Shell实战

 2024/08/27 

远程服务器磁盘占用

#!/bin/bash
web1=192.168.10.161
nginx1=192.168.10.164

menu(){
cat<<EOF
1.web1=192.168.10.161
2.nginx1=192.168.10.164
3.自定义服务器
4.菜单
EOF
}
check_disk(){
        ping -c 1 -w 1 $IP &>/dev/null
        if [ $? -eq 0 ];then
                echo "主机在线状态"
                disk_total=$(ssh root@$IP "lsblk | grep -E '^(sd|vd|hd)' | awk '{print \$1\":\"\$4}'")
                disk_used=$(ssh root@localhost "df / | grep / | awk '{print \$3/1024/1024 \"G\"}'")
                cat<<EOF
IP=$IP
磁盘总容量=$disk_total
使用磁盘容量=$disk_used
EOF
        else
                echo "主机离线状态"
        fi
}
echo "**************服务器磁盘资源利用率脚本*************"
menu
trap "" INT TSTP HUP
while true
do
        read -p "输入序号选择功能:" num
        case $num in
                1)
                        IP=$web1
                        check_disk
                        ;;
                2)
                        IP=$nginx1
                        check_disk
                        ;;
                3)
                        read -p "输入目标服务器IP:" IP
                        check_disk
                        ;;
                4)
                        menu
                        ;;
                wangsheng)
                        break
                        ;;
                *)
                        read -p "输入序号选择功能:" num
                        ;;
        esac
done

检查网站域名是否正常

#!/bin/bash
check_url(){
status_code=$(curl -o /dev/null -s -w "%{http_code}\n" $url)
[ $status_code -eq 200 ] && echo "域名$url状态正常" || echo "域名$url状态不正常（http状态码为$status_code）"
}

#help部分
case $1 in 
	--help|-h)
		echo "Usage: $0 <URL>"
		;;
	*)
		url=$1
		[ -z $url ] && echo "未检测到url" && exit 1
		check_url
		;;
esac

#从文件中读取
cat >url.txt<<EOF
www.baidu.com
durative.github.io
www.wangsheng.com
ifconfig.me
EOF

echo "************常规检查**************"
while read url
do
check_url
done<url.txt

检查磁盘与内存使用率

#!/bin/bash

echo "*******************磁盘占用率部分******************"
#捕获df的内容
df / | grep / > disk_info.txt
while read info
do
        disk_part=$(echo "$info" | awk '{print $1}')
        disk_useage=$(echo "$info" | awk '{print $5}' | awk -F "%" '{print $1}')
        [ "$disk_useage" -gt 5 ] && echo "磁盘${disk_part}占用超过5%" || echo "磁盘${disk_part}正常"
done<disk_info.txt

echo "*******************内存占用率部分******************"

mem_use=$(free -m | grep -i mem | awk '{print $3}')
mem_total=$(free -m | grep -i mem | awk '{print $2}')
mem_useage=$((mem_use * 100 / mem_total))
[ $mem_useage -gt 5 ] && echo "内存使用超过5%" || echo "内存占用正常"
       
![](https://cdn.jsdelivr.net/gh/durative/picture-warehouse@main/images/20240827031632.png)

批量安装LAMP服务器

#!/bin/bash

#写入主机列表文件，也可以注释掉在外面添加
cat >lamp_host.txt<<EOF
localhost
EOF

#编写安装脚本
cat >lamp.sh<<'EOF1'

#判断系统版本
os=$(cat /etc/redhat-release | awk '{print $4}' | awk -F '.' '{print $1}')
[ $os -eq 7 ] && echo "系统版本为centos7" || echo "系统版本不为centos7"

systemctl disable firewalld --now &> /dev/null
[ $? -eq 0 ] && echo "firewall已关闭" || echo "firewall关闭错误"
sed -i 's/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config
setenforce 0
echo "selinux已关闭"

echo "apache开始安装"
yum -y remove httpd httpd-devel &> /dev/null
yum -y install httpd httpd-devel wget &> /dev/null
systemctl enable httpd --now &> /dev/null
sleep 3
systemctl is-active httpd &> /dev/null
if [ $? -ne 0 ]||[ $(ss -tunlp | grep -c 80) -lt 2 ];then
	echo "http启动失败，请检查系统环境"
else
	echo "http服务启动测试完成"
fi
#测试apache
echo "test" > /var/www/html/index.html
http_status=$(curl -o /dev/null -s -w "%{http_code}\n" localhost)
[ $http_status -ne 200 ] && echo "http启动失败，http状态码$http_status，请检查系统环境" || echo "http网页测试完成"

echo "mysql开始安装"
yum -y remove mariadb mariadb-server mariadb-libs  mariadb-devel &> /dev/null
rm -rf /usr/local/mysql
useradd mysql -M -s /sbin/nologin &> /dev/null && echo "mysql用户创建"
if [ -f mysql-5.7.44-linux-glibc2.12-x86_64.tar.gz ];then
	echo "当前目录已存在mysql5.7.44二进制包"
else
	echo "当前目录下不存在mysql5.7.44二进制包，开始在线下载"
	wget https://downloads.mysql.com/archives/get/p/23/file/mysql-5.7.44-linux-glibc2.12-x86_64.tar.gz &> /dev/null
fi
tar -xf mysql-5.7.44-linux-glibc2.12-x86_64.tar.gz
[ $? -eq 0 ] && echo "解压完成"
mv mysql-5.7.44-linux-glibc2.12-x86_64 /usr/local/mysql
mkdir /usr/local/mysql/data -p
mkdir /usr/local/mysql/logs -p
chown -R mysql:mysql /usr/local/mysql
echo "为二进制文件创建软链接"
for file in /usr/local/mysql/bin/*;do  
    ln -s "$file" "/bin/$(basename "$file")" &> /dev/null
done
echo "my.cnf编辑"
cat > /etc/my.cnf << EOF2
[mysql]
default-character-set=utf8mb4
socket=/usr/local/mysql/logs/mysql.sock
[mysqld]
port=3306
basedir=/usr/local/mysql
datadir=/usr/local/mysql/data
log-error=/usr/local/mysql/logs/mysqld.log
socket=/usr/local/mysql/logs/mysql.sock
character-set-server=utf8mb4
default-storage-engine=INNODB
log-output=FILE
default-authentication-plugin=mysql_native_password
EOF2
chown mysql:mysql /etc/my.cnf
echo "mysql初始化开始"
mysqld --initialize --user=mysql --basedir=/usr/local/mysql/ \
--datadir=/usr/local/mysql/data/ &> /dev/null
cat > /usr/lib/systemd/system/mysqld.service << EOF3
[Unit]
Description=MySQL Server
Documentation=man:mysqld(8)
After=network.target
After=syslog.target
[Install]
WantedBy=multi-user.target
[Service]
User=mysql
Group=mysql
ExecStart=/usr/local/mysql/bin/mysqld --defaults-file=/etc/my.cnf
LimitNOFILE=65536
LimitNPROC=65536
EOF3
systemctl daemon-reload
systemctl restart mysqld.service
sleep 3
systemctl is-active mysqld.service &> /dev/null
if [ $? -ne 0 ]||[ $(ss -tunlp | grep -c 3306) -lt 1 ];then
	echo "mysql启动失败，请检查系统环境"
else
	echo "mysql服务启动测试完成"
fi

echo "进行mysql密码修改"
my_passwd=$(cat /usr/local/mysql/logs/mysqld.log | grep root | grep generated | awk '{print $11}')
ln -s /usr/local/mysql/logs/mysql.sock /tmp/mysql.sock  &> /dev/null
mysqladmin -uroot -p"$my_passwd" password 'root' &> /dev/null
mysql -uroot -p"root" -e "exit" &> /dev/null
[ $? -eq 0 ] && echo "数据库密码修改完成" || echo "数据库密码修改失败"o "php开始安装"

echo "php开始安装"
yum -y remove php php-mysql php-gd php-ldap php-odbc php-pear php-xml php-xmlrpc php-mbstring php-snmp php-soap curl curl-devel php-bcmath &> /dev/null
yum -y install php php-mysql php-gd php-ldap php-odbc php-pear php-xml php-xmlrpc php-mbstring php-snmp php-soap curl curl-devel php-bcmath &> /dev/null
cat>/var/www/html/info.php<<EOF5
<?php
phpinfo();
?>
EOF5
systemctl restart httpd
sleep 3
status_code=$(curl -o /dev/null -s -w "%{http_code}\n" localhost/info.php)
[ $status_code -eq 200 ] && echo "php测试网页状态正常" || echo "php测试网页状态正常（http状态码为$status_code）"
EOF1

#主函数
for host in $(cat lamp_host.txt)
do
	scp lamp.sh root@${host}:/root &> /dev/null
	[ $? -eq 0 ] && echo "脚本传送成功" || echo "脚本传送失败，请检查ssh设置"
	ssh root@${host} "chmod +x lamp.sh"
	ssh root@${host} "sh lamp.sh"
done

拉黑异常IP

#!/bin/bash
yum -y install net-tools &> /dev/null
#筛选出连接数大于50的ip并加入数组ips
mapfile -t ips < <(netstat -an | grep EST | awk -F '[: ]+' '{print $4}' | sort | uniq -c | awk '$1 >= 50 {print $2}')
#遍历数组
for ip in "${ips[@]}"; do
	firewall-cmd --add-rich-rule="rule family=ipv4 source address=$ip reject" --permanent  
done
echo "已拉黑 $(ip)"
firewall-cmd --reload

#不使用数组遍历的方法：
#ip=netstat -an | grep EST | awk -F '[: ]+' '{print $4}' | sort | uniq -c | awk '$1 >= 50 {print $2}'
#for i in $(ip)
#do
#firewall-cmd --add-rich-rule="rule family=ipv4 source address=$(ip) reject" --permanent
#echo "拉黑 $(ip)"
#done