Skip to content

Instantly share code, notes, and snippets.

@taking

taking/Centos 7 Minimal Basic setting script.sh

Last active May 12, 2022 00:42
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save taking/c39d45d705d4f45a0885b4d119ab5acf to your computer and use it in GitHub Desktop.
Save taking/c39d45d705d4f45a0885b4d119ab5acf to your computer and use it in GitHub Desktop.
Download ZIP
Centos 7 Minimal Basic setting script.sh
Raw
Centos 7 Minimal Basic setting script.sh
#!/bin/sh
## taking.kr (webmaster@taking.kr)
## 20-01-13
## ROOT 계정으로 실행하기
###########################################
read -p "hostname (ex taking.kr): " uhost
read -p "username(not root): " uname
############ nameserver setting ###############
cat <<EOT > /etc/resolv.conf
search UHOSTNAME
;KT DNS
nameserver 168.126.63.1
nameserver 168.126.63.2
;Google DNS
;nameserver 8.8.8.8
;nameserver 8.8.4.4
; LG Uplus
;nameserver 180.182.54.1
;nameserver 210.94.0.73
EOT
sed -i "s/UHOSTNAME/$uhost/g" /etc/resolv.conf
echo 'Edit /etc/resolv.conf Success'
############ language change ###############
localedef -c -i ko_KR -f UTF-8 ko_KR.utf8
localectl set-locale LANG=ko_KR.utf8
#echo -e "LANG=ko_KR.UTF-8\nLC_ALL=ko_KR.utf8\n\nexport LANG\nexport LC_ALL" > /etc/profile.d/setlocale.sh
#chmod 755 /etc/profile.d/setlocale.sh
#/etc/profile.d/setlocale.sh
service network restart
echo 'service network restart Success'
############### Timezone ###################
timedatectl set-timezone Asia/Seoul
echo 'timezone Change Success'
############ hostname change ###############
hostnamectl set-hostname $uhost
echo 'Hostname Change Success'
##### firewalld disable, selinux disable, csf install #######
sed -i 's/enforcing/disabled/g' /etc/sysconfig/selinux
setenforce 0
yum install wget vim perl-libwww-perl.noarch perl-Time-HiRes -y
cd /usr/src/ && wget https://download.configserver.com/csf.tgz && tar -xzf csf.tgz && cd csf && sh install.sh
cd /usr/local/csf/bin/ && perl csftest.pl
rm -rf /usr/src/csf*
systemctl stop firewalld && systemctl disable firewalld
#samba allow
sed -i 's/TCP_IN = "/TCP_IN = "139,137,445,138,/g' /etc/csf/csf.conf
sed -i 's/TESTING = "1"/TESTING = "0"/g' /etc/csf/csf.conf
systemctl start csf && systemctl start lfd
systemctl enable csf && systemctl enable lfd
################## Setup ##################
echo '[base]
name=CentOS-$releasever - Base
baseurl=http://ftp.daumkakao.com/centos/$releasever/os/$basearch/
gpgcheck=0
[updates]
name=CentOS-$releasever - Updates
baseurl=http://ftp.daumkakao.com/centos/$releasever/updates/$basearch/
gpgcheck=0
[extras]
name=CentOS-$releasever - Extras
baseurl=http://ftp.daumkakao.com/centos/$releasever/extras/$basearch/
gpgcheck=0' > /etc/yum.repos.d/Daum.repo
echo 'Edit /etc/yum.repos.d/Daum.repo'
echo 'repository edit Success'
yum update -y
yum install epel-release -y
yum install lrzsz net-tools vim samba samba-client samba-common curl git wget openssh openssh-server openssh-clients openssl-libs nmap -y
dnf groupinstall "Fonts" "Korean Support" -y
echo 'ifconfig, vim, samba, curl, git, wget, openssh, nmap, Korean Support install Success'
cd ~
curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py
python get-pip.py
rm -rf ~/get-pip.py
############# openssh setting #############
sed -i 's/PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/sshd_config
sed -i 's/\#PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/sshd_config
sed -i 's/\#ListenAddress 0\.0\.0\.0/ListenAddress 0\.0\.0\.0/g' /etc/ssh/sshd_config
sed -i 's/\#UseDNS yes/UseDNS no/g' /etc/ssh/sshd_config
sed -i 's/\X11Forwarding yes/X11Forwarding no/g' /etc/ssh/sshd_config
sed -i 's/\#X11Forwarding yes/X11Forwarding no/g' /etc/ssh/sshd_config
cat <<EOT >> /etc/ssh/sshd_config
AllowUsers USERNAME
ClientAliveInterval 3600
ClientAliveCountMax 120
PrintMotd no
EOT
sed -i "s/USERNAME/$uname/g" /etc/ssh/sshd_config
echo 'Edit /etc/ssh/sshd_config'
systemctl enable sshd.service
service sshd restart
echo 'service sshd restart Success'
########## external hdd (fstab) ###########
# HDD는 fdisk -l 과 blkid 를 통해 UUID 알아내기
mkdir /4TB && mkdir /8TB && mkdir /500GB
cat <<EOT >> /etc/fstab
UUID=b495b27c-5699-4a28-99e9-61577aeae752 /500GB/ ext4 defaults,errors=remount-ro 0 1
UUID=a595e6ea-c75f-4b8f-b87c-2dc82faae8e9 /4TB/ ext4 defaults,errors=remount-ro 0 1
UUID=6782ec7b-af99-4ede-93df-83a50ec9e1a4 /8TB/ ext4 defaults,errors=remount-ro 0 1
EOT
mount -a
echo 'hdd mount Success'
############# samba setting ###############
groupadd sambashare
usermod -G sambashare $uname
smbpasswd -a $uname
cp /etc/samba/smb.conf /etc/samba/smb.conf-dist
cat <<EOT > /etc/samba/smb.conf
#======================= Global Settings =======================
[global]
workgroup = WORKGROUP
server string = Samba Server Version %v
log file = /var/log/samba/log.%m
max log size = 50
security = user
passdb backend = tdbsam
#======================= Share Definitions =======================
[homes]
comment = Home Directories
browseable = no
writable = yes
valid users = %S
[4TB]
comment = 4TB HDD
browseable = yes
path = /4TB/
read only = no
writable = yes
create mask = 0755
directory mask = 0755
valid users = @sambashare
veto files = /._*/.DS_Store/lost+found/Thumbs.db/desktop.ini/DESKTOP.INI/*.tmp/
delete veto files = yes
[8TB]
comment = 8TB HDD
browseable = yes
path = /8TB/
read only = no
writable = yes
create mask = 0755
directory mask = 0755
valid users = @sambashare
veto files = /._*/.DS_Store/lost+found/Thumbs.db/desktop.ini/DESKTOP.INI/*.tmp/
delete veto files = yes
[500GB]
comment = 500GB HDD
browseable = yes
path = /500GB/
read only = no
writable = yes
create mask = 0755
directory mask = 0755
valid users = @sambashare
veto files = /._*/.DS_Store/lost+found/Thumbs.db/desktop.ini/DESKTOP.INI/*.tmp/
delete veto files = yes
EOT
systemctl enable smb.service
service smb restart
service smb status
echo 'service samba Success'
################ add sudoers #################
cat <<EOT >> /etc/sudoers
$uname ALL=(ALL) NOPASSWD: ALL
EOT
echo 'edit /etc/sudoers'
echo 'add sudoers list'
###########################################
############### ZSH Setup #################
###########################################
yum install zsh -y && chsh -s `which zsh`
curl -L https://raw.github.com/robbyrussell/oh-my-zsh/master/tools/install.sh | sh
git clone https://github.com/powerline/fonts.git && ./fonts/install.sh && rm -rf ~/fonts
cd $HOME/.oh-my-zsh/custom/plugins && git clone https://github.com/zsh-users/zsh-syntax-highlighting.git && git clone https://github.com/zsh-users/zsh-autosuggestions && git clone https://github.com/djui/alias-tips.git
echo 'zsh shell install Success'
echo 'oh-my-zsh, plugins install Success'
###########################################
############## zsh setting ################
###########################################
wget -O $HOME/.zshrc 'https://gist.github.com/taking/1a03b19d580dda6376300d865b19b443/raw/8ce35f88c71b28a80d99dc2cb6410dccacdcf890/.zshrc%2520(linux)'
chsh -s `which zsh`
echo 'edit ~/.zsh'
echo 'zsh setting edit Success'
###########################################
######## new account zsh setting ##########
###########################################
cp $HOME/.zshrc /home/$uname/
cp -r $HOME/.oh-my-zsh /home/$uname/
chown -R $uname:$uname /home/$uname/
echo '$uname 의 shell 변경을 위해 암호를 입력하세요 :'
su -c 'chsh -s `which zsh`' - $uname
###########################################
############## vim Setting ################
###########################################
git clone https://github.com/VundleVim/Vundle.vim.git $HOME/.vim/bundle/Vundle.vim
mkdir $HOME/.vim/colors/
curl -G https://raw.githubusercontent.com/ErichDonGubler/vim-sublime-monokai/master/colors/sublimemonokai.vim -o $HOME/.vim/colors/sublimemonokai.vim
wget -O $HOME/.vimrc https://gist.github.com/taking/2d762c0d0a63120ace2fa3b87bf262e5/raw/bcf8e9c29730d20459d9f458d8af7361f2fba9b8/.vimrc
vim +PluginInstall +qall
cp $HOME/.vimrc /home/$uname/
cp -r $HOME/.vim /home/$uname/
chown -R $uname:$uname /home/$uname/
su -c 'vim +PluginInstall +qall' - $uname
echo '설정 완료 - 재부팅 하세요.\n'
reboot
@taking
Copy link
Author

taking commented Apr 2, 2018

Windows에서 복사해서 sh 파일을 만든 경우, \r 가 Text 안에 들어가기 때문에 'not a valid identifier' 관련 에러가 발생한다.
이 경우, Linux에서 아래와 같이 \r을 제거하고 실행하면 된다.

$ tr -d '\r' <filename.sh >filename-new.sh
$ chmod +x filename-new.sh
$ ./filename-new.sh

@taking
Copy link
Author

taking commented Apr 2, 2018
edited

Root 계정으로 실행하기

@cybertramp
Copy link

감사합니다. 어떤식으로 초기 설정을 해야하는지 알게되었습니다~!

@taking
Copy link
Author

taking commented Jun 12, 2019
edited

csf 말고 기본 firewalld 사용하시려면 아래꺼 참고하시면 됩니다 :)

##### selinux disable, firewalld samba add ########
firewall-cmd --permanent --zone=public --add-service=samba
firewall-cmd --reload
setsebool -P samba_domain_controller on
setsebool -P samba_enable_home_dirs on
setsebool -P samba_export_all_ro on
setsebool -P samba_export_all_rw on
sed -i 's/enforcing/disabled/g' /etc/sysconfig/selinux
setenforce 0
systemctl restart firewalld
echo 'selinux disable, firewalld samba add Success'

@taking
Copy link
Author

taking commented Jan 14, 2020
edited

관련된 부분은 아니지만 이 공간에 메모
python 설치 시 python.h 문제라던지 기타 문제 발생 시,

yum install python3-devel

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment