#!/bin/bash
####1.BBR&锐速安装
Install_bbr(){
	wget -N --no-check-certificate "https://github.000060000.xyz/tcpx.sh" && chmod +x tcpx.sh && ./tcpx.sh
}
#2.Centos7宝塔安装###########
Install_bt(){
	yum install -y wget
	wget -O install.sh http://download.bt.cn/install/install_6.0.sh && sh install.sh
	rm -rf install.sh
}
####3.优化TCP连接
Optimize_tcp(){
		echo '正在进行一键TCP连接优化...'
		cp -a /etc/sysctl.conf /etc/sysctl.conf.default
		cat << EOF >> /etc/sysctl.conf
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.route.gc_timeout = 20
net.ipv4.tcp_retries2 = 5
net.ipv4.tcp_wmem = 8192 131072 16777216
net.ipv4.tcp_rmem = 32768 131072 16777216
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.core.somaxconn = 32768
net.core.netdev_max_backlog = 32764
net.ipv4.ip_local_port_range = 1024  65535
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_keepalive_time = 1800
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.tcp_keepalive_intvl = 30
net.ipv4.tcp_max_orphans = 32768
fs.file-max = 1000000
fs.inotify.max_user_instances = 8192
kernel.pid_max = 65536
net.core.wmem_max = 8388608
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_max_syn_backlog = 16384
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_max_tw_buckets = 36000
EOF
		sleep 1
		/sbin/sysctl -p /etc/sysctl.conf
		/sbin/sysctl -w net.ipv4.route.flush=1
		echo 'TCP连接优化完成，感谢您的使用！'
}
###4.加单IP
Add_ip(){
	echo -e "--------------------------------------------------"
	echo -e "\t\t  一键加IP脚本"
	echo -e "\t\t仅适用于Centos 7.X"
	echo -e "--------------------------------------------------"
	#######################################
	echo "正在安装所需环境，请稍后..."
	yum install net-tools -y >> /dev/null 2>&1
	echo "当前本机存在的网卡："
	ls /sys/class/net
	read -e -p "请输入你要选择添加IP的网卡:" netCard
	echo "你当前选择的网卡是${netCard}，请注意!"
	ipAddr=$(ifconfig ${netCard}|grep inet|grep -v 127.0.0.1|grep -v inet6|awk '{print $2}')

	echo "${netCard}当前绑定的IP为：${ipAddr}"
	##网卡文件路径
	netWorkFile="/etc/sysconfig/network-scripts/ifcfg-${netCard}"
	###备份网卡配置文件
	cp ${netWorkFile} ${netWorkFile}.default
	##循环添加IP
	i=0
	j=1
	while :
	do
	  read -e -p "请输入你要添加的IP，留空表示结束添加: " ip
	  if [[ ${ip} != "" ]]
	  then
		read -e -p "请输入你的子网掩码，以十进制表示: " mask
		echo "IPADDR${i}=${ip}" >> ${netWorkFile}
		echo "PREFIX${i}=${mask}" >> ${netWorkFile}
		echo "第${j}个ip写入文件成功"
	  else
		echo "写入完成,正在重启网络..."
		systemctl restart network  
		echo "重启网络完成！"
	    exit 0
	  fi
	  let i++
	  let j++
	done
}
####5.加IP段
Add_ports(){
	echo -e "--------------------------------------------------"
	echo -e "\t\t  一键加IP段脚本"
	echo -e "\t\t仅适用于Centos 7.X"
	echo -e "--------------------------------------------------"
	#######################################
	echo "正在安装所需环境，请稍后..."
	yum install net-tools -y >> /dev/null 2>&1
	echo "当前本机存在的网卡："
	ls /sys/class/net
	read -p "请输入你要选择添加IP的网卡:" netCard
	echo "你当前选择的网卡是${netCard}，请注意!"

	ipAddr=$(ifconfig ${netCard}|grep inet|grep -v 127.0.0.1|grep -v inet6|awk '{print $2}')

	echo "${NetCard}当前绑定的IP为：${ipAddr}"

	##修改网卡文件
	netWorkFile="/etc/sysconfig/network-scripts/ifcfg-${netCard}"
	echo "${netWorkFile}"

	###备份网卡配置文件
	cp ${netWorkFile} ${netWorkFile}.default
	##添加额外参数
	echo "NM_CONTROLLED=NO" >> ${netWorkFile}
	###创建存放多IP的range文件
	touch ${netWorkFile}-range
	###开始写入文件添加IP
	read -p "请输入起始IP:" firstIp
	read -p "请输入结束IP:" lastIp
	read -p "请输入子网掩码，以十进制表示：" mask
	read -p "请输入别名起始号：" num

	echo "IPADDR_START=${firstIp}" >> ${netWorkFile}-range
	echo "IPADDR_END=${lastIp}" >> ${netWorkFile}-range
	echo "PREFIX=${mask}" >> ${netWorkFile}-range
	echo "CLONENUM_START=${num}" >> ${netWorkFile}-range

	echo "如果你添加的IP段和你当前网卡绑定的IP不在一个段内，且不共用一个网关（Gateway），那么你还需要添加网关地址！"
	read -p "需要请按1，不需要请回车跳过：" choose
	if [[ ${choose} = 1 ]];then
		read -p "请输入网关地址：" gateway
		echo "GATEWAY=${gateway}" >> ${netWorkFile}-range
		echo "写入完成,正在重启网络,时间较长，请耐心等候..."
		systemctl restart network  
		echo "恭喜你！重启网络完成！"
	else
		echo "写入完成,正在重启网络,时间较长，请耐心等候..."
		systemctl restart network  
		echo "恭喜你！重启网络完成！"
	fi
}
####6.修改SSH端口号
Modify_ssh(){
	cp -a /etc/ssh/sshd_config /etc/ssh/sshd_config.default >/dev/null 2>&1
	echo '正在关闭selinux...'
	#sed -i '/SELINUX/s/enforcing/disabled/' /etc/selinux/config >/dev/null 2>&1
	#####
	sed -i 's%#UseDNS yes%UseDNS no%' /etc/ssh/sshd_config
    sed -i 's%GSSAPIAuthentication yes%GSSAPIAuthentication no%' /etc/ssh/sshd_config
    sed -i 's%#PermitEmptyPasswords no%PermitEmptyPasswords no%' /etc/ssh/sshd_config
    sed -i '/SELINUX/s/enforcing/disabled/' /etc/selinux/config  && setenforce 0
	#####
	read -e -p "请输入新的端口号：" port
	echo "你输入的端口号是${port}"
	sed -i "s/#Port 22/Port $port/g" /etc/ssh/sshd_config >/dev/null 2>&1
	firewall-cmd --permanent --add-port=$port/tcp >/dev/null 2>&1
	firewall-cmd --reload >/dev/null 2>&1
	systemctl restart sshd 
	systemctl restart firewalld.service
	echo "修改端口号成功！"
}

########用户展示页面
echo -e "---------------------------------------------------"
echo -e "                运维一键安装脚本                    "
echo -e "              仅适用于Centos 7.X                   "
echo -e "---------------------------------------------------"
##################################
echo -e "1.安装BBR&锐速" 
echo -e "2.安装宝塔面板"
echo -e "3.一键优化TCP连接"
echo -e "4.一键添加单个IP"
echo -e "5.一键添加IP段" 
echo -e "6.修改登录端口"
##################################
read -e -p "请输入数字 [1-7]:" num
case "$num" in
	1)
	###
	Install_bbr
	;;
	2)
	###
	Install_bt
	;;
	3)
	###
	Optimize_tcp
	;;
	4)
	###
	Add_ip
	;;
	5)
	###
	Add_ips
	;;
	6)
	###
	Modify_ssh
	;;
	*)
	echo "请输入正确数字 [1-7]"
	;;
esac

##清理环境