Last active
May 12, 2022 00:42
-
-
Save taking/c39d45d705d4f45a0885b4d119ab5acf to your computer and use it in GitHub Desktop.
Centos 7 Minimal Basic setting script.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
## taking.kr (webmaster@taking.kr) | |
## 20-01-13 | |
## ROOT 계정으로 실행하기 | |
########################################### | |
read -p "hostname (ex taking.kr): " uhost | |
read -p "username(not root): " uname | |
############ nameserver setting ############### | |
cat <<EOT > /etc/resolv.conf | |
search UHOSTNAME | |
;KT DNS | |
nameserver 168.126.63.1 | |
nameserver 168.126.63.2 | |
;Google DNS | |
;nameserver 8.8.8.8 | |
;nameserver 8.8.4.4 | |
; LG Uplus | |
;nameserver 180.182.54.1 | |
;nameserver 210.94.0.73 | |
EOT | |
sed -i "s/UHOSTNAME/$uhost/g" /etc/resolv.conf | |
echo 'Edit /etc/resolv.conf Success' | |
############ language change ############### | |
localedef -c -i ko_KR -f UTF-8 ko_KR.utf8 | |
localectl set-locale LANG=ko_KR.utf8 | |
#echo -e "LANG=ko_KR.UTF-8\nLC_ALL=ko_KR.utf8\n\nexport LANG\nexport LC_ALL" > /etc/profile.d/setlocale.sh | |
#chmod 755 /etc/profile.d/setlocale.sh | |
#/etc/profile.d/setlocale.sh | |
service network restart | |
echo 'service network restart Success' | |
############### Timezone ################### | |
timedatectl set-timezone Asia/Seoul | |
echo 'timezone Change Success' | |
############ hostname change ############### | |
hostnamectl set-hostname $uhost | |
echo 'Hostname Change Success' | |
##### firewalld disable, selinux disable, csf install ####### | |
sed -i 's/enforcing/disabled/g' /etc/sysconfig/selinux | |
setenforce 0 | |
yum install wget vim perl-libwww-perl.noarch perl-Time-HiRes -y | |
cd /usr/src/ && wget https://download.configserver.com/csf.tgz && tar -xzf csf.tgz && cd csf && sh install.sh | |
cd /usr/local/csf/bin/ && perl csftest.pl | |
rm -rf /usr/src/csf* | |
systemctl stop firewalld && systemctl disable firewalld | |
#samba allow | |
sed -i 's/TCP_IN = "/TCP_IN = "139,137,445,138,/g' /etc/csf/csf.conf | |
sed -i 's/TESTING = "1"/TESTING = "0"/g' /etc/csf/csf.conf | |
systemctl start csf && systemctl start lfd | |
systemctl enable csf && systemctl enable lfd | |
################## Setup ################## | |
echo '[base] | |
name=CentOS-$releasever - Base | |
baseurl=http://ftp.daumkakao.com/centos/$releasever/os/$basearch/ | |
gpgcheck=0 | |
[updates] | |
name=CentOS-$releasever - Updates | |
baseurl=http://ftp.daumkakao.com/centos/$releasever/updates/$basearch/ | |
gpgcheck=0 | |
[extras] | |
name=CentOS-$releasever - Extras | |
baseurl=http://ftp.daumkakao.com/centos/$releasever/extras/$basearch/ | |
gpgcheck=0' > /etc/yum.repos.d/Daum.repo | |
echo 'Edit /etc/yum.repos.d/Daum.repo' | |
echo 'repository edit Success' | |
yum update -y | |
yum install epel-release -y | |
yum install lrzsz net-tools vim samba samba-client samba-common curl git wget openssh openssh-server openssh-clients openssl-libs nmap -y | |
dnf groupinstall "Fonts" "Korean Support" -y | |
echo 'ifconfig, vim, samba, curl, git, wget, openssh, nmap, Korean Support install Success' | |
cd ~ | |
curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py | |
python get-pip.py | |
rm -rf ~/get-pip.py | |
############# openssh setting ############# | |
sed -i 's/PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/sshd_config | |
sed -i 's/\#PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/sshd_config | |
sed -i 's/\#ListenAddress 0\.0\.0\.0/ListenAddress 0\.0\.0\.0/g' /etc/ssh/sshd_config | |
sed -i 's/\#UseDNS yes/UseDNS no/g' /etc/ssh/sshd_config | |
sed -i 's/\X11Forwarding yes/X11Forwarding no/g' /etc/ssh/sshd_config | |
sed -i 's/\#X11Forwarding yes/X11Forwarding no/g' /etc/ssh/sshd_config | |
cat <<EOT >> /etc/ssh/sshd_config | |
AllowUsers USERNAME | |
ClientAliveInterval 3600 | |
ClientAliveCountMax 120 | |
PrintMotd no | |
EOT | |
sed -i "s/USERNAME/$uname/g" /etc/ssh/sshd_config | |
echo 'Edit /etc/ssh/sshd_config' | |
systemctl enable sshd.service | |
service sshd restart | |
echo 'service sshd restart Success' | |
########## external hdd (fstab) ########### | |
# HDD는 fdisk -l 과 blkid 를 통해 UUID 알아내기 | |
mkdir /4TB && mkdir /8TB && mkdir /500GB | |
cat <<EOT >> /etc/fstab | |
UUID=b495b27c-5699-4a28-99e9-61577aeae752 /500GB/ ext4 defaults,errors=remount-ro 0 1 | |
UUID=a595e6ea-c75f-4b8f-b87c-2dc82faae8e9 /4TB/ ext4 defaults,errors=remount-ro 0 1 | |
UUID=6782ec7b-af99-4ede-93df-83a50ec9e1a4 /8TB/ ext4 defaults,errors=remount-ro 0 1 | |
EOT | |
mount -a | |
echo 'hdd mount Success' | |
############# samba setting ############### | |
groupadd sambashare | |
usermod -G sambashare $uname | |
smbpasswd -a $uname | |
cp /etc/samba/smb.conf /etc/samba/smb.conf-dist | |
cat <<EOT > /etc/samba/smb.conf | |
#======================= Global Settings ======================= | |
[global] | |
workgroup = WORKGROUP | |
server string = Samba Server Version %v | |
log file = /var/log/samba/log.%m | |
max log size = 50 | |
security = user | |
passdb backend = tdbsam | |
#======================= Share Definitions ======================= | |
[homes] | |
comment = Home Directories | |
browseable = no | |
writable = yes | |
valid users = %S | |
[4TB] | |
comment = 4TB HDD | |
browseable = yes | |
path = /4TB/ | |
read only = no | |
writable = yes | |
create mask = 0755 | |
directory mask = 0755 | |
valid users = @sambashare | |
veto files = /._*/.DS_Store/lost+found/Thumbs.db/desktop.ini/DESKTOP.INI/*.tmp/ | |
delete veto files = yes | |
[8TB] | |
comment = 8TB HDD | |
browseable = yes | |
path = /8TB/ | |
read only = no | |
writable = yes | |
create mask = 0755 | |
directory mask = 0755 | |
valid users = @sambashare | |
veto files = /._*/.DS_Store/lost+found/Thumbs.db/desktop.ini/DESKTOP.INI/*.tmp/ | |
delete veto files = yes | |
[500GB] | |
comment = 500GB HDD | |
browseable = yes | |
path = /500GB/ | |
read only = no | |
writable = yes | |
create mask = 0755 | |
directory mask = 0755 | |
valid users = @sambashare | |
veto files = /._*/.DS_Store/lost+found/Thumbs.db/desktop.ini/DESKTOP.INI/*.tmp/ | |
delete veto files = yes | |
EOT | |
systemctl enable smb.service | |
service smb restart | |
service smb status | |
echo 'service samba Success' | |
################ add sudoers ################# | |
cat <<EOT >> /etc/sudoers | |
$uname ALL=(ALL) NOPASSWD: ALL | |
EOT | |
echo 'edit /etc/sudoers' | |
echo 'add sudoers list' | |
########################################### | |
############### ZSH Setup ################# | |
########################################### | |
yum install zsh -y && chsh -s `which zsh` | |
curl -L https://raw.github.com/robbyrussell/oh-my-zsh/master/tools/install.sh | sh | |
git clone https://github.com/powerline/fonts.git && ./fonts/install.sh && rm -rf ~/fonts | |
cd $HOME/.oh-my-zsh/custom/plugins && git clone https://github.com/zsh-users/zsh-syntax-highlighting.git && git clone https://github.com/zsh-users/zsh-autosuggestions && git clone https://github.com/djui/alias-tips.git | |
echo 'zsh shell install Success' | |
echo 'oh-my-zsh, plugins install Success' | |
########################################### | |
############## zsh setting ################ | |
########################################### | |
wget -O $HOME/.zshrc 'https://gist.github.com/taking/1a03b19d580dda6376300d865b19b443/raw/8ce35f88c71b28a80d99dc2cb6410dccacdcf890/.zshrc%2520(linux)' | |
chsh -s `which zsh` | |
echo 'edit ~/.zsh' | |
echo 'zsh setting edit Success' | |
########################################### | |
######## new account zsh setting ########## | |
########################################### | |
cp $HOME/.zshrc /home/$uname/ | |
cp -r $HOME/.oh-my-zsh /home/$uname/ | |
chown -R $uname:$uname /home/$uname/ | |
echo '$uname 의 shell 변경을 위해 암호를 입력하세요 :' | |
su -c 'chsh -s `which zsh`' - $uname | |
########################################### | |
############## vim Setting ################ | |
########################################### | |
git clone https://github.com/VundleVim/Vundle.vim.git $HOME/.vim/bundle/Vundle.vim | |
mkdir $HOME/.vim/colors/ | |
curl -G https://raw.githubusercontent.com/ErichDonGubler/vim-sublime-monokai/master/colors/sublimemonokai.vim -o $HOME/.vim/colors/sublimemonokai.vim | |
wget -O $HOME/.vimrc https://gist.github.com/taking/2d762c0d0a63120ace2fa3b87bf262e5/raw/bcf8e9c29730d20459d9f458d8af7361f2fba9b8/.vimrc | |
vim +PluginInstall +qall | |
cp $HOME/.vimrc /home/$uname/ | |
cp -r $HOME/.vim /home/$uname/ | |
chown -R $uname:$uname /home/$uname/ | |
su -c 'vim +PluginInstall +qall' - $uname | |
echo '설정 완료 - 재부팅 하세요.\n' | |
reboot |
Root 계정으로 실행하기
감사합니다. 어떤식으로 초기 설정을 해야하는지 알게되었습니다~!
csf 말고 기본 firewalld 사용하시려면 아래꺼 참고하시면 됩니다 :)
##### selinux disable, firewalld samba add ########
firewall-cmd --permanent --zone=public --add-service=samba
firewall-cmd --reload
setsebool -P samba_domain_controller on
setsebool -P samba_enable_home_dirs on
setsebool -P samba_export_all_ro on
setsebool -P samba_export_all_rw on
sed -i 's/enforcing/disabled/g' /etc/sysconfig/selinux
setenforce 0
systemctl restart firewalld
echo 'selinux disable, firewalld samba add Success'
관련된 부분은 아니지만 이 공간에 메모
python 설치 시 python.h 문제라던지 기타 문제 발생 시,
yum install python3-devel
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Windows에서 복사해서 sh 파일을 만든 경우, \r 가 Text 안에 들어가기 때문에 'not a valid identifier' 관련 에러가 발생한다.
이 경우, Linux에서 아래와 같이 \r을 제거하고 실행하면 된다.