#!/bin/bash
#update soft
yum -y update
yum install wget rsync bzip2 lsof telnet htop screen tree vim gcc make net-tools lrzsz psmisc hwloc gsmartcontrol chrony -y

#时间设置 
timedatectl set-local-rtc 1
timedatectl set-timezone Asia/Shanghai
systemctl start chronyd.service
systemctl enable chronyd.service

#设置最大打开文件描述符数
echo "ulimit -SHn 102400" >> /etc/rc.local
cat >> /etc/security/limits.conf <<EOF
*           soft   nofile       65535
*           hard   nofile       65535
EOF

#禁用selinux
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
setenforce 0

#停止不必要的服务
systemctl disable --now rpcbind
systemctl disable --now rpcbind.socket
systemctl disable --now postfix.service
systemctl disable --now firewalld.service
systemctl disable --now firewalld
systemctl disable --now dnsmasq
systemctl disable --now NetworkManager

#set ssh
sed -i 's/^GSSAPIAuthentication yes$/GSSAPIAuthentication no/' /etc/ssh/sshd_config
sed -i 's/#UseDNS yes/UseDNS no/' /etc/ssh/sshd_config
systemctl  restart sshd.service

#内核参数优化
cat >> /etc/sysctl.conf <<EOF
vm.overcommit_memory = 1
net.ipv4.tcp_fin_timeout = 1
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_abort_on_overflow = 0
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.netdev_max_backlog = 262144
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_max_syn_backlog = 262144
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.ipv4.tcp_syncookies = 1
EOF
/sbin/sysctl -p

# profile 修改
echo "export HISTTIMEFORMAT=\"%F %T \"" >> /etc/profile
echo "" >> /etc/profile
echo "## 自定义别名" >> /etc/profile
echo "alias c=clear" >> /etc/profile
echo "alias vi=vim" >> /etc/profile
echo "alias dsh='du -hsx * | sort -rh | head -n 10'" >> /etc/profile
sed -i 's/HISTSIZE=1000/HISTSIZE=10000/g' /etc/profile
source /etc/profile