Arch Linux VPS initialize script
#!/bin/bash | |
USERNAME='rocka' | |
HOSTNAME='arch' | |
SS_PORTNO='1234' | |
SS_METHOD='aes-256-gcm' | |
SS_PASSWD='all-your-base-are-belong-to-us' | |
# pacman related config | |
sed -i 's/#Color/Color/g' /etc/pacman.conf | |
sed -i 's/#VerbosePkgLists/VerbosePkgLists/g' /etc/pacman.conf | |
# Repo | |
cat >> /etc/pacman.conf << EOF | |
[archlinuxcn] | |
Server = https://cdn.repo.archlinuxcn.org/\$arch | |
EOF | |
# packages | |
pacman -Syyu --noconfirm sudo mosh git vim fish nginx-mainline htop docker docker-compose nodejs npm shadowsocks-libev simple-obfs screen tmux rng-tools screenfetch archlinuxcn-keyring | |
# hostname | |
echo $HOSTNAME > /etc/hostname | |
# Locale: timezone and language | |
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime | |
echo LANG=en_US.UTF-8 > /etc/locale.conf | |
sed -i 's/#en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/g' /etc/locale.gen | |
sed -i 's/#zh_CN.UTF-8 UTF-8/zh_CN.UTF-8 UTF-8/g' /etc/locale.gen | |
locale-gen | |
# Optmize tcp | |
cat > /etc/sysctl.d/tcp_fastopen.conf << EOF | |
# tcp_fastopen | |
net.ipv4.tcp_fastopen = 3 | |
EOF | |
cat > /etc/modules-load.d/tcp_bbr.conf << EOF | |
tcp_bbr | |
EOF | |
cat > /etc/sysctl.d/tcp_bbr.conf << EOF | |
# tcp_bbr | |
net.core.default_qdisc = fq | |
net.ipv4.tcp_congestion_control = bbr | |
EOF | |
modprobe tcp_bbr | |
sysctl --system | |
# check | |
sysctl net.ipv4.tcp_available_congestion_control | |
sysctl net.ipv4.tcp_congestion_control | |
# User | |
useradd -mG wheel,docker $USERNAME -s /usr/bin/fish | |
echo '%wheel ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/wheel | |
sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin no/g' /etc/ssh/sshd_config | |
# Entropy | |
systemctl enable --now rngd.service | |
# Nginx | |
systemctl enable --now nginx.service | |
# Docker | |
systemctl enable --now docker.service | |
# shadowsocks-libev-server | |
mkdir /etc/shadowsocks | |
cat > /etc/shadowsocks/config.json << EOF | |
{ | |
"server": [ "0.0.0.0", "::0" ], | |
"server_port": ${SS_PORTNO}, | |
"method": "${SS_METHOD}", | |
"password": "${SS_PASSWD}", | |
"mode": "tcp_and_udp", | |
"timeout": 1800, | |
"reuse_port": true, | |
"fast_open": true, | |
"no_delay": true, | |
"plugin": "obfs-server", | |
"plugin_opts": "obfs=tls;failover=127.0.0.1:443" | |
} | |
EOF | |
systemctl enable --now shadowsocks-libev-server@config.service | |
FISH_ALIAS=" | |
alias ls='ls --color --classify --time-style=long-iso' | |
alias l='ls' | |
alias ll='ls -lh' | |
alias la='ls -alh' | |
alias qwq='uname -snrm; uptime' | |
" | |
# Root fish shell config | |
chsh -s /usr/bin/fish | |
mkdir -p /root/.config/fish | |
cat > /root/.config/fish/config.fish << EOF | |
function fish_greeting | |
echo "You are now ROOT user!" | |
echo "With great power, comes great responsibility." | |
end | |
$FISH_ALIAS | |
EOF | |
# simple vim config | |
cat > /root/.vimrc << EOF | |
set nu | |
set mouse=a | |
set autoindent | |
set smartindent | |
set expandtab | |
set shiftwidth=4 | |
set tabstop=4 | |
syntax on | |
filetype on | |
highlight LineNr ctermfg=lightgrey | |
cmap W w | |
cmap Q q | |
cmap WQ wq | |
cmap Wq wq | |
cmap w!! w !sudo tee > /dev/null % | |
au BufReadPost * if line("'\"") > 1 && line("'\"") <= line("$") | exe "normal! g'\"" | endif | |
EOF | |
# Config for user | |
# your .vimrc too | |
cp /root/.vimrc /home/$USERNAME/.vimrc | |
# Install fisher | |
curl https://git.io/fisher --create-dirs -sLo /home/$USERNAME/.config/fish/functions/fisher.fish | |
# greeting and alias | |
cat > /home/$USERNAME/.config/fish/config.fish << EOF | |
set PATH \$HOME/.local/bin \$PATH | |
function fish_greeting | |
uname -snrm; uptime | |
end | |
$FISH_ALIAS | |
EOF | |
# npm global path | |
cat > /home/$USERNAME/.npmrc << EOF | |
prefix=/home/$USERNAME/.local | |
EOF | |
# Config dirs | |
mkdir -p /home/$USERNAME/.local/bin | |
chown -R $USERNAME:$USERNAME /home/$USERNAME | |
screenfetch |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment