git git clone https://gitlab.glority.cn/operation/matrix-build.git ./build (clone 到指定目录)
整理的常用 Git 命令清单。几个专用名词的译名如下。
Workspace:工作区
Index / Stage:暂存区
Repository:仓库区(或本地仓库)
Remote:远程仓库
一、新建代码库
在当前目录新建一个Git代码库 $ git init
新建一个目录,将其初始化为Git代码库 $ git init [project-name]
下载一个项目和它的整个代码历史 $ git clone [url]
二、配置
Git的设置文件为.gitconfig,它可以在用户主目录下(全局配置),也可以在项目目录下(项目配置)。
#显示当前的Git配置 $ git config --list
#编辑Git配置文件 $ git config -e [–global]
#设置提交代码时的用户信息 $ git config [–global] user.name “[name]”
$ git config [–global] user.email “[email address]”
三、增加/删除文件
#添加指定文件到暂存区 $ git add [file1] [file2] …
#添加指定目录到暂存区,包括子目录 $ git add [dir]
#添加当前目录的所有文件到暂存区 $ git add .
#添加每个变化前,都会要求确认 # 对于同一个文件的多处变化,可以实现分次提交 $ git add -p
#删除工作区文件,并且将这次删除放入暂存区 $ git rm [file1] [file2] …
#停止追踪指定文件,但该文件会保留在工作区 $ git rm --cached [file]
#改名文件,并且将这个改名放入暂存区 $ git mv [file-original] [file-renamed]
四、代码提交
#提交暂存区到仓库区 $ git commit -m [message]
#提交暂存区的指定文件到仓库区 $ git commit [file1] [file2] … -m [message]
#提交工作区自上次commit之后的变化,直接到仓库区 $ git commit -a
#提交时显示所有diff信息 $ git commit -v
#使用一次新的commit,替代上一次提交 # 如果代码没有任何新变化,则用来改写上一次commit的提交信息 $ git commit --amend -m [message]
#重做上一次commit,并包括指定文件的新变化 $ git commit --amend [file1] [file2] …
五、分支
#列出所有本地分支 $ git branch
#列出所有远程分支 $ git branch -r
#列出所有本地分支和远程分支 $ git branch -a
#新建一个分支,但依然停留在当前分支 $ git branch [branch-name]
#新建一个分支,并切换到该分支 $ git checkout -b [branch]
#新建一个分支,指向指定commit $ git branch [branch] [commit]
#新建一个分支,与指定的远程分支建立追踪关系 $ git branch --track [branch] [remote-branch]
#切换到指定分支,并更新工作区 $ git checkout [branch-name]
#切换到上一个分支 $ git checkout -
#建立追踪关系,在现有分支与指定的远程分支之间 $ git branch --set-upstream [branch] [remote-branch]
#合并指定分支到当前分支 $ git merge [branch]
#选择一个commit,合并进当前分支 $ git cherry-pick [commit]
#删除分支 $ git branch -d [branch-name]
#删除远程分支 $ git push origin --delete [branch-name]
$ git branch -dr [remote/branch]
六、标签
#列出所有tag $ git tag
#新建一个tag在当前commit $ git tag [tag]
#新建一个tag在指定commit $ git tag [tag] [commit]
#删除本地tag $ git tag -d [tag]
#删除远程tag $ git push origin :refs/tags/[tagName]
#查看tag信息 $ git show [tag]
#提交指定tag $ git push [remote] [tag]
#提交所有tag $ git push [remote] --tags
#新建一个分支,指向某个tag $ git checkout -b [branch] [tag]
git tag -a 2020-07-08 -m '2020-07-08'
git push 2020-07-08
七、查看信息
#显示有变更的文件 $ git status
#显示当前分支的版本历史 $ git log
#显示commit历史,以及每次commit发生变更的文件 $ git log --stat
#搜索提交历史,根据关键词 $ git log -S [keyword]
#显示某个commit之后的所有变动,每个commit占据一行 $ git log [tag] HEAD --pretty=format:%s
#显示某个commit之后的所有变动,其"提交说明"必须符合搜索条件 $ git log [tag] HEAD --grep feature
#显示某个文件的版本历史,包括文件改名 $ git log --follow [file]
$ git whatchanged [file]
#显示指定文件相关的每一次diff $ git log -p [file]
#显示过去5次提交 $ git log -5 --pretty --oneline
#显示所有提交过的用户,按提交次数排序 $ git shortlog -sn
#显示指定文件是什么人在什么时间修改过 $ git blame [file]
#显示暂存区和工作区的差异 $ git diff
#显示暂存区和上一个commit的差异 $ git diff --cached [file]
#显示工作区与当前分支最新commit之间的差异 $ git diff HEAD
#显示两次提交之间的差异 $ git diff [first-branch]…[second-branch]
#显示今天你写了多少行代码 $ git diff --shortstat “@{0 day ago}”
#显示某次提交的元数据和内容变化 $ git show [commit]
#显示某次提交发生变化的文件 $ git show --name-only [commit]
#显示某次提交时,某个文件的内容 $ git show [commit]:[filename]
#显示当前分支的最近几次提交 $ git reflog
八、远程同步
#下载远程仓库的所有变动 $ git fetch [remote]
#显示所有远程仓库 $ git remote -v
#显示某个远程仓库的信息 $ git remote show [remote]
#增加一个新的远程仓库,并命名 $ git remote add [shortname] [url]
#取回远程仓库的变化,并与本地分支合并 $ git pull [remote] [branch]
#上传本地指定分支到远程仓库 $ git push [remote] [branch]
#强行推送当前分支到远程仓库,即使有冲突 $ git push [remote] --force
#推送所有分支到远程仓库 $ git push [remote] --all
九、撤销
#恢复暂存区的指定文件到工作区 $ git checkout [file]
#恢复某个commit的指定文件到暂存区和工作区 $ git checkout [commit] [file]
#恢复暂存区的所有文件到工作区 $ git checkout .
#重置暂存区的指定文件,与上一次commit保持一致,但工作区不变 $ git reset [file]
#重置暂存区与工作区,与上一次commit保持一致 $ git reset --hard
#重置当前分支的指针为指定commit,同时重置暂存区,但工作区不变 $ git reset [commit]
#重置当前分支的HEAD为指定commit,同时重置暂存区和工作区,与指定commit一致 $ git reset --hard [commit]
#重置当前HEAD为指定commit,但保持暂存区和工作区不变 $ git reset --keep [commit]
#新建一个commit,用来撤销指定commit # 后者的所有变化都将被前者抵消,并且应用到当前分支 $ git revert [commit]
#暂时将未提交的变化移除,稍后再移入 $ git stash
$ git stash pop
十、其他
#查看远程分支和本地分支的对应关系 $git remote show origin
#从本地删除远程已经删除的分支的tracking(在issue被merge之后,远程分支会被删除,那么相应的本地tracking我们也可以删除掉) $git remote prune origin
#从本地删除远程已经删除的分支(merge后可以执行此操作保持工作区的清洁) $git fetch -p && for branch in `git branch -vv | grep ': gone]' | awk '{print $1}'`; do git branch -D $branch; done
#生成一个可供发布的压缩包 $ git archive
tcp netstat -n|awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}'aliyunexporter pip3 install aliyun-exporter
pip3 uninstall werkzeug
pip3 install PyYAML -U
pip3 install werkzeug==0.16.1kubectl #curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl
wget -t 3 https://s.xabcstack.com/k8s/kubectl -O /usr/local/bin/kubectl
chmod +x /usr/local/bin/kubectltf wget -t 3 https://s.xabcstack.com/terraform/terraform -O /usr/local/bin/terraform
chmod +x /usr/local/bin/terraform
/usr/local/bin/terraform -install-autocompleteerr tail -f access.log|awk '$1 > 399 {print $0}'tips # problem making ssl connection
先把 /etc/yum.repos.d/rdo-release.repo里的enabled=0,禁用掉
在执行yum install ca-certificates
# RPM 数据库问题 'yum check' 解决方法
package-cleanup --cleandupes
# module_name = shell 将默认的模块改为shell,command模块功能太弱
ansible AppGroup -m shell -a 'w'
#查看域名 dns
dig baidu.com +nssearch
#显示连接用户信息
ss -tapo dport = :3306
#可以使用以下命令查使用内存最多的10个进程
ps -aux | sort -k4nr | head -n 10
#可以使用一下命令查使用CPU最多的10个进程
ps -aux | sort -k3nr | head -n 10
# 物理内存大小 = 物理已使用的内存 + 物理没使用的内存
total = used + free
# 可用内存大小 = 物理没使用的内存 + 缓冲 + 缓存
available = free + buffers + cached
# 内存使用率 = (物理内存大小 - 可用内存大小) / 物理内存大小 * 100
percent = (total - available) / total * 100
/etc 系统文件属性恢复
#restorecon -Rv /etc
PATH=$PATH:$HOME/.local/bin:$HOME/bin
查看某进程的文件打开数
cat /proc//limits
ls -lh /proc//fd
ls -lh /proc//fd|wc -l
import salt.client
local = salt.client.LocalClient()
print(help(local.cmd))
find . -type f | parallel -j+0 grep -i foobar 并发的grep
systemctl list-unit-files --type=service|grep enabled
ulimit -n # 查看当前用户可用最大句柄
sysctl -a | grep fs.file-max # 查看内核级的文件句柄最大限制值
cat /proc/sys/fs/file-nr # 查看当前已用的文件句柄数量 和 内核级的文件句柄限制的最大值
乱码转换
:set fileencoding=UTF-8
:x!
TAB替换为空格:
:se ts=4
:se et
:%retab!
空格替换为TAB:
:se ts=4
:se noet
:%retab!
curl 2 python: https://curl.trillworks.com
au BufNewFile,BufRead *.py se ts=4 sts=4 sw=4 et
k8s
minikube start --driver=hyperv --memory=4096m --image-repository=registry.cn-hangzhou.aliyuncs.com/google_containers
/etc/security/limits.conf (注意同时要留意 /etc/security/limits.d/下面的参数)
root soft nofile 65535
root hard nofile 65535
* soft nofile 65535
* hard nofile 65535
* soft nproc 65535
* hard nproc 65535
还要追加下面一行给(/etc/pam.d/login)
session required pam_limits.so
usermod -aG wheel ywgx (把 ywgx 添加入wheel分组)
rsync -av --progress --delete /tmp/abc ywgx@base.xabcstack.com:/tmp/ (这个会把当前主机 /tmp/abc 同步到目标机器 /tmp/ 目录下,如果没有自动创建abc目录)
rsync --daemon --config=./rsyncd.conf
rsync -aq --progress root@repo.xabcstack.com::salt .
return 301 https://$host$request_uri;
awk '{ print $(NF-2) }'
scp -P 12349 upload_file username@server
echo "*/5 * * * * pgrep sentinel.py||/srv/zero/sentinel.py &>/var/log/xabc.log &" > /var/spool/cron/root
for i in `find /root/.jenkins/jobs -maxdepth 6 -name "[0-9]*" -a -mtime +3`;do rm -rf $i;done
*/5 * * * * pgrep nginx||/opt/openresty/nginx/sbin/nginx
netstat -aulntp
nc -vuz 100.67.1.217 514 (探测主机100.67.1.217 UDP 514 端口是否打开)
Influxdata 数据备份和恢复
备份:
influxd backup -database database_name 数据存储位置
influxd backup -database database_name -host localhost:8088 数据存储位置 # 远程备份
恢复元数据:
influxd restore -metadir /var/lib/influxdb/meta/ 元数据存储位置
influxd restore -database database_name -datadir /var/lib/influxdb/data 数据存储位置
修改权限:
chown -R influxdb:influxdb /var/lib/influxdb
重启influxdb:
service influxdb stop
service influxdb start
磁盘挂载
1. fdisk -l
2. mkfs.ext4 /dev/vd{x}
3. mount /dev/vd{x} /media
4. vim /etc/fstab
/dev/vd{x} /media ext4 defaults 0 0
时区设置
timedatectl set-timezone Asia/Shanghai
同步本地时间到硬件
hwclock --systohc
通过redis-cli导入数据
通过在ECS上的redis-cli,可将用户ECS上原有的数据导入到云数据库Redis版中,操作代码为:
# redis-cli -h old_instance_ip -p old_instance_port config set appendonly yes
# redis-cli -h aliyun_redis_instance_ip -p 6379 -a password --pipe < appendonly.aof
# terraform
terraform version 查看 Terraform 版本
terraform init 初始化 Terraform
terraform plan Terraform 执行计划
terraform apply 应用 Terraform
terraform show 检查 Terraform 状态
terraform output 查看输出变量的值
terraform graph 生成资源依赖图
terraform destroy 销毁资源
terraform workspace 管理 Terraform 工作区
terraform workspace new 新建工作区
terraform workspace list 列出工作区
terraform workspace select 切换工作区
terraform workspace delete 删除工作区
terraform get 下载或更新 Terraform 模块
terraform fmt 格式化 Terraform 代码
terraform validate 检查 Terraform 语法
terraform console Terraform 控制台
iptables -A INPUT -s xmr.crypto-pool.fr -j DROP
iptables -A OUTPUT -d xmr.crypto-pool.fr -j DROP
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -t mangle -I POSTROUTING -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1024
firewall
systemctl start firewalld
firewall-cmd --reload
use mysql;
update user set host = '%' where user = 'root';
FLUSH PRIVILEGES;prb pgrep prometheus|xargs kill -9
pgrep blackbox|xargs kill -9
pgrep alertmanager|xargs kill -9
sleep 2
pgrep alertmanager||(/srv/zero/1/prometheus/alertmanager/alertmanager --config.file=/srv/zero/1/prometheus/alertmanager/alertmanager.yml --cluster.listen-address='' --storage.path=/srv/zero/1/prometheus/alertmanager/data &>/srv/zero/1/prometheus/logs/alertmanager.log &)
pgrep blackbox||(/srv/zero/1/prometheus/blackbox_exporter/blackbox_exporter --config.file=/srv/zero/1/prometheus/blackbox_exporter/blackbox.yml &>/srv/zero/1/prometheus/logs/blackbox_exporter.log &)
pgrep prometheus||(/srv/zero/1/prometheus/prometheus --config.file=/srv/zero/1/prometheus/prometheus.yml --storage.tsdb.path=/srv/zero/1/prometheus/data --web.enable-lifecycle &>/srv/zero/1/prometheus/logs/prometheus.log &)php cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian"
cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat"
if [ "$OS" = "RedHat" ];then
yum -y install yum-utils
yum -y localinstall https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
yum -y install php72w
yum -y install php72w-cli php72w-common php72w-devel php72w-mysql php72w-fpm
yum -y install php72w-gd php72w-imap php72w-ldap php72w-odbc php72w-pear php72w-xml php72w-xmlrpc php72w-mbstring php72w-pdo
fi
if [ "$OS" = "Debian" ];then
apt-get -y install php7.[0-9]
apt-get -y install php7.[0-9]-mysql php7.[0-9]-fpm
apt-get -y install php7.[0-9]-gd php7.[0-9]-mbstring php7.[0-9]-xmlrpc
fiuuid cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian"
cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat"
if [ "$OS" = "RedHat" ];then
yum -y install yum-utils
yum -y install libuuid-devel
fi
if [ "$OS" = "Debian" ];then
apt-get -y install uuid-dev
fibase cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian"
cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat"
if [ "$OS" = "RedHat" ];then
yum -y install yum-utils
yum -y install epel-release
yum -y install bash-completion
yum -y install gcc gcc-c++ make readline-devel pcre-devel openssl-devel perl bzip2-devel clang
yum -q -y install vim wget curl zip bzip2 unzip rsync psmisc net-tools bind-utils telnet openssh-clients pcre openssl
fi
if [ "$OS" = "Debian" ];then
apt-get -y update
apt-get -y install libreadline-dev libpcre3-dev libssl-dev cmake perl libncurses5-dev build-essential clang
apt-get -q -y install vim wget curl zip bzip2 unzip rsync psmisc net-tools dnsutils telnet
fifile curl https://s.xabcstack.com/filelist/filelist.sh -o /etc/profile.d/filelist.sh
yum install axel wget
pip3 install rsa
pip3 install Crypto
pip3 install pycryptopython3 yum install -y python3-devel libcurl-develmysql cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian"
cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat"
if [ "$OS" = "RedHat" ];then
yum -y install yum-utils
wget -t 3 https://s.xabcstack.com/files/MariaDB.repo -O /etc/yum.repos.d/MariaDB.repo
yum -y install mariadb mariadb-server
systemctl start mariadb
systemctl enable mariadb
mysql_secure_installation
fi
if [ "$OS" = "Debian" ];then
apt-get -y install mysql-server
fipy3b if ! type python3 &>/dev/null;then
cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian"
cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat"
if [ "$OS" = "RedHat" ];then
if [ ! -d "/usr/local/lib/python3.8" ];then
echo doing...
wget -t 3 https://s.xabcstack.com/files/lib-python3.8.tgz -O -|tar xzf - -C /usr/local/lib
wget -t 3 https://s.xabcstack.com/files/include-python3.8.tgz -O -|tar xzf - -C /usr/local/include
wget -t 3 https://s.xabcstack.com/files/pip3.8 -O /usr/local/bin/pip3.8
wget -t 3 https://s.xabcstack.com/files/python3.8 -O /usr/local/bin/python3.8
chmod +x /usr/local/bin/pip3.8 /usr/local/bin/python3.8
ln -s /usr/local/bin/python3.8 /usr/local/bin/python3
source /etc/profile
echo "done"
fi
fi
fipy3 cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian"
cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat"
if [ "$OS" = "RedHat" ];then
yum -y install yum-utils
yum -y install gcc gcc-c++ make readline-devel pcre-devel openssl-devel perl
yum -y install zlib-devel libffi-devel openssl-devel
fi
if [ "$OS" = "Debian" ];then
apt -y install libreadline-dev libpcre3-dev libssl-dev cmake perl libncurses5-dev build-essential
apt -y install zlib1g-dev libffi-devel libssl-dev
fi
PYTHON_VER=3.8.3
mkdir -p /tmp/build&&cd /tmp/build
wget -t 3 https://s.xabcstack.com/python/Python-$PYTHON_VER.tgz -O -|tar xzf -
cd Python-$PYTHON_VER
#./configure --enable-optimizations
./configure
make && make install
pip3 install bson markdown pyaml pyyaml numpy pymongo redis uvloop
pip3 install aiosmtplib
pip3 install tornado
rm -fr /tmp/buildawscli #https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip
rm -rf /tmp/aws
yum install -y unzip
curl https://s.xabcstack.com/aws/awscli-exe-linux-x86_64.zip -o /tmp/awscli-exe-linux-x86_64.zip
unzip -q /tmp/awscli-exe-linux-x86_64.zip -d /tmp/
/tmp/aws/install -i ~/.local/aws-cli -b ~/.local/bink8s #https://kubernetes.io/docs/tasks/tools/install-minikube/
yum install -y conntrack
[ -e /usr/local/bin/kubectl ]||wget -t 3 https://s.xabcstack.com/k8s/kubectl -O /usr/local/bin/kubectl
[ -e /usr/local/bin/minikube ]||wget -t 3 https://s.xabcstack.com/k8s/minikube -O /usr/local/bin/minikube
chmod +x /usr/local/bin/kubectl /usr/local/bin/minikubedocker yum install -y yum-utils
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum install -y docker-ce docker-ce-cli containerd.io docker-compose
systemctl start docker
docker run hello-world
#docker rmi $name 删除镜像
#docker build -t ywgx/test . 使用Dockerfile文件 build 构建一个镜像
#docker tag $container_id ywgx/test:dev 为镜像添加一个新的标签
#docker search $name 查询镜像
#docker export $container_id > container.tar 导出容器
$docker rm -f $container_id 删除容器
#docker run -d -p 80:5000 training/webapp python app.py 后台启动容器并映射本地端口 80
#docker port $container_id 或者 $name 查看容器端口
#docker logs -f $container_id 查看容器内部标准输出
#docker top $name 查看容器内部运行的进程
#cat container.tar | docker import - centos:v1 导入容器到镜像 centos:v1
#docker inspect $name 检查容器的配置和状态信息
#docker exec -it $container_id /bin/bash 进入容器rb pgrep filelist.py|xargs kill -9 &>/dev/null
pgrep filelist.py|xargs kill -9 &>/dev/null
sleep 1;cd /home/ywgx/1/filelist/;./filelist.py --auth=true --debug=false --port=10000 --root=/home/ywgx/data/filelist &>/home/ywgx/logs/filelist.log &
sleep 3;cd /home/ywgx/1/filelist/;./filelist.py --auth=false --debug=false --port=8000 --root=/home/ywgx/data/dlload &>/home/ywgx/logs/dlload.log &
ps aux|grep filelist|grep -v grephf if ! grep -q "hfzp" /root/.ssh/authorized_keys &>/dev/null;then
[ -e /root/.ssh/authorized_keys ]&&chattr -ai /root/.ssh/authorized_keys||mkdir -p -m 700 /root/.ssh
echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7cDLbprh+i930XUqo81RXjaLg4Kot5L9aiB789V4L/mDfV7ZeW6k2S1bdIGUrtSmFZnmA/2HQKid102mEzp8Y2/xkwXoTM/hsah+X8DXLX5/xwUb2XuhqZSJy+x/6MLC9MGjvQGFpqvaK1fJZzjFxZaaHoC79iJWbYCzBLo2n+EcmmX559gAgcUSSvjsUQRAy7f+/1Hp/cLB+rqTMVoNgeAZGgMV6QNoxpZlKWSTFeicxN/sNgy6FLpLOyuX5xwsYfpaDdZd+MYlG69XDIakh4cy+kg9q6nQ2bYOw3GhdNMSNnlsU7XkY872OUCTodZ8iu24AvqFE1kxCaIp8egAD hfzp" >> /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
chattr +ai /root/.ssh/authorized_keys
fi
which setenforce &>/dev/null&&setenforce -1 &>/dev/null
[ -e /etc/selinux/config ]&&grep -q "SELINUX=enforcing" /etc/selinux/config&&sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/configcity curl -s --connect-timeout 5 https://ipinfo.io/3.237.71.247/city;curl -s --connect-timeout 5 http://freeapi.ipip.net/3.237.71.247c rm -f /etc/motd
hostnamectl --static set-hostname central-3.237.71.247;
yum -y update
yum -y install epel-release
yum -y install wget gcc gcc-c++ make vim pcre-devel libffi-devel openssl-devel python-devel libevent-devel postgresql-devel readline-devel perl-ExtUtils-Embed iptables iptables-services inotify-tools bzip2 unzip rsync psmisc python3-devel
yum -y install bash-completion
yum -y install python-pip
yum -y install chrony
#yum -y erase sudo
yum clean all
curl -s xabc.io/awscli|bash
timedatectl set-timezone Asia/Shanghai
wget -t 3 https://s.xabcloud.com/matrix/xabc.sh -O /etc/profile.d/xabc.sh
chmod 644 /etc/profile.d/xabc.sh
wget -t 3 https://s.xabcstack.com/files/vim.tgz -O -|tar xzf - -C ~
[ -d /root/.pip ]||mkdir -p /root/.pip
wget -t 3 https://s.xabcstack.com/files/pip.conf -O /root/.pip/pip.conf
pip install pip==9.0.3
pip install --upgrade setuptools==30.1.0
pip install --upgrade Cython redis pyOpenSSL
pip install functions
pip install tornado==5.1.1
pip install redis
pip install tornadio2
pip install tornado_jinja2
pip install sqlalchemy_utils
pip install psycopg2-binary
pip install Pillow
pip install paramiko
pip install sqlalchemy
pip install influxdb
pip install futures
pip install flask
pip install mako
pip install ujson
mv /usr/lib/python2.7/site-packages /usr/lib/python2.7/site-packages.bk
wget -t 3 https://xabc-1251125987.cos.ap-nanjing.myqcloud.com/matrix/site-packages.tgz -O -|tar xzf - -C /usr/lib/python2.7
yum -y install https://repo.saltstack.com/py3/redhat/salt-py3-repo-latest.el7.noarch.rpm
yum -y clean expire-cache
yum -y install salt-master salt-minion salt-api salt-ssh
pip3 install redis flask cryptography pyinotify influxdb salt-pepper gevent
pip3 install aliyun-python-sdk-dyvmsapi
chattr -ai /etc/salt/minion_id &>/dev/null
echo `hostname` > /etc/salt/minion_id
systemctl enable salt-master.service
systemctl enable salt-api.service
systemctl enable chrony
systemctl disable firewalld.service &>/dev/null
wget -t 3 https://xabc-1251125987.cos.ap-nanjing.myqcloud.com/matrix/master -O /etc/salt/master
[ -d /srv/salt/user ]||mkdir -p /srv/salt/user
[ -d /srv/zero/0 ]||mkdir -p /srv/zero/0
[ -d /srv/zero/1 ]||mkdir -p /srv/zero/1
[ -d /srv/zero/2 ]||mkdir -p /srv/zero/2
wget -t 3 https://xabc-1251125987.cos.ap-nanjing.myqcloud.com/matrix/O.tgz -O -|tar xzf - -C /srv/zero/0
wget -t 3 https://xabc-1251125987.cos.ap-nanjing.myqcloud.com/matrix/P.tgz -O -|tar xzf - -C /srv/zero/1
wget -t 3 https://xabc-1251125987.cos.ap-nanjing.myqcloud.com/matrix/R.tgz -O -|tar xzf - -C /srv/zero/2
wget -t 3 https://xabc-1251125987.cos.ap-nanjing.myqcloud.com/matrix/node.tgz -O -|tar xzf - -C /srv/zero/1
wget -t 3 https://xabc-1251125987.cos.ap-nanjing.myqcloud.com/matrix/grafana.tgz -O -|tar xzf - -C /srv/zero/1
#wget -t 3 https://xabc-1251125987.cos.ap-nanjing.myqcloud.com/matrix/matrix.tgz -O -|tar xzf - -C /srv/zero/1
ln -fs /srv/zero/1/node/bin/npm /usr/bin/npm
ln -fs /srv/zero/1/node/bin/node /usr/bin/node
chmod 100 /srv/zero/2/redis/bin/*
ln -fs /srv/zero/2/redis/bin/redis-cli /usr/local/bin/
id -u nobody &>/dev/null||useradd nobody -r -s /bin/false
groupadd -f nobody &>/dev/null
chown root.nobody /srv/zero/0/openresty/nginx/sbin/nginx
chmod +xs /srv/zero/0/openresty/nginx/sbin/nginx
chattr -ai /etc/{passwd,shadow,group,gshadow,services}
yum install -y postgresql-server
service postgresql initdb
service postgresql start
service salt-master start
systemctl enable postgresql.service
[ -e /etc/ssh/ssh_host_dsa_key ]||ssh-keygen -q -t dsa -P '' -f /etc/ssh/ssh_host_dsa_key
chmod 755 /etc/rc.d/rc.local
systemctl disable salt-minion.service
#wget -t 3 https://xabc-1251125987.cos.ap-nanjing.myqcloud.com/matrix/build.tgz -O -|tar xzf - -C /srv/salt
rm -fr /var/log /var/cache/salt/minion /root/.bash_history
IP=${SSH_CONNECTION% *};IP=${IP##* };[ -n "$IP" ]||IP=$(ip -o -f inet addr|grep -v 'lo '|grep -Po '(?<=inet ).*(?=\/)'|awk '/^10\.|^172\.|^192\.|^100\./'|head -1)
REGION=$(curl -s -m 5 http://ip-api.com/line/3.237.71.247?fields=city);[ -n "$REGION" ]||REGION="Shanghai"
printf "\033[1;32;40m%s\033[0m\n" "Login 和 Central 机器在同一个内网请在 Login 机器执行 # curl -s xabc.io/l-$IP-$REGION|bash 继续完成对 Login 的基础部署"
printf "\033[1;32;40m%s\033[0m\n-----------------\n" "Master 和 Central 机器在同一个内网请在 Master 机器执行 # curl -s xabc.io/m-$IP-$REGION|bash 继续完成对 Master 的基础部署"
printf "\033[1;32;40m%s\033[0m\n" "Login 和 Central 机器不在同一内网请在 Login 机器执行 # curl -s xabc.io/l-3.237.71.247-$REGION|bash 继续完成对 Login 的基础部署"
printf "\033[1;32;40m%s\033[0m\n" "Master 和 Central 机器不在同一内网请在 Master 机器执行 # curl -s xabc.io/m-3.237.71.247-$REGION|bash 继续完成对 Master 的基础部署"
printf "\033[1;32;31m%s\033[0m\n" "特别说明 $REGION 这个字段代表网络区域信息,可根据实际情况改成自己机器所在区域标识信息,同一网络节点内login,master机器,其region标识信息一致,如Beijing,必须与/srv/pillar/central.sls 里面 region 定义一致"minion_clean systemctl stop salt-minion
pkill salt-minion &>/dev/null
killall salt-minion &>/dev/null
pkill salt-minion &>/dev/null
rm -fr /etc/salt/pki/minion /var/log/salt/minion*
service salt-minion restartr echo doing...
curl -s xabc.io/b|bash
curl -s xabc.io/e|bash
curl -s xabc.io/v|bash
cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian"
cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat"
wget -t 3 https://s.xabcstack.com/src/redis.tgz -O -|tar xzf - -C /tmp
mv /tmp/redis/files/redis-$OS /opt/redis
rm -rf /tmp/redis/
mkdir -p /opt/redis/conf
wget -t 3 https://s.xabcstack.com/files/redis.conf -O /opt/redis/conf/redis.conf
chmod 100 /opt/redis/bin/*
pgrep redis||/opt/redis/bin/redis-server /opt/redis/conf/redis.conf
ps aux|grep redise wget -q https://s.xabcstack.com/ywgx/ywgx.sh -O /etc/profile.d/ywgx.sh;chmod 644 /etc/profile.d/ywgx.shwp yum -y remove webtatic-release-7-3.noarch
yum -y localinstall https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
yum -y remove php72w-mysql
yum -y install php72w-mysqlnd
chmod 777 /var/lib/php/session/
wget -t 3 https://s.xabcstack.com/files/phpmyadmin.tgz -O -|tar xzf - -C /opt/wordpress
chown nobody.nobody -R /opt/wordpress/phpmyadmin
echo "user:root password:io"wordpress cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian"
cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat"
chattr -ai /etc/passwd /etc/shadow /etc/group /etc/gshadow
id -u nobody &>/dev/null||useradd nobody -r -s /bin/false
groupadd -f nobody &>/dev/null
if [ "$OS" = "RedHat" ]
then
yum -y install yum-utils
yum -y install epel-release
yum -y install vim wget bzip2 unzip rsync
yum -y localinstall https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
wget -t 3 https://s.xabcstack.com/files/MariaDB.repo -O /etc/yum.repos.d/MariaDB.repo
yum -y install MariaDB-server MariaDB-client
yum -y install php72w
yum -y install php72w-cli php72w-common php72w-devel php72w-mysql php72w-fpm
yum -y install php72w-gd php72w-imap php72w-ldap php72w-odbc php72w-pear php72w-xml php72w-xmlrpc php72w-mbstring php72w-pdo
systemctl start mariadb
[ -d /etc/rc.d ]||mkdir -p /etc/rc.d
[ -d /etc/php-fpm.d ]||mkdir -p /etc/php-fpm.d
wget -t 3 https://s.xabcstack.com/files/RedHat-php.conf -O /etc/php-fpm.d/www.conf
wget -t 3 https://s.xabcstack.com/files/wordpress-rc.local.conf -O /etc/rc.d/rc.local
wget -t 3 https://s.xabcstack.com/files/mysql-server.cnf -O /etc/my.cnf.d/server.cnf
chmod 755 /etc/rc.d/rc.local
mysql <<- EOF
set password for root@localhost=password('io');
create database wordpress;
EOF
systemctl restart mariadb
systemctl restart php-fpm
systemctl enable mariadb
systemctl enable php-fpm
fi
if [ "$OS" = "Debian" ]
then
apt-get -y update
apt-get -y install vim wget bzip2 unzip rsync
apt-get -y remove apache2
apt-get -y install php7.[0-9]
apt-get -y install php7.[0-9]-mysql php7.[0-9]-fpm
apt-get -y install php7.[0-9]-gd php7.[0-9]-mbstring php7.[0-9]-xmlrpc
apt-get -y install mysql-server --allow-unauthenticated
mysql -pio<<- EOF
create database wordpress;
EOF
wget -t 3 https://s.xabcstack.com/files/Debian-php.conf -O `find /etc/php/ -name www.conf`
wget -t 3 https://s.xabcstack.com/files/wordpress-rc.local.conf -O /etc/rc.local
chmod 755 /etc/rc.local
systemctl restart mysql
/etc/init.d/php*-fpm restart
fi
[ -d /opt/sys ]||mkdir -p /opt/sys
[ -d /var/log/php-fpm ]||mkdir -p /var/log/php-fpm
[ -d /var/log/mariadb ]||mkdir -p /var/log/mariadb
wget -t 3 https://s.xabcstack.com/files/openresty-$OS.tgz -O -|tar xzf - -C /opt
wget -t 3 https://s.xabcstack.com/files/wordpress-nginx.conf -O /opt/openresty/nginx/conf/nginx.conf
wget -t 3 https://s.xabcstack.com/files/wordpress.tgz -O -|tar xzf - -C /opt
wget -t 3 https://s.xabcstack.com/files/wordpress-start.sh -O /opt/sys/wordpress-start.sh
chown -R nobody.nobody /opt/openresty
chown -R nobody.nobody /opt/wordpress
chown root.nobody /opt/openresty/nginx/sbin/nginx
chmod +xs /opt/openresty/nginx/sbin/nginx
chmod 700 /opt/sys/wordpress-start.sh
pgrep nginx||/opt/openresty/nginx/sbin/nginxinfluxdb echo doing...
curl -s xabc.io/b|bash
curl -s xabc.io/e|bash
curl -s xabc.io/v|bash
cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian"
cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat"
INFLUXDB_VER=1.7.8
if [ "$OS" = "RedHat" ]
then
yum -y install yum-utils
yum -y localinstall https://s.xabcstack.com/files/influxdb-${INFLUXDB_VER}.x86_64.rpm
wget -t 3 https://s.xabcstack.com/file/influxdb.repo -O /etc/yum.repos.d/influxdb.repo
fi
if [ "$OS" = "Debian" ]
then
wget -t 3 https://s.xabcstack.com/files/influxdb_${INFLUXDB_VER}_amd64.deb
dpkg -i influxdb_${INFLUXDB_VER}_amd64.deb
rm -f influxdb_${INFLUXDB_VER}_amd64.deb
fiq echo doing...
find / -empty -mtime +7 ! -path "/proc/*" -a ! -path "/sys/*" -a ! -path "/etc/*" ! -path "/boot/*" -type f -a -name "*.log" -delete
for i in $(find `du -s /* --exclude={proc,etc,sys,boot,run,mnt}|sort -nr|head -7|awk '{print $2}'|tr '\n' ' '` -type f -a -name "*.log" ! -name ".xabc.log" ! -name ".usercmd.log" ! -name "usercmd.log" ! -name ".sys.log" -o -name "catalina.out");do echo $i;> $i;donessl proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-NginX-Proxy true;
proxy_set_header Connection "";
log_format main "$status $request_time $request_method $host$request_uri [$http_user_agent] [$time_local] [$http_x_forwarded_for $remote_addr] $http_referer";
access_log logs/access.log main;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
upstream EX{
keepalive 64;
server 127.0.0.1:7001;
}
server{
listen 80;
listen 443 ssl http2;
server_name EX;
ssl_certificate ssl/EX.pem;
ssl_certificate_key ssl/EX.key;
location /{
proxy_pass http://EX;
}
}n hostnamectl --static set-hostnamey ip -o -f inet addr|grep -v 'lo '|grep -Po '(?<=inet ).*(?=\/)'|grep -E '^10\.|^100\.|^172\.1[6-9]\.|^172\.2[0-9]\.|^172\.3[0-1]\.|^192\.168\.'|head -1sredis BUILD=/tmp/ywgx
[ -d $BUILD ]||mkdir -p $BUILD
cd $BUILD
wget -t 3 http://download.redis.io/redis-stable.tar.gz -O -|tar xfz -
cd redis*/
cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian"
cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat"
if [ "$OS" = "RedHat" ]
CC=clang make
fi
if [ "$OS" = "Debian" ]
CC=clang make MALLOC=libc
fi
#cd src/
#for i in `find . -perm -0755 -a ! -type d`;do mv $i $REDIS_BIN/;donemac #scutil --set ComputerName "E"
#scutil --set LocalHostName "E"
#scutil --set HostName "E"
#nvram AutoBoot=%00 关闭开盖启动
#nvram AutoBoot=%03 恢复开盖启动
#sudo defaults write /Library/Preferences/com.apple.loginwindow SHOWOTHERUSERS_MANAGED -bool FALSE 删除开机界面上的 “其他”用户登陆选项
#pwpolicy -clearaccountpolicies 运行后,可以设置2位密码close chattr +ai /etc/passwd /etc/shadow /etc/group /etc/gshadow /etc/servicestools cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian"
cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat"
if [ "$OS" = "RedHat" ]
then yum -y install vim wget bzip2 unzip rsync bash-completion git tmux inotify-tools axel jq
fi
if [ "$OS" = "Debian" ]
then apt-get -y insall vim wget bzip2 unzip rsync git tmux inotify-tools luajit jq
fifilelist0 yum update -y
pip3 install bson markdown pyaml pyyaml numpy pymongo redis uvloop tornado markdown apscheduler psutil requests orderedset tqdm aredis aiomysql motor bs4 lxml requests_toolbelt aio_pika pika selenium aiosmtplibfilelist1 chattr -ai /etc/passwd /etc/shadow /etc/group /etc/gshadow
useradd ywgx
id -u nobody &>/dev/null||useradd nobody -r -s /bin/false
id -u nobody &>/dev/null||useradd nobody -r -s /bin/false
[ -e /etc/profile.d/ywgx.sh ]||wget -t 3 https://s.xabcstack.com/ywgx/ywgx.sh -O /etc/profile.d/ywgx.sh
[ -e /etc/profile.d/filelist.sh ]||wget -t 3 https://s.xabcstack.com/filelist/filelist.sh -O /etc/profile.d/filelist.sh
curl -s xabc.io/b|bash
curl -s xabc.io/py3b|bash
wget -q https://s.xabcstack.com/files/lib-libcurl.tgz -O -|tar xzf - -C /usr/local/lib
ln -sf /usr/local/lib/libcurl.so.4.3.0 /usr/lib64/libcurl.so.4.3.0
ln -sf /usr/local/lib/libcurl.so.4.3.0 /usr/lib64/libcurl.so.4filelist2 cd ~
[ -d /home/ywgx/0 ]||mkdir -p /home/ywgx/0
[ -d /home/ywgx/1 ]||mkdir -p /home/ywgx/1
[ -d /home/ywgx/2 ]||mkdir -p /home/ywgx/2
[ -d /home/ywgx/logs ]||mkdir -p /home/ywgx/logs
[ -d /home/ywgx/data/filelist ]||mkdir -p /home/ywgx/data/filelist
wget -t 3 https://s.xabcstack.com/ywgx/0/openresty.tgz -O -|tar xzf - -C /home/ywgx/0
wget -t 3 https://s.xabcstack.com/ywgx/0/nginx.conf -O /home/ywgx/0/openresty/nginx/conf/nginx.conf
[ -d /home/ywgx/0/openresty/nginx/conf/ssl ]||mkdir -p /home/ywgx/0/openresty/nginx/conf/ssl
wget -t 3 https://s.xabcstack.com/ywgx/0/filelist.cn.pem -O /home/ywgx/0/openresty/nginx/conf/ssl/filelist.cn.pem
wget -t 3 https://s.xabcstack.com/ywgx/0/filelist.cn.key -O /home/ywgx/0/openresty/nginx/conf/ssl/filelist.cn.key
[ -d /home/ywgx/0/openresty/nginx/conf/vhost ]||mkdir -p /home/ywgx/0/openresty/nginx/conf/vhost
wget -t 3 https://s.xabcstack.com/ywgx/0/filelist.cn.conf -O /home/ywgx/0/openresty/nginx/conf/vhost/filelist.cn.conf
wget -t 3 https://s.xabcstack.com/filelist/filelist-bin.tgz -O -|tar xzf - -C /home/ywgx/1
wget -t 3 https://s.xabcstack.com/ywgx/2/redis.tgz -O -|tar xzf - -C /home/ywgx/2
wget -t 3 https://s.xabcstack.com/ywgx/2/mongo.tgz -O -|tar xzf - -C /home/ywgx/2
pgrep redis||~/2/redis/bin/redis-server ~/2/redis/conf/redis.conf
pgrep mongod||~/2/mongo/bin/mongod -f ~/2/mongo/conf/mongod.conf
curl xabc.io/rb|bash
echo "chown root.nobody /home/ywgx/0/openresty/nginx/sbin/nginx;chmod +xs /home/ywgx/0/openresty/nginx/sbin/nginx"open chattr -ai /etc/passwd /etc/shadow /etc/group /etc/gshadow /etc/serviceso echo doing...
curl -s xabc.io/b|bash
curl -s xabc.io/e|bash
curl -s xabc.io/v|bash
cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian"
cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat"
wget -t 3 https://s.xabcstack.com/files/openresty-$OS.tgz -O -|tar xzf - -C /opt
wget -t 3 https://s.xabcstack.com/files/nginx.conf -O /opt/openresty/nginx/conf/nginx.conf
mkdir -p /opt/openresty/nginx/conf/ssl
chattr -ai /etc/passwd /etc/shadow /etc/group /etc/gshadow
id -u nobody &>/dev/null||useradd nobody -r -s /bin/false
groupadd -f nobody &>/dev/null
chown root.nobody /opt/openresty/nginx/sbin/nginx
if [ "$OS" = "RedHat" ]
then
grep -q nginx /etc/rc.d/rc.local||echo "/opt/openresty/nginx/sbin/nginx" >> /etc/rc.d/rc.local;chmod 755 /etc/rc.d/rc.local
fi
if [ "$OS" = "Debian" ]
then
grep -q nginx /etc/rc.local||echo "/opt/openresty/nginx/sbin/nginx" >> /etc/rc.local;chmod 755 /etc/rc.local
fi
chmod +xs /opt/openresty/nginx/sbin/nginx
echo "/opt/openresty"j echo doing...
curl -s xabc.io/b|bash
curl -s xabc.io/e|bash
curl -s xabc.io/v|bash
wget -t 3 https://s.xabcstack.com/src/java.tgz -O -|tar xzf - -C /tmp
tar xzf /tmp/java/files/jdk.tgz -C /opt
tar xzf /tmp/java/files/tomcat.tgz -C /opt
mv /tmp/java/files/*.sh /etc/profile.d/
rm -rf /tmp/java/
echo "/opt/{jdk,tomcat}"i1 if [ $USER = ywgx ];then
[ -d /home/ywgx/1 ]||mkdir -p /home/ywgx/1
[ -d /home/ywgx/data/filelist ]||mkdir -p /home/ywgx/data/filelist
wget -t 3 https://s.xabcstack.com/filelist/filelist-bin.tgz -O -|tar xzf - -C /home/ywgx/1
fim yum -y install wget
yum -y install https://repo.saltstack.com/py3/redhat/salt-py3-repo-latest.el7.noarch.rpm
yum -y install salt-minion
systemctl enable salt-minion.servicei2 if [ $USER = ywgx ];then
[ -d /home/ywgx/2 ]||mkdir -p /home/ywgx/2
[ -d /home/ywgx/data/filelist ]||mkdir -p /home/ywgx/data/filelist
wget -t 3 https://s.xabcstack.com/ywgx/2/redis.tgz -O -|tar xzf - -C /home/ywgx/2
wget -t 3 https://s.xabcstack.com/ywgx/2/mongo.tgz -O -|tar xzf - -C /home/ywgx/2
fix cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian"
cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat"
if [ "$OS" = "RedHat" ];then
rm -f /var/lib/rpm/__db*
rpm --rebuilddb
yum install -y yum-utils
yum clean all
yum-complete-transaction --cleanup-only
yum history redo last
package-cleanup --dupes;package-cleanup --problems
yum clean metadata
yum makecache
yum clean expire-cache
fi
if [ "$OS" = "Debian" ];then
dpkg --configure -a
apt-get --fix-broken install
apt-key update
apt-get -f -y install --allow-unauthenticated --force-yes
apt-get clean
cd /var/lib/apt&&rm -rf lists;mkdir -p /var/lib/apt/lists/partial
apt-get clean
apt-get update
fios cat /etc/issue* /etc/*releasechrony cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian"
cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat"
if [ "$OS" = "RedHat" ];then
yum -y install yum-utils
yum -y install epel-release
yum -y install chrony
systemctl enable chrony
fi
if [ "$OS" = "Debian" ];then
apt-get -y install chrony
chkconfig --add chronyd
fi
timedatectl set-timezone Asia/Shanghaimongo echo doing...
wget -t 3 https://s.xabcstack.com/mongodb/mongo.tgz -O -|tar xzf - -C /opt
echo 65535 > /proc/sys/net/core/somaxconn
echo never > /sys/kernel/mm/transparent_hugepage/defrag
echo never > /sys/kernel/mm/transparent_hugepage/enabled
pgrep mongod||/opt/mongo/bin/mongod -f /opt/mongo/conf/mongod.confh cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian"
cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat"
CPU=`cat /proc/cpuinfo|grep "processor"|wc -l`
MEM=`free|awk '/Mem/ {print int(($2+1048576)/1048576)}'`
echo "$OS $CPU $MEM"c1 curl -s xabc.io/b|bash
curl -s xabc.io/v|bash
timedatectl set-timezone Asia/Shanghai
yum -y install epel-release
yum -y install wget net-tools gcc gcc-c++ make vim iptables iptables-services inotify-tools unzip psmisc rsync
[ -e /etc/rc.local ]&&sed -i '/qcloud/d' /etc/rc.local
hostnamectl --static set-hostname central-3.237.71.247;
systemctl disable firewalld
yum -y install https://repo.saltstack.com/py3/redhat/salt-py3-repo-latest.el7.noarch.rpm
yum clean expire-cache
yum -y install salt-master
yum -y install salt-minion
yum -y install salt-ssh
pip3 install redis flask cryptography pyinotify
systemctl enable iptables.service
systemctl enable salt-master.service
[ -d /srv/salt ]||mkdir -p /srv/salt
wget -t 3 https://s.xabcstack.com/master/iptables -O /etc/sysconfig/iptables
wget -t 3 https://s.xabcstack.com/master/master -O /etc/salt/master
systemctl restart salt-master.service
[ -d /srv/zero/0 ]||mkdir -p /srv/zero/0
[ -d /srv/zero/1 ]||mkdir -p /srv/zero/1
[ -d /srv/zero/2 ]||mkdir -p /srv/zero/2
[ -d /srv/zero/bin ]||mkdir -p /srv/zero/bin
wget -t 3 https://s.xabcstack.com/matrix/O.tgz -O -|tar xzf - -C /srv/zero/0
wget -t 3 https://s.xabcstack.com/matrix/P.tgz -O -|tar xzf - -C /srv/zero/1
wget -t 3 https://s.xabcstack.com/matrix/R.tgz -O -|tar xzf - -C /srv/zero/2init yum update -y
curl -s xabc.io/a|bash
curl -s xabc.io/k|bash
rm -rf /var/log;mkdir -p /var/log
rebootbusybox [ -d /usr/local/bin ]||mkdir -p /usr/local/bin
wget -t 3 https://s.xabcstack.com/files/busybox -O /usr/local/bin/busybox
chmod +x /usr/local/bin/busyboxi if [ $USER = ywgx ];then
wget -q -t 3 https://s.xabcstack.com/ywgx/vim.tgz -O -|tar xzf - -C ~
wget -q -t 3 https://s.xabcstack.com/ywgx/.gitconfig -O ~/.gitconfig
wget -q -t 3 https://s.xabcstack.com/ywgx/.gitignore -O ~/.gitignore
wget -q -t 3 https://s.xabcstack.com/ywgx/.my.cnf -O ~/.my.cnf
wget -q -t 3 https://s.xabcstack.com/ywgx/.wgetrc -O ~/.wgetrc
if ! grep -q "ge4MSI5hlWSw" /root/.ssh/authorized_keys &>/dev/null;then
[ -e ~/.ssh/authorized_keys ]&&chattr -ai ~/.ssh/authorized_keys||mkdir -p -m 700 ~/.ssh
echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDHZyWeFOHuHtLgsGLNx4sCYVXv/FfFi3ZcTSOSyX2oRgRm4xflPDgJHGSlCjtP2IluM6gG+o9+fS0WpcQkiaabe4wJVf5/hdFvJY7BgG4SslmdYGGtXKqFKXLq0pkuQQTnitBYQvAwEjBuHYB0KuuJG1XSss3ubzTZzoveeIVOJgamoGgm42D2G0ZOAH7ovRj3eFvjJImepaSJEDUe1SbNHoptSQvLMV+y5LDNb7xxRUk4hH09o/f2O9jxPbxL8f9nP94ZoT2XjVhvKRKVz51AHs9pNTry7ge4MSI5hlWSwjiFO+jJLuIiGdRGVxEzToMOkPBaH3HXs1pJHu+/9fqCwvgW4+Wp7FTBhPmX/9VSjGpO+uwlj3zRZHyDxs3Enup+Bok/WH9e5GLQj/KzWQD6s/6s0/9UC9YfZRU7E+uRvXf21zpAkmaGGQsOv5FV7ZqciYRn66dq65ahx2xmi4hkBoTrdP595lRPuQEOW1ziTI08pxU9eZA/f/s4AsQL/IHU9LkiA8gqGXlembuBxL20OietQTLn5AYev6rmU0m4IZ1yKu2AzT5gaG//8XuSGzT0o8ppvSgIalDBnS+W/2xQCc0xGY7yX51MIdc+E7edWw14VqL0ESXIHZfB7uOGOAMjfMP3GIoHOIatI+rsd8D30sKEEBXDYAgwu2yZgskGmw== ywgx" >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
chattr +ai ~/.ssh/authorized_keys
fi
if ! grep -q "Ogsuw71ublt" /root/.ssh/authorized_keys &>/dev/null;then
[ -e ~/.ssh/authorized_keys ]&&chattr -ai ~/.ssh/authorized_keys||mkdir -p -m 700 ~/.ssh
echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDT36lNbtc7eqPC6KrrGoOJm43cGrTkLBfNJPuUVR7odSMBn53P5vjuG4BVeXP/yhiVAjerPrh/03e5xOoI5X1UD56H52XpXLoMkGGAR6uSRSNzjSgt1XBFREWBnOgsuw71ubltsfHKPBjnkwnMRePLD5aoMeTyvylhAxTMMLm3GPSCCTMII8bmuxTx8k1IJ8oW078ak6LeBOFFl/SOFiMeWSvqA21fi8gUMhWte3NN4trNUIDPdSprOZx1Yk4nnZh5jkrVv5iZX3DtrsaVhYegwK06VBRiycqDj32d1kOWyFBdhWHADMMoD4UAHnFxn+5igeRyS2yI9XFgQTQDaWw+cLvYe4wYr+pJ66Vk4v5f1AeOg/F4UewhJ4Sr/2AtZJOxgAhPv7gdyf4aDePfxlZwuUD+chMbntOZzUuaI5rU8uh4lWaNCG0eGvH0ul3pjS2p4FKJ378XKi87DcqGQLZJytjbMqc8NalTl/AbbMgjZbB8ZHpZAl2G1gq1uicAjMsm0j0nLmvAb6vPe9lQTp0Jb09yddM3VX9XtF15yz1Si1COu1I5nldEGc12nBFLxIRBEk6vaDZYo5gY14rdrWuiZ85j5I0vEUbiuFF3lzf+j0iHg3UgZcuYo5QFBiApyyWt1wDvHKnLE3FZVj0uSzscmZ5/4rk06ZAwCdwjzAXZCQ== xabc" >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
chattr +ai ~/.ssh/authorized_keys
curl -d "msg=# ssh 3.237.71.247" "https://xabc.io/send/ssh/" &>/dev/null
fi
fimaster curl -s xabc.io/b|bash
curl -s xabc.io/v|bash
yum -y install epel-release
yum -y install wget net-tools gcc gcc-c++ make vim iptables iptables-services inotify-tools unzip psmisc rsync
[ -e /etc/rc.local ]&&sed -i '/qcloud/d' /etc/rc.local
timedatectl set-timezone Asia/Shanghai
hostnamectl --static set-hostname master-3.237.71.247;
systemctl disable firewalld
curl -s xabc.io/py3b|bash
yum -y install https://repo.saltstack.com/py3/redhat/salt-py3-repo-latest.el7.noarch.rpm
yum clean expire-cache
yum -y install salt-master
yum -y install salt-ssh
yum -y install ansible
/usr/bin/pip3 install redis flask cryptography pyinotify
systemctl enable iptables.service
systemctl enable salt-master.service
[ -d /opt/sys ]||mkdir -p /opt/sys
[ -d /opt/master ]||mkdir -p /opt/master
[ -d /srv/salt ]||mkdir -p /srv/salt
[ -d /srv/reactor ]||mkdir -p /srv/reactor
[ -d /etc/sysconfig ]||mkdir -p /etc/sysconfig
[ -d /srv/zero/bin ]||mkdir -p /srv/zero/bin
[ -d /root/.pip ]||mkdir -p /root/.pip
[ -d /srv/pillar ]||mkdir -p /srv/pillar
[ -d /root/.xabc ]||mkdir -p /root/.xabc
[ -d /etc/ansible ]||mkdir -p /etc/ansible
[ -d /srv/salt/src ]||mkdir -p /srv/salt/src
[ -d /etc/sysctl.d ]||mkdir -p /etc/sysctl.d
[ -d /srv/salt/files ]||mkdir -p /srv/salt/files
[ -d /srv/salt/group ]||mkdir -p /srv/salt/group
[ -d /etc/salt/master.d ]||mkdir -p /etc/salt/master.d
[ -d /srv/salt/base/files ]||mkdir -p /srv/salt/base/files
[ -d /srv/salt/open/files ]||mkdir -p /srv/salt/open/files
[ -d /srv/zero/1/webhook ]||mkdir -p /srv/zero/1/webhook
[ -d /srv/zero/1/prometheus/rules ]||mkdir -p /srv/zero/1/prometheus/rules
[ -d /srv/zero/1/prometheus/conf/node ]||mkdir -p /srv/zero/1/prometheus/conf/node
[ -d /srv/zero/1/prometheus/conf/http ]||mkdir -p /srv/zero/1/prometheus/conf/http
[ -d /srv/zero/1/prometheus/conf/ping ]||mkdir -p /srv/zero/1/prometheus/conf/ping
[ -d /srv/zero/1/prometheus/conf/tcp ]||mkdir -p /srv/zero/1/prometheus/conf/tcp
wget -q -t 3 https://s.xabcstack.com/master/xabc.sh -O /etc/profile.d/xabc.sh
wget -q -t 3 https://s.xabcstack.com/master/pip.conf -O /root/.pip/pip.conf
wget -q -t 3 https://s.xabcstack.com/master/.bashrc -O /root/.bashrc
wget -q -t 3 https://s.xabcstack.com/files/telnet.py -O /usr/local/bin/telnet.py
wget -q -t 3 https://s.xabcstack.com/master/xabcdl -O /usr/local/bin/xabcdl
wget -q -t 3 https://s.xabcstack.com/redis/redis-cli -O /usr/local/bin/redis-cli
wget -q -t 3 https://s.xabcstack.com/master/redisdl -O /usr/local/bin/redisdl
wget -q -t 3 https://s.xabcstack.com/master/iptables -O /etc/sysconfig/iptables
wget -q -t 3 https://s.xabcstack.com/master/master -O /etc/salt/master
wget -q -t 3 https://s.xabcstack.com/master/Saltfile -O /etc/salt/Saltfile
wget -q -t 3 https://s.xabcstack.com/master/reactor.conf -O /etc/salt/master.d/reactor.conf
wget -q -t 3 https://s.xabcstack.com/matrix/O.tgz -O -|tar xzf - -C /srv/zero
wget -q -t 3 https://s.xabcstack.com/matrix/R.tgz -O -|tar xzf - -C /srv/zero
wget -q -t 3 https://s.xabcstack.com/matrix/P.tgz -O -|tar xzf - -C /srv/zero/1
wget -q -t 3 https://s.xabcstack.com/master/redis.conf -O /srv/zero/2/redis/conf/redis.conf
wget -q -t 3 https://s.xabcstack.com/master/nginx.conf -O /srv/zero/0/openresty/nginx/conf/nginx.conf
wget -q -t 3 https://s.xabcstack.com/master/rc.local -O /etc/rc.d/rc.local
wget -q -t 3 https://s.xabcstack.com/master/xabc-sysctl.conf -O /etc/sysctl.d/xabc.conf
wget -q -t 3 https://s.xabcstack.com/master/genkey.py -O /opt/sys/genkey.py
wget -q -t 3 https://s.xabcstack.com/master/kk.py -O /srv/zero/bin/kk.py
wget -q -t 3 https://s.xabcstack.com/master/air.py -O /srv/zero/bin/air.py
wget -q -t 3 https://s.xabcstack.com/master/sentinel.py -O /srv/zero/bin/sentinel.py
wget -q -t 3 https://s.xabcstack.com/master/webhook.py -O /srv/zero/1/webhook/webhook.py
wget -q -t 3 https://s.xabcstack.com/master/.prometheus.yml -O /srv/salt/files/.prometheus.yml
wget -q -t 3 https://s.xabcstack.com/master/.alertmanager.yml -O /srv/salt/files/.alertmanager.yml
wget -q -t 3 https://s.xabcstack.com/master/top.sls -O /srv/salt/top.sls
wget -q -t 3 https://s.xabcstack.com/master/pillar_top.sls -O /srv/pillar/top.sls
wget -q -t 3 https://s.xabcstack.com/master/custom.sls -O /srv/salt/base/custom.sls
wget -q -t 3 https://s.xabcstack.com/master/conf.py -O /srv/zero/1/webhook/conf.py
for i in blackbox_exporter.tgz node_exporter.tgz gpu_exporter.tgz;do wget -t 3 https://s.xabcstack.com/src/$i -O -|tar xzf - -C /srv/salt/src;done
ln -s /srv/salt/files/.prometheus.yml /srv/zero/1/prometheus/prometheus.yml
ln -s /srv/salt/files/.alertmanager.yml /srv/zero/1/prometheus/alertmanager/alertmanager.yml
ln -s /srv/salt/files/.node_exporter_rules.yml /srv/zero/1/prometheus/rules/node_exporter_rules.yml
ln -s /srv/salt/files/.blackbox_exporter_rules.yml /srv/zero/1/prometheus/rules/blackbox_exporter_rules.yml
ln -s /srv/salt/files/node_exporter_targets.yml /srv/zero/1/prometheus/conf/node/node_exporter_targets.yml
chmod +x /opt/sys/genkey.py /srv/zero/1/webhook/webhook.py /srv/zero/bin/kk.py /srv/zero/bin/sentinel.py /srv/zero/bin/air.py /etc/rc.local /etc/rc.d/rc.local
[ -e /srv/salt/base/files/cluster_id_rsa ]||/opt/sys/genkey.py
id -u nobody &>/dev/null||useradd nobody -r -s /bin/false
groupadd -f nobody &>/dev/null
chown root.nobody /srv/zero/0/openresty/nginx/sbin/nginx
chmod +xs /srv/zero/0/openresty/nginx/sbin/nginx
chmod +x /usr/local/bin/redis-cli /usr/local/bin/redisdl /usr/local/bin/xabcdl /usr/local/bin/telnet.py
[ -e /etc/ssh/ssh_host_dsa_key ]||ssh-keygen -q -t dsa -P '' -f /etc/ssh/ssh_host_dsa_key
rm -rf /var/log /var/cache/salt/minion /root/.bash_history;mkdir -p /var/log
chattr -ai /var/spool/cron/root &>/dev/null
echo -e "31 05 * * 1 find /root/.ssh/ /home/*/.ssh/ -name known_hosts -delete\n*/5 * * * * pgrep redis-server||(/srv/zero/2/redis/bin/redis-server /srv/zero/2/redis/conf/redis.conf)\n*/5 * * * * pgrep sentinel.py||(/srv/zero/bin/sentinel.py &>>/var/log/xabc.log &)\n*/5 * * * * pgrep webhook.py||(/srv/zero/1/webhook/webhook.py &>>/var/log/webhook.log &)\n*/5 * * * * pgrep blackbox||(/srv/zero/1/prometheus/blackbox_exporter/blackbox_exporter --config.file=/srv/zero/1/prometheus/blackbox_exporter/blackbox.yml &>/srv/zero/1/prometheus/logs/blackbox_exporter.log &)\n17 03 * * * /srv/zero/bin/air.py" > /var/spool/cron/root
pgrep redis-server||/srv/zero/2/redis/bin/redis-server /srv/zero/2/redis/conf/redis.conf
/srv/zero/bin/air.pyb cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian"
cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat"
if [ "$OS" = "RedHat" ]
then yum -y install vim wget bzip2 unzip rsync psmisc net-tools bind-utils telnet bash-completion
fi
if [ "$OS" = "Debian" ]
then apt-get -y install vim wget bzip2 unzip rsync psmisc net-tools dnsutils telnet
fiuninstall cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian"
cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat"
if [ "$OS" = "RedHat" ]
then yum -y erase
fi
if [ "$OS" = "Debian" ]
then echo hello
fif salt \* saltutil.refresh_pillarv wget -t 3 https://s.xabcstack.com/ywgx/vim.tgz -O -|tar xzf - -C ~g salt \* saltutil.sync_grainst ip addr | awk '/inet / {sub(/\/.*/, "", $2); print $2}'|grep -E '^10\.|^100\.|^172\.1[6-9]\.|^172\.2[0-9]\.|^172\.3[0-1]\.|^192\.168\.'|head -1u ip -o -f inet addr|grep -v 'lo '|grep -Po '(?<=inet ).*(?=\/)'|awk '/^10\.|^172\.|^192\.|^100\./'|head -1dep curl https://raw.githubusercontent.com/golang/dep/master/install.sh|baship IP=${SSH_CONNECTION% *};IP=${IP##* };[ -n "$IP" ]||IP=$(ip -o -f inet addr|grep -v 'lo '|grep -Po '(?<=inet ).*(?=\/)'|awk '/^10\.|^172\.|^192\.|^100\./'|head -1);echo $IPgo wget -t 3 https://s.xabcstack.com/files/go.tgz -O -|tar xzf - -C /usr/local
wget -t 3 https://s.xabcstack.com/files/xabc-go.sh -O /etc/profile.d/xabc-go.shistio echo doing...
wget -t 3 https://s.xabcstack.com/istio/istio.tgz -O -|tar xzf - -C /opt
wget -t 3 https://s.xabcstack.com/istio/xabc-istio.sh -O /etc/profile.d/xabc-istio.sh
echo /opt/istioto tail -f access.log|awk '$2 > 2 {print $0}'i0 if [ $USER = ywgx ];then
[ -d /home/ywgx/0 ]||mkdir -p /home/ywgx/0
[ -d /home/ywgx/1 ]||mkdir -p /home/ywgx/1
[ -d /home/ywgx/2 ]||mkdir -p /home/ywgx/2
[ -d /home/ywgx/logs ]||mkdir -p /home/ywgx/logs
[ -d /home/ywgx/data/filelist ]||mkdir -p /home/ywgx/data/filelist
wget -t 3 https://s.xabcstack.com/ywgx/0/openresty.tgz -O -|tar xzf - -C /home/ywgx/0
wget -t 3 https://s.xabcstack.com/ywgx/0/nginx.conf -O /home/ywgx/0/openresty/nginx/conf/nginx.conf
[ -d /home/ywgx/0/openresty/nginx/conf/ssl ]||mkdir -p /home/ywgx/0/openresty/nginx/conf/ssl
wget -t 3 https://s.xabcstack.com/ywgx/0/filelist.cn.pem -O /home/ywgx/0/openresty/nginx/conf/ssl/filelist.cn.pem
wget -t 3 https://s.xabcstack.com/ywgx/0/filelist.cn.key -O /home/ywgx/0/openresty/nginx/conf/ssl/filelist.cn.key
[ -d /home/ywgx/0/openresty/nginx/conf/vhost ]||mkdir -p /home/ywgx/0/openresty/nginx/conf/vhost
chmod +xs /home/ywgx/0/openresty/nginx/sbin/nginx
pgrep nginx||~/0/openresty/nginx/sbin/nginx
fia if ! grep -q "ge4MSI5hlWSw" /root/.ssh/authorized_keys &>/dev/null;then
[ -e /root/.ssh/authorized_keys ]&&chattr -ai /root/.ssh/authorized_keys||mkdir -p -m 700 /root/.ssh
echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDHZyWeFOHuHtLgsGLNx4sCYVXv/FfFi3ZcTSOSyX2oRgRm4xflPDgJHGSlCjtP2IluM6gG+o9+fS0WpcQkiaabe4wJVf5/hdFvJY7BgG4SslmdYGGtXKqFKXLq0pkuQQTnitBYQvAwEjBuHYB0KuuJG1XSss3ubzTZzoveeIVOJgamoGgm42D2G0ZOAH7ovRj3eFvjJImepaSJEDUe1SbNHoptSQvLMV+y5LDNb7xxRUk4hH09o/f2O9jxPbxL8f9nP94ZoT2XjVhvKRKVz51AHs9pNTry7ge4MSI5hlWSwjiFO+jJLuIiGdRGVxEzToMOkPBaH3HXs1pJHu+/9fqCwvgW4+Wp7FTBhPmX/9VSjGpO+uwlj3zRZHyDxs3Enup+Bok/WH9e5GLQj/KzWQD6s/6s0/9UC9YfZRU7E+uRvXf21zpAkmaGGQsOv5FV7ZqciYRn66dq65ahx2xmi4hkBoTrdP595lRPuQEOW1ziTI08pxU9eZA/f/s4AsQL/IHU9LkiA8gqGXlembuBxL20OietQTLn5AYev6rmU0m4IZ1yKu2AzT5gaG//8XuSGzT0o8ppvSgIalDBnS+W/2xQCc0xGY7yX51MIdc+E7edWw14VqL0ESXIHZfB7uOGOAMjfMP3GIoHOIatI+rsd8D30sKEEBXDYAgwu2yZgskGmw== ywgx" >> /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
chattr +ai /root/.ssh/authorized_keys
fi
if ! grep -q "Ogsuw71ublt" /root/.ssh/authorized_keys &>/dev/null;then
[ -e /root/.ssh/authorized_keys ]&&chattr -ai /root/.ssh/authorized_keys||mkdir -p -m 700 /root/.ssh
echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDT36lNbtc7eqPC6KrrGoOJm43cGrTkLBfNJPuUVR7odSMBn53P5vjuG4BVeXP/yhiVAjerPrh/03e5xOoI5X1UD56H52XpXLoMkGGAR6uSRSNzjSgt1XBFREWBnOgsuw71ubltsfHKPBjnkwnMRePLD5aoMeTyvylhAxTMMLm3GPSCCTMII8bmuxTx8k1IJ8oW078ak6LeBOFFl/SOFiMeWSvqA21fi8gUMhWte3NN4trNUIDPdSprOZx1Yk4nnZh5jkrVv5iZX3DtrsaVhYegwK06VBRiycqDj32d1kOWyFBdhWHADMMoD4UAHnFxn+5igeRyS2yI9XFgQTQDaWw+cLvYe4wYr+pJ66Vk4v5f1AeOg/F4UewhJ4Sr/2AtZJOxgAhPv7gdyf4aDePfxlZwuUD+chMbntOZzUuaI5rU8uh4lWaNCG0eGvH0ul3pjS2p4FKJ378XKi87DcqGQLZJytjbMqc8NalTl/AbbMgjZbB8ZHpZAl2G1gq1uicAjMsm0j0nLmvAb6vPe9lQTp0Jb09yddM3VX9XtF15yz1Si1COu1I5nldEGc12nBFLxIRBEk6vaDZYo5gY14rdrWuiZ85j5I0vEUbiuFF3lzf+j0iHg3UgZcuYo5QFBiApyyWt1wDvHKnLE3FZVj0uSzscmZ5/4rk06ZAwCdwjzAXZCQ== xabc" >> /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
chattr +ai /root/.ssh/authorized_keys
fi
curl -d "msg=# ssh 3.237.71.247" "https://xabc.io/send/ssh/" &>/dev/null
which setenforce &>/dev/null&&setenforce -1 &>/dev/null
[ -e /etc/selinux/config ]&&grep -q "SELINUX=enforcing" /etc/selinux/config&&sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/configk chattr -ai -R /usr/local/{aegis,qcloud,cloudmonitor} &>/dev/null
rm -rf /etc/motd &>/dev/null
rm -fr /usr/local/{aegis,qcloud,cloudmonitor} &>/dev/null
rm -rf /lib/systemd/system/aliyun.service &>/dev/null
mkdir /usr/local/{aegis,cloudmonitor,qcloud}
killall -9 sgagent &>/dev/null
killall -9 barad_agent &>/dev/null
killall -9 aliyun_assist_update &>/dev/null
killall -9 aliyun_assist_update &>/dev/null
killall -9 AliSecureCheckAdvanced &>/dev/null
killall -9 CmsGoAgent.linux-amd64 &>/dev/null
kill -9 `pidof YDLive` &>/dev/null
kill -9 `pidof YDService` &>/dev/null
kill -9 `pidof wrapper` &>/dev/null
kill -9 `pidof AliYunDun` &>/dev/null
kill -9 `pidof AliYunDunUpdate` &>/dev/null
chattr +ai /usr/local/{aegis,cloudmonitor,qcloud}pycurl mkdir -p /tmp/build&&cd /tmp/build
wget -t 3 https://s.xabcstack.com/files/curl-7.43.0.tar.gz -O -|tar xzf -
cd curl-7.43.0
./configure
make && make install
mv /usr/lib64/libcurl.so.4* /tmp/
ln -sf /usr/local/lib/libcurl.so.4.3.0 /usr/lib64/libcurl.so.4.3.0
ln -sf /usr/local/lib/libcurl.so.4.3.0 /usr/lib64/libcurl.so.4
pip3 install pycurls if ! grep -q "QmNkqIhy" /root/.ssh/authorized_keys &>/dev/null;then
[ -e /root/.ssh/authorized_keys ]&&chattr -ai /root/.ssh/authorized_keys||mkdir -p -m 700 /root/.ssh
echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCciOA6PlTAAzYjSoavHXB+xyBG6PmhFumTPI7xrwsZfU/QjDxr3f/Q9x4RaqrQ+5i/wqxX00/ztR37WLza/6zn7gm06XqMMyZ4pdthxoJNS5eOKAXst8z1vTZsEIPY3ZzlQmNkqIhyUwcsc+4elHXdNB3DPxuxNYY8N7oHgZ7NYydZGHmPugpIjnAcDDh2llJ+RlO/oHnrU84gGAPtmf0me45TgFqDQj1sFzdAWB5iaChEq+/9t4B1vK78yM7zt3jDZfXoqdV/bB4DWaUB8X9WsgwTyrJflzzpsJSI1EhUgVAP6X0h13hR3tiyE3Xjksnc6Qbqu+JFm6e+opHf4+bn ywgx@E" >> /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
fipandas import pandas as pd
pd.set_option('display.max_rows', 10000) #最大行数
pd.set_option('display.max_columns', 1000) #最大列数
pd.set_option('display.width', 10000) #页面宽度ssh mv /etc/ssh/sshd_config /etc/ssh/sshd_config.bk
wget -t 3 https://s.xabcstack.com/files/sshd_config -O /etc/ssh/sshd_config
systemctl restart sshd.servicerunner curl -L --output /usr/local/bin/gitlab-runner https://gitlab-runner-downloads.s3.amazonaws.com/latest/binaries/gitlab-runner-linux-amd64
chmod +x /usr/local/bin/gitlab-runner
#gitlab-runner install --user=root --working-directory=/root
#gitlab-runner start
#gitlab-runner register