rocky8,9のセットアップ用スクリプト
rocky系サーバ構築備忘録
#!/bin/bash
_USER_=hoge
_HOSTNAME_=hoge
proxy_adr=127.0.0.1:8888
DNS=8.8.8.8
NOPROXY=10.0.0.0/8,192.168.0.0/16,127.0.0.1
SAMBADIR=/data/samba
DOCKERDIR=/data/docker
BAKDEV=/dev/xdb
BAKDIR=/backup
_PASSWD_=${_USER_}
PROXY=http://${proxy_adr}
function packages_setup() {
dnf update -y
dnf install -y vim git wget net-tools tar mlocate python3 samba screen epel-release gcc-c++ cmake unzip bz2 patch nodejs php
dnf --enablerepo=epel install -y screen
updatedb
}
function backuporg() {
path=$1
if [ -f $path ]; then
cp -p $path ${path}.org
elif [ -d `dirname $path` ]; then
mkdir -p `dirname $path`
fi
}
function service_setup() {
name=$1
commandline=$2
servicename=$(basename `echo -e "$2" | cut -d" " -f1`)"d.service"
cat <<EOF > /usr/lib/systemd/system/${servicename}
[Unit]
Description=${name}
[Service]
Type=simple
Restart = always
ExecStart=${commandline}
[Install]
WantedBy=multi-user.target
EOF
echo created ${servicename}
systemctl status ${servicename}
}
function initialize() {
timedatectl set-timezone Asia/Tokyo
localectl set-locale LANG=ja_JP.utf8
if [ -z ${_HOSTNAME_} ]; then hostname ${_HOSTNAME_} fi
if [ -z ${_USER_} ]; then
useradd -G ${_USER_},wheel ${_USER_} -p `openssl passwd -5 ${_PASSWD_}`
backuporg /etc/sudoers
echo "${_USER_} ALL=(ALL) NOPASSWD: ALL" | sudo EDITOR='tee -a' visudo
fi
}
function lazy_setup () {
setenforce 0
sed -r -i.org "s/^SELINUX=.+/SELINUX=disabled/g" /etc/selinux/config
systemctl disable firewalld
systemctl stop firewalld
backuporg /etc/ssh/sshd_config
cat <<EOF > /etc/ssh/sshd_config
Include /etc/ssh/sshd_config.d/*.conf
AuthorizedKeysFile .ssh/authorized_keys
Subsystem sftp /usr/libexec/openssh/sftp-server
PermitRootLogin prohibit-password
PasswordAuthentication yes
EOF
}
function backupdisk_setup() {
backuporg /etc/fstab
echo "${BAKDIR} ${BAKDEV}" >> /etc/fstab
mkfs -t xfs ${BAKDEV} && mount ${BAKDEV}
}
function dns_setup() {
backuporg /etc/resolv.conf
echo -e "${DNS}" >> /etc/resolv.conf
systemctl restart NetworkManager
}
function setalias() {
alias diff='LC_ALL=C git diff --color --no-index'
alias dc='cd'
alias delblankline='sed '\''/^$/d'\'''
alias df='df -Th'
alias l='ls -1'
alias la='ls -A'
alias less='less -r'
alias ll='ls -l'
alias lla='ll -A'
alias lld='ll -d'
alias lls='ll -Sr'
alias llt='ll -tr'
alias llx='ll -X'
alias ls='ls --show-control-chars --color=always --time-style=+%Y-%m-%d\ %H:%M:%S'
}
function all_proxy_setup() {
for p in /etc/dnf.conf /etc/dnf.conf /root/.curlrc /etc/skel/.curlrc; do backuporg $p; echo "proxy=${proxy_url}" >> $p; done
backuporg "/etc/wgetrc"; echo -e "https_proxy=${PROXY}\nftp_proxy=${PROXY}" >> "/etc/wgetrc"
for p in /etc/pip.conf /root/.gitconfig /etc/skel/.gitconfig
do backuporg $p; echo -e "https_proxy=${proxy_url}\nhttps_proxy=${proxy_url}" >> $p;done
cat <<EOF > /etc/profile.d/proxy.sh
export HTTP_PROXY=${PROXY}
export HTTPS_PROXY=${PROXY}
export FTP_PROXY=${PROXY}
export http_proxy=${PROXY}
export https_proxy=${PROXY}
export ftp_proxy=${PROXY}
export NO_PROXY="${NOPROXY}"
EOF
}
function docker_setup() {
dnf config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
dnf update -y
dnf -y install docker-ce || dnf install docker-ce --allowerasing
systemctl enable docker
systemctl start docker
usermod -aG docker ${_USER_}
systemctl restart docker
docker run hello-world
if [ -z ${_USER_} ]; then
usermod -aG docker ${_USER_}
fi
curl -sL https://github.com/docker/compose/releases/latest/download/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compos
chmod +x /usr/local/bin/docker-compose
ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
mkdir -p ${DOCKERDIR}/varlib && ln -s ${DOCKERDIR}/varlib /var/lib/docker
cat <<EOF > ${DOCKERDIR}-compose.yml
version: "3"
services:
nginx:
image: nginx:alpine
volumes:
- /data/samba:/app
- /data/samba/etc/nginx/default.conf:/etc/nginx/conf.d/default.conf:cached
ports:
- "8080:80"
EOF
cat <<EOF >> /etc/profile.d/alias.sh
alias d='docker'
alias dcompose='docker-compose'
alias di='d images --format "table {{.ID}} {{.Repository}}:{{.Tag}}\t{{.Size}}\t{{.CreatedSince}}"'
alias docker='sudo docker'
alias docker-compose='sudo docker-compose'
alias dpa='d ps -a --format "table {{.ID}} {{.Names}}\t{{.Status}}\t{{.Command}}\t{{.Ports}}"'
alias dpl='d pull'
alias drm='d rm -f'
alias drmi='d rmi'
alias du='du -h'
EOF
if [ -n ${proxy_adr} ]; then
if [ ! -d /root/.docker ]; then
mkdir /root/.docker
fi
cat <<EOF >> /root/.docker/config.json
{
"proxies":
{
"default":
{
"httpProxy": "${PROXY}",
"httpsProxy": "${PROXY}",
"noProxy": "${NOPROXY}"
}
}
}
EOF
fi
}
function samba_setup() {
dnf install -y samba
mkdir -p ${SAMBADIR}
systemctl enable smb
backuporg /etc/samba/smb.conf
cat <<EOF > /etc/samba/smb.conf
[global]
unix charset = UTF-8
dos charset = CP932
workgroup = SAMBA
security = user
hosts allow = 127. 10.0.0.
map to guest = Bad User
veto files = /._*/.apdisk/.AppleDouble/.DS_Store/.TemporaryItems/.Trashes/desktop.ini/ehthumbs.db/Network Trash Folder/Temporary Items/Thumbs.db/
delete veto files = yes
[home]
path = ${SAMBADIR}
writable = yes
guest ok = yes
guest only = yes
force create mode = 666
force directory mode = 777
EOF
systemctl start smb
}
function mecab_setup() {
cd /tmp
git clone https://github.com/taku910/mecab.git
cd mecab/mecab
./configure --enable-utf8-only
make & make check
make install
dnf install mecab-ipadic
git clone --depth 1 https://github.com/neologd/mecab-ipadic-neologd.git
./mecab-ipadic-neologd/bin/install-mecab-ipadic-neologd -n -y\
--ignore_adverb\
--ignore_interject\
--ignore_noun_ortho\
--ignore_noun_sahen_conn_ortho\
--ignore_adjective_std\
--ignore_adjective_verb\
--ignore_ill_formed_words
backuporg /etc/mecabrc
echo dicdir = `mecab-config --dicdir`"/mecab-ipadic-neologd" >> /etc/mecabrc
mecab -V
}
### default course ###
initialize
lazy_setup
setalias
# backupdisk_setup
### case by case ###
# dns_setup
# all_proxy_setup
### Please check ###
packages_setup
### options ###
# docker_setup
# samba_setup
# mecab_setup