diff --git a/系统优化 b/系统优化 new file mode 100644 index 0000000..a4043db --- /dev/null +++ b/系统优化 @@ -0,0 +1,516 @@ +#!/bin/bash + +# Ubuntu/Debian/CentOS/RHEL系统优化与Docker准备脚本 +# 精简版 - 不备份文件,适合小存储空间VPS + +# 颜色定义 +RED='\033[0;31m' +GREEN='\033[0;32m' +YELLOW='\033[1;33m' +BLUE='\033[0;34m' +PURPLE='\033[0;35m' +CYAN='\033[0;36m' +NC='\033[0m' + +# 日志文件 +LOG_FILE="/tmp/system_optimization.log" + +# 错误处理函数 +handle_error() { + echo -e "${RED}❌ 错误: $1${NC}" + echo "详细日志请查看: $LOG_FILE" + exit 1 +} + +# 日志记录函数 +log() { + echo "$(date '+%Y-%m-%d %H:%M:%S') - $1" >> "$LOG_FILE" +} + +# 检查命令是否存在 +check_command() { + if ! command -v "$1" &> /dev/null; then + return 1 + fi + return 0 +} + +# 检测系统类型 +detect_os() { + echo -e "${BLUE}🔍 检测操作系统...${NC}" + + if [ -f /etc/os-release ]; then + . /etc/os-release + OS_NAME=$ID + OS_VERSION=$VERSION_ID + OS_PRETTY_NAME=$PRETTY_NAME + + echo -e "${GREEN}✅ 操作系统: $OS_PRETTY_NAME${NC}" + echo -e "${GREEN}✅ 版本: $OS_VERSION${NC}" + + case $OS_NAME in + ubuntu|debian) + OS_TYPE="debian" + PM="apt-get" + UPDATE_CMD="apt-get update" + UPGRADE_CMD="apt-get upgrade -y" + INSTALL_CMD="apt-get install -y" + AUTOREMOVE_CMD="apt-get autoremove -y" + AUTOCLEAN_CMD="apt-get autoclean -y" + ;; + centos|rhel|fedora|rocky|almalinux) + OS_TYPE="rhel" + if check_command dnf; then + PM="dnf" + UPDATE_CMD="dnf update -y" + INSTALL_CMD="dnf install -y" + else + PM="yum" + UPDATE_CMD="yum update -y" + INSTALL_CMD="yum install -y" + fi + AUTOREMOVE_CMD="$PM autoremove -y" + AUTOCLEAN_CMD="$PM clean all" + ;; + *) + handle_error "不支持的操作系统: $OS_NAME" + ;; + esac + else + handle_error "无法检测操作系统" + fi +} + +# 检查系统架构 +check_architecture() { + echo -e "${BLUE}🔍 检查系统架构...${NC}" + ARCH=$(uname -m) + case $ARCH in + x86_64) + echo -e "${GREEN}✅ 系统架构: AMD64${NC}" + ;; + aarch64) + echo -e "${GREEN}✅ 系统架构: ARM64${NC}" + ;; + *) + echo -e "${YELLOW}⚠️ 检测到非常见架构: $ARCH${NC}" + ;; + esac +} + +# 清理系统缓存和旧包 +clean_system() { + echo -e "${BLUE}🧹 清理系统缓存和旧包...${NC}" + + if [ "$OS_TYPE" = "debian" ]; then + # 清理apt缓存 + apt-get clean >> "$LOG_FILE" 2>&1 || echo -e "${YELLOW}⚠️ apt清理缓存失败${NC}" + apt-get autoremove -y >> "$LOG_FILE" 2>&1 || echo -e "${YELLOW}⚠️ apt自动移除失败${NC}" + + # 清理旧内核(仅保留最新1个以节省空间) + if check_command dpkg; then + OLD_KERNELS=$(dpkg -l | grep -E "linux-image-[0-9]" | grep -v $(uname -r | sed 's/-generic//') | awk '{print $2}') + if [ -n "$OLD_KERNELS" ]; then + echo -e "${BLUE}移除旧内核: $OLD_KERNELS${NC}" + apt-get remove -y $OLD_KERNELS >> "$LOG_FILE" 2>&1 || true + fi + fi + elif [ "$OS_TYPE" = "rhel" ]; then + # 清理yum/dnf缓存 + $PM clean all >> "$LOG_FILE" 2>&1 || echo -e "${YELLOW}⚠️ $PM清理缓存失败${NC}" + + # 清理旧内核(仅保留最新1个) + if [ "$PM" = "yum" ]; then + package-cleanup --oldkernels --count=1 -y >> "$LOG_FILE" 2>&1 || true + elif [ "$PM" = "dnf" ]; then + dnf remove --oldinstallonly --setopt installonly_limit=1 -y >> "$LOG_FILE" 2>&1 || true + fi + fi + + # 清理临时文件(不清理太多避免影响运行) + rm -rf /tmp/*.deb /tmp/*.rpm /var/tmp/*.deb /var/tmp/*.rpm >> "$LOG_FILE" 2>&1 || true + + # 清理日志文件(保留最近7天) + find /var/log -name "*.log" -type f -mtime +7 -delete 2>/dev/null || true + find /var/log -name "*.gz" -type f -delete 2>/dev/null || true + + echo -e "${GREEN}✅ 系统清理完成${NC}" +} + +# 更新系统包管理器 +update_package_manager() { + echo -e "${BLUE}🔄 更新包管理器...${NC}" + + if [ "$OS_TYPE" = "debian" ]; then + # 更新apt源 + if ! $UPDATE_CMD >> "$LOG_FILE" 2>&1; then + echo -e "${YELLOW}⚠️ 包管理器更新失败,尝试修复...${NC}" + + # 修复可能的损坏 + dpkg --configure -a >> "$LOG_FILE" 2>&1 || true + apt-get install -f -y >> "$LOG_FILE" 2>&1 || true + fi + elif [ "$OS_TYPE" = "rhel" ]; then + if ! $UPDATE_CMD >> "$LOG_FILE" 2>&1; then + echo -e "${YELLOW}⚠️ 包管理器更新失败,尝试修复...${NC}" + + # 修复可能的损坏 + rpm --rebuilddb >> "$LOG_FILE" 2>&1 || true + $PM clean all >> "$LOG_FILE" 2>&1 || true + fi + fi + + echo -e "${GREEN}✅ 包管理器更新完成${NC}" +} + +# 安装基础依赖(精简版) +install_basic_dependencies() { + echo -e "${BLUE}📦 安装基础依赖包...${NC}" + + local base_packages=() + + if [ "$OS_TYPE" = "debian" ]; then + base_packages=( + "curl" "wget" "gnupg" "lsb-release" "apt-transport-https" + "ca-certificates" "software-properties-common" + "net-tools" "dnsutils" "iputils-ping" "sudo" "bc" + ) + elif [ "$OS_TYPE" = "rhel" ]; then + base_packages=( + "curl" "wget" "gnupg" "redhat-lsb-core" "yum-utils" "epel-release" + "ca-certificates" "device-mapper-persistent-data" "lvm2" + "net-tools" "bind-utils" "iputils" "sudo" "bc" + ) + fi + + for package in "${base_packages[@]}"; do + echo -e "${BLUE}安装 $package...${NC}" + if ! $INSTALL_CMD "$package" >> "$LOG_FILE" 2>&1; then + echo -e "${YELLOW}⚠️ $package 安装失败,跳过...${NC}" + fi + done + + echo -e "${GREEN}✅ 基础依赖安装完成${NC}" +} + +# 配置系统优化参数 +configure_system_optimization() { + echo -e "${BLUE}⚙️ 配置系统优化参数...${NC}" + + # 优化内核参数 - 直接修改,不备份 + if ! grep -q "系统优化配置" /etc/sysctl.conf; then + cat >> /etc/sysctl.conf << EOF + +# 系统优化配置 - 添加于 $(date) +# 网络优化 +net.core.rmem_max = 16777216 +net.core.wmem_max = 16777216 +net.ipv4.tcp_rmem = 4096 87380 16777216 +net.ipv4.tcp_wmem = 4096 16384 16777216 +net.ipv4.tcp_max_syn_backlog = 8192 +net.ipv4.tcp_tw_reuse = 1 + +# 内存优化 +vm.swappiness = 10 +vm.dirty_ratio = 15 +vm.dirty_background_ratio = 5 + +# 文件系统优化 +fs.file-max = 65536 +EOF + fi + + # 应用配置 + sysctl -p >> "$LOG_FILE" 2>&1 || echo -e "${YELLOW}⚠️ sysctl配置应用失败${NC}" + + # 配置文件描述符限制 + if ! grep -q "文件描述符限制" /etc/security/limits.conf; then + cat >> /etc/security/limits.conf << EOF + +# 文件描述符限制 - 添加于 $(date) +* soft nofile 65536 +* hard nofile 65536 +root soft nofile 65536 +root hard nofile 65536 +EOF + fi + + echo -e "${GREEN}✅ 系统优化配置完成${NC}" +} + +# 配置DNS优化 +configure_dns() { + echo -e "${BLUE}🌐 配置DNS优化...${NC}" + + # 直接配置,不备份 + cat > /etc/resolv.conf << EOF +# DNS配置 - 优化于 $(date) +nameserver 223.5.5.5 +nameserver 119.29.29.29 +nameserver 8.8.8.8 +nameserver 1.1.1.1 +options timeout:2 attempts:3 rotate +EOF + + # 防止NetworkManager覆盖配置 + if [ -f /etc/NetworkManager/NetworkManager.conf ]; then + sed -i 's/^dns=.*/dns=none/' /etc/NetworkManager/NetworkManager.conf 2>/dev/null || true + fi + + echo -e "${GREEN}✅ DNS优化配置完成${NC}" +} + +# 配置Docker安装环境 +configure_docker_environment() { + echo -e "${BLUE}🐳 配置Docker安装环境...${NC}" + + if [ "$OS_TYPE" = "debian" ]; then + # 添加Docker官方GPG密钥 + curl -fsSL https://download.docker.com/linux/$OS_NAME/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg >> "$LOG_FILE" 2>&1 || { + echo -e "${YELLOW}⚠️ Docker GPG密钥添加失败,使用备用方案${NC}" + curl -fsSL https://download.docker.com/linux/$OS_NAME/gpg | apt-key add - >> "$LOG_FILE" 2>&1 || true + } + + # 添加Docker仓库 + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/$OS_NAME $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null + + # 更新包列表 + $UPDATE_CMD >> "$LOG_FILE" 2>&1 || echo -e "${YELLOW}⚠️ 更新包列表失败${NC}" + + elif [ "$OS_TYPE" = "rhel" ]; then + # 添加Docker仓库 + $INSTALL_CMD yum-utils >> "$LOG_FILE" 2>&1 || true + yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo >> "$LOG_FILE" 2>&1 || { + echo -e "${YELLOW}⚠️ Docker仓库添加失败,使用官方仓库${NC}" + } + + # 更新包列表 + $UPDATE_CMD >> "$LOG_FILE" 2>&1 || true + fi + + echo -e "${GREEN}✅ Docker环境配置完成${NC}" +} + +# 安装Docker +install_docker() { + echo -e "${BLUE}🐳 安装Docker...${NC}" + + # 检查是否已安装Docker + if check_command docker; then + echo -e "${YELLOW}⚠️ Docker已安装,跳过安装${NC}" + return 0 + fi + + if [ "$OS_TYPE" = "debian" ]; then + $INSTALL_CMD docker-ce docker-ce-cli containerd.io docker-compose-plugin >> "$LOG_FILE" 2>&1 || { + echo -e "${YELLOW}⚠️ Docker安装失败,尝试替代方案${NC}" + # 尝试安装docker.io + $INSTALL_CMD docker.io containerd runc >> "$LOG_FILE" 2>&1 || { + echo -e "${RED}❌ Docker安装完全失败${NC}" + return 1 + } + } + elif [ "$OS_TYPE" = "rhel" ]; then + $INSTALL_CMD docker-ce docker-ce-cli containerd.io docker-compose-plugin >> "$LOG_FILE" 2>&1 || { + echo -e "${YELLOW}⚠️ Docker安装失败,尝试替代方案${NC}" + $INSTALL_CMD docker >> "$LOG_FILE" 2>&1 || { + echo -e "${RED}❌ Docker安装完全失败${NC}" + return 1 + } + } + fi + + # 启动Docker服务 + systemctl enable docker >> "$LOG_FILE" 2>&1 || true + systemctl start docker >> "$LOG_FILE" 2>&1 || true + + # 验证安装 + if docker --version >> "$LOG_FILE" 2>&1; then + echo -e "${GREEN}✅ Docker安装成功: $(docker --version)${NC}" + + # 配置用户组 + usermod -aG docker $USER 2>/dev/null || true + echo -e "${GREEN}✅ 已将当前用户添加到docker组${NC}" + else + echo -e "${RED}❌ Docker安装验证失败${NC}" + return 1 + fi +} + +# 安装Docker Compose +install_docker_compose() { + echo -e "${BLUE}🐳 安装Docker Compose...${NC}" + + # 检查是否已安装 + if check_command docker-compose; then + echo -e "${YELLOW}⚠️ Docker Compose已安装,跳过${NC}" + return 0 + fi + + # 安装最新版本 + COMPOSE_VERSION=$(curl -s https://api.github.com/repos/docker/compose/releases/latest | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/') + + if [ -z "$COMPOSE_VERSION" ]; then + COMPOSE_VERSION="v2.24.0" # 备用版本 + fi + + curl -L "https://github.com/docker/compose/releases/download/${COMPOSE_VERSION}/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose >> "$LOG_FILE" 2>&1 + + if [ $? -eq 0 ]; then + chmod +x /usr/local/bin/docker-compose + ln -sf /usr/local/bin/docker-compose /usr/bin/docker-compose 2>/dev/null || true + + echo -e "${GREEN}✅ Docker Compose安装成功: ${COMPOSE_VERSION}${NC}" + else + echo -e "${YELLOW}⚠️ Docker Compose安装失败,跳过${NC}" + fi +} + +# 验证安装结果 +verify_installation() { + echo -e "${BLUE}🔍 验证安装结果...${NC}" + + echo -e "${CYAN}系统信息:${NC}" + echo -e " OS: $OS_PRETTY_NAME" + echo -e " 内核: $(uname -r)" + echo -e " 架构: $(uname -m)" + + echo -e "${CYAN}服务状态:${NC}" + if systemctl is-active docker >/dev/null 2>&1; then + echo -e " Docker: ${GREEN}运行中${NC}" + else + echo -e " Docker: ${RED}未运行${NC}" + fi + + echo -e "${CYAN}版本信息:${NC}" + if check_command docker; then + echo -e " Docker: $(docker --version 2>/dev/null | cut -d' ' -f3 | tr -d ',')" + else + echo -e " Docker: ${RED}未安装${NC}" + fi + + if check_command docker-compose; then + echo -e " Docker Compose: $(docker-compose --version 2>/dev/null | cut -d' ' -f3 | tr -d ',')" + else + echo -e " Docker Compose: ${YELLOW}未安装${NC}" + fi + + # 显示磁盘空间 + echo -e "${CYAN}磁盘空间:${NC}" + df -h / | tail -1 | awk '{print " 根分区: " $4 " 可用 / " $2 " 总大小"}' + + echo -e "${GREEN}✅ 验证完成${NC}" +} + +# 显示使用说明 +show_usage() { + echo -e "${GREEN}系统优化与Docker准备脚本 (精简版)${NC}" + echo -e "专为小存储空间VPS设计 - 不备份文件${NC}" + echo -e "" + echo -e "使用方法: $0 [选项]" + echo -e "" + echo -e "选项:" + echo -e " -h, --help 显示此帮助信息" + echo -e " -c, --clean 只执行清理操作" + echo -e " -o, --optimize 只执行系统优化" + echo -e " -d, --docker 只安装Docker" + echo -e " -a, --all 执行所有操作(默认)" + echo -e "" + echo -e "功能:" + echo -e " ✅ 系统检测" + echo -e " ✅ 深度清理(节省空间)" + echo -e " ✅ 依赖包安装" + echo -e " ✅ 系统优化配置" + echo -e " ✅ DNS优化" + echo -e " ✅ Docker环境准备" + echo -e " ✅ Docker安装与配置" + echo -e "" + echo -e "示例:" + echo -e " $0 # 执行所有操作" + echo -e " $0 --clean # 只执行清理" + echo -e " $0 --docker # 只安装Docker" +} + +# 主函数 +main() { + # 创建日志文件 + > "$LOG_FILE" + + # 显示标题 + echo -e "${PURPLE}" + echo "==================================================" + echo " 🚀 系统优化与Docker准备脚本 (精简版)" + echo " 专为小存储空间VPS设计" + echo "==================================================" + echo -e "${NC}" + + # 检查root权限 + if [ "$EUID" -ne 0 ]; then + echo -e "${RED}❌ 请使用root权限运行此脚本${NC}" + echo -e "使用: sudo $0" + exit 1 + fi + + # 解析命令行参数 + case "${1:-}" in + -h|--help) + show_usage + exit 0 + ;; + -c|--clean) + echo -e "${BLUE}执行清理操作...${NC}" + detect_os + clean_system + exit 0 + ;; + -o|--optimize) + echo -e "${BLUE}执行系统优化...${NC}" + detect_os + configure_system_optimization + configure_dns + exit 0 + ;; + -d|--docker) + echo -e "${BLUE}安装Docker...${NC}" + detect_os + configure_docker_environment + install_docker + install_docker_compose + verify_installation + exit 0 + ;; + -a|--all|*) + # 执行所有操作 + ;; + esac + + # 执行完整流程 + echo -e "${BLUE}开始系统优化与Docker准备...${NC}" + + detect_os + check_architecture + clean_system + update_package_manager + install_basic_dependencies + configure_system_optimization + configure_dns + configure_docker_environment + install_docker + install_docker_compose + + echo -e "${GREEN}🎉 所有操作完成!${NC}" + echo "" + verify_installation + echo "" + echo -e "${YELLOW}💡 重要提示:${NC}" + echo -e " 1. 建议重启系统以使所有配置生效" + echo -e " 2. 当前用户已添加到docker组,重新登录后生效" + echo -e " 3. 详细日志请查看: $LOG_FILE" + echo -e " 4. 脚本已尽可能节省磁盘空间" +} + +# 设置陷阱,确保脚本退出时重置颜色 +trap 'echo -e "${NC}"' EXIT + +# 运行主函数 +main "$@"