Ubuntu20.04 Server初始化
1. 修改命令提示符
root@ubuntu2004:~# vim ~/.bashrc #在配置文件结尾添加以下内容: PS1='\[\e[1;33m\][\u@\h \W]\$\[\e[0m\]' #修改命令提示符的颜色为黄色 export HISTTIMEFORMAT="%F %T " #指定history时间格式 export EDITOR=vim #指定文本编辑器 root@ubuntu2004:~# . ~/.bashrc #让.bashrc配置文件生效 2. 清空防火墙规则
#Ubuntu20.04 Server防火墙默认未打开,但默认安装ufw推荐使用防火墙iptables防火墙 [root@ubuntu2004 ~]#ufw status #查看ufw防火墙状态 Status: inactive [root@ubuntu2004 ~]#ufw disable #关闭ufw防火墙 Firewall stopped and disabled on system startup [root@ubuntu2004 ~]#apt remove ufw #卸载ufw [root@ubuntu2004 ~]#apt purge ufw #删除ufw依赖包 [root@ubuntu2004 ~]#whereis iptables #查看iptables文件的位置 iptables: /usr/sbin/iptables /usr/share/iptables /usr/share/man/man8/iptables.8.gz [root@ubuntu2004 ~]#dpkg -s iptables #列出iptables包的状态,包括详细信息 Package: iptables Status: install ok installed Priority: optional Section: net Installed-Size: 2639 Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> Architecture: amd64 Multi-Arch: foreign Version: 1.8.4-3ubuntu2 #启动iptables [root@ubuntu2004 ~]#modprobe ip_tables #清空iptables防火墙规则 [root@ubuntu2004 ~]#iptables -F [root@ubuntu2004 ~]#iptables -vnL Chain INPUT (policy ACCEPT 314 packets, 22966 bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 233 packets, 23322 bytes) pkts bytes target prot opt in out source destination 3. 修改网卡名
#修改配置文件为下面形式 [root@ubuntu2004 ~]#vim etc/default/grub
GRUB_CMDLINE_LINUX="net.ifnames=0"
#或者sed修改
#方法一:替换
[root@ubuntu2004 ~]#sed -i.bak '/^GRUB_CMDLINE_LINUX=/c GRUB_CMDLINE_LINUX="net.ifnames=0"' /etc/default/grub
#方法二:搜索替换
[root@ubuntu2004 ~]#sed -i.bak '/^GRUB_CMDLINE_LINUX=/s#"$#net.ifnames=0"#' /etc/default/grub
[root@ubuntu2004 ~]#grep "^[a-Z]" /etc/default/grub
GRUB_DEFAULT=0
GRUB_TIMEOUT_STYLE=hidden
GRUB_TIMEOUT=0
GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
GRUB_CMDLINE_LINUX_DEFAULT="maybe-ubiquity"
GRUB_CMDLINE_LINUX="net.ifnames=0"
#生成新的grub.cfg文件
[root@ubuntu2004 ~]#grub-mkconfig -o /boot/grub/grub.cfg
#重启生效
[root@ubuntu2004 ~]#reboot
4. 配置静态IP
[root@ubuntu2004 ~]#vim /etc/netplan/01-netcfg.yaml
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version: 2
renderer: networkd
ethernets:
eth0:
addresses: [10.0.0.151/24]
gateway4: 10.0.0.2
nameservers:
addresses: [223.5.5.5, 180.76.76.76, 8.8.8.8]
#修改网卡配置文件后需执行命令生效:
[root@ubuntu2004 ~]#netplan apply
#查看IP
[root@ubuntu2004 ~]#ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:88:18:c6 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.151/24 brd 10.0.0.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe88:18c6/64 scope link
valid_lft forever preferred_lft forever
#查看gateway
[root@ubuntu2004 ~]#route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.0.0.2 0.0.0.0 UG 0 0 0 eth0
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
#查看DNS
[root@ubuntu1804 ~]#systemd-resolve --status
[root@ubuntu2004 ~]#resolvectl status ##Ubuntu 20.04新命令
Global
LLMNR setting: no
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNSSEC NTA: 10.in-addr.arpa
16.172.in-addr.arpa
168.192.in-addr.arpa
17.172.in-addr.arpa
18.172.in-addr.arpa
19.172.in-addr.arpa
20.172.in-addr.arpa
21.172.in-addr.arpa
22.172.in-addr.arpa
23.172.in-addr.arpa
24.172.in-addr.arpa
25.172.in-addr.arpa
26.172.in-addr.arpa
27.172.in-addr.arpa
28.172.in-addr.arpa
29.172.in-addr.arpa
30.172.in-addr.arpa
31.172.in-addr.arpa
corp
d.f.ip6.arpa
home
internal
intranet
lan
local
private
test
Link 2 (eth0)
Current Scopes: DNS
DefaultRoute setting: yes
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Current DNS Server: 223.5.5.5
DNS Servers: 223.5.5.5
180.76.76.76
8.8.8.8
5. 关闭SELinux
[root@ubuntu2004 ~]#apt update
[root@ubuntu2004 ~]#apt -y install selinux-utils selinux
[root@ubuntu2004 ~]#getenforce #获取selinux当前状态
Disabled
[root@ubuntu2004 ~]#vim /etc/selinux/config
SELINUX=disabled
[root@ubuntu2004 ~]#reboot #重启生效
6. 实现邮件通信
[root@ubuntu2004 ~]#apt install -y postfix bsd-mailx
[root@ubuntu2004 ~]#systemctl enable --now postfix
# 邮件配置文件:/etc/mail.rc
7. 配置apt源
[root@ubuntu2004 ~]#vim /etc/apt/sources.list
[root@ubuntu2004 ~]#grep "^[a-Z]" /etc/apt/sources.list
deb https://mirrors.aliyun.com/ubuntu/ focal main restricted
deb https://mirrors.tencent.com/ubuntu/ focal main restricted
deb https://mirrors.huaweicloud.com/ubuntu/ focal main restricted
deb https://mirrors.aliyun.com/ubuntu/ focal-updates main restricted
deb https://mirrors.tencent.com/ubuntu/ focal-updates main restricted
deb https://mirrors.huaweicloud.com/ubuntu/ focal-updates main restricted
deb https://mirrors.aliyun.com/ubuntu/ focal universe
deb https://mirrors.tencent.com/ubuntu/ focal universe
deb https://mirrors.huaweicloud.com/ubuntu/ focal universe
deb https://mirrors.aliyun.com/ubuntu/ focal-updates universe
deb https://mirrors.tencent.com/ubuntu/ focal-updates universe
deb https://mirrors.huaweicloud.com/ubuntu/ focal-updates universe
deb https://mirrors.aliyun.com/ubuntu/ focal multiverse
deb https://mirrors.tencent.com/ubuntu/ focal multiverse
deb https://mirrors.huaweicloud.com/ubuntu/ focal multiverse
deb https://mirrors.aliyun.com/ubuntu/ focal-updates multiverse
deb https://mirrors.tencent.com/ubuntu/ focal-updates multiverse
deb https://mirrors.huaweicloud.com/ubuntu/ focal-updates multiverse
deb https://mirrors.aliyun.com/ubuntu/ focal-backports main restricted universe multiverse
deb https://mirrors.tencent.com/ubuntu/ focal-backports main restricted universe multiverse
deb https://mirrors.huaweicloud.com/ubuntu/ focal-backports main restricted universe multiverse
deb https://mirrors.aliyun.com/ubuntu/ focal-security main restricted
deb https://mirrors.tencent.com/ubuntu/ focal-security main restricted
deb https://mirrors.huaweicloud.com/ubuntu/ focal-security main restricted
deb https://mirrors.aliyun.com/ubuntu/ focal-security universe
deb https://mirrors.tencent.com/ubuntu/ focal-security universe
deb https://mirrors.huaweicloud.com/ubuntu/ focal-security universe
deb https://mirrors.aliyun.com/ubuntu/ focal-security multiverse
deb https://mirrors.tencent.com/ubuntu/ focal-security multiverse
deb https://mirrors.huaweicloud.com/ubuntu/ focal-security multiverse
[root@ubuntu2004 ~]#apt update
8. chrony时间同步
#服务器端配置
[root@centos7 ~]#hostname -I
10.0.0.7
[root@centos7 ~]#yum -y install chrony
[root@centos7 ~]#vim /etc/chrony.conf
server ntp.aliyun.com iburst
server ntp1.aliyun.com iburst
server ntp2.aliyun.com iburst
server ntp3.aliyun.com iburst
#allow 192.168.0.0/16
allow 0.0.0.0/0 #加此行,指定允许同步的网段
# Serve time even if not synchronized to a time source.
local stratum 10 #删除此行注释,当互联网无法连接,仍然可以为客户端提供时间同步服务
[root@centos7 ~]#systemctl restart chronyd
#服务启动后会打开端口123/udp
[root@centos7 ~]#ss -ntlu
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
udp UNCONN 0 0 *:123 *:*
udp UNCONN 0 0 127.0.0.1:323 *:*
udp UNCONN 0 0 [::1]:323 [::]:*
tcp LISTEN 0 100 127.0.0.1:25 *:*
tcp LISTEN 0 128 *:22 *:*
tcp LISTEN 0 100 [::1]:25 [::]:*
tcp LISTEN 0 128 [::]:22 [::]:*
#客户端配置
[root@ubuntu2004 ~]#hostname -I
10.0.0.151
[root@ubuntu2004 ~]#apt install -y chrony
[root@ubuntu2004 ~]#vim /etc/chrony/chrony.conf
pool 10.0.0.7 iburst
[root@ubuntu2004 ~]#systemctl restart chronyd.service
#客户端确认同步成功
[root@ubuntu2004 ~]#chronyc sources -v
210 Number of sources = 1
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 10.0.0.7 3 6 17 14 +33us[ +114us] +/- 35ms
9 . shell脚本自动加注释
[root@ubuntu2004 ~]#vim ~/.vimrc
[root@ubuntu2004 ~]#cat ~/.vimrc
set ts=4
set expandtab
set ignorecase
autocmd BufNewFile *.sh exec ":call SetTitle()"
func SetTitle()
if expand("%:e")=='sh'
call setline(1,"#!/bin/bash")
call setline(2,"#")
call setline(3,"#*************************************************************")
call setline(4,"#Author: chen")
call setline(5,"#QQ: 2088346053")
call setline(6,"#Date: ".strftime("%Y-%m-%d"))
call setline(7,"#FileName: ".expand("%"))
call setline(8,"#Description: The test script")
call setline(9,"#Copyright (C): ".strftime("%Y")." All rights reserved")
call setline(10,"#*************************************************************")
call setline(11,"")
endif
endfunc
autocmd BufNewFile * normal G"
[root@ubuntu2004 ~]#. ~/.vimrc
10. 修改时区
[root@ubuntu2004 ~]#timedatectl
Local time: Sat 2022-07-23 20:37:01 UTC
Universal time: Sat 2022-07-23 20:37:01 UTC
RTC time: Sat 2022-07-23 20:37:01
Time zone: Etc/UTC (UTC, +0000)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no
[root@ubuntu2004 ~]#timedatectl set-timezone Asia/Shanghai
[root@ubuntu2004 ~]#timedatectl
Local time: Sun 2022-07-24 22:48:09 CST
Universal time: Sat 2022-07-23 20:48:09 UTC
RTC time: Sat 2022-07-23 20:48:09
Time zone: Asia/Shanghai (CST, +0800)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no
[root@ubuntu2004 ~]#cat /etc/timezone
Asia/Shanghai
[root@ubuntu2004 ~]#vim /etc/default/locale
LANG="en_HK.UTF-8"
LANGUAGE="en_HK:en"
[root@ubuntu2004 ~]#reboot