Created
October 30, 2022 18:59
-
-
Save taurusxin/a9fc3ad039c44ab66fca0320045719b0 to your computer and use it in GitHub Desktop.
Revisions
-
taurusxin created this gist
Oct 30, 2022 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,142 @@ #!/usr/bin/env bash echo=echo for cmd in echo /bin/echo; do $cmd >/dev/null 2>&1 || continue if ! $cmd -e "" | grep -qE '^-e'; then echo=$cmd break fi done CSI=$($echo -e "\033[") CEND="${CSI}0m" CDGREEN="${CSI}32m" CRED="${CSI}1;31m" CGREEN="${CSI}1;32m" CYELLOW="${CSI}1;33m" CBLUE="${CSI}1;34m" CMAGENTA="${CSI}1;35m" CCYAN="${CSI}1;36m" OUT_ALERT() { echo -e "${CYELLOW}$1${CEND}" } OUT_ERROR() { echo -e "${CRED}$1${CEND}" } OUT_INFO() { echo -e "${CCYAN}$1${CEND}" } if [[ -f /etc/redhat-release ]]; then release="centos" elif cat /etc/issue | grep -q -E -i "debian|raspbian"; then release="debian" elif cat /etc/issue | grep -q -E -i "ubuntu"; then release="ubuntu" elif cat /etc/issue | grep -q -E -i "centos|red hat|redhat"; then release="centos" elif cat /proc/version | grep -q -E -i "raspbian|debian"; then release="debian" elif cat /proc/version | grep -q -E -i "ubuntu"; then release="ubuntu" elif cat /proc/version | grep -q -E -i "centos|red hat|redhat"; then release="centos" else OUT_ERROR "[错误] 不支持的操作系统!" exit 1 fi OUT_ALERT "[信息] 正在更新系统中!" if [[ ${release} == "centos" ]]; then yum makecache yum install epel-release -y yum update -y else apt update apt dist-upgrade -y apt autoremove --purge -y fi OUT_ALERT "[信息] 正在安装 haveged 增强性能中!" if [[ ${release} == "centos" ]]; then yum install haveged -y else apt install haveged -y fi OUT_ALERT "[信息] 正在配置 haveged 增强性能中!" systemctl disable --now haveged systemctl enable --now haveged OUT_ALERT "[信息] 正在优化系统参数中!" modprobe ip_conntrack chattr -i /etc/sysctl.conf cat > /etc/sysctl.conf << EOF vm.swappiness = 0 fs.file-max = 1024000 net.core.rmem_max = 134217728 net.core.wmem_max = 134217728 net.core.netdev_max_backlog = 250000 net.core.somaxconn = 1024000 net.core.default_qdisc = fq_pie net.ipv4.conf.all.rp_filter = 0 net.ipv4.conf.default.rp_filter = 0 net.ipv4.conf.lo.arp_announce = 2 net.ipv4.conf.all.arp_announce = 2 net.ipv4.conf.default.arp_announce = 2 net.ipv4.ip_forward = 1 net.ipv4.ip_local_port_range = 1024 65535 net.ipv4.neigh.default.gc_stale_time = 120 net.ipv4.tcp_ecn = 0 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_low_latency = 1 net.ipv4.tcp_fin_timeout = 10 net.ipv4.tcp_window_scaling = 1 net.ipv4.tcp_keepalive_time = 10 net.ipv4.tcp_timestamps = 0 net.ipv4.tcp_sack = 1 net.ipv4.tcp_fack = 1 net.ipv4.tcp_syn_retries = 3 net.ipv4.tcp_synack_retries = 3 net.ipv4.tcp_max_syn_backlog = 16384 net.ipv4.tcp_max_tw_buckets = 8192 net.ipv4.tcp_fastopen = 3 net.ipv4.tcp_mtu_probing = 1 net.ipv4.tcp_rmem = 4096 87380 67108864 net.ipv4.tcp_wmem = 4096 65536 67108864 net.ipv4.tcp_congestion_control = bbr net.ipv6.conf.all.forwarding = 1 net.ipv6.conf.default.forwarding = 1 net.nf_conntrack_max = 25000000 net.netfilter.nf_conntrack_max = 25000000 net.netfilter.nf_conntrack_tcp_timeout_time_wait = 30 net.netfilter.nf_conntrack_tcp_timeout_established = 180 net.netfilter.nf_conntrack_tcp_timeout_close_wait = 30 net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 30 EOF cat > /etc/security/limits.conf << EOF * soft nofile 512000 * hard nofile 512000 * soft nproc 512000 * hard nproc 512000 root soft nofile 512000 root hard nofile 512000 root soft nproc 512000 root hard nproc 512000 EOF cat > /etc/systemd/journald.conf <<EOF [Journal] SystemMaxUse=384M SystemMaxFileSize=128M ForwardToSyslog=no EOF sysctl -p OUT_INFO "[信息] 优化完毕!" exit 0