iotcat
/
ushio-centos-ini
mirror of https://github.com/IoTcat/ushio-centos-ini.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
68 Commits
1 Branch
0 Tags
104 KiB
 
Tag: Branch: Tree: 10bf4d6224
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '10bf4d6224'
${ noResults }
ushio-centos-ini/env.sh

150 lines
4.4 KiB
Raw Blame History

#!/bin/bash
cd /
#
# system env
#
# set hostname
hostname $1
hostnamectl set-hostname $1
#
# set USHIO_VERSION env var
export USHIO_VERSION="$3"
echo export USHIO_VERSION="$3">>/etc/profile
#
# active rc.local
#
#chmod +x /etc/rc.d/rc.local
#
# yum update
#
yum -y update
yum install epel-release -y
#
# Development Tools
#
yum install -y wget git vim unzip zip openssl make gcc gcc-c++ screen fuse fuse-devel rsync ntp
# enable ntp
systemctl start ntp
systemctl enable ntp
# git config
git config --global user.name $1
git config --global user.email git@$1
git config credential.helper store
git config --global core.autocrlf input
#
# docker
#
yum -y install docker
systemctl enable docker
systemctl start docker
curl -L https://github.com/docker/compose/releases/download/1.25.4/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
wget -P /etc/systemd/system https://onedrive.yimian.xyz/config/systemd/ushio.service
chmod +x /etc/systemd/system/ushio.service
sed -i 's/$HOSTNAME/'$1'/g' /etc/systemd/system/ushio.service
systemctl daemon-reload
systemctl enable ushio
#
# nodeJS
#
wget -P /tmp/ https://nodejs.org/dist/v12.16.1/node-v12.16.1-linux-x64.tar.xz
xz -d /tmp/node-v12.16.1-linux-x64.tar.xz
tar -vxf /tmp/node-v12.16.1-linux-x64.tar -C /usr/local/
mv /usr/local/node-v12.16.1-linux-x64 /usr/local/node
rm -f /tmp/node-v12.16.1-linux-x64.tar
ln -s /usr/local/node/bin/node /usr/local/bin/node
ln -s /usr/local/node/bin/npm /usr/local/bin/npm
ln -s /usr/local/node/bin/npx /usr/local/bin/npx
ln -s /usr/local/node/bin/node /usr/bin/node
ln -s /usr/local/node/bin/npm /usr/bin/npm
ln -s /usr/local/node/bin/npx /usr/bin/npx
npm i npm -g
echo PATH=\"'$PATH':/usr/local/node/bin\">>/etc/profile
echo export PATH>>/etc/profile
source /etc/profile
npm cache clean -f
npm install -g n
n stable
npm i -g pm2
pm2 startup
npm i -g yarn
#
# firewall
#
systemctl stop firewalld
systemctl disable firewalld
sed -i s/SELINUX=enforcing/SELINUX=disabled/g /etc/selinux/config
yum install iptables-services iptables-devel -y
systemctl start iptables
systemctl enable iptables
iptables -A OUTPUT -j ACCEPT
iptables -A INPUT -j REJECT
iptables -A FORWARD -j REJECT
iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
iptables -A OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
# ssh
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
# iis
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
# mqtt
iptables -A INPUT -p tcp --dport 1883 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -j ACCEPT
iptables -A INPUT -p tcp --dport 8084 -j ACCEPT
iptables -A INPUT -p tcp --dport 8883 -j ACCEPT
iptables -A INPUT -p tcp --dport 18083 -j ACCEPT
service iptables save
service iptables restart
#
# onedrive
#
curl https://rclone.org/install.sh | sudo bash
wget -P /root/.config/rclone/ https://onedrive.yimian.xyz/config/rclone/rclone.conf.aes
openssl enc -aes-128-cbc -in /root/.config/rclone/rclone.conf.aes -out /root/.config/rclone/rclone.conf -pass pass:$2 -d
nohup rclone mount onedrive:ushio/$3 /mnt --allow-other --allow-non-empty --vfs-cache-mode writes &
wget -P /etc/systemd/system https://onedrive.yimian.xyz/config/systemd/rclone.service
chmod +x /etc/systemd/system/rclone.service
sed -i 's/$USHIO_VERSION/'$3'/g' /etc/systemd/system/rclone.service
systemctl daemon-reload
systemctl enable rclone
systemctl start rclone
#
# config
#
# vim
ln -s /mnt/config/vim/.vimrc ~/.vimrc
# git
ln -s /mnt/config/git/.git-credentials ~/.git-credentials
#
# ssh
rm -f ~/.ssh/authorized_keys
mkdir ~/.ssh
ln -s /mnt/config/ssh/authorized_keys ~/.ssh/authorized_keys
ssh-keygen -t rsa -P "" -f ~/.ssh/id_rsa
#
# hosts rule
rm -f /etc/hosts.allow
ln -s /mnt/config/hosts/hosts.allow /etc/hosts.allow
rm -f /etc/hosts.deny
ln -s /mnt/config/hosts/hosts.deny /etc/hosts.deny
#sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config
#
# delay run
#
sleep 15s
#
# ssh
sed -i '/'$1'/d' /mnt/config/ssh/authorized_keys
cat ~/.ssh/id_rsa.pub>>/mnt/config/ssh/authorized_keys
#############################
# Ushio Env Ini Finished
#############################
#
# Email Notice
curl "https://api.yimian.xyz/mail/?to=i@iotcat.me&subject=$1 Ushio Env ini finished&body=ini finished!!"
#
# system reboot
reboot