adminroot/setup
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

上传文件至 /

Browse Source
This commit is contained in:
adminroot
2025-09-18 00:02:06 -07:00
commit 60ec0e7240
1 changed files with 154 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

154
setup.sh Normal file
View File

@@ -0,0 +1,154 @@
#!/bin/bash
#运行命令: bash <(wget -qO- https://oplist.nvme.cc/d/share/bash/setup.sh)
echo "请选择要执行的脚本(可多选,用空格分隔):"
echo "1. 开启BBR"
echo "2. 设置Swap大小"
echo "3. 配置常用alias缩写"
echo "4. apt安装常用软件"
echo "5. 配置防火墙"
echo "6. 安装公钥"
echo "7. 安装caddy"
echo "8. 安装conda"
echo "9. 安装docker"
echo "10. 安装ss-rust"
read -p "输入你的选择: " choices
# 处理选择
for choice in $choices; do
case $choice in
1)
echo "执行开启BBR的脚本..."
echo -e "net.core.default_qdisc=fq\nnet.ipv4.tcp_congestion_control=bbr" | tee -a /etc/sysctl.conf
sysctl -p
;;
2)
read -p "输入Swap内存大小(MB): " swap_size
echo "执行设置Swap内存大小的脚本..."
dd if=/dev/zero of=/swapfile bs=1M count=$swap_size
mkswap /swapfile
swapon /swapfile
echo "/swapfile swap swap defaults 0 0" | tee -a /etc/fstab
;;
3)
echo "配置常用alias缩写"
wget https://oplist.nvme.cc/d/share/bash/alias.txt -qO ~/.alias.txt
echo -e 'if [ -f ~/.alias.txt ]; then\n . ~/.alias.txt\nfi' >>/etc/profile
echo -e 'if [ -f ~/.alias.txt ]; then\n . ~/.alias.txt\nfi' >>~/.bashrc
wget https://oplist.nvme.cc/d/share/bash/nanorc -O ~/.nanorc
;;
4)
echo "即将安装htop cbm tree tmux ufw curl wget lsof nano sudo git git-lfs 7z"
read -p "额外安装(包名): " app
apt update -y
apt install -y htop cbm tree tmux ufw curl wget lsof nano sudo git git-lfs $app
wget https://www.7-zip.org/a/7z2501-linux-x64.tar.xz -O 7z.tar.xz
tar -xf 7z.tar.xz -C /usr/local/bin/ --transform 's/7zz$/7z/' "7zz"
chmod +x /usr/local/bin/7z
rm 7z.tar.xz
;;
5)
echo "配置防火墙"
apt update -y
apt install -y ufw
ufw allow 22
ufw allow 80
ufw allow 443
ufw allow 13576
ufw allow 24687
echo "y" | ufw enable
bash -c 'cat >> /etc/ufw/after.rules << "EOF"
# BEGIN UFW AND DOCKER
*filter
:ufw-user-forward - [0:0]
:ufw-docker-logging-deny - [0:0]
:DOCKER-USER - [0:0]
-A DOCKER-USER -j ufw-user-forward
-A DOCKER-USER -j RETURN -s 10.0.0.0/8
-A DOCKER-USER -j RETURN -s 172.16.0.0/12
-A DOCKER-USER -j RETURN -s 192.168.0.0/16
-A DOCKER-USER -p udp -m udp --sport 53 --dport 1024:65535 -j RETURN
-A DOCKER-USER -j ufw-docker-logging-deny -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -d 192.168.0.0/16
-A DOCKER-USER -j ufw-docker-logging-deny -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -d 10.0.0.0/8
-A DOCKER-USER -j ufw-docker-logging-deny -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -d 172.16.0.0/12
-A DOCKER-USER -j ufw-docker-logging-deny -p udp -m udp --dport 0:32767 -d 192.168.0.0/16
-A DOCKER-USER -j ufw-docker-logging-deny -p udp -m udp --dport 0:32767 -d 10.0.0.0/8
-A DOCKER-USER -j ufw-docker-logging-deny -p udp -m udp --dport 0:32767 -d 172.16.0.0/12
-A DOCKER-USER -j RETURN
-A ufw-docker-logging-deny -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW DOCKER BLOCK] "
-A ufw-docker-logging-deny -j DROP
COMMIT
# END UFW AND DOCKER
EOF
ufw reload'
ufw status
;;
6)
echo "安装公钥"
mkdir -p ~/.ssh
echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDfs6zCFdRG9uCraZLo2KQK8xgWlfZVvQJF16z5hsCBgv4SDJk+tEvQYv+FABxziZhju9mBnAl92W0vz/MpDYccFk4lXNU2LzSMiDJYwvn4lYVU6fFUw7+qdxHd44RlHRNgFXDQAu89akPw5XEVwYDkr4JgTFsqeNvQBrD6jLT7MK4x+ZFy7YA55JEsGq6wHb82DkYcC5J7Wl9QYcANb+9JLwjWB16/OLS5MJUn3MZ8B7gM8jZulSyUwlp+1fCfRTdGx/QVOTPRyCUnTsnNceDuKtT8P18/4B0OcQiiHrg+kng3IWY3CTBnvxrkI3xyKwjje9EH43/LWFdcOiNvBA+8rtXBdGDWExmgfyJK2Wr18HSxRPb1DW0GP5BlP+oArfjJMkST/f8WsGgTrl83F5pUFJS2xJMmZX3npWNV/GVeNbZS3+uM8L9VSVCD+9K8gE0iuYHPhYp/Fsg0iIrpsD7wxtYfCamFslbZ//gSCdOsQzDw6wwIrLrQYVSlcuUC3/SKRkHBrzlr61PaXZ4KfH9x61FyIcHXiRHm0MG2LT8oN44F0ENcLGzO49mcTxTuV971R2kwJupiUwOUOb4cSkPtLA8BIQ8IifldFzfiJnJ81iQHu1rIoc+DN7QwWE/WA9QZudQkah5QS2lmbDVP1Pb8oIA0wdAMFDWh7OHLGlhC6w==" >>~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
chmod 700 ~/.ssh
;;
7)
echo "安装caddy"
sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl gnupg
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
sudo apt update
sudo apt install caddy
mkdir /etc/caddy/sites
sed -i '$a import /etc/caddy/sites/*.txt' /etc/caddy/Caddyfile
;;
8)
read -p "Conda安装路径 (默认: ~/.miniconda3): " CONDA_PATH
CONDA_PATH=${CONDA_PATH:-"$HOME/.miniconda3"}
PROFILE="$HOME/.bashrc"
ARCH=$(uname -m)
case $ARCH in
x86_64)
MINICONDA_INSTALLER="Miniconda3-latest-Linux-x86_64.sh"
;;
aarch64|arm64)
MINICONDA_INSTALLER="Miniconda3-latest-Linux-aarch64.sh"
;;
*)
echo "不支持的架构: $ARCH"
echo "支持的架构: x86_64, aarch64, armv7l"
exit 1
;;
esac
echo "检测到系统架构: $ARCH"
echo "将下载: $MINICONDA_INSTALLER"
mkdir -p "$CONDA_PATH"
wget "https://repo.anaconda.com/miniconda/$MINICONDA_INSTALLER" -O "$CONDA_PATH/miniconda.sh"
bash "$CONDA_PATH/miniconda.sh" -b -u -p "$CONDA_PATH"
rm -f "$CONDA_PATH/miniconda.sh"
echo "source $CONDA_PATH/bin/activate" >> "$PROFILE"
;;
9)
echo "安装docker"
curl -fsSL https://get.docker.com -o get-docker.sh
sh get-docker.sh
rm ./get-docker.sh
;;
*)
echo "无效的选择: $choice"
;;
esac
done
echo "============= Copy and run ============="
echo ""
echo " source /etc/profile && source ~/.bashrc"
echo ""
echo "========================================"
echo "Press Enter to continue..."
read