搜索到
22
篇与
的结果
-
甲骨文一键保🐔脚本 脚本借鉴了Hostloc坛友 sesr 的部分代码,在此致谢!脚本可选CPU占用不低于15%且内存占用不低于10%来保🐔,也可选择只保持CPU占用不低于15%来保🐔,具体使用方法看下面指令描述;脚本只在Debian 11系统测试通过,理论Debian10+、Ubuntu 20+系统同样适用,Centos系统用户自行测试是否适用;单纯CPU占用 一键指令:bash <(curl -sL https://raw.githubusercontent.com/07031218/normal-shell/main/oracle-alive.sh)CPU+内存占用同时保持 一键指令:bash <(curl -sL https://raw.githubusercontent.com/07031218/normal-shell/main/oracle-alive.sh) -cm脚本卸载指令:bash <(curl -sL https://raw.githubusercontent.com/07031218/normal-shell/main/oracle-alive.sh) -u -
-
nas-tools一键部署脚本 脚本特点1、采取docker方式安装Nas-tools、chinesesubfinder、chinesesubfinder、jackett、qbittorrent依旧2、脚本支持Rclone一键挂载网盘并实现开机自动挂载(通过systemd实现)3、通过Gclone获取GD网盘APITOKEN4、一键反代nas-tools服务(可选nginx或者cloudflared tunnel),其中nginx反代暂时只支持vps环境使用脚本运行界面一键执行代码指令: bash <(curl -sL http://ghproxy.com/https://github.com/07031218/normal-shell/raw/main/nas-tools.sh)
-
cloudflared tunnel一键部署更新版 脚本更新缘由今天收到cloudflare发过来的邮件提醒,全文如下:大致意思是原来通过cloudflared tunnel --hostname tunnel.example.com --url https://localhost:3000指令建立的隧道配置将在2022年10月1日起不再支持,建议用户使用新的配置接入隧道,所以需要对原来的一键脚本做个升级了。脚本运行界面源代码如下:#/usr/bin/env bash red='\033[0;31m' green='\033[0;32m' yellow='\033[0;33m' plain='\033[0m' # check root #[[ $EUID -ne 0 ]] && echo -e "${red}错误: ${plain} 必须使用root用户运行此脚本!\n" && exit 1 clear checkCPU(){ CPUArch=$(uname -m) if [[ "$CPUArch" == "aarch64" ]];then arch=linux-arm64 elif [[ "$CPUArch" == "i686" ]];then arch=linux-386 elif [[ "$CPUArch" == "arm" ]];then arch=linux-arm elif [[ "$CPUArch" == "x86_64" ]] && [ -n "$ifMacOS" ];then arch=darwin-amd64 elif [[ "$CPUArch" == "x86_64" ]];then arch=linux-amd64 fi } check_dependencies(){ os_detail=$(cat /etc/os-release 2> /dev/null) if_debian=$(echo $os_detail | grep 'ebian') if_redhat=$(echo $os_detail | grep 'rhel') if [ -n "$if_debian" ];then InstallMethod="apt" elif [ -n "$if_redhat" ] && [[ "$os_version" -lt 8 ]];then InstallMethod="yum" elif [[ "$os_version" == "MacOS" ]];then InstallMethod="brew" fi } quit(){ exit 0 } checkCPU check_dependencies ${InstallMethod} install sudo -y > /dev/null 2>&1 #安装cloudflared tunnel install_cloudflared(){ echo -e "${red}如果你当前是非root用户,请确认已经将当前用户加sudo执行权限,否则脚本将会出错。${plain}" echo -n -e "${yellow}如需继续,请输入Y,否则输入N或者n,是否需要继续<Y/n>:${plain}" read ct if [[ $ct == "" ]]||[[ $ct == "n" ]]||[[ $ct == "N" ]]; then echo -e "${red}程序退出···${plain}" exit 0 fi file1="/usr/bin/cloudflared" #安装wget supervisor sudo ${InstallMethod} install wget supervisor -y > /dev/null 2>&1 #开始拉取cloudflared tunnel if [ ! -f "$file1" ]; then wget "https://ghproxy.com/https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-${arch}" -O cloudflared chmod +x cloudflared && cp cloudflared /usr/bin fi file="./.cloudflared/cert.pem" if [ ! -f "$file" ]; then echo -e "${green}请点击或者复制下方生成的授权链接,进入CF管理面板进行授权操作。${plain}" cloudflared login echo -e "${green}授权完成,请按照指令提示继续${plain}" fi read -p "请输入需要创建的隧道名称:" tunnel_name cloudflared tunnel create ${tunnel_name} read -p "请输入域名:" tunnel_domain cloudflared tunnel route dns ${tunnel_name} ${tunnel_domain} cloudflared tunnel list tunel_uuid=`cloudflared tunnel list|grep ${tunnel_name}|awk -F " " '{print $1}'` read -p "请输入传输协议[如不填写默认http]:" tunnel_protocol [[ -z ${tunnel_protocol} ]] && tunnel_protocol="http" read -p "请输入需要反代的服务IP地址[不填默认为本机]:" tunnel_ipadr [[ -z ${tunnel_ipadr} ]] && tunnel_ipadr="127.0.0.1" read -p "请输入需要反代的服务端口[如不填写默认80]:" tunnel_port [[ -z ${tunnel_port} ]] && tunnel_port="80" read -p "请输入supervisor值守的任务名称: " taskname [[ $EUID -ne 0 ]] && tunnel_config_dir="/home/`whoami`/.cloudflared" [[ $EUID -eq 0 ]] && tunnel_config_dir="/root/.cloudflared" sudo bash -c 'cat > ~/'${tunnel_name}.yml' <<EOF tunnel: '${tunnel_name}' credentials-file: '${tunnel_config_dir}'/'${tunel_uuid}'.json originRequest: connectTimeout: 30s noTLSVerify: true ingress: - hostname: '${tunnel_domain}' service: '${tunnel_protocol}'://'${tunnel_ipadr}':'${tunnel_port}' - service: http_status:404 EOF' [[ $EUID -ne 0 ]] && config_dir="/home/`whoami`" [[ $EUID -eq 0 ]] && config_dir="/root" sudo bash -c 'cat >> /etc/supervisor/conf.d/'${tunnel_name}.conf' << EOF [program:'${taskname}'] command=cloudflared tunnel --config '${config_dir}'/'${tunnel_name}'.yml run autorestart=true startsecs=10 startretries=36 redirect_stderr=true user='$(whoami)' ; setuid to this UNIX account to run the program log_stdout=true ; if true, log program stdout (default true) log_stderr=true ; if true, log program stderr (def false) logfile=/var/log/'${taskname}'.log ; child log path, use NONE for none; default AUTO EOF' sudo /etc/init.d/supervisor restart > /dev/null echo -e "${green}cloudflared tunnel部署完成,脚本退出·········${plain}" echo -e "${green}你现在可以通过http://${tunnel_domain}来访问本服务器穿透过的web服务了·········${plain}" exit 0 } update_supervisor(){ read -p "请输入supervisor Web服务的用户名: " username && printf "\n" read -p "请输入supervisor Web服务的用户密码:" passwd && printf "\n" sudo bash -c 'cat > /etc/supervisor/supervisord.conf << EOF [supervisord] http_port=127.0.0.1:9001 ; (alternately, ip_address:port specifies AF_INET) logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log) logfile_maxbytes=50MB ; (max main logfile bytes b4 rotation;default 50MB) logfile_backups=10 ; (num of main logfile rotation backups;default 10) loglevel=info ; (logging level;default info; others: debug,warn) pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid) nodaemon=false ; (start in foreground if true;default false) minfds=1024 ; (min. avail startup file descriptors;default 1024) minprocs=200 ; (min. avail process descriptors;default 200) [supervisorctl] serverurl=http://127.0.0.1:9001 ; use an http:// url to specify an inet socket username='${username}' ; should be same as http_username if set password='${passwd}' ; should be same as http_password if set prompt=mysupervisor ; cmd line prompt (default "supervisor") [inet_http_server] port=0.0.0.0:9001 username='${username}' password='${passwd}' [include] files = /etc/supervisor/conf.d/*.conf EOF' /etc/init.d/supervisor restart > /dev/null baseip=$(curl -s ipip.ooo) > /dev/null echo -e "${green}supervisor已设置完成,后续可通过http://${baseip}:9001 来进行进程守护${plain}(${red}重启、停止、启动、日志查看${plain})${green}管理·········${plain}" } uninstall_cloudflared(){ sudo /etc/init.d/supervisor stop > /dev/null cloudflared tunnel list echo -e "${green}以上为当前本机已存在的cloudflared tunnel隧道列表清单${plain}" read -p "请输入需要删除的隧道名称:" tunnel_name if [[ ${tunnel_name} != "" ]];then cloudflared tunnel delete ${tunnel_name} echo -e "${green}名为${tunnel_name}的cloudflared tunnel隧道配置已成功删除·········${plain}" else echo fi echo -e "${yellow}开始清理准备清理隧道对应的supervisor配置文件,请根据提示操作······${plain}" i=1 list=() if [[ ! -d /etc/supervisor/conf.d ]]||[[ `ls /etc/supervisor/conf.d/` == "" ]]; then echo -e "${red}错误,未在本机器上找到supervisor的相关conf配置文件${plain}" exit 1 elif [[ -d /etc/supervisor/conf.d ]];then items=$(ls /etc/supervisor/conf.d/ -l|awk 'NR>1{print $9}') fi for item in $items do list[i]=${item} i=$((i+1)) done while [[ 0 ]] do while [[ 0 ]] do echo echo -e "${green}本地supervisor配置列表清单:${plain}" # echo echo -e "${green}-------------------------------${plain}" for((j=1;j<=${#list[@]};j++)) do temp="${j}:${list[j]}" count=$((`echo "${temp}" | wc -m` -1)) if [ "${count}" -le 6 ];then temp="${temp}\t\t\t" elif [ "${count}" -gt 6 ] && [ "$count" -le 14 ];then temp="${temp}\t\t" elif [ "${count}" -gt 14 ];then temp="${temp}" fi echo -e "${green}${temp}" echo -e "${green}-------------------------------${plain}" done echo read -n3 -p "请选择要删除的supervisor启动服务(输入数字即可)如上述配置清单中不包含cloudflared tunnel隧道,请输入数字99退出选择:" supervisor_config_name if [[ ${supervisor_config_name} -eq 0 ]]; then echo echo -e "${red}输入不正确,请重新输入。${plain}" elif [[ ${supervisor_config_name} == "99" ]];then exit 0 elif [ ${supervisor_config_name} -le ${#list[@]} ] && [ -n ${supervisor_config_name} ];then echo echo -e "${green}您选择了:${list[supervisor_config_name]}${plain}" break else echo echo -e "${red}输入不正确,请重新输入。${plain}" echo fi done break done sudo rm /etc/supervisor/conf.d/${list[supervisor_config_name]} echo -e "${red}${list[supervisor_config_name]}已被删除,重启supervisor服务······${plain}" sudo /etc/init.d/supervisor restart > /dev/null sleep 3s copyright menu } copyright(){ clear echo -e " ————————————————————————————————————————————————————————————— cloudflared tunnel一键部署脚本 ${green} 本脚本仅适合域名已经托管在cloudflare的用户使用 Powered by 翔翎 ${plain} ————————————————————————————————————————————————————————————— " } menu() { echo -e "\ ${red}0.${plain} 退出脚本 ${green}1.${plain} 部署cloudflared tunnel ${green}2.${plain} 删除指定的cloudflared tunnel穿透任务 ${green}3.${plain} 开启cloudflared tunnel进程守护 " read -p "请输入数字 :" num case "$num" in 0) quit ;; 1) install_cloudflared ;; 2) uninstall_cloudflared ;; 3) update_supervisor ;; *) clear echo -e "错误:请输入正确数字 [0-3]" sleep 3s copyright menu ;; esac } copyright menu脚本源代码托管在Github了,也可通过如下一键指令进行cloudflared tunnel隧道部署bash <(curl -sL https://ghproxy.20120714.xyz/https://raw.githubusercontent.com/07031218/normal-shell/net/onekey-argo-tunnel.sh)
-
qBittorrent配合vertex刷流一键部署脚本 Vertex是什么?Vertex 是一款集 监控, 刷流, 站点, 搜索, 追剧 于一身的 PT 管理软件感谢作者的付出,作者主页: 粟山未来主要功能如下监控 - 监控服务器以及下载器的各项指标信息刷流 - 提供 RSS - 删种 全自动化流程站点 - 站点管理, 数据增长记录, 数据可视化搜索 - 提供全站种子聚合搜索, 可直接推送至下载器追剧 - 提供全自动化追剧方案, 根据设定规则, 完成搜索种子, 下载种子, 根据 Plex 等媒体服务器的格式为种子文件软链接改名脚本适用范围及特点兼容ARM64、AMD64架构兼容Debian、Ubuntu、Centos系统, 未适配群晖等NAS系统一键部署、卸载Vertex一键导入常用刷流ruler规则(半开箱即用,仍需自己配置PT站账户信息等操作)一键安装qBittorrent通过Watchower自动更新Vertex,更新同时自动删除旧镜像文件脚本界面脚本执行命令bash <(curl -sL https://ghproxy.20120714.xyz/https://raw.githubusercontent.com/07031218/normal-shell/main/vertex.sh)
-
xmr挖矿木马侦测消息推送脚本 前言最近发现某台机器经常出现wget、curl程序丢失的情况,之前一直没有时间排查,今天一查发现居然中了xmr挖矿木马,目前不确定是ssh暴破还是什么原因(我这台机器启用了SSH密钥登录,并非常规的密码登录);因为本人手上小鸡比较多(大概30+),没有时间逐一去排查,大概参阅了下网上xmr挖矿木马的大致特点,写了个侦测脚本丢小鸡上定时运行,如发现存在xmr挖矿木马,通过TG机器人推送消息,方便及时处理;废话不多说,脚本很简单,代码如下:#!/bin/bash cat > /usr/bin/tongzhi <<EOF #!/bin/bash baseip=\$(curl -4 ipip.ooo) if [[ -d /tmp/xmr ]]||[[ -f /tmp/config.json ]]||[[ -f /usr/.work/work32 ]]||[[ -f /usr/.work/work64 ]]; then # 下方对照修改填写自己tgbot的apitoken和自己的TGID即可 curl -s "https://api.telegram.org/bot{apitoken}/sendMessage?chat_id={tgid}&text=⚠️注意,本机发现挖矿程序,我的IP地址为:\${baseip}" fi EOF chmod +x /usr/bin/tongzhi sed -i 'N;8 a */1 * * * * /usr/bin/tongzhi' /etc/crontab /etc/init.d/cron restart echo "挖坑检测程序部署完成···"食用方法:小鸡上创建文件,如check.sh,粘贴上述代码,根据注释配置好TG机器人的apitoken和自己的tgid,最后bash check.sh执行一次即可。备注:本脚本在Debian和Ubuntu系统上测试过,Centos未测试,可自行测试下。
-
网站文件、数据库一键定时备份脚本 脚本特点:根据设定(参照脚本备注进行对应设定)自动化备份网站web文件和相关数据库到对应目录;通过命令调用一键还原网站web文件和数据库;文件压缩策略采取相对路径;仅保留最近7天的备份文件,超过该时间的备份文件自动删除,达到节省空间的目的(如需要延长保留时间,修改脚本中对备份文件的保存天数参数即可,在脚本第21行);备份文件命名添加日期标注,方便筛选文件;通过参数传递方式来实现备份、还原功能,eg:bash backup.sh -z实现一键备份,bash backup.sh -u 20220606实现一键还原,20220606为备份文件的备份日期(文件名中包含);脚本兼容mysql、mariadb数据库。使用方法:在vps上的/root目录创建backup.sh文件,复制下方代码;参照脚本备注进行对应设定,保存文件。脚本代码如下:#!/bin/bash # 使用方法 # 备份:bash backup.sh -z # 还原:bash backup.sh -u 20220606 (20220606为备份文件的日期) back(){ # 数据库账号信息 DB_USER="" # 数据库用户名 DB_PWD="" # 数据库密码 DB_HOST="" # 主机地址 DB_PORT="3306" #数据库端口号,默认3306 # MYSQL所在目录 MYSQL_DIR="/usr/local/mysql" # 备份文件存放目录 BAK_DIR="/home/bak" # 需要备份的网站目录 WEB_DIR="/home/wwwroot" # 时间格式化,如 20200902 DATE=`date +%Y%m%d` # 备份脚本保存的天数 DEL_DAY=7 # 要备份的数据库,空格分隔 DATABASES=("typehco" "git") # 创建日期目录 if [[ ! -d ${BAK_DIR}/${DATE} ]]; then mkdir -p $BAK_DIR/$DATE fi # echo "-------------------$(date +%F_%T) start ---------------" >>${BAK_DIR}/db_backup.log for database in "${DATABASES[@]}" do # 执行备份命令 $MYSQL_DIR/bin/mysqldump --defaults-extra-file=/etc/my.cnf ${database} > $BAK_DIR/$DATE/${database}.sql done # echo "--- backup file created: $BAK_DIR/db_backup_$DATE.tar.gz" >>${BAK_DIR}/db_backup.log # 将备份好的sql脚本压缩到db_backup_yyyyMMdd.tar.gz cd $BAK_DIR/$DATE tar -Pczf $BAK_DIR/db_backup_$DATE.tar.gz ./ # 将Blog的usr目录压缩到web_backup_yyyyMMdd.tar.gz cd $WEB_DIR tar -Pczf $BAK_DIR/web_backup_$DATE.tar.gz --exclude=.user.ini ./ # 压缩后,删除压缩前的备份文件和目录 rm -f $BAK_DIR/$DATE/* rmdir $BAK_DIR/$DATE # 遍历备份目录下的压缩文件 LIST=$(ls ${BAK_DIR}/*_backup_*) # LISt1=$(ls ${BAK_DIR}/web_backup_*) # 获取7天前的时间,用于作比较,早于该时间的文件将删除 SECONDS=$(date -d "$(date +%F) -${DEL_DAY} days" +%s) for index in ${LIST} do # 对文件名进行格式化,取命名末尾的时间,格式如 20200902 timeString=$(echo ${index} | egrep -o "?[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]") if [ -n "$timeString" ] then indexDate=${timeString//./-} indexSecond=$( date -d ${indexDate} +%s ) # 与当天的时间做对比,把早于7天的备份文件删除 if [ $(( $SECONDS- $indexSecond )) -gt 0 ] then rm $index # echo "---- deleted old backup file : $index " >>${BAK_DIR}/db_backup.log fi fi done # 此处根据自己rclone config的配置进行修改 rclone sync /home/bak nongjiale:blog-bak -v -P } restore(){ # 数据库目录 MYSQL_DIR="/usr/local/mysql" # 数据库账户信息 DB_USER="" # 数据库用户名 DB_PWD="" # 数据库密码 DB_HOST="" # 主机地址 DB_PORT="3306" # 数据库端口,默认3306 DATABASES="" # 要还原的数据库名 # 备份文件路径 BAK_DIR="" # 要还原网站所在路径 WEB_DIR="" # 还原网站备份 tar -xzf $BAK_DIR/web_backup_$DATE.tar.gz -C $WEB_DIR if [[ "$?" -eq 0 ]]; then echo "网站数据恢复成功。" else echo "出现错误,网站数据恢复失败。" fi # 还原数据库备份 tar -xzf $BAK_DIR/db_backup_$DATE.tar.gz -C ./ mysql -h$DB_HOST -u$DB_USER -p$DB_PWD ${DATABASES} < ./${DATABASES}.sql # 如您在使用过程中出现mysqldump: [Warning] Using a password on the command line interface can be insecure这条错误,请参阅这个文章进行设置:https://blog.csdn.net/qq_31851107/article/details/102578183,然后将上面命令行注释注释掉,取消下面行的注释,原因是mysql自5.7版本开始,考虑到mysql的安全性而更改对保护机制,在mysqldump备份数据库对时候不能直接在命令行上书写数据库的密码 # mysql --defaults-extra-file=/etc/my.cnf ${DATABASES} < ./${DATABASES}.sql rm *.sql if [[ "$?" -eq 0 ]]; then echo "数据库恢复成功。" else echo "出现错误,数据库恢复失败。" fi } if [[ $# > 0 ]];then key="$1" DATE="$2" case $key in -z|--back) back ;; -u|--restore) restore ;; esac else echo "出错了,请注意传参····" fi创建定时任务使用crontab -e 添加如下指令:0 0 * * * /root/backup.sh -z保存任务,完成定时任务创建。以上任务含义:每天0点进行备份,也可根据自己需要修改上面的定时时间。数据还原指令:bash backup.sh -u 2022060620220606为备份文件的备份日期(对应备份文件中日期格式);
-
