GalaxyData Community

OpenVZ VPS

# 修改ROOT用户密码
passwd root

----------------------------------------------------------------------------

# 更新源和安装软件
apt-get update
apt-get upgrade
apt-get dist-upgrade
apt-get install git nano chkconfig bash-completion dialog
apt-get purge python python-minimal python2.7 python2.7-minimal rsyslog vim vim-common vim-runtime rsync libx11-6 libxau6 libxpm4 libxdmcp6
apt-get autoremove

----------------------------------------------------------------------------

# 配置 git
git config --global user.name "pexcn"
git config --global user.email "pexcn97@gmail.com"
git config --global color.ui auto
git config --global core.editor nano
git config -l

----------------------------------------------------------------------------

# 配置 ssh
# /etc/ssh/sshd_config
ClientAliveInterval 60
ClientAliveCountMax 1024

----------------------------------------------------------------------------

# 环境变量
# /root/.bashrc
PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
if [ "$TERM" != "dumb" ]; then
    eval `dircolors -b`
    alias ls='ls --color=auto'
    alias dir='ls --color=auto --format=vertical'
    alias vdir='ls --color=auto --format=long'
fi
HISTFILESIZE=1000
HISTSIZE=1000

----------------------------------------------------------------------------

# 常规优化
# /etc/profile
ulimit -HSn 65535

# /etc/security/limits.conf
* soft nofile 65535
* hard nofile 65535

# /etc/pam.d/common-session
session required    pam_limits.so

----------------------------------------------------------------------------

# shadowsocks
apt-get install gcc zlib1g-dev libssl-dev make libpcre3-dev
git clone https://github.com/pexcn/shadowsocks-libev.git && cd shadowsocks-libev
./configure --disable-documentation --disable-assert
make && make install && make clean

# /bin/openss
nice -n -5 ss-server -s 0.0.0.0 -p [PORT] -k [PASSWORD] -m [chacha20-ietf|aes-256-cfb] -d 8.8.8.8 -u -n 65535 -A -f /run/ss[PORT].pid

# /bin/closess
killall -9 ss-server

----------------------------------------------------------------------------

# DNS 转发

# /etc/rc.local

# echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p tcp --dport 25 -j DNAT --to-destination 8.8.8.8:53
iptables -t nat -A POSTROUTING -p tcp -d 8.8.8.8 --dport 53 -j SNAT --to-source [VPS IP]
iptables -t nat -A PREROUTING -p udp --dport 25 -j DNAT --to-destination 8.8.8.8:53
iptables -t nat -A POSTROUTING -p udp -d 8.8.8.8 --dport 53 -j SNAT --to-source [VPS IP]

----------------------------------------------------------------------------

# Net Speeder
apt-get install libnet1 libpcap0.8 libnet1-dev libpcap0.8-dev
git clone https://github.com/pexcn/net-speeder.git && cd net-speeder && sh build.sh && cd .. && rm -r net-speeder

----------------------------------------------------------------------------

# 启动项
# /etc/rc.local
echo 4096 > /proc/sys/net/core/somaxconn
nice -n -5 netspeeder venet0 "src port [PORT] || src port [PORT] || src port [PORT]" > /dev/null 2>&1&

# echo 1 > /proc/sys/net/ipv4/tcp_syncookies
# echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all

----------------------------------------------------------------------------

# DNS
# /etc/resolv.conf
nameserver 8.8.8.8
nameserver 8.8.4.4

chattr +ai /etc/resolv.conf

----------------------------------------------------------------------------

# 时区
cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

----------------------------------------------------------------------------

# 系统清理
# /bin/cleaner
cd /usr/share/man && find ./ -maxdepth 1 -type d | tail -n +2 | grep -E -v '(en|man).*' | while read d; do rm -rf $d; done
cd /usr/share/locale && find ./ -maxdepth 1 -type d | tail -n +2 | sed -e 's/\.\///g' | grep -E -v '^(en|currency|default|l10n).*' | while read d; do rm -rf $d; done
cd /usr/share/i18n/locales && find ./ -name "??_*" | grep -E -v '(en)_' | while read f; do rm -f $f; done
cd /usr/share/doc && rm -rf *
cd /var/lib/dpkg && rm -f *-old
cd /var/lib/apt/lists && rm -f *
cd /var/cache/apt && rm -f * && cd archives && rm -f *
rm -r /var/log/*
# rm /opt/nginx/conf/off

----------------------------------------------------------------------------

# 欢迎界面
# /etc/motd
Welcome to NEXT! ==> [NAME]

----------------------------------------------------------------------------

# 性能测试
cat /proc/cpuinfo
cat /proc/meminfo

dd if=/dev/zero of=test bs=4k count=256k conv=fdatasync && rm -f test
dd if=/dev/zero of=test bs=64k count=4k oflag=dsync && rm -f test

wget -O /dev/null http://speedtest-sfo1.digitalocean.com/100mb.test

while true
do
    wget -O /dev/null http://speedtest-sfo1.digitalocean.com/100mb.test
done

git clone https://github.com/pexcn/byte-unixbench.git
...
Exit mobile version