CentOS-7-基础配置

一、repo 脚本

1.1 Base源配置脚本

1
vi 000_init_repo.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
#!/bin/bash
#000_init_repo.sh
#author: qiankong
#version: v1
#desc: base源下载
#date: 2025-12-19

if [ ! $(id -u) -eq 0 ];then
        echo "使用root或者sudo su运行此脚本"
        exit 1;
fi

# ------------环境准备------------

GREEN="\033[32m"
RED="\033[31m"
YELLOW="\033[33m"
RESET="\033[0m"



# ------------ 验证存在下载工具    ------------------
if command -v curl &> /dev/null ;then
        CMD="curl -o"

elif command -v wget &> /dev/null; then
        CMD="wget -O"
else
        echo -e "${RED}错误,需要 wget 或 curl${RESET}"
        exit 1;
fi


# ----------------------------------------------------
clear
echo "-------------------------------------------------"

echo -e "${YELLOW} CentOS 7 Base源配置助手 ${RESET}"
echo "-------------------------------------------------"
echo "请选择源提供商"
echo "1. 阿里云(Aliyun)"
echo "2. 腾讯云(Tencent)"
echo "3. 网易云(163)"
echo "4. 华为云(Huawei)"
echo "5. 清华源(TUNA)"
echo "6. 中国科学技术大学(USTC)"
echo "7. 荆楚理工学院(JCUT)"
echo "8. 南阳理工学院(NYIST)"

echo "-------------------------------------------------"

read -p "请输入序号【1-8】:" CHOICE

# ------------ 配置 Base URL ------------------
case "${CHOICE}" in
    1) URL="https://mirrors.wlnmp.com/centos/Centos7-aliyun-x86_64.repo"; NAME="阿里云" ;;
    2) URL="https://mirrors.wlnmp.com/centos/Centos7-tencent-x86_64.repo"; NAME="腾讯云" ;;
    3) URL="https://mirrors.wlnmp.com/centos/Centos7-163-x86_64.repo"; NAME="网易163" ;;
    4) URL="https://repo.huaweicloud.com/repository/conf/CentOS-7-reg.repo"; NAME="华为云" ;;
    5) URL="https://mirrors.wlnmp.com/centos/Centos7-tuna-x86_64.repo"; NAME="清华源" ;;
    6) URL="https://mirrors.wlnmp.com/centos/Centos7-ustc-x86_64.repo"; NAME="中科大" ;;
    7) URL="https://mirrors.wlnmp.com/centos/Centos7-jcut-x86_64.repo"; NAME="荆楚理工" ;;
    8) URL="https://mirrors.wlnmp.com/centos/Centos7-nyist-x86_64.repo"; NAME="南阳理工" ;;
    *) echo "输入错误,退出"; exit 1 ;;
esac

echo -e "正在配置: ${GREEN}$NAME${RESET}"

# ------------ 备份旧配置 ------------------
BACKUP_DIR="/etc/yum.repos.d/backup_$(date +%Y%m%d_%H%M)"
mkdir -p "$BACKUP_DIR"
mv /etc/yum.repos.d/CentOS-*.repo "$BACKUP_DIR/"
echo "旧配置已备份至: $BACKUP_DIR"

# ------------ 下载 Base ------------------
$CMD "/etc/yum.repos.d/CentOS-Base.repo" "$URL"

if [ -s "/etc/yum.repos.d/CentOS-Base.repo" ]; then
    echo -e "${GREEN}Base 源下载成功!${RESET}"
else
    echo -e "${RED}下载失败,还原备份...${RESET}"
    mv "$BACKUP_DIR/"CentOS-*.repo /etc/yum.repos.d/ 2>/dev/null
    # mv "$BACKUP_DIR/"*.repo /etc/yum.repos.d/
    exit 1
fi

1.2 修改IP、主机名的脚本

1
vi 001_init_net_work.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
#!/bin/bash
# 001_init_net_work.sh
#author: qiankong
#version: v1
#date: 2025-12-19

# ------- 0 定义基础变量 ----------
# 定义颜色
GREEN="\033[32m"
RED="\033[031m"
YELLOW="\033[033m"
RESET="\033[0m"

# 网卡名称,不同系统记得修改,自动检测脚本逻辑太复杂,可读性差
NIC_NAME="ens33"

# -------- 1 接收变量 -----------

read -p "请输入新的主机名 (默认保持不变): " NEW_HOSTNAME
read -p "请输入新的 IP 地址 (例如 192.168.10.7): " NEW_IP
read -p "请输入网关地址 (默认 192.168.10.2): " NEW_GATEWAY
read -p "请输入 DNS1 (默认 223.5.5.5): " NEW_DNS

# 设置默认值
NEW_GATEWAY=${NEW_GATEWAY:-192.168.10.2}
NEW_DNS=${NEW_DNS:-223.5.5.5,1.1.1.1,8.8.8.8}

if [ -z "${NEW_IP}" ];then
        echo -e "${RED}错误: IP地址不能为空!程序退出${RESET}"
        exit 1;
fi
echo "----------------------------------------"
echo "正在配置主机名"
if [ ! -z "${NEW_HOSTNAME}" ];then
        hostnamectl set-hostname ${NEW_HOSTNAME}
        echo -e "${GREEN}主机名已修改为${NEW_HOSTNAME}${RESET}"
fi



echo "----------------------------------------"
echo "正在配置网络"


nmcli connection modify "${NIC_NAME}" \
        ipv4.method "manual" \
        ipv4.addresses "${NEW_IP}/24" \
        ipv4.gateway "${NEW_GATEWAY}" \
        ipv4.dns "${NEW_DNS}" \
        autoconnect yes

if [ $? -eq 0 ];then
        echo -e "${GREEN}配置已写入,但在激活前不生效。${RESET}"
        echo -e "${YELLOW}警告: 激活新 IP 可能导致当前的 SSH 连接中断!${RESET}"

        read -p "确认立即激活网卡吗?(y/n)" CONFIRM
        case "${CONFIRM}" in
                [yY][eE][sS]|[yY])
                echo "正在激活新配置"
                echo -e "${GREEN}注意: SSH连接即将中断, 请使用新IP [ ${NEW_IP} ]${RESET}"
                nmcli connection up ${NIC_NAME}
                ;;
        *)
                echo "已取消激活,可稍后手动执行: nmcli connection up ${NIC_NAME}"
                ;;
        esac

else
        echo -e "${RED}nmcli 配置失败,请检查参数是否正确。${RESET}"
        exit 1

fi

1.3刷新公钥的脚本

1
vi 002_flush_ssh_key.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
#!/bin/bash
# 002_flush_ssh_key.sh
#author: qiankong
#version: v1
#desc: 刷新ssh公钥
#date: 2025-12-19

# ------- 0 定义基础变量 ----------
# 定义颜色
GREEN="\033[32m"
RED="\033[031m"
YELLOW="\033[033m"
RESET="\033[0m"


echo "----------------------------------------"
echo "正在重置 SSH 主机密钥 (防止指纹冲突)"

# 1. 强制删除所有旧的公钥和私钥
rm -f /etc/ssh/ssh_host_*

# 2. 重新生成密钥对 (适用于 CentOS 7/8/9)
# -A 参数表示:Generate all missing host keys
ssh-keygen -A

# 3. 重启 SSH 服务以加载新密钥
systemctl restart sshd

echo -e "${GREEN}SSH 密钥已刷新!新指纹已生成。${RESET}"

二、epel

  1. 阿里云源
1
curl -o /etc/yum.repos.d/epel.repo https://mirrors.aliyun.com/repo/epel-7.repo
1
wget -O /etc/yum.repos.d/epel.repo https://mirrors.aliyun.com/repo/epel-7.repo
  1. 腾讯云源
1
curl -O /etc/yum.repos.d/epel.repo http://mirrors.tencent.com/repo/epel-7.repo
1
wget -O /etc/yum.repos.d/epel.repo http://mirrors.tencent.com/repo/epel-7.repo

三、安装必备的软件包

1
2
3
yum install -y tree vim wget bash-completion  lrzsz \
	net-tools sysstat iotop iftop htop unzip git \
	nc nmap telnet bc psmisc httpd-tools bind-utils nethogs expect

四、命令行颜色

1
vim /etc/profile.d/cli-color.sh
1
export PS1='[\[\e[34;1m\]\u@\[\e[0m\]\[\e[32;1m\]\H\[\e[0m\]\[\e[31;1m\] \w\[\e[0m\]]\$ '
1
source /etc/profile.d/cli-color.sh

五、关闭防火墙、SELinux

1
2
systemctl stop firewalld
systemctl disable firewalld
1
2
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
setenforce 0

六、SSH反向解析

1
2
3
4
5
6
7
8
9
# 禁用 DNS 反向解析(解决 SSH 登录慢的核心问题)
sed -i 's/#UseDNS yes/UseDNS no/g' /etc/ssh/sshd_config
sed -i 's/UseDNS yes/UseDNS no/g' /etc/ssh/sshd_config # 防御性编程,防止原本就没有注释

# 禁用 GSSAPI 认证(也是导致慢的原因之一)
sed -i 's/^GSSAPIAuthentication yes/GSSAPIAuthentication no/g' /etc/ssh/sshd_config

# 重启 SSH 服务生效
systemctl restart sshd

六、历史命令

1
2
3
4
5
6
7
8
9
# 设置历史命令格式:显示时间 + 用户
# 效果:2025-12-19 12:00:01 root command...
echo 'export HISTTIMEFORMAT="%F %T `whoami` "' >> /etc/profile

# 设置历史命令记录条数(默认是1000,改成10000)
sed -i 's/^HISTSIZE=1000/HISTSIZE=10000/g' /etc/profile

# 让配置立即生效
source /etc/profile
1
history -c && > ~/.bash_history

七、命令别名

1
vim ~/.bashrc
1
alias yy="egrep -'^$|^#'"
1
source ~/.bashrc

八、VIMRC

  1. 新建文件时自动设置文件头
1
vim /etc/vimrc
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
set ignorecase 
autocmd BufNewFile *.py,*.cc,*.sh,*.java,*.bash exec ":call SetTitle()"

func SetTitle()
if expand("%:e") =~ 'sh\|bash'
call setline(1, "#!/bin/bash")
call setline(2,"##############################################################")
call setline(3, "# File Name:".expand("%"))
call setline(4, "# Version:V1.0")
call setline(5, "# Author:qiankong")
call setline(6, "# Organization:bravexist.cn")
call setline(7, "# Desc:")
call setline(8,"##############################################################")

endif
endfunc