Ubuntu20.04 Server初始化

Ubuntu20.04 Server初始化

1. 命令提示符的修改

root@ubuntu2004:~# vim ~/.bashrc
#在配置文件结尾添加以下内容：
PS1='\[\e[1;33m\][\u@\h \W]\$\[\e[0m\]'  #修改命令提示符的颜色为黄色
export HISTTIMEFORMAT="%F %T "  #指定history时间格式
export EDITOR=vim  #指定文本编辑器

root@ubuntu2004:~# . ~/.bashrc  #让.bashrc配置文件生效

2. 清空防火墙规则

#Ubuntu20.04 Server默认没有开启防火墙，但是默认安装了ufw防火墙，推荐使用iptables防火墙
[root@ubuntu2004 ~]#ufw status  #查看ufw防火墙状态
Status: inactive
[root@ubuntu2004 ~]#ufw disable  #关闭ufw防火墙
Firewall stopped and disabled on system startup
[root@ubuntu2004 ~]#apt remove ufw  #卸载ufw
[root@ubuntu2004 ~]#apt purge ufw  #删除ufw依赖包
[root@ubuntu2004 ~]#whereis iptables  #查看iptables文件的位置
iptables: /usr/sbin/iptables /usr/share/iptables /usr/share/man/man8/iptables.8.gz
[root@ubuntu2004 ~]#dpkg -s iptables  #列出iptables包的状态，包括详细信息
Package: iptables
Status: install ok installed
Priority: optional
Section: net
Installed-Size: 2639
Maintainer: Ubuntu Developers <[email protected]>
Architecture: amd64
Multi-Arch: foreign
Version: 1.8.4-3ubuntu2

#启动iptables
[root@ubuntu2004 ~]#modprobe ip_tables

#清空iptables防火墙规则
[root@ubuntu2004 ~]#iptables -F
[root@ubuntu2004 ~]#iptables -vnL
Chain INPUT (policy ACCEPT 314 packets, 22966 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 233 packets, 23322 bytes)
 pkts bytes target     prot opt in     out     source               destination

3. 修改网卡名

#修改配置文件为下面形式
[root@ubuntu2004 ~]#vim /etc/default/grub
GRUB_CMDLINE_LINUX="net.ifnames=0"
#或者sed修改
#方法一：替换
[root@ubuntu2004 ~]#sed -i.bak '/^GRUB_CMDLINE_LINUX=/c GRUB_CMDLINE_LINUX="net.ifnames=0"' /etc/default/grub
#方法二：搜索替换
[root@ubuntu2004 ~]#sed -i.bak '/^GRUB_CMDLINE_LINUX=/s#"$#net.ifnames=0"#' /etc/default/grub
[root@ubuntu2004 ~]#grep "^[a-Z]" /etc/default/grub
GRUB_DEFAULT=0
GRUB_TIMEOUT_STYLE=hidden
GRUB_TIMEOUT=0
GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
GRUB_CMDLINE_LINUX_DEFAULT="maybe-ubiquity"
GRUB_CMDLINE_LINUX="net.ifnames=0"
#生成新的grub.cfg文件
[root@ubuntu2004 ~]#grub-mkconfig -o /boot/grub/grub.cfg
#重启生效
[root@ubuntu2004 ~]#reboot

4. 配置静态IP

[root@ubuntu2004 ~]#vim /etc/netplan/01-netcfg.yaml
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
  version: 2
  renderer: networkd
  ethernets:
    eth0:
      addresses: [10.0.0.151/24]
      gateway4: 10.0.0.2
      nameservers:
        addresses: [223.5.5.5, 180.76.76.76, 8.8.8.8]

#修改网卡配置文件后需执行命令生效：
[root@ubuntu2004 ~]#netplan apply

#查看IP
[root@ubuntu2004 ~]#ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 00:0c:29:88:18:c6 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.151/24 brd 10.0.0.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe88:18c6/64 scope link
       valid_lft forever preferred_lft forever

#查看gateway
[root@ubuntu2004 ~]#route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.0.0.2        0.0.0.0         UG    0      0        0 eth0
10.0.0.0        0.0.0.0         255.255.255.0   U     0      0        0 eth0

#查看DNS
[root@ubuntu1804 ~]#systemd-resolve --status
[root@ubuntu2004 ~]#resolvectl status  ##Ubuntu 20.04新命令
Global
       LLMNR setting: no
MulticastDNS setting: no
  DNSOverTLS setting: no
      DNSSEC setting: no
    DNSSEC supported: no
          DNSSEC NTA: 10.in-addr.arpa
                      16.172.in-addr.arpa
                      168.192.in-addr.arpa
                      17.172.in-addr.arpa
                      18.172.in-addr.arpa
                      19.172.in-addr.arpa
                      20.172.in-addr.arpa
                      21.172.in-addr.arpa
                      22.172.in-addr.arpa
                      23.172.in-addr.arpa
                      24.172.in-addr.arpa
                      25.172.in-addr.arpa
                      26.172.in-addr.arpa
                      27.172.in-addr.arpa
                      28.172.in-addr.arpa
                      29.172.in-addr.arpa
                      30.172.in-addr.arpa
                      31.172.in-addr.arpa
                      corp
                      d.f.ip6.arpa
                      home
                      internal
                      intranet
                      lan
                      local
                      private
                      test

Link 2 (eth0)
      Current Scopes: DNS
DefaultRoute setting: yes
       LLMNR setting: yes
MulticastDNS setting: no
  DNSOverTLS setting: no
      DNSSEC setting: no
    DNSSEC supported: no
  Current DNS Server: 223.5.5.5
         DNS Servers: 223.5.5.5
                      180.76.76.76
                      8.8.8.8

5. 关闭SELinux

[root@ubuntu2004 ~]#apt update
[root@ubuntu2004 ~]#apt -y install selinux-utils selinux 
[root@ubuntu2004 ~]#getenforce  #获取selinux当前状态
Disabled 
[root@ubuntu2004 ~]#vim /etc/selinux/config
SELINUX=disabled
[root@ubuntu2004 ~]#reboot  #重启生效

6. 实现邮件通信

[root@ubuntu2004 ~]#apt install -y postfix bsd-mailx
[root@ubuntu2004 ~]#systemctl enable --now postfix
# 邮件配置文件：/etc/mail.rc

7. 配置apt源

[root@ubuntu2004 ~]#vim /etc/apt/sources.list
[root@ubuntu2004 ~]#grep "^[a-Z]" /etc/apt/sources.list
deb https://mirrors.aliyun.com/ubuntu/ focal main restricted
deb https://mirrors.tencent.com/ubuntu/ focal main restricted
deb https://mirrors.huaweicloud.com/ubuntu/ focal main restricted
deb https://mirrors.aliyun.com/ubuntu/ focal-updates main restricted
deb https://mirrors.tencent.com/ubuntu/ focal-updates main restricted
deb https://mirrors.huaweicloud.com/ubuntu/ focal-updates main restricted
deb https://mirrors.aliyun.com/ubuntu/ focal universe
deb https://mirrors.tencent.com/ubuntu/ focal universe
deb https://mirrors.huaweicloud.com/ubuntu/ focal universe
deb https://mirrors.aliyun.com/ubuntu/ focal-updates universe
deb https://mirrors.tencent.com/ubuntu/ focal-updates universe
deb https://mirrors.huaweicloud.com/ubuntu/ focal-updates universe
deb https://mirrors.aliyun.com/ubuntu/ focal multiverse
deb https://mirrors.tencent.com/ubuntu/ focal multiverse
deb https://mirrors.huaweicloud.com/ubuntu/ focal multiverse
deb https://mirrors.aliyun.com/ubuntu/ focal-updates multiverse
deb https://mirrors.tencent.com/ubuntu/ focal-updates multiverse
deb https://mirrors.huaweicloud.com/ubuntu/ focal-updates multiverse
deb https://mirrors.aliyun.com/ubuntu/ focal-backports main restricted universe multiverse
deb https://mirrors.tencent.com/ubuntu/ focal-backports main restricted universe multiverse
deb https://mirrors.huaweicloud.com/ubuntu/ focal-backports main restricted universe multiverse
deb https://mirrors.aliyun.com/ubuntu/ focal-security main restricted
deb https://mirrors.tencent.com/ubuntu/ focal-security main restricted
deb https://mirrors.huaweicloud.com/ubuntu/ focal-security main restricted
deb https://mirrors.aliyun.com/ubuntu/ focal-security universe
deb https://mirrors.tencent.com/ubuntu/ focal-security universe
deb https://mirrors.huaweicloud.com/ubuntu/ focal-security universe
deb https://mirrors.aliyun.com/ubuntu/ focal-security multiverse
deb https://mirrors.tencent.com/ubuntu/ focal-security multiverse
deb https://mirrors.huaweicloud.com/ubuntu/ focal-security multiverse
[root@ubuntu2004 ~]#apt update

8. chrony时间同步

#服务器端配置
[root@centos7 ~]#hostname -I
10.0.0.7
[root@centos7 ~]#yum -y install chrony
[root@centos7 ~]#vim /etc/chrony.conf
server ntp.aliyun.com iburst
server ntp1.aliyun.com iburst
server ntp2.aliyun.com iburst
server ntp3.aliyun.com iburst
 
 
#allow 192.168.0.0/16
allow 0.0.0.0/0   #加此行,指定允许同步的网段
 
# Serve time even if not synchronized to a time source.
local stratum 10   #删除此行注释,当互联网无法连接,仍然可以为客户端提供时间同步服务
[root@centos7 ~]#systemctl restart chronyd
 
#服务启动后会打开端口123/udp
[root@centos7 ~]#ss -ntlu
Netid  State      Recv-Q Send-Q           Local Address:Port                          Peer Address:Port
udp    UNCONN     0      0                            *:123                                      *:*
udp    UNCONN     0      0                    127.0.0.1:323                                      *:*
udp    UNCONN     0      0                        [::1]:323                                   [::]:*
tcp    LISTEN     0      100                  127.0.0.1:25                                       *:*
tcp    LISTEN     0      128                          *:22                                       *:*
tcp    LISTEN     0      100                      [::1]:25                                    [::]:*
tcp    LISTEN     0      128                       [::]:22                                    [::]:*
 
 
#客户端配置
[root@ubuntu2004 ~]#hostname -I
10.0.0.151
[root@ubuntu2004 ~]#apt install -y chrony
[root@ubuntu2004 ~]#vim /etc/chrony/chrony.conf
pool 10.0.0.7 iburst
[root@ubuntu2004 ~]#systemctl restart chronyd.service

#客户端确认同步成功
[root@ubuntu2004 ~]#chronyc sources -v
210 Number of sources = 1

  .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| /   '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^* 10.0.0.7                      3   6    17    14    +33us[ +114us] +/-   35ms

9 . shell脚本自动加注释

[root@ubuntu2004 ~]#vim ~/.vimrc
[root@ubuntu2004 ~]#cat ~/.vimrc
set ts=4
set expandtab
set ignorecase
autocmd BufNewFile *.sh exec ":call SetTitle()"
func SetTitle()
 if expand("%:e")=='sh'
   call setline(1,"#!/bin/bash")
   call setline(2,"#")
   call setline(3,"#*************************************************************")
   call setline(4,"#Author:              chen")
   call setline(5,"#QQ:                  2088346053")
   call setline(6,"#Date:                ".strftime("%Y-%m-%d"))
   call setline(7,"#FileName:            ".expand("%"))
   call setline(8,"#Description:         The test script")
   call setline(9,"#Copyright (C):       ".strftime("%Y")." All rights reserved")
   call setline(10,"#*************************************************************")
   call setline(11,"")
   endif
endfunc
autocmd BufNewFile * normal G"
[root@ubuntu2004 ~]#. ~/.vimrc

10. 修改时区

[root@ubuntu2004 ~]#timedatectl
               Local time: Sat 2022-07-23 20:37:01 UTC
           Universal time: Sat 2022-07-23 20:37:01 UTC
                 RTC time: Sat 2022-07-23 20:37:01
                Time zone: Etc/UTC (UTC, +0000)
System clock synchronized: yes
              NTP service: active
          RTC in local TZ: no
[root@ubuntu2004 ~]#timedatectl set-timezone Asia/Shanghai
[root@ubuntu2004 ~]#timedatectl
               Local time: Sun 2022-07-24 22:48:09 CST
           Universal time: Sat 2022-07-23 20:48:09 UTC
                 RTC time: Sat 2022-07-23 20:48:09
                Time zone: Asia/Shanghai (CST, +0800)
System clock synchronized: yes
              NTP service: active
          RTC in local TZ: no 
[root@ubuntu2004 ~]#cat /etc/timezone
Asia/Shanghai
[root@ubuntu2004 ~]#vim /etc/default/locale
LANG="en_HK.UTF-8"
LANGUAGE="en_HK:en"
[root@ubuntu2004 ~]#reboot