格式命名的),删除最老的备份,以下是脚本内容: 

#!/bin/bash
KEEP_NUM=2
for i in `cat /opt/sh/delete_backup.conf`
do
    CURRENT_NUM=`ls -l ${i} | grep -v total | wc -l`
    for((j=${CURRENT_NUM};j>${KEEP_NUM};j--))
    do
        FILE_NAME=`ls ${i} | sort -n | head -n 1`
        echo "删除的目录是: ${i}/${FILE_NAME}"
        cd ${i} && [ -d ${FILE_NAME} ] && rm ${FILE_NAME} -rf && sleep 1
    done
done

delete_backup.conf的内容是删除的目录 

/opt/sh/testdir/a
/opt/sh/testdir/b

centos7初始化脚本

#!/bin/bash
#update soft
yum -y update
yum install wget rsync bzip2 lsof telnet htop screen tree vim gcc make net-tools lrzsz psmisc hwloc gsmartcontrol chrony -y

#时间设置 
timedatectl set-local-rtc 1
timedatectl set-timezone Asia/Shanghai
systemctl start chronyd.service
systemctl enable chronyd.service

#设置最大打开文件描述符数
echo "ulimit -SHn 102400" >> /etc/rc.local
cat >> /etc/security/limits.conf <<EOF
*           soft   nofile       65535
*           hard   nofile       65535
EOF

#禁用selinux
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
setenforce 0

#停止不必要的服务
systemctl disable --now rpcbind
systemctl disable --now rpcbind.socket
systemctl disable --now postfix.service
systemctl disable --now firewalld.service
systemctl disable --now firewalld
systemctl disable --now dnsmasq
systemctl disable --now NetworkManager

#set ssh
sed -i 's/^GSSAPIAuthentication yes$/GSSAPIAuthentication no/' /etc/ssh/sshd_config
sed -i 's/#UseDNS yes/UseDNS no/' /etc/ssh/sshd_config
systemctl  restart sshd.service

#内核参数优化
cat >> /etc/sysctl.conf <<EOF
vm.overcommit_memory = 1
net.ipv4.tcp_fin_timeout = 1
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_abort_on_overflow = 0
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.netdev_max_backlog = 262144
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_max_syn_backlog = 262144
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.ipv4.tcp_syncookies = 1
EOF
/sbin/sysctl -p

# profile 修改
echo "export HISTTIMEFORMAT=\"%F %T \"" >> /etc/profile
echo "" >> /etc/profile
echo "## 自定义别名" >> /etc/profile
echo "alias c=clear" >> /etc/profile
echo "alias vi=vim" >> /etc/profile
echo "alias dsh='du -hsx * | sort -rh | head -n 10'" >> /etc/profile
sed -i 's/HISTSIZE=1000/HISTSIZE=10000/g' /etc/profile
source /etc/profile

gitlab安装脚本

  • 安装脚本
#!/bin/bash
## 系统为CENTOS7
setenforce 0
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
curl -s https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash
systemctl start postfix && systemctl enable postfix
yum install gitlab-ce -y
## 生成ssl证书,这儿使用的是自生成证书,也可以在阿里上面使用免费的ssl证书
mkdir -p /etc/gitlab/ssl
cd /etc/gitlab/ssl
openssl req -new -nodes -sha256 -newkey rsa:2048 -keyout your_domai_name.key -out your_domai_name.csr -subj "/C=CN/ST=CHONGQING/0=CHONGQING/OU=CHONGQING/CN=your_domai_name/emailAddress=111111@qq.com"
openssl x509 -req -days 3650 -in your_domai_name.csr -signkey your_domai_name.key -out your_domai_name.crt
openssl dhparam -out dhparams.pem 2048
chmod 600 *
  • 需要修改的配置,编辑”/etc/gitlab/gitlab.rb”。以下几项需要打开,并且证书需要改成你自己设置的位置
##域名与ssl相关的配置
external_url 'https://your_domai_name'
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = "/etc/gitlab/ssl/#{node['fqdn']}.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/#{node['fqdn']}.key"
nginx['ssl_dhparam'] = /etc/gitlab/ssl/dhparams.pem
##备份相关得设置
gitlab_rails['manage_backup_path'] = true
gitlab_rails['backup_path'] = "/opt/backup/gitlab"    ##gitlab备份目录
gitlab_rails['backup_archive_permissions'] = 0644       ##生成的备份文件权限
gitlab_rails['backup_keep_time'] = 7776000
  • 根据配置文件启动gitlab
gitlab-ctl reconfigure