-
Notifications
You must be signed in to change notification settings - Fork 1
/
customize
executable file
·114 lines (92 loc) · 3.23 KB
/
customize
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
#!/bin/bash
set -o errexit
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
ZABBIX_VERSION="4.0"
echo "* get latest apt upgrades"
export DEBIAN_FRONTEND=noninteractive
apt-get -y update
yes no | apt-get -qq upgrade
echo "* Install zabbix-agent"
# wget "https://repo.zabbix.com/zabbix/${ZABBIX_VERSION}/ubuntu/pool/main/z/zabbix-release/zabbix-release_${ZABBIX_VERSION}-3+focal_all.deb"
# /usr/bin/dpkg -i "zabbix-release_${ZABBIX_VERSION}-3+focal_all.deb"
wget "https://repo.zabbix.com/zabbix/${ZABBIX_VERSION}/ubuntu/pool/main/z/zabbix-release/zabbix-release_${ZABBIX_VERSION}-4+ubuntu22.04_all.deb"
/usr/bin/dpkg -i "zabbix-release_${ZABBIX_VERSION}-4+ubuntu22.04_all.deb"
apt-get -y update
apt-get -y install zabbix-agent || true
mkdir -p /var/log/zabbix || true
chown zabbix:zabbix /var/log/zabbix
mkdir -p /etc/zabbix/zabbix_agentd.conf.d || true
rm -rf "zabbix-release_${ZABBIX_VERSION}-4+ubuntu22.04_all.deb" || true
echo "* Add dtrace tools"
curl -sSLO https://download.qutic.com/src/joyent/dtracetools-lx_1.0_amd64.deb
/usr/bin/dpkg -i dtracetools-lx_1.0_amd64.deb
rm dtracetools-lx_1.0_amd64.deb
echo "* Add filebeats"
# https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-6.8.22-amd64.deb
curl -L -O https://download.qutic.com/src/elasticsearch/filebeat-6.8.22-amd64.deb
yes no | dpkg -i filebeat-6.8.22-amd64.deb
rm filebeat-6.8.22-amd64.deb
echo "* Add bash extensions"
cat >> /etc/skel/.bashrc << EOF
PS1='\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\W\[\033[00m\]\$ '
alias la="ls -Al"
alias t="cd /var/log/ && tail -n 50 -f "
alias msg="/usr/bin/tail -n 50 -f /var/log/syslog"
alias nano=/usr/bin/vim
alias ps-mem="ps -o pid,user,%mem,command ax | sort -b -k3 -r | head"
alias ps-cpu="ps -o pid,user,%cpu,command ax | sort -b -k3 -r | head"
HISTSIZE=2000
HISTFILESIZE=25000
HISTTIMEFORMAT="[%d.%m.%Y %T] "
export EDITOR=/usr/bin/vim
export SYSTEMD_EDITOR=vim
export LANGUAGE=en_US.UTF-8
export LANG=en_US.UTF-8
EOF
echo "* Setup language env"
cp /etc/skel/.bashrc /root/.bashrc
source /root/.bashrc
locale-gen en_US.utf8 || true
echo "* Start rsyslog"
sed -i "s|#cron|cron|" /etc/rsyslog.d/50-default.conf
systemctl enable --now rsyslog
echo "* Start cron and anacron"
systemctl enable --now cron
systemctl enable --now anacron
echo "* System config"
cat >> /etc/sysctl.conf << EOF
fs.file-max = 2097152
fs.nr_open = 1048576
net.ipv4.netfilter.ip_conntrack_max = 1048576
net.nf_conntrack_max = 1048576
net.core.somaxconn = 1048576
EOF
cat >> /etc/security/limits.conf << EOF
* soft nofile 1048576
* hard nofile 1048576
root soft nofile 1048576
root hard nofile 1048576
EOF
sysctl -p || true
echo "* Disable ssh"
systemctl stop ssh
systemctl disable ssh
echo "* Disable rpcbind"
systemctl stop rpcbind
systemctl stop rpcbind.socket
systemctl disable rpcbind
# journalctl --vacuum-size=200M
sed -i \
-e "s/#SystemMaxUse=/SystemMaxUse=200M/" \
-e "s/#MaxFileSec=1month/MaxFileSec=1month/" \
/etc/systemd/journald.conf
echo "* Setup bootstrap startscript"
touch /var/lib/bootstrap
systemctl daemon-reload
systemctl enable /etc/systemd/system/bootstrap.service
echo "* Cleaning up."
rm /var/lib/bootstrap 2>/dev/null || true
rm /root/.bash_history 2>/dev/null || true
rm -rf /root/zabbix-* || true
rm -rf /root/customize
history -c