@@ -0,0 +1,142 @@
#! /usr/bin/env bash
echo=echo
for cmd in echo /bin/echo; do
$cmd > /dev/null 2>&1 || continue
if ! $cmd -e " " | grep -qE ' ^-e' ; then
echo=$cmd
break
fi
done
CSI=$( $echo -e " \033[" )
CEND=" ${CSI} 0m"
CDGREEN=" ${CSI} 32m"
CRED=" ${CSI} 1;31m"
CGREEN=" ${CSI} 1;32m"
CYELLOW=" ${CSI} 1;33m"
CBLUE=" ${CSI} 1;34m"
CMAGENTA=" ${CSI} 1;35m"
CCYAN=" ${CSI} 1;36m"
OUT_ALERT () {
echo -e " ${CYELLOW} $1 ${CEND} "
}
OUT_ERROR () {
echo -e " ${CRED} $1 ${CEND} "
}
OUT_INFO () {
echo -e " ${CCYAN} $1 ${CEND} "
}
if [[ -f /etc/redhat-release ]]; then
release=" centos"
elif cat /etc/issue | grep -q -E -i " debian|raspbian" ; then
release=" debian"
elif cat /etc/issue | grep -q -E -i " ubuntu" ; then
release=" ubuntu"
elif cat /etc/issue | grep -q -E -i " centos|red hat|redhat" ; then
release=" centos"
elif cat /proc/version | grep -q -E -i " raspbian|debian" ; then
release=" debian"
elif cat /proc/version | grep -q -E -i " ubuntu" ; then
release=" ubuntu"
elif cat /proc/version | grep -q -E -i " centos|red hat|redhat" ; then
release=" centos"
else
OUT_ERROR " [错误] 不支持的操作系统!"
exit 1
fi
OUT_ALERT " [信息] 正在更新系统中!"
if [[ ${release} == " centos" ; then
yum makecache
yum install epel-release -y
yum update -y
else
apt update
apt dist-upgrade -y
apt autoremove --purge -y
fi
OUT_ALERT " [信息] 正在安装 haveged 增强性能中!"
if [[ ${release} == " centos" ; then
yum install haveged -y
else
apt install haveged -y
fi
OUT_ALERT " [信息] 正在配置 haveged 增强性能中!"
systemctl disable --now haveged
systemctl enable --now haveged
OUT_ALERT " [信息] 正在优化系统参数中!"
modprobe ip_conntrack
chattr -i /etc/sysctl.conf
cat > /etc/sysctl.conf << EOF
vm.swappiness = 0
fs.file-max = 1024000
net.core.rmem_max = 134217728
net.core.wmem_max = 134217728
net.core.netdev_max_backlog = 250000
net.core.somaxconn = 1024000
net.core.default_qdisc = fq_pie
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_announce = 2
net.ipv4.ip_forward = 1
net.ipv4.ip_local_port_range = 1024 65535
net.ipv4.neigh.default.gc_stale_time = 120
net.ipv4.tcp_ecn = 0
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_low_latency = 1
net.ipv4.tcp_fin_timeout = 10
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_keepalive_time = 10
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_sack = 1
net.ipv4.tcp_fack = 1
net.ipv4.tcp_syn_retries = 3
net.ipv4.tcp_synack_retries = 3
net.ipv4.tcp_max_syn_backlog = 16384
net.ipv4.tcp_max_tw_buckets = 8192
net.ipv4.tcp_fastopen = 3
net.ipv4.tcp_mtu_probing = 1
net.ipv4.tcp_rmem = 4096 87380 67108864
net.ipv4.tcp_wmem = 4096 65536 67108864
net.ipv4.tcp_congestion_control = bbr
net.ipv6.conf.all.forwarding = 1
net.ipv6.conf.default.forwarding = 1
net.nf_conntrack_max = 25000000
net.netfilter.nf_conntrack_max = 25000000
net.netfilter.nf_conntrack_tcp_timeout_time_wait = 30
net.netfilter.nf_conntrack_tcp_timeout_established = 180
net.netfilter.nf_conntrack_tcp_timeout_close_wait = 30
net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 30
EOF
cat > /etc/security/limits.conf << EOF
* soft nofile 512000
* hard nofile 512000
* soft nproc 512000
* hard nproc 512000
root soft nofile 512000
root hard nofile 512000
root soft nproc 512000
root hard nproc 512000
EOF
cat > /etc/systemd/journald.conf << EOF
[Journal]
SystemMaxUse=384M
SystemMaxFileSize=128M
ForwardToSyslog=no
EOF
sysctl -p
OUT_INFO " [信息] 优化完毕!"
exit 0
bloatfan revised this gist
taurusxin created this gist