参考文件：https://www.cnblogs.com/ycy1518/p/13086725.html

下载各种软件安装包网站：https://centos.pkgs.org/7/centos-x86_64/openssl-devel-1.0.2k-19.el7.x86_64.rpm.html

modsecurity中文手册网站：http://www.modsecurity.cn/chm/SecRequestBodyAccess.html

linux命令大全：https://man.linuxde.net/

全国图书馆查询网站：http://www.ucdrs.superlib.net/

替换yum源：

yum.sh:

#!/bin/bash
yesnoinput()
{
    while :
    do
        read ANSWER
        case $ANSWER in
        "yes"|"YES")
            return 0
            ;;
        "no"|"NO")
            return 1
            ;;
        *)
            echo -n "[WARNING] Unknown input. "
            ;;
        esac
        printf "Please input [yes..no]: "
    done
}

iptablesconfig()
{
    iptables -P INPUT ACCEPT
    iptables -P FORWARD ACCEPT
    iptables -P OUTPUT ACCEPT

    iptables -F
    iptables -X
    iptables -Z

    iptables-save >/etc/sysconfig/iptables
    
    touch /etc/rc.d/rc.local
    chmod 755 /etc/rc.d/rc.local
    sed -i /iptables/d /etc/rc.d/rc.local
    echo "iptables-restore < /etc/sysconfig/iptables" >>/etc/rc.d/rc.local
    
    sed -i 's/SELINUX=.*$/SELINUX=disabled/g' /etc/sysconfig/selinux &>/dev/null	#centos7
    sed -i 's/SELINUX=.*$/SELINUX=disabled/g' /etc/selinux/config &>/dev/null		#centos6
    
    setenforce 0 &>/dev/null
    systemctl stop firewalld &>/dev/null
    systemctl disable firewalld &>/dev/null
}

systemconfig()
{
    #修改系统语言 需要为英文
    sed -i 's/^LANG=.*$/LANG="en_US.UTF-8"/g' /etc/locale.conf
    
    #修改时区相差八小时问题
    ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
    
    #ssh登陆慢
    sed -i '/^UseDNS/d' /etc/ssh/sshd_config
    sed -i '/^#UseDNS/a\UseDNS no' /etc/ssh/sshd_config
    sed -i '/^GSSAPIAuthentication/d' /etc/ssh/sshd_config
    sed -i '/^#GSSAPIAuthentication/a\GSSAPIAuthentication no' /etc/ssh/sshd_config
    systemctl restart sshd
    
    #配置DNS服务器
    echo "nameserver 114.114.114.114"  >/etc/resolv.conf
    
    #修改history相关属性
    mkdir -p /etc/profile.d
    
    echo "
PS1='\[\033[01;35m\][\u@\h \w]\\\$ \[\033[00m\]'
HISTSIZE=1000000

mkdir -p /root/.history
HISTFILE=/root/.history/history_\`echo \$SSH_CLIENT | cut -d' ' -f1\`
HISTTIMEFORMAT=\"[%F %T] \"
export HISTTIMEFORMAT
export PROMPT_COMMAND=\"history -a\"

export LANG=en_US.UTF-8
export LESSCHARSET=UTF-8

" >/etc/profile.d/private.sh

    source /etc/profile.d/private.sh
    
}

vimconfig()
{
    touch ~/.vimrc
    
    echo "
set nocompatible
set backspace=indent,eol,start
\"\"set backup
syntax on
set hlsearch
filetype plugin on
set ruler
set ts=4
set sw=4
set shiftwidth=4
set softtabstop=4
set nu
set autoindent
\"\"set textwidth=200
set noexpandtab
set encoding=utf-8
set fileencoding=utf-8
set fileencodings=ucs-bom,utf-8,chinese
set modeline
set t_vb=
" > ~/.vimrc

}

gitconfig()
{
    touch ~/.gitconfig
    
    echo "
[user] 
    name = 
    email = 
[credential]
    helper = store
[http]
    sslVerify = false
[i18n]
    logOutputEncoding = UTF-8
    commitEncoding = UTF-8
[core]
    editor = vim
    autocrlf = input
    quotepath = false
[push]
    default = current
[alias]
    lg = log --graph --format=format:'%C(cyan)[%ai]%C(reset) %C(bold blue)%h%C(reset) %C(bold green)(%ar)%C(reset) %C(bold red)%an%C(reset) %C(white)%s%C(reset) %C(bold yellow)%d%C(reset)'
    st = status 
    ls = log --graph --format=format:'%C(cyan)[%ai]%C(reset) %C(bold blue)%h%C(reset) %C(bold green)(%ar)%C(reset) %C(bold red)%an%C(reset) %C(white)%s%C(reset) %C(bold yellow)%d%C(reset)' --stat
    so = show
    cl = clean -xd
[color]
    ui = auto
[color \"branch\"]
    current = yellow reverse bold
    local = yellow bold
    remote = green bold
[color \"status\"]
    added = yellow bold
    changed  = red bold
    untracked = green bold
[color \"diff\"]
    meta = yellow bold
    frag = magenta bold
    commit = yellow bold
    old = red bold
    new = green bold
    whitespace = red reverse
[color \"diff-highlight\"]
    oldNormal = red bold
    oldHighlight = red bold 52
    newNormal = green bold
    newHighlight = green bold 22
" > ~/.gitconfig
}

yumconfig()
{
    sed -i 's!cachedir=.*$!cachedir=/opt/yum/!g' /etc/yum.conf
    sed -i 's/^keepcache=.*$/keepcache=1/g' /etc/yum.conf
    sed -i 's/^gpgcheck=.*$/gpgcheck=0/g' /etc/yum.conf
    sed -i 's/^plugins=.*$/plugins=0/g' /etc/yum.conf
    sed -i 's/^enabled=.*$/enabled=0/g' /etc/yum/pluginconf.d/fastestmirror.conf
    
    mkdir -p /etc/yum.repos.d/
    rm -rf /etc/yum.repos.d/*

    echo "
[base]
name=Base
baseurl=https://mirrors.aliyun.com/centos/7/os/x86_64/
enabled=1

[epel]
name=epel
baseurl=https://mirrors.aliyun.com/epel/7/x86_64/
enabled=1

[extra]
name=extra
baseurl=https://mirrors.aliyun.com/centos/7/extras/x86_64/
enabled=0

[docker]
name=docker
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/x86_64/stable/
enabled=0

[svn]
name=svn
baseurl=http://opensource.wandisco.com/centos/7/svn-1.11/RPMS/
enabled=0

[gitlab]
name=gitlab-ee
baseurl=https://packages.gitlab.com/gitlab/gitlab-ee/el/7/x86_64/
enabled=0

[intel]
name=intel
baseurl=https://download.01.org/QAT/repo
enabled=0
" >/etc/yum.repos.d/CentOS-Base.repo
    
    yum clean all && yum makecache
    
    # yum -y install vim git wget mlocate net-tools doxygen tree zip bzip2 file screen lrzsz
    # yum -y install autoconf libtool automake gcc gcc-c++ 
    
    # centos5.4 mirrors
    # http://mirrors.aliyun.com/centos-vault/5.4/os/x86_64/
    # http://archives.fedoraproject.org/pub/archive/epel/5/x86_64/
    # http://mirrors.aliyun.com/centos-vault/5.4/extras/x86_64/
    # http://mirrors.aliyun.com/centos-vault/5.4/centosplus/x86_64/
    # http://mirrors.aliyun.com/centos-vault/5.4/updates/x86_64/
    # http://opensource.wandisco.com/centos/5/svn-1.9/RPMS/
}

echo -n "[INFO] Are you sure to excute this script now?[yes/no]: "
yesnoinput

if [ "$?" -ne 0 ]; then
    echo "Exit script!"
    exit 1
fi

iptablesconfig
systemconfig
vimconfig
gitconfig
yumconfig