一键开启BBR(适用于较新的Debian、Ubuntu)

echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf
echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf
sysctl -p
sysctl net.ipv4.tcp_available_congestion_control
lsmod | grep bbr

关闭IPV6

echo -e "net.ipv6.conf.all.disable_ipv6=1\nnet.ipv6.conf.default.disable_ipv6=1\nnet.ipv6.conf.lo.disable_ipv6=1" >> /etc/sysctl.conf && sysctl -p

安装BBR-OpenVZ版本

wget https://github.com/tcp-nanqinlang/lkl-rinetd/releases/download/1.1.0-nocheckvirt/tcp_nanqinlang-rinetd-debianorubuntu-nocheckvirt-multiNIC.sh
bash tcp_nanqinlang-rinetd-debianorubuntu-nocheckvirt-multiNIC.sh

Linux一键更换内核

wget -N --no-check-certificate "https://git.io/kernel.sh" 
chmod +x kernel.sh
./kernel.sh

Linux一键安装常见/最新内核脚本 锐速/BBRPLUS/BBR2

wget -O tcp.sh "https://github.com/ylx2016/Linux-NetSpeed/raw/master/tcp.sh" && chmod +x tcp.sh && ./tcp.sh

一键更换国内源

bash <(curl -sSL https://gitee.com/SuperManito/LinuxMirrors/raw/main/ChangeMirrors.sh)

安装QBittorrent 4.3.9

wget https://github.com/userdocs/qbittorrent-nox-static/releases/download/release-4.3.9_v1.2.15/x86_64-qbittorrent-nox
chmod +x x86_64-qbittorrent-nox
./x86_64-qbittorrent-nox

ARM64

wget https://github.com/userdocs/qbittorrent-nox-static/releases/download/release-4.3.9_v1.2.15/aarch64-qbittorrent-nox
chmod +x aarch64-qbittorrent-nox
./aarch64-qbittorrent-nox
cat << "EOF" > /etc/systemd/system/qbittorrent.service
[Unit]
Description=qBittorrent Daemon Service
After=network.target

[Service]
LimitNOFILE=512000
User=root
ExecStart=/root/x86_64-qbittorrent-nox
ExecStop=/usr/bin/kill -w qbittorrent-nox

[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable --now qbittorrent
systemctl status qbittorrent

重启关闭程序

ps -aux | grep qbittorrent
kill -9 xxxxx

开启 vnstat 支持

vnstat 是Linux下一个流量统计工具,开启 vnstat 后,server 完全依赖客户机的 vnstat 数据来显示月流量和总流量,优点是重启不丢流量数据。

# 在client端安装 vnstat
## Centos
yum install epel-release -y
yum install -y vnstat
## Ubuntu/Debian
apt install -y vnstat

# 修改 /etc/vnstat.conf
# BandwidthDetection 0
# MaxBandwidth 0
# 默认不是 eth0 网口的需要置空 Interface 来自动选择网口
# 没报错一般不需要改
# Interface ""
systemctl restart vnstat

# 确保 version >= 2.6
vnstat --version
# 测试查看月流量 (刚安装可能需等一小段时间来采集数据)
vnstat -m
vnstat --json m

安装Rclone

apt-get install -y fuse3

安装命令

curl https://rclone.org/install.sh | bash

安装完成后使用rclone config命令进入配置

安装Docker

curl -sSL https://get.docker.com/ | sh 
systemctl start docker 
systemctl enable docker

安装Docker-Compose

curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose && chmod +x /usr/local/bin/docker-compose && docker-compose --version

卸载Docker

apt-get remove docker docker-engine docker-ce docker-ce-cli containerd.io
rm -fr /var/lib/docker/

限制日志大小
nano /etc/docker/daemon.json

{
    "log-driver":"json-file",
    "log-opts":{
        "max-size" :"50m",
        "max-file":"1"
    }
}

删除未使用的资源

docker system prune --all

docker设置容器开机自启动
启动时加入--restart always
如果已经启动的项目.则使用update更新

docker update --restart=always 容器名或id

docker关闭容器开机自启动

docker update --restart=no 容器名或id

网络桥接

--network=host

获取镜像

docker pull [选项] [Docker Registry 地址[:端口号]/]仓库名[:标签]

列出镜像

docker image ls

获取镜像体积

docker system df

删除本地镜像

docker image rm [选项] <镜像1> [<镜像2> ...]

进入容器

docker exec -it 69d1 bash

Docker容器固定IP地址
每次主机重启时,如果容器没有固定 IP ,容器的 IP 将由启动顺序决定。这将导致类似无法远程访问数据库等等情况时,发送错误的请求,从而使得服务提供失败。
首先创建自定义网络
默认的docker0网络是不支持容器固定 IP 到该网段的,必须先创建一个自定义网络,才能固定容器 IP 到这个自定义网络中。

docker network create --subnet=172.20.0.0/24 test

格式

docker network create --subnet=[自定义网络广播地址]/[子网掩码位数] [自定义网络名]

创建带IPV6的bridge网络

docker network create --subnet="192.168.0.0/24" --ipv6 --subnet="2001:db8:1::/64" test

查看更多参数

docker network create --hlelp

固定容器 IP

docker run -it --name network-test --net test --ip 172.20.0.2 ubuntu:latest /bin/bash

格式

docker run -it --name [容器名] --net [网络名] --ip [选定网络下固定 IP 地址] ubuntu:latest /bin/bash

Docker安装QBittorrent

docker run -d \
  --name=qBittorrent \
  -e WEBUI_PORT=8080 \
  -p 9821:6881 \
  -p 9821:6881/udp \
  -p 8080:8080 \
  -v /date/downloads:/downloads \
  -v /date/appdata/config:/config \
  --restart unless-stopped \
  linuxserver/qbittorrent:14.3.9

Docker安装Transmission

docker run --restart=always --name transmission -d \
-e TRANSMISSION_WEB_HOME=/transmission-web-control/ \
-e USER=moerats \
-e PASS=moerats \
-p 9091:9091 \
-p 51413:51413 \
-p 51413:51413/udp \
-v ~/transmission/config:/config \
-v ~/transmission/downloads:/downloads \
-v ~/transmission/watch:/watch \
linuxserver/transmission:version-3.00-r8

Transmission跳过检验(跳检)

sed -i 's/pausedi1e8/pausedi0e8/g' *.resume
sed -i 's/blocks4:none12:/blocks3:all4:have3:all12:/g' *.resume

Docker安装Bitwarden(Vaultwarden)

docker run --restart always -d --name vaultwarden \
  -e ADMIN_TOKEN=xxxxxxxx \
  -v /vw-data/:/data/ \
  -p 88:80 \
  -p 89:3012 \
  vaultwarden/server:latest

-e ADMIN_TOKEN=xxx \
此行是启用管理面板,配置时可加入
密码使用openssl rand -base64 48命令随机生成

Nginx反向代理配置

    location / {
        proxy_pass http://127.0.0.1:88;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
  
    location /notifications/hub {
        proxy_pass http://127.0.0.1:89;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
  
    location /notifications/hub/negotiate {
        proxy_pass http://127.0.0.1:88;
    }

Docker安装mynodequery
创建文本/home/mynodequery/appsettings.json
加入内容

{
    "Logging": {
        "LogLevel": {
            "Default": "Information",
            "Microsoft": "Warning",
            "Microsoft.Hosting.Lifetime": "Information"
        }
    },
    "MySql": {
        "ConnectionString": ""
    },
    "AllowedHosts": "*",
    "Installed": "false",
    "ReadNodeIpHeaderKey": "X-Real-IP"
}

启动容器

docker run -d --name=mynodequery -p 5000:5000 -v /home/mynodequery/appsettings.json:/app/appsettings.json jaydenlee2019/mynodequery:latest

Docker启用IPV6

编辑 /etc/docker/daemon.json 加上以下内容。

{
  "ipv6": true,
  "fixed-cidr-v6": "fd00::/80",
  "experimental": true,
  "ip6tables": true
}

重启Docker Engine

systemctl restart docker

测试

docker run --rm -it busybox ping -6 -c4 ipv6-test.com
docker run --rm -it busybox ifconfig

emby开心版

docker run -d -e PUID=0 -e PGID=0 -v /home/gd:/data -v /home/emby:/config -p 8096:8096 -p 8920:8920 --name=emby --restart=always amilys/embyserver

Aria2一键脚本
为了确保能正常使用,请先安装基础组件wget curl ca-certificates

wget -N git.io/aria2.sh && chmod +x aria2.sh

综合工具箱 集成了很多脚本

wget -O box.sh https://raw.githubusercontent.com/BlueSkyXN/SKY-BOX/main/box.sh && chmod +x box.sh && clear && ./box.sh

测速脚本

wget -qO- bench.sh | bash
wget -qO- git.io/superbench.sh | bash
bash <(curl -Lso- https://git.io/superspeed_uxh)
bash <(curl -Lso- https://git.io/J1SEh)
bash <(curl -Lso- https://bench.im/hyperspeed)
bash <(wget -qO- https://down.vpsaff.net/linux/speedtest/superbench.sh) --no-geekbench
curl -sL network-speed.xyz | bash

纯IPV6

curl -sL https://raw.githubusercontent.com/teddysun/across/master/bench.sh | bash

Speedtest CLI

Centos

curl -s https://packagecloud.io/install/repositories/ookla/speedtest-cli/script.rpm.sh |  bash
yum install speedtest

Ubuntu/Debian

apt-get install curl
curl -s https://packagecloud.io/install/repositories/ookla/speedtest-cli/script.deb.sh | bash
apt-get install speedtest

回程测试

wget -qO- git.io/besttrace | bash
wget -N --no-check-certificate https://raw.githubusercontent.com/Chennhaoo/Shell_Bash/master/AutoTrace.sh && chmod +x AutoTrace.sh && bash AutoTrace.sh
bash <(curl -Ls https://raw.githubusercontent.com/sjlleo/nexttrace/main/nt_install.sh)
wget -O jcnf.sh https://raw.githubusercontent.com/Netflixxp/jcnfbesttrace/main/jcnf.sh
bash jcnf.sh
curl https://raw.githubusercontent.com/zhucaidan/mtr_trace/main/mtr_trace.sh|bash

YABS跑分

curl -sL yabs.sh | bash

GB5

curl -sL yabs.sh | bash -s -- -fi5

GB6

curl -sL yabs.sh | bash -s -- -fi

测试硬盘性能

dd bs=64k count=4k if=/dev/zero of=test oflag=dsync

测试IP质量

bash <(wget -qO- --no-check-certificate https://gitlab.com/spiritysdx/za/-/raw/main/qzcheck.sh)

流媒体解锁检测

wget -O nf https://github.com/sjlleo/netflix-verify/releases/download/v3.1.0/nf_linux_amd64 && chmod +x nf && ./nf

通过代理执行

./nf -proxy socks5://127.0.0.1:30000
bash <(curl -L -s check.unlock.media)
bash <(curl -L -s https://github.com/1-stream/RegionRestrictionCheck/raw/main/check.sh)

端口转发
iptables端口转发

wget --no-check-certificate -qO natcfg.sh https://raw.githubusercontent.com/arloor/iptablesUtils/master/natcfg.sh && bash natcfg.sh

Gost一键脚本

wget --no-check-certificate -O gost.sh https://raw.githubusercontent.com/KANIKIG/Multi-EasyGost/master/gost.sh && chmod +x gost.sh && ./gost.sh

Reaim一键脚本

wget -N --no-check-certificate https://git.io/realm.sh && chmod +x realm.sh && ./realm.sh

Termux高级终端一键安装Linux脚本

. <(curl -L git.io/linux.sh)

一键网络重装 DD脚本

wget --no-check-certificate -O NewReinstall.sh https://raw.githubusercontent.com/fcurrk/reinstall/master/NewReinstall.sh && chmod a+x NewReinstall.sh && bash NewReinstall.sh

新版DD脚本 支持保留IPV6配置

wget --no-check-certificate -qO InstallNET.sh 'https://raw.githubusercontent.com/leitbogioro/Tools/master/Linux_reinstall/InstallNET.sh' && chmod a+x InstallNET.sh
bash InstallNET.sh -debian 11 -pwd password

bin456789

curl -O https://raw.githubusercontent.com/bin456789/reinstall/main/reinstall.sh

萌咖DD脚本

bash <(wget --no-check-certificate -qO- 'https://raw.githubusercontent.com/MoeClub/Note/master/InstallNET.sh') -d 11 -v 64 -p "自定义root密码" -port "自定义ssh端口"

默认root密码MoeClub.org

星尘IPV6 DD

bash <(wget --no-check-certificate -qO- 'https://raw.githubusercontent.com/MoeClub/Note/master/InstallNET.sh') -a -d 11 -v 64 -p "password"  --ip-addr 2001:bcc:ccc:111::1/64 --ip-gate 2001:bcc:ccc:111:: --ip-mask 255.255.255.254 --ip-dns 2001:67c:2b0::4

OpenVZ/LXC伪DD

wget -qO OsMutation.sh https://raw.githubusercontent.com/LloydAsp/OsMutation/main/OsMutation.sh && chmod u+x OsMutation.sh && ./OsMutation.sh

一键输出IP地址网关掩码

MAINIP=$(ip route get 1 | awk -F 'src ' '{print $2}' | awk '{print $1}')
GATEWAYIP=$(ip route | grep default | awk '{print $3}' | head -1)
SUBNET=$(ip -o -f inet addr show | awk '/scope global/{sub(/[^.]+\//,"0/",$4);print $4}' | head -1 | awk -F '/' '{print $2}')

value=$(( 0xffffffff ^ ((1 << (32 - $SUBNET)) - 1) ))
NETMASK="$(( (value >> 24) & 0xff )).$(( (value >> 16) & 0xff )).$(( (value >> 8) & 0xff )).$(( value & 0xff ))"

echo "--ip-addr $MAINIP --ip-gate $GATEWAYIP --ip-mask $NETMASK"

一键修改默认SSH端口

sed -i 's/#Port\ 22/Port\ 2222/' /etc/ssh/sshd_config && systemctl reload ssh

SSH禁用密钥使用密码登录

#!/bin/bash
sed -i 's/^.*PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config
sed -i 's/^.*PasswordAuthentication.*/PasswordAuthentication yes/g' /etc/ssh/sshd_config
echo root:yourRootPasswd | chpasswd
service ssh restart

SSH使用密钥登录并禁止密码登录
创建公私钥

ssh-keygen -t rsa
sed -i "s/^.*PasswordAuthentication.*/PasswordAuthentication no/g" /etc/ssh/sshd_config
sed -i "s/^.*RSAAuthentication.*/RSAAuthentication yes/g" /etc/ssh/sshd_config
sed -i "s/^.*PubkeyAuthentication.*/PubkeyAuthentication yes/g" /etc/ssh/sshd_config
sed -i "s/^.*AuthorizedKeysFile.*/AuthorizedKeysFile .ssh\/authorized_keys/g" /etc/ssh/sshd_config
service ssh restart

保持SSH服务连接不断开
修改~/.ssh/config

ServerAliveInterval  10
ServerAliveCountMax  5

设置IPV4优先或者IPV6优先
/etc/gai.conf中取消这一行配置的注释是IPV4优先,否则是IPV6优先(默认)

precedence ::ffff:0:0\/96  100/precedence ::ffff:0:0\/96  100

一键清理 /var/log/目录下的过期日志

find /var/log/ -name "*.1" -exec rm -rf {} \; && find /var/log/ -name "*.log.1" -exec rm -rf {} \; && find /var/log/ -name "*.gz" -exec rm -rf {} \;

列出已安装的包,按大小排序

dpkg-query -W --showformat='${Installed-Size} ${Package} ${Status}\n'|grep -v deinstall|sort -n|awk '{print $1" "$2}'

一键开启Swap脚本

wget --no-check-certificate https://dl.233.mba/d/sh/swap.sh && bash swap.sh

设置时区/时间

方法一:

timedatectl set-timezone Asia/Shanghai
date -s "2022-12-11 16:34:50"

修改时间为24小时

编辑/etc/default/locale添加一行

LC_TIME=en_DK.UTF-8

方法二:

tzselect

选择亚洲 Asia,确认之后选择中国(China),最后选择北京(Beijing),选择1

复制文件到/etc目录下

cp /usr/share/zoneinfo/Asia/Shanghai  /etc/localtime

同步硬件时间

hwclock --systohc

查看端口占用情况

netstat -tunlp | grep 端口号

查看当前所有tcp端口

netstat -ntlp

查看当前所有udp端口

netstat -nulp
  • -t (tcp) 仅显示tcp相关选项
  • -u (udp)仅显示udp相关选项
  • -n 拒绝显示别名,能显示数字的全部转化为数字
  • -l 仅列出在Listen(监听)的服务状态
  • -p 显示建立相关链接的程序名

Debian/Ubuntu无netstat命令解决方案

net-tools包含arp, ifconfig, netstat, rarp, nameif and route命令

apt-get install net-tools
apt-get install iputils-ping

dnsutils包中包含了nslookup工具以及其他与 DNS 相关的实用程序

apt-get install dnsutils

调整系统分区

检查分区信息

e2fsck -f /dev/sda1

调整分区大小

resize2fs /dev/sda1

EXT4释放保留分区(默认5%)

tune2fs -m 0 /dev/sda1

WARP

功能最多最强大的WARP脚本

wget -N https://gitlab.com/fscarmen/warp/-/raw/main/warp-go.sh && bash warp-go.sh
wget -N https://gitlab.com/fscarmen/warp/-/raw/main/menu.sh && bash menu.sh

解决 screen 中文乱码

找到screenrc文件

首先输入whereis screenrc查看文件的路径

编辑文件,加入以下内容

defutf8 on
 
defencoding utf8
 
encoding UTF-8 UTF-8

更改主机名

hostnamectl set-hostname xxx

查看是否生效

hostnamectl

剑皇脚本

wget https://github.com/maintell/webBenchmark/releases/download/0.6/webBenchmark_linux_x64
chmod +x webBenchmark_linux_x64
./webBenchmark_linux_x64 -c 32 -s https://target.url

vps2arch

wget http://tinyurl.com/vps2arch
chmod +x vps2arch
./vps2arch
wget https://felixc.at/vps2arch
chmod +x vps2arch
./vps2arch

Linux下解压命令、压缩命令

.tar

解包

tar xvf FileName.tar

打包

tar cvf FileName.tar DirName

.gz

解压

gunzip FileName.gz
gzip -d FileName.gz

压缩

gzip FileName

tar.gz 和 .tgz

压缩

tar zcvf FileName.tar.gz ./store
tar zcvf FileName.tar.gz DirName

解压

tar zvxf name.tar.gz 
tar zvxf name.tar.gz -C 输出目录

-c 压缩
-x 解压
-z 支持gzip解压文件
-v 显示操作过程
-f 使用档名

.zip

解压

unzip FileName.zip

压缩

zip FileName.zip DirName

文件解压到指定的目录下,需要用到-d参数。

unzip -d /DirName FileName.zip

解压的时候,有时候不想覆盖已经存在的文件,那么可以加上-n参数

unzip -n -d /DirName FileName.zip

只看一下zip压缩包中包含哪些文件,不进行解压缩

unzip -l FileName.zip

查看显示的文件列表还包含压缩比率

unzip -v FileName.zip

检查zip文件是否损坏

unzip -t FileName.zip

.rar

解压

rar x FileName.rar

压缩

rar a FileName.rar DirName
Last modification:January 10, 2024
© Allow specification reprint
如果觉得我的文章对你有用,麻烦点个赞吧 !