CN-JS-HuiBai/Linux-Shell
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

添加初始化脚本 修复防火墙转发脚本的错误

Browse Source
This commit is contained in:
CN-JS-HuiBai
2026-02-17 23:49:11 +08:00
parent 4cd40ffae0
commit 5768d6d9e2
4 changed files with 34 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
Forward-Tools/firewall_tools.sh
View File

@@ -7,7 +7,7 @@ if [ "$EUID" -ne 0 ]; then
fi fi
if ! command -v firewall-cmd >/dev/null 2>&1; then if ! command -v firewall-cmd >/dev/null 2>&1; then
echo "❌ 未检测到 firewall-cmd(仅支持 RHEL 系)" echo "❌ 未检测到 firewall-cmd"
exit 1 exit 1
fi fi
@@ -16,6 +16,8 @@ if ! systemctl is-active firewalld >/dev/null 2>&1; then
exit 1 exit 1
fi fi
firewall-cmd --permanent --add-masquerade
ZONE=$(firewall-cmd --get-default-zone) ZONE=$(firewall-cmd --get-default-zone)
get_forward_ports() { get_forward_ports() {
@@ -82,7 +84,6 @@ delete_rule() {
echo "$RULE" echo "$RULE"
read -rp "确认删除?(y/N): " CONFIRM read -rp "确认删除?(y/N): " CONFIRM
[[ "$CONFIRM" =~ ^[Yy]$ ]] || return [[ "$CONFIRM" =~ ^[Yy]$ ]] || return
firewall-cmd --permanent --zone="$ZONE" --remove-forward-port="$RULE" firewall-cmd --permanent --zone="$ZONE" --remove-forward-port="$RULE"
firewall-cmd --reload firewall-cmd --reload

24
System-Init/mysql-salve-config.sh Normal file
View File

@@ -0,0 +1,24 @@
#!/bin/bash
set -e
#检查操作系统类型
if grep -Ei "red hat|rocky|alma|centos" /etc/os-release > /dev/null 2>&1; then
dnf -y install mysql8.4-server
elif grep -Ei "debian|ubuntu" /etc/os-release > /dev/null 2>&1; then
echo 非红帽系操作系统,脚本不支持当前操作系统
exit 1
fi
#为防火墙放行3306端口
firewall-cmd --add-port=3306/tcp --permanent
firewall-cmd --reload
#交互式输入MySQL从库IP
read -p "请输入MySQL从库IP: " slave_ip
read -p "请输入MySQL从库SSH密码: " slave_password
#生成密钥并配置从库SSH免密登录
if [ ! -f ~/.ssh/id_rsa ]; then
ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa
fi
sshpass -p "${slave_password}" ssh-copy-id -o StrictHostKeyChecking=no root@${slave_ip}
#通过交互式输入的IP和密码复制复制MySQL数据库证书到从库
sshpass -p "${slave_password}" scp -o StrictHostKeyChecking=no /var/lib/mysql/*.pem root@${slave_ip}:/var/lib/mysql/

4
System-Init/system-init-shells-Lite.sh
View File

@@ -13,9 +13,11 @@ if grep -Ei "red hat|rocky|alma|centos" /etc/os-release > /dev/null 2>&1; then
sudo firewall-cmd --permanent --add-port=${port}/tcp sudo firewall-cmd --permanent --add-port=${port}/tcp
sudo firewall-cmd --permanent --add-port=${port}/udp sudo firewall-cmd --permanent --add-port=${port}/udp
done done
#启用Firewall NAT转发
sudo firewall-cmd --permanent --add-masquerade --zone=public
#重启Firewall
sudo firewall-cmd --reload sudo firewall-cmd --reload
sudo firewall-cmd --list-ports sudo firewall-cmd --list-ports
sudo dnf install -y wget curl tar sudo dnf install -y wget curl tar

5
System-Init/system-init-shells.sh
View File

@@ -14,9 +14,10 @@ if grep -Ei "red hat|rocky|alma|centos" /etc/os-release > /dev/null 2>&1; then
sudo firewall-cmd --permanent --add-port=${port}/tcp sudo firewall-cmd --permanent --add-port=${port}/tcp
sudo firewall-cmd --permanent --add-port=${port}/udp sudo firewall-cmd --permanent --add-port=${port}/udp
done done
#启用Firewall NAT转发
sudo firewall-cmd --permanent --add-masquerade --zone=public
#重启Firewall
sudo firewall-cmd --reload sudo firewall-cmd --reload
sudo firewall-cmd --list-ports sudo firewall-cmd --list-ports
sudo dnf install -y wget curl tar sudo dnf install -y wget curl tar