Fork me on GitHub

shell脚本之nginx启动脚本、统计日志字段、for循环实战、跳板机

1.NGINX启动脚本

#!/bin/bash
# chkconfig: 235 32 62
# description: nginx 
[ -f /etc/init.d/functions ] && . /etc/init.d/functions
pidfile=/application/nginx/logs/nginx.pid
start(){
  if [ -f $pidfile ];then
    echo "Nginx is Running"
  else
    /application/nginx/sbin/nginx
	RETVAL=$?
	if [ $RETVAL -eq 0 ];then
	  action "Nginx is Started" /bin/true
	else
	  action "Nginx is Started" /bin/false
    fi
  fi
  return $RETVAL
}
stop(){
  if [ -f $pidfile ];then
    /application/nginx/sbin/nginx -s stop
	RETVAL=$?
	if [ $RETVAL -eq 0 ];then
	  action "Nginx is Stopped" /bin/true
	else
	  action "Nginx is Stopped" /bin/false
    fi
  else
	echo "Nginx is not Running"
  fi
  return $RETVAL
}
reload(){
  if [ -f $pidfile ];then
    /application/nginx/sbin/nginx -s reload &>/dev/null
	RETVAL=$?
	if [ $RETVAL -eq 0 ];then
	  action "Nginx is Reloaded" /bin/true
	else
	  action "Nginx is Reloaded" /bin/false
        fi
  else
	echo "Nginx is not Running"
	/application/nginx/sbin/nginx
	RETVAL=$?
	if [ $RETVAL -eq 0 ];then
	  action "Nginx is Started" /bin/true
	else
	  action "Nginx is Started" /bin/false
        fi
  fi
  return $RETVAL
}
# case中的RETVAL=$?是为了接收函数的返回值
case $1 in
  start)
	start
	RETVAL=$?
	;;
  stop)
	stop
	RETVAL=$?
	;;
  restart)
	stop
	sleep 1
	start
	RETVAL=$?
	;;
  reload)
	reload
	RETVAL=$?
	;;
  *)
	echo "USAGE: $0 {start|stop|restart|reload} "
	exit 1
esac
exit $RETVAL

添加到系统服务中

cp /server/scripts/nginx /etc/init.d/
chkconfig --add nginx
# 生成了这些文件
/etc/rc.d/rc2.d/S32nginx  /etc/rc.d/rc3.d/S32nginx
/etc/rc.d/rc4.d/S32nginx  /etc/rc.d/rc5.d/S32nginx
/etc/rc.d/rc0.d/K62nginx  /etc/rc.d/rc1.d/K62nginx
/etc/rc.d/rc6.d/K62nginx

0-6表示不同运行级别:
0:关机
1:单用户
2:无网络的多用户
3:命令模式
4:未启用
5:图形界面模式
6:重启
# 查看运行级别
who -r
runlevel
2、3、5表示不管是这三个运行级别中的哪一个,nginx的启动顺序都是第32位
0、6表示重启或关机时,nginx的关闭顺序是第62位

2.统计日志文件流量字段之和

#!/bin/bash
exec < access_2018-12-8.log
while read line
do
  i=`echo $line|awk '{print $10}'`
  expr $i + 1 &>/dev/null
  if [ $? -ne 0 ];then
    continue
  fi
  ((sum+=i))
done
[ -n "$sum" ] && echo $sum  


#!/bin/bash
while read line
do
  i=`echo $line|awk '{print $10}'`
  expr $i + 1 &>/dev/null
  if [ $? -ne 0 ];then
    continue
  fi
  ((sum+=i))
done< access_2018-12-8.log
或者cat a.log | while read line
[ -n "$sum" ] && echo $sum 

用shell取苹果

#!/bin/bash
file="/root/iplist"
exec < $file
while read line
do
  echo $line >> /root/ReverseIp
done
mv $file $file.bak
cat /root/ReverseIp | tac

3.for循环实战,创建十个文件,名字为随机的八个字符

#!/bin/bash
mkdir test1
cd ./test1
for((i=1;i<=10;i++))
do
  touch `echo $RANDOM |md5sum | cut -c 1-8`.html
done

批量修改文件名中指定的字符串

file="192916b7_finished.html"
mv $file `echo $file | sed 's#_finished.html#.jpg#g'`
# 第二种方法
ls test1 | awk -F '[_]' '{print "mv " $0,$1".jpg"}'
# 第三种方法
rename "_finished.html" ".jpg" /root/test1/*.html
# 第四种方法,sed后向引用
mv $file `echo $file | sed -r 's#(^.*)_finished.html#\1.jpg#g'`

4.跳板机

知识点1:trap信号;

知识点2:ssh key免密钥登录;

ssh-keygen -t dsa -P '' -f ~/.ssh/id_dsa  > /dev/null 2>&1

知识点3:/etc/profile.d/:登录系统时会加载该目录,放在/etc/profile.d/的文件,即使没有x权限也能被执行.

想要cat的EOF不顶格写,第二个EOF前面是TAB键,不是四个空格.

cat /server/scripts/tiaoban.sh
#!/bin/bash
trapper(){
    trap "" HUP INT QUIT TERM TSTP
}
menu(){
	cat <<-EOF
========Host List================
    1)172.16.1.8
    2)172.16.1.31
    3)172.16.1.41
    4)exit
==================================
	EOF
}

conn_host(){
case "$1" in
  1)
    ssh $USER@172.16.1.8
    ;;
  2)
    ssh $USER@172.16.1.31
    ;;
  3)
    ssh $USER@172.16.1.41
    ;;
  4)
    exit
    ;;
  *)
    continue
esac
}
main(){
while true
do
  clear
  menu
  read -p "Pls select:" num
  conn_host $num
done
}

trapper
main

cat /etc/profile.d/tiaobanfirst.sh
#!/bin/bash
[ $UID -ne 0 ] && [ $USER != "oldgirl" ] &&\
. /server/scripts/tiaoban.sh

  如果这个脚本中不写第一行,则永远也登不上这台机器了,只能虚拟机恢复快照或物理机重装系统.

b.安全方面

1)跳板机禁止外网IP登录,只能内网IP登录;

2)其他服务器也禁止外网IP登录,同时禁止root登录,做完ssh认证,将密码登录也禁止,只允许密钥登录,并且只有跳板机的密钥放在其他服务器上;

PasswordAuthentication yes改为no

3)通过VPN连到跳板机,再从跳板机登录到其他服务器.

 

从零开始搭建创业公司后台技术栈:http://www.phppan.com/2018/04/svr-stack/

 

posted @ 2019-05-19 20:48  法外狂徒  阅读(420)  评论(0编辑  收藏  举报