bash# 配置免密登录
ssh-copy-id root@uing.vip
bashapt update && apt -o Dpkg::Options::="--force-confnew" full-upgrade -y && apt autoremove -y
apt install -y curl htop vim ufw sudo bash-completion
cat >> /etc/security/limits.conf << EOF
# End of file
* soft nofile 655360
* hard nofile 655360
* soft nproc 655360
* hard nproc 655360
* soft core 655360
* hard core 655360
* hard memlock unlimited
* soft memlock unlimited
EOF
cat >> /etc/sysctl.conf << EOF
net.core.rmem_max=33554432
net.core.wmem_max=33554432
net.core.default_qdisc=fq
net.ipv4.tcp_congestion_control=bbr
EOF
sysctl -p
cat > /etc/hostname << EOF
uing.vip
EOF
cat >> /etc/hosts << EOF
127.0.1.1 uing.vip
EOF
# 设置上海时区
ln -s -f /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
timedatectl set-timezone Asia/Shanghai
# 防火墙配置
ufw default deny
ufw allow ssh
ufw allow http
ufw allow https
ufw allow 443/udp
ufw enable
# 重启
reboot
# Certbot HTTPS 证书安装续订
apt install -y certbot
certbot certonly --standalone --agree-tos --register-unsafely-without-email -d uing.vip
bashcurl https://get.docker.com/ | sh
ln -s /usr/libexec/docker/cli-plugins/docker-compose /usr/local/bin/docker-compose
# 更方便使用 docker exec 命令
sudo tee /usr/local/bin/dssh > /dev/null << EOF
#!/bin/sh
docker exec -it \$1 sh
EOF
sudo chmod a+x /usr/local/bin/dssh
# 让 Docker 支持 IPv6
sudo tee /etc/docker/daemon.json > /dev/null << EOF
{
"ipv6": true,
"fixed-cidr-v6": "2001:db8:1::/64",
"experimental": true,
"ip6tables": true
}
EOF
sudo systemctl restart docker
# 创建 Docker VPS 容器网络
docker network create \
--driver=bridge \
--subnet=172.16.1.0/24 \
--ip-range=172.16.1.0/24 \
--gateway=172.16.1.1 \
vps
# 支持 IPv6
docker network create \
--driver=bridge \
--ipv6 \
--subnet=172.16.1.0/24 \
--ip-range=172.16.1.0/24 \
--gateway=172.16.1.1 \
--subnet=2001:0DB8::1:0/112 \
--ip-range2001:0DB8::1:0/112 \
--gateway=2001:db8::1:1 \
vps
本文作者:菜鸟
本文链接:
版权声明:本博客所有文章除特别声明外,均采用 署名-非商业性使用-相同方式共享 4.0 国际 (CC BY-NC-SA 4.0) 许可协议。转载请注明出处!