由于经常安装云服务器,再次记录下。
服务器系统为Center OS
安装相关包
yum install -y gcc
yum install -y openssl
yum install -y openssl-devel
yum install -y zlib-devel
yum install -y git
yum install -y unzip
禁用密码登陆,使用秘钥登陆
vim /etc/ssh/sshd_config
# 是否让 sshd 去检查用户家目录或相关档案的权限数据,
# 这是为了担心使用者将某些重要档案的权限设错,可能会导致一些问题所致。
# 例如使用者的 ~.ssh/ 权限设错时,某些特殊情况下会不许用户登入
StrictModes no
# 是否允许用户自行使用成对的密钥系统进行登入行为,仅针对 version 2。
# 至于自制的公钥数据就放置于用户家目录下的 .ssh/authorized_keys 内
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys
#有了证书登录了,就禁用密码登录吧,安全要紧
PasswordAuthentication no
#重启服务
#ubuntu
/etc/init.d/ssh restart
#centos
service sshd restart
升级VIM8
yum install ncurses-devel
wget https://github.com/vim/vim/archive/v8.0.1376.zip
unzip master.zip
cd vim-master
cd src/
./configure
make
sudo make install
vim
//配置增强版VIM
//安装
bash <(curl -fsSL https://raw.githubusercontent.com/liuchengxu/space-vim/master/install.sh)
//卸载
bash <(curl -fsSL https://raw.githubusercontent.com/liuchengxu/space-vim/master/uninstall.sh)
安装oh-my-zsh
//安装zsh
yum -y install zsh
//切换shell
chsh -s /bin/zsh
//安装oh my zsh
//curl
sh -c "$(curl -fsSL https://raw.githubusercontent.com/robbyrussell/oh-my-zsh/master/tools/install.sh)"
//wget
sh -c "$(wget https://raw.githubusercontent.com/robbyrussell/oh-my-zsh/master/tools/install.sh -O -)"
//添加插件
git clone https://github.com/zsh-users/zsh-autosuggestions $ZSH_CUSTOM/plugins/zsh-autosuggestions
//vim .zshrc中找到plugins
//plugins=(zsh-autosuggestions)
安装Python3
wget https://www.python.org/ftp/python/3.6.1/Python-3.6.1.tgz
tar xzvf Python-3.6.1.tgz
修改Pyhton3安装配置 解决SSL模块无法使用问题
vim Modules/Setup.dist 或
vim Modules/Setup
# Socket module helper for socket(2)
_socket socketmodule.c timemodule.c
# Socket module helper for SSL support; you must comment out the other
# socket line above, and possibly edit the SSL variable:
#SSL=/usr/local/ssl
_ssl _ssl.c \
-DUSE_SSL -I$(SSL)/include -I$(SSL)/include/openssl \
-L$(SSL)/lib -lssl -lcrypto
安装Python3
cd Python-3.6.1
mkdir /usr/local/python3.6
./configure --prefix=/usr/local/python3.6
make
make install
替换原有的Python链接
mv /usr/bin/python /usr/bin/python_bak
ln -s /usr/local/python3.1/bin/python3.1 /usr/bin/python
注意要修改yum文件,yum依赖系统的python
vim /usr/bin/yum
打开文件后,将/usr/bin/python修改成/usr/bin/python_bak即可
安装ufw
//ubuntu
apt-get install ufw -y
//debian
apt-get install ufw -y
//center os
yum install epel-release -y
yum install --enablerepo="epel" ufw -y
ufw相关配置
https://linuxconfig.org/how-to-install-and-use-ufw-firewall-on-linux
http://notes.maxwi.com/2017/01/19/linux-command-tools-ufw
//默认配置
ufw default deny incoming
ufw default allow outgoing
cloudflare ufw配置
cloudflare-ufw.sh
, 参考链接:
#!/bin/sh
DIR="$(dirname $(readlink -f $0))"
cd $DIR
wget https://www.cloudflare.com/ips-v4 -O ips-v4.tmp
wget https://www.cloudflare.com/ips-v6 -O ips-v6.tmp
mv ips-v4.tmp ips-v4
mv ips-v6.tmp ips-v6
for cfip in `cat ips-v4`; do ufw allow from $cfip; done
for cfip in `cat ips-v6`; do ufw allow from $cfip; done
ufw reload > /dev/null
# OTHER EXAMPLE RULES
# Examples to retrict to port 80
#for cfip in `cat ips-v4`; do ufw allow from $cfip to any port 80 proto tcp; done
#for cfip in `cat ips-v6`; do ufw allow from $cfip to any port 80 proto tcp; done
# Examples to restrict to port 443
#for cfip in `cat ips-v4`; do ufw allow from $cfip to any port 443 proto tcp; done
#for cfip in `cat ips-v6`; do ufw allow from $cfip to any port 443 proto tcp; done
配置运行:
sudo crontab -e
0 0 * * 1 /opt/cloudflare/cloudflare-ufw.sh > /dev/null 2>&1
过来看看老大~