自动化脚本安装源码包

一、shell脚本自动化

#!/bin/bashwget https://mirrors.sonic.net/pub/OpenBSD/OpenSSH/portable/openssh-10.2p1.tar.gzyum-y group install “Development Tools”yum-y install openssl-develtar xf openssh-10.2p1.tar.gzcd openssh-10.2p1/./configuremakemake installsystemctl disable sshd –nowcat> /usr/lib/systemd/system/sshd10.service <       <END< span>        </END<>[Unit]Description=This is a openssh v8.6 service unit written by overtimer[Service]ExecStart=/usr/local/sbin/sshd -f /usr/local/etc/sshd_config -DExecReload=/bin/kill -HUP $MAINPIDKillMode=process[Install]WantedBy=multi-user.targetENDsed-i‘s/^#PermitRootLogin.*/PermitRootLogin yes/’ /usr/local/etc/sshd_configsystemctl daemon-reloadsystemctl enable sshd10 –now

二、Ansible自动化

—– name: Compile and install OpenSSH 10.2p1hosts: allgather_facts: truebecome: truevars:openssh_version:“10.2p1”openssh_tarball:“openssh-{{ openssh_version }}.tar.gz”openssh_download_url:“https://mirrors.sonic.net/pub/OpenBSD/OpenSSH/portable/{{ openssh_tarball }}”openssh_src_dir:“/root/openssh-{{ openssh_version }}”sshd_service_name:“sshd10”tasks:# 1. 下载 OpenSSH 源码包– name: Download OpenSSH {{ openssh_version }} source tarballget_url:url:“{{ openssh_download_url }}”dest:“/root/{{ openssh_tarball }}”mode:‘0644’timeout: 60register: download_resultuntil: download_result is succeededretries: 3delay: 5# 2. 安装编译依赖– name: Install Development Tools groupyum:name:“@Development Tools”state: present– name: Install openssl-develyum:name: openssl-develstate: present# 3. 解压源码包– name: Extract OpenSSH source tarballunarchive:src:“/root/{{ openssh_tarball }}”dest:“/root/”remote_src: truecreates:“{{ openssh_src_dir }}/configure”# 4. 编译安装 OpenSSH– name: Configure OpenSSH sourcecommand: ./configureargs:chdir:“{{ openssh_src_dir }}”creates:“{{ openssh_src_dir }}/Makefile”– name: Compile OpenSSHmake:chdir:“{{ openssh_src_dir }}”– name: Install OpenSSHmake:chdir:“{{ openssh_src_dir }}”target: install# 5. 停止并禁用原有 sshd 服务– name: Stop and disable original sshd servicesystemd:name: sshdstate: stoppedenabled: falsedaemon_reload: true# 6. 创建自定义 sshd10 systemd 服务文件– name: Create sshd10 systemd service filecopy:dest:“/usr/lib/systemd/system/{{ sshd_service_name }}.service”content:|[Unit]Description=This is a openssh v8.6 service unit written by overtimer[Service]ExecStart=/usr/local/sbin/sshd -f /usr/local/etc/sshd_config -DExecReload=/bin/kill -HUP$MAINPIDKillMode=process[Install]WantedBy=multi-user.targetmode:‘0644’# 7. 修改 sshd_config 允许 root 登录– name: Enable root login in sshd_configlineinfile:path: /usr/local/etc/sshd_configregexp:‘^#?PermitRootLogin’line:‘PermitRootLogin yes’state: present# 8. 重新加载 systemd 并启用启动 sshd10 服务– name: Reload systemd daemon and enable/start sshd10 servicesystemd:name:“{{ sshd_service_name }}”state: startedenabled: truedaemon_reload: true