# 修改ROOT用户密码 passwd root ---------------------------------------------------------------------------- # 更新源和安装软件 apt-get update apt-get upgrade apt-get dist-upgrade apt-get install git nano chkconfig bash-completion dialog apt-get purge python python-minimal python2.7 python2.7-minimal rsyslog vim vim-common vim-runtime rsync libx11-6 libxau6 libxpm4 libxdmcp6 apt-get autoremove ---------------------------------------------------------------------------- # 配置 git git config --global user.name "pexcn" git config --global user.email "pexcn97@gmail.com" git config --global color.ui auto git config --global core.editor nano git config -l ---------------------------------------------------------------------------- # 配置 ssh # /etc/ssh/sshd_config ClientAliveInterval 60 ClientAliveCountMax 1024 ---------------------------------------------------------------------------- # 环境变量 # /root/.bashrc PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ ' if [ "$TERM" != "dumb" ]; then eval `dircolors -b` alias ls='ls --color=auto' alias dir='ls --color=auto --format=vertical' alias vdir='ls --color=auto --format=long' fi HISTFILESIZE=1000 HISTSIZE=1000 ---------------------------------------------------------------------------- # 常规优化 # /etc/profile ulimit -HSn 65535 # /etc/security/limits.conf * soft nofile 65535 * hard nofile 65535 # /etc/pam.d/common-session session required pam_limits.so ---------------------------------------------------------------------------- # shadowsocks apt-get install gcc zlib1g-dev libssl-dev make libpcre3-dev git clone https://github.com/pexcn/shadowsocks-libev.git && cd shadowsocks-libev ./configure --disable-documentation --disable-assert make && make install && make clean # /bin/openss nice -n -5 ss-server -s 0.0.0.0 -p [PORT] -k [PASSWORD] -m [chacha20-ietf|aes-256-cfb] -d 8.8.8.8 -u -n 65535 -A -f /run/ss[PORT].pid # /bin/closess killall -9 ss-server ---------------------------------------------------------------------------- # DNS 转发 # /etc/rc.local # echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A PREROUTING -p tcp --dport 25 -j DNAT --to-destination 8.8.8.8:53 iptables -t nat -A POSTROUTING -p tcp -d 8.8.8.8 --dport 53 -j SNAT --to-source [VPS IP] iptables -t nat -A PREROUTING -p udp --dport 25 -j DNAT --to-destination 8.8.8.8:53 iptables -t nat -A POSTROUTING -p udp -d 8.8.8.8 --dport 53 -j SNAT --to-source [VPS IP] ---------------------------------------------------------------------------- # Net Speeder apt-get install libnet1 libpcap0.8 libnet1-dev libpcap0.8-dev git clone https://github.com/pexcn/net-speeder.git && cd net-speeder && sh build.sh && cd .. && rm -r net-speeder ---------------------------------------------------------------------------- # 启动项 # /etc/rc.local echo 4096 > /proc/sys/net/core/somaxconn nice -n -5 netspeeder venet0 "src port [PORT] || src port [PORT] || src port [PORT]" > /dev/null 2>&1& # echo 1 > /proc/sys/net/ipv4/tcp_syncookies # echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all ---------------------------------------------------------------------------- # DNS # /etc/resolv.conf nameserver 8.8.8.8 nameserver 8.8.4.4 chattr +ai /etc/resolv.conf ---------------------------------------------------------------------------- # 时区 cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime ---------------------------------------------------------------------------- # 系统清理 # /bin/cleaner cd /usr/share/man && find ./ -maxdepth 1 -type d | tail -n +2 | grep -E -v '(en|man).*' | while read d; do rm -rf $d; done cd /usr/share/locale && find ./ -maxdepth 1 -type d | tail -n +2 | sed -e 's/\.\///g' | grep -E -v '^(en|currency|default|l10n).*' | while read d; do rm -rf $d; done cd /usr/share/i18n/locales && find ./ -name "??_*" | grep -E -v '(en)_' | while read f; do rm -f $f; done cd /usr/share/doc && rm -rf * cd /var/lib/dpkg && rm -f *-old cd /var/lib/apt/lists && rm -f * cd /var/cache/apt && rm -f * && cd archives && rm -f * rm -r /var/log/* # rm /opt/nginx/conf/off ---------------------------------------------------------------------------- # 欢迎界面 # /etc/motd Welcome to NEXT! ==> [NAME] ---------------------------------------------------------------------------- # 性能测试 cat /proc/cpuinfo cat /proc/meminfo dd if=/dev/zero of=test bs=4k count=256k conv=fdatasync && rm -f test dd if=/dev/zero of=test bs=64k count=4k oflag=dsync && rm -f test wget -O /dev/null http://speedtest-sfo1.digitalocean.com/100mb.test while true do wget -O /dev/null http://speedtest-sfo1.digitalocean.com/100mb.test done git clone https://github.com/pexcn/byte-unixbench.git ...