From 9eb2eaf6f5280cf6eee43580338fa61362dc8e1d Mon Sep 17 00:00:00 2001 From: ert Date: Mon, 6 Oct 2025 19:10:57 +0800 Subject: [PATCH] =?UTF-8?q?=E6=9B=B4=E6=96=B0=E4=B8=80=E4=B8=8B=E4=B8=8B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- fix_network_sleep.sh | 136 ++++++++++++++++++++++++++++++++++++++ optimize_boot_speed.sh | 115 ++++++++++++++++++++++++++++++++ tune_connection_limits.sh | 84 +++++++++++++++++++++++ 3 files changed, 335 insertions(+) create mode 100755 fix_network_sleep.sh create mode 100755 optimize_boot_speed.sh create mode 100755 tune_connection_limits.sh diff --git a/fix_network_sleep.sh b/fix_network_sleep.sh new file mode 100755 index 0000000..4371fac --- /dev/null +++ b/fix_network_sleep.sh @@ -0,0 +1,136 @@ +#!/bin/bash +# 功能:修复Ubuntu Server长时间无网络活动导致网络关闭的问题 +# 使用方法:sudo bash fix_network_sleep.sh + +# 检查是否以root权限运行 +if [ "$(id -u)" -ne 0 ]; then + echo "错误:请使用root权限运行此脚本(sudo bash $0)" >&2 + exit 1 +fi + +# 检测网卡名称(获取第一个活动的以太网接口) +get_active_nic() { + # 排除lo和docker等虚拟接口,获取第一个物理以太网接口 + nic=$(ip -br link show | grep -v 'LOOPBACK' | grep -v 'DOCKER' | grep 'UP' | awk '{print $1}' | head -n 1) + if [ -z "$nic" ]; then + # 如果没有找到活动接口,获取第一个以太网接口 + nic=$(ip -br link show | grep -v 'LOOPBACK' | grep -v 'DOCKER' | awk '{print $1}' | head -n 1) + fi + echo "$nic" +} + +NIC=$(get_active_nic) + +if [ -z "$NIC" ]; then + echo "错误:未检测到网络接口,请检查网络配置" + exit 1 +fi + +echo "检测到活动网络接口:$NIC" + +# 备份相关配置文件 +backup_configs() { + echo "正在备份配置文件..." + [ -d /etc/systemd/system/ ] && cp -n /etc/systemd/system/disable-nic-powersave.service /etc/systemd/system/disable-nic-powersave.service.bak 2>/dev/null +} + +# 临时禁用网卡节能模式(立即生效) +disable_nic_powersave_temp() { + echo "正在临时禁用网卡节能模式..." + if command -v ethtool &> /dev/null; then + # 禁用EEE节能 + sudo ethtool --change "$NIC" eee off 2>/dev/null + # 禁用电源管理 + sudo ethtool -s "$NIC" power management off 2>/dev/null + # 启用WOL功能 + sudo ethtool -s "$NIC" wol g 2>/dev/null + else + echo "警告:未安装ethtool,正在安装..." + sudo apt update >/dev/null + sudo apt install -y ethtool >/dev/null + disable_nic_powersave_temp + fi +} + +# 永久禁用网卡节能模式(系统启动时生效) +disable_nic_powersave_permanent() { + echo "正在配置永久禁用网卡节能模式..." + + # 创建systemd服务 + cat << EOF | sudo tee /etc/systemd/system/disable-nic-powersave.service > /dev/null +[Unit] +Description=Disable NIC Power Saving Mode for $NIC +After=network.target + +[Service] +Type=oneshot +ExecStart=/usr/sbin/ethtool -s $NIC wol g +ExecStart=/usr/sbin/ethtool --change $NIC eee off +ExecStart=/usr/sbin/ethtool --change $NIC power management off + +[Install] +WantedBy=multi-user.target +EOF + + # 启用并启动服务 + sudo systemctl daemon-reload + sudo systemctl enable disable-nic-powersave.service + sudo systemctl start disable-nic-powersave.service +} + +# 优化SSH保持连接设置 +optimize_ssh_settings() { + echo "正在优化SSH连接设置..." + SSH_CONFIG="/etc/ssh/sshd_config" + + # 备份SSH配置 + [ -f "$SSH_CONFIG" ] && cp -n "$SSH_CONFIG" "$SSH_CONFIG.bak" + + # 设置SSH心跳检测 + if ! grep -q "^ClientAliveInterval" "$SSH_CONFIG"; then + echo "ClientAliveInterval 60" >> "$SSH_CONFIG" + else + sed -i 's/^ClientAliveInterval.*/ClientAliveInterval 60/' "$SSH_CONFIG" + fi + + if ! grep -q "^ClientAliveCountMax" "$SSH_CONFIG"; then + echo "ClientAliveCountMax 3" >> "$SSH_CONFIG" + else + sed -i 's/^ClientAliveCountMax.*/ClientAliveCountMax 3/' "$SSH_CONFIG" + fi + + # 重启SSH服务 + sudo systemctl restart sshd +} + +# 检查并修复DNS服务问题 +fix_dns_service() { + echo "正在检查DNS服务..." + if ! systemctl is-active --quiet systemd-resolved; then + echo "修复DNS服务问题..." + sudo apt update >/dev/null + sudo apt install --reinstall -y systemd-resolved >/dev/null + sudo systemctl enable --now systemd-resolved + fi +} + +# 显示当前网卡电源管理状态 +show_status() { + echo -e "\n当前网络接口状态:" + echo "-------------------------" + ip link show "$NIC" | grep -A 1 "$NIC" + echo -e "\n电源管理状态:" + ethtool "$NIC" | grep -iE "power management|energy" + echo "-------------------------" + echo "配置已完成,建议重启系统使所有设置生效" + echo "重启命令:sudo reboot" +} + +# 主流程执行 +backup_configs +disable_nic_powersave_temp +disable_nic_powersave_permanent +optimize_ssh_settings +fix_dns_service +show_status + \ No newline at end of file diff --git a/optimize_boot_speed.sh b/optimize_boot_speed.sh new file mode 100755 index 0000000..8d7be06 --- /dev/null +++ b/optimize_boot_speed.sh @@ -0,0 +1,115 @@ +#!/bin/bash +# 功能:精简Ubuntu 24.04启动时间,禁用不必要服务和优化系统设置 +# 使用方法:sudo bash optimize_boot_speed.sh + +# 检查是否以root权限运行 +if [ "$(id -u)" -ne 0 ]; then + echo "错误:请使用root权限运行此脚本(sudo bash $0)" >&2 + exit 1 +fi + +# 备份重要配置 +backup_configs() { + echo "正在备份系统配置..." + mkdir -p /var/backups/boot-optimization + cp -n /etc/fstab /var/backups/boot-optimization/ + systemctl list-unit-files --type=service --state=enabled > /var/backups/boot-optimization/enabled_services_before.txt +} + +# 禁用不必要的系统服务 +disable_unneeded_services() { + echo "正在禁用不必要的系统服务..." + + # 定义要禁用的服务列表(根据服务器用途调整) + local services=( + " ModemManager" # 调制解调器管理(服务器通常不需要) + " avahi-daemon" # 零配置网络(本地网络发现,服务器一般不需要) + " bluetooth" # 蓝牙服务 + " cups" # 打印机服务 + " cups-browsed" # 打印机浏览服务 + " speech-dispatcher" # 语音合成服务 + " whoopsie" # 错误报告服务 + " apport" # 崩溃报告服务 + " apport-autoreport" # 自动崩溃报告 + " pppd-dns" # PPP DNS服务(拨号上网用) + " remote-fs.target" # 远程文件系统自动挂载 + " plymouth-quit-wait" # 启动动画等待(CLI环境无用) + " plymouth-start" # 启动动画(CLI环境无用) + ) + + # 禁用服务 + for service in "${services[@]}"; do + service=$(echo "$service" | xargs) # 去除空格 + if systemctl is-enabled --quiet "$service"; then + echo "禁用服务: $service" + systemctl disable --now "$service" >/dev/null 2>&1 + fi + done +} + +# 优化系统启动参数 +optimize_grub() { + echo "正在优化GRUB启动参数..." + + # 备份GRUB配置 + cp -n /etc/default/grub /var/backups/boot-optimization/grub.bak + + # 添加启动优化参数 + sed -i 's/^GRUB_CMDLINE_LINUX_DEFAULT="/GRUB_CMDLINE_LINUX_DEFAULT="quiet splash fastboot noresume /' /etc/default/grub + sed -i 's/^GRUB_TIMEOUT=[0-9]*/GRUB_TIMEOUT=2/' /etc/default/grub # 减少GRUB等待时间 + + # 更新GRUB配置 + update-grub >/dev/null 2>&1 +} + +# 优化系统服务并行启动 +optimize_parallel_boot() { + echo "正在优化服务并行启动..." + + # 启用服务并行启动 + if ! grep -q "DefaultDependencies=no" /etc/systemd/system.conf; then + echo "DefaultDependencies=no" >> /etc/systemd/system.conf + fi + + # 减少超时时间 + sed -i 's/^#DefaultTimeoutStartSec=.*/DefaultTimeoutStartSec=10s/' /etc/systemd/system.conf + sed -i 's/^#DefaultTimeoutStopSec=.*/DefaultTimeoutStopSec=5s/' /etc/systemd/system.conf + + # 重新加载systemd配置 + systemctl daemon-reload +} + +# 清理不需要的启动项 +cleanup_startup() { + echo "正在清理不必要的启动项..." + + # 清理残留的旧内核(保留最新2个) + echo "清理旧内核..." + dpkg -l 'linux-image-*' | grep '^ii' | sort -V | head -n -2 | awk '{print $2}' | xargs -r apt purge -y >/dev/null 2>&1 + + # 清理APT缓存 + apt clean >/dev/null 2>&1 + apt autoremove -y >/dev/null 2>&1 +} + +# 显示优化结果 +show_results() { + echo -e "\n优化完成!以下是主要变更:" + echo "1. 禁用了不必要的系统服务" + echo "2. 优化了GRUB启动参数,等待时间设为2秒" + echo "3. 启用服务并行启动,缩短超时时间" + echo "4. 清理了旧内核和系统缓存" + echo -e "\n建议重启系统以应用所有更改:sudo reboot" + echo -e "\n重启后可使用以下命令查看启动时间统计:" + echo " systemd-analyze" + echo " systemd-analyze blame | head -n 10" +} + +# 主流程执行 +backup_configs +disable_unneeded_services +optimize_grub +optimize_parallel_boot +cleanup_startup +show_results + \ No newline at end of file diff --git a/tune_connection_limits.sh b/tune_connection_limits.sh new file mode 100755 index 0000000..d508f51 --- /dev/null +++ b/tune_connection_limits.sh @@ -0,0 +1,84 @@ +#!/bin/bash +# 脚本功能:修改Ubuntu Server 24.04的端口连接数限制 +# 使用方法:sudo bash tune_connection_limits.sh + +# 检查是否以root权限运行 +if [ "$(id -u)" -ne 0 ]; then + echo "错误:请使用root权限运行此脚本(sudo bash $0)" >&2 + exit 1 +fi + +# 备份原始配置文件 +backup_configs() { + echo "正在备份原始配置文件..." + [ -f /etc/security/limits.conf ] && cp -n /etc/security/limits.conf /etc/security/limits.conf.bak + [ -f /etc/pam.d/common-session ] && cp -n /etc/pam.d/common-session /etc/pam.d/common-session.bak +} + +# 修改文件描述符限制 +configure_file_descriptors() { + echo "正在配置文件描述符限制..." + + # 添加 limits.conf 配置 + cat << EOF | tee -a /etc/security/limits.conf > /dev/null +# 增加文件描述符限制(由tune_connection_limits.sh添加) +* soft nofile 65535 +* hard nofile 655350 +root soft nofile 65535 +root hard nofile 655350 +EOF + + # 启用 pam_limits 模块 + if ! grep -q "pam_limits.so" /etc/pam.d/common-session; then + echo "session required pam_limits.so" >> /etc/pam.d/common-session + fi +} + +# 配置内核网络参数 +configure_kernel_parameters() { + echo "正在配置内核网络参数..." + + # 创建自定义sysctl配置文件 + cat << EOF | tee /etc/sysctl.d/99-network-tweaks.conf > /dev/null +# 网络连接优化参数(由tune_connection_limits.sh添加) +fs.file-max = 1000000 + +# TCP连接队列设置 +net.core.somaxconn = 65535 +net.core.netdev_max_backlog = 65535 + +# 本地端口范围 +net.ipv4.ip_local_port_range = 1024 65535 + +# TCP超时与复用设置 +net.ipv4.tcp_fin_timeout = 30 +net.ipv4.tcp_tw_reuse = 1 +net.ipv4.tcp_tw_recycle = 0 + +# 最大连接数相关设置 +net.ipv4.tcp_max_syn_backlog = 65535 +net.ipv4.tcp_max_tw_buckets = 200000 +EOF + + # 应用内核参数 + sysctl --system > /dev/null +} + +# 显示配置结果 +show_results() { + echo -e "\n配置已完成,当前关键参数值:" + echo "-------------------------" + echo "文件描述符软限制:$(ulimit -Sn)" + echo "文件描述符硬限制:$(ulimit -Hn)" + echo "系统最大文件数:$(cat /proc/sys/fs/file-max)" + echo "监听队列最大长度:$(sysctl -n net.core.somaxconn)" + echo "本地端口范围:$(sysctl -n net.ipv4.ip_local_port_range)" + echo "-------------------------" + echo "请重启系统使所有配置完全生效:sudo reboot" +} + +# 主流程 +backup_configs +configure_file_descriptors +configure_kernel_parameters +show_results