#!/usr/bin/env bash #检查系统 check_sys(){ if [[ -f /etc/redhat-release ]]; then release="centos" elif cat /etc/issue | grep -q -E -i "debian"; then release="debian" elif cat /etc/issue | grep -q -E -i "ubuntu"; then release="ubuntu" elif cat /etc/issue | grep -q -E -i "centos|red hat|redhat"; then release="centos" elif cat /proc/version | grep -q -E -i "debian"; then release="debian" elif cat /proc/version | grep -q -E -i "ubuntu"; then release="ubuntu" elif cat /proc/version | grep -q -E -i "centos|red hat|redhat"; then release="centos" fi } #检测系统版本 check_version(){ #[ -s FILE ] 如果 FILE 存在且大小非0时为真则返回为真 if [[ -s /etc/redhat-release ]]; then version=`grep -oE "[0-9.]+" /etc/redhat-release | cut -d . -f 1` else version=`grep -oE "[0-9.]+" /etc/issue | cut -d . -f 1` fi bit=`uname -m` if [[ ${bit} = "x86_64" ]]; then bit="x64" else bit="x32" fi } install_bt(){ check_sys check_version if [[ "${release}" == "centos" ]]; then if [[ ${version} = "7" ]]; then yum install -y wget && wget -O install.sh http://download.bt.cn/install/install_6.0.sh && sh install.sh else echo -e "${Error} 暂不支持当前系统 ${release} ${version} ${bit} !" && exit 1 fi elif [[ "${release}" == "debian" ]]; then if [[ ${version} = "9" ]]; then wget -O install.sh http://download.bt.cn/install/install_6.0.sh && bash install.sh else echo -e "${Error} 不支持当前系统 ${release} ${version} ${bit} !" && exit 1 fi elif [[ "${release}" == "ubuntu" ]]; then if [[ ${version} = "16" || ${version} = "18" || ${version} = "19" ]]; then wget -O install.sh http://download.bt.cn/install/install-ubuntu_6.0.sh && sudo bash install.sh else echo -e "${Error} 不支持当前系统 ${release} ${version} ${bit} !" && exit 1 fi else echo -e "${Error} 不支持当前系统 ${release} ${version} ${bit} !" && exit 1 fi } install_bbr(){ wget -N --no-check-certificate "https://github.000060000.xyz/tcpx.sh" && chmod +x tcpx.sh && ./tcpx.sh } optimize_tcp(){ check_sys check_version if [[ "${release}" == "centos" ]]; then if [[ ${version} = "7" ]]; then echo '正在进行一键TCP连接优化...' cp -a /etc/sysctl.conf /etc/sysctl.conf.default echo 'net.ipv4.ip_forward = 1 net.ipv4.conf.default.rp_filter = 1 net.ipv4.conf.default.accept_source_route = 0 kernel.sysrq = 0 kernel.core_uses_pid = 1 kernel.msgmnb = 65536 kernel.msgmax = 65536 kernel.shmmax = 68719476736 kernel.shmall = 4294967296 net.core.wmem_default = 8388608 net.core.rmem_default = 8388608 net.core.rmem_max = 16777216 net.core.wmem_max = 16777216 net.ipv4.route.gc_timeout = 20 net.ipv4.tcp_retries2 = 5 net.ipv4.tcp_wmem = 8192 131072 16777216 net.ipv4.tcp_rmem = 32768 131072 16777216 net.ipv4.tcp_mem = 94500000 915000000 927000000 net.core.somaxconn = 32768 net.core.netdev_max_backlog = 32764 net.ipv4.ip_local_port_range = 1024 65535 net.ipv4.tcp_timestamps = 0 net.ipv4.tcp_tw_recycle = 1 net.ipv4.tcp_keepalive_time = 1800 net.ipv4.tcp_keepalive_probes = 3 net.ipv4.tcp_keepalive_intvl = 30 net.ipv4.tcp_max_orphans = 32768 fs.file-max = 1000000 fs.inotify.max_user_instances = 8192 kernel.pid_max = 65536 net.core.wmem_max = 8388608 net.ipv4.tcp_window_scaling = 1 net.ipv4.tcp_max_syn_backlog = 16384 net.ipv4.tcp_syn_retries = 1 net.ipv4.tcp_synack_retries = 1 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_fin_timeout = 30 net.ipv4.tcp_max_tw_buckets = 36000' >> /etc/sysctl.conf sleep 1 /sbin/sysctl -p /etc/sysctl.conf /sbin/sysctl -w net.ipv4.route.flush=1 echo 'TCP连接优化完成,感谢您的使用!' else echo -e "${Error} 暂不支持当前系统 ${release} ${version} ${bit} !" && exit 1 fi fi } security_linux(){ cp -a /etc/security/limits.conf /etc/security/limits.conf.default echo '* soft nofile 1000000 * hard nofile 1000000 * soft nproc 65535 * hard nproc 65535' >> /etc/security/limits.conf } modify_ssh(){ cp -a /etc/ssh/sshd_config /etc/ssh/sshd_config.bak >/dev/null 2>&1 echo '正在关闭selinux...' sed -i '/SELINUX/s/enforcing/disabled/' /etc/selinux/config >/dev/null 2>&1 read -p "请输入新的端口号:" port sed -i "s/#Port 22/Port $port/g" /etc/ssh/sshd_config >/dev/null 2>&1 firewall-cmd --permanent --add-port=$port/tcp >/dev/null 2>&1 firewall-cmd --reload >/dev/null 2>&1 systemctl restart sshd systemctl restart firewalld.service } ##############欢迎页面################### echo "欢迎使用宝塔&&锐速一键脚本" echo "1.安装宝塔面板" echo "2.安装锐速脚本" echo "3.Centos7一键优化TCP连接" echo "4.Linux修改端口" read -p "请输入你的选择:" choice if [[ $choice == "1" ]];then echo "开始一键安装宝塔面板..." install_bt elif [[ $choice == "2" ]];then echo "开始一键安装BBR..." install_bbr elif [[ $choice == "3" ]];then echo "开始一键TCP连接优化..." optimize_tcp echo "开始一键文件优化..." security_linux elif [[ $choice == "4" ]];then echo "开始一键修改端口..." modify_ssh else echo "请重新选择!" fi