shell脚本之nginx启动脚本、统计日志字段、for循环实战、跳板机
1.NGINX启动脚本
#!/bin/bash
# chkconfig: 235 32 62
# description: nginx
[ -f /etc/init.d/functions ] && . /etc/init.d/functions
pidfile=/application/nginx/logs/nginx.pid
start(){
if [ -f $pidfile ];then
echo "Nginx is Running"
else
/application/nginx/sbin/nginx
RETVAL=$?
if [ $RETVAL -eq 0 ];then
action "Nginx is Started" /bin/true
else
action "Nginx is Started" /bin/false
fi
fi
return $RETVAL
}
stop(){
if [ -f $pidfile ];then
/application/nginx/sbin/nginx -s stop
RETVAL=$?
if [ $RETVAL -eq 0 ];then
action "Nginx is Stopped" /bin/true
else
action "Nginx is Stopped" /bin/false
fi
else
echo "Nginx is not Running"
fi
return $RETVAL
}
reload(){
if [ -f $pidfile ];then
/application/nginx/sbin/nginx -s reload &>/dev/null
RETVAL=$?
if [ $RETVAL -eq 0 ];then
action "Nginx is Reloaded" /bin/true
else
action "Nginx is Reloaded" /bin/false
fi
else
echo "Nginx is not Running"
/application/nginx/sbin/nginx
RETVAL=$?
if [ $RETVAL -eq 0 ];then
action "Nginx is Started" /bin/true
else
action "Nginx is Started" /bin/false
fi
fi
return $RETVAL
}
# case中的RETVAL=$?是为了接收函数的返回值
case $1 in
start)
start
RETVAL=$?
;;
stop)
stop
RETVAL=$?
;;
restart)
stop
sleep 1
start
RETVAL=$?
;;
reload)
reload
RETVAL=$?
;;
*)
echo "USAGE: $0 {start|stop|restart|reload} "
exit 1
esac
exit $RETVAL
添加到系统服务中
cp /server/scripts/nginx /etc/init.d/ chkconfig --add nginx # 生成了这些文件 /etc/rc.d/rc2.d/S32nginx /etc/rc.d/rc3.d/S32nginx /etc/rc.d/rc4.d/S32nginx /etc/rc.d/rc5.d/S32nginx /etc/rc.d/rc0.d/K62nginx /etc/rc.d/rc1.d/K62nginx /etc/rc.d/rc6.d/K62nginx 0-6表示不同运行级别: 0:关机 1:单用户 2:无网络的多用户 3:命令模式 4:未启用 5:图形界面模式 6:重启 # 查看运行级别 who -r runlevel 2、3、5表示不管是这三个运行级别中的哪一个,nginx的启动顺序都是第32位 0、6表示重启或关机时,nginx的关闭顺序是第62位
2.统计日志文件流量字段之和
#!/bin/bash
exec < access_2018-12-8.log
while read line
do
i=`echo $line|awk '{print $10}'`
expr $i + 1 &>/dev/null
if [ $? -ne 0 ];then
continue
fi
((sum+=i))
done
[ -n "$sum" ] && echo $sum
#!/bin/bash
while read line
do
i=`echo $line|awk '{print $10}'`
expr $i + 1 &>/dev/null
if [ $? -ne 0 ];then
continue
fi
((sum+=i))
done< access_2018-12-8.log
或者cat a.log | while read line
[ -n "$sum" ] && echo $sum
用shell取苹果
#!/bin/bash file="/root/iplist" exec < $file while read line do echo $line >> /root/ReverseIp done mv $file $file.bak cat /root/ReverseIp | tac
3.for循环实战,创建十个文件,名字为随机的八个字符
#!/bin/bash mkdir test1 cd ./test1 for((i=1;i<=10;i++)) do touch `echo $RANDOM |md5sum | cut -c 1-8`.html done
批量修改文件名中指定的字符串
file="192916b7_finished.html"
mv $file `echo $file | sed 's#_finished.html#.jpg#g'`
# 第二种方法
ls test1 | awk -F '[_]' '{print "mv " $0,$1".jpg"}'
# 第三种方法
rename "_finished.html" ".jpg" /root/test1/*.html
# 第四种方法,sed后向引用
mv $file `echo $file | sed -r 's#(^.*)_finished.html#\1.jpg#g'`
4.跳板机
知识点1:trap信号;
知识点2:ssh key免密钥登录;
ssh-keygen -t dsa -P '' -f ~/.ssh/id_dsa > /dev/null 2>&1
知识点3:/etc/profile.d/:登录系统时会加载该目录,放在/etc/profile.d/的文件,即使没有x权限也能被执行.
想要cat的EOF不顶格写,第二个EOF前面是TAB键,不是四个空格.
cat /server/scripts/tiaoban.sh
#!/bin/bash
trapper(){
trap "" HUP INT QUIT TERM TSTP
}
menu(){
cat <<-EOF
========Host List================
1)172.16.1.8
2)172.16.1.31
3)172.16.1.41
4)exit
==================================
EOF
}
conn_host(){
case "$1" in
1)
ssh $USER@172.16.1.8
;;
2)
ssh $USER@172.16.1.31
;;
3)
ssh $USER@172.16.1.41
;;
4)
exit
;;
*)
continue
esac
}
main(){
while true
do
clear
menu
read -p "Pls select:" num
conn_host $num
done
}
trapper
main
cat /etc/profile.d/tiaobanfirst.sh
#!/bin/bash
[ $UID -ne 0 ] && [ $USER != "oldgirl" ] &&\
. /server/scripts/tiaoban.sh
如果这个脚本中不写第一行,则永远也登不上这台机器了,只能虚拟机恢复快照或物理机重装系统.
b.安全方面
1)跳板机禁止外网IP登录,只能内网IP登录;
2)其他服务器也禁止外网IP登录,同时禁止root登录,做完ssh认证,将密码登录也禁止,只允许密钥登录,并且只有跳板机的密钥放在其他服务器上;
PasswordAuthentication yes改为no
3)通过VPN连到跳板机,再从跳板机登录到其他服务器.
从零开始搭建创业公司后台技术栈:http://www.phppan.com/2018/04/svr-stack/
