Skip to content

Instantly share code, notes, and snippets.

Avatar

Chris Nakagaki Zsoldier

View GitHub Profile
@Zsoldier
Zsoldier / Set-NSXTSegmentProfiles.ps1
Created May 29, 2020
Example on how to change segment discovery, qos, and security profiles enmasse.
View Set-NSXTSegmentProfiles.ps1
#Change Segment Profiles
$Credential = Get-Credential
$skipcertcheck = $true
$AuthMethod = “Basic”
$NSXMgr=”IPorDNSName”
$policyapi = "/policy/api/v1"
$base_url = ("https://" + $NSXMgr + $policyapi)
#Change these to the name of the various profiles you want to remap all your segments to.
$TargetIPDPName = "default-ip-discovery-profile"
@Zsoldier
Zsoldier / delete-routeadvertisementrule.ps1
Created May 22, 2020
Example on how to call NSX-T Rest API via powershell to delete a route advertisement rule associated w/ a T1.
View delete-routeadvertisementrule.ps1
$NSXMgr=”IPorDNSName”
$Credential = Get-Credential #Must be Enterprise Admin role. Typically “admin”
$skipcertcheck = $true
$AuthMethod = “Basic”
$TargetRouterName = “LeeroyJenkinsT1”
#To get target logical router id
$lrdata = Invoke-restmethod -Uri “https://$($NSXMgr)/api/v1/logical-routers” -Method GET -Credential $Credential -SkipCertificateCheck:$skipcertcheck -Authentication:$AuthMethod
$routerid = ($lrdata.results | Where-Object {$_.display_name -eq $TargetRouterName}).id
View New-HCXMobilityGroupKai.ps1
# Grab VM object from HCX (Cannot be from vCenter)
$vm = Get-HCXVM -Name "NameofVM"
# If you have multiple sources or destination, you would need to augment with parameters such as name, server(hcxserver), and/or id.
$sourceSite = Get-HCXSite -Source
$targetSite = Get-HCXSite -Destination
# Source and target networks assume just one network adapter.
# For more than one adapter, you would need to loop through each source adapter and add to $NetworkMapping array.
$sourceNetwork = $vm.Network[0]
@Zsoldier
Zsoldier / Get-NSXESGFirewallRuleReport.ps1
Created Apr 25, 2020
Basically a way to pull the table you see in the interface in case you need to share config w/ someone.
View Get-NSXESGFirewallRuleReport.ps1
#Requires -Module PowerCLI,PowerNSX
$ESG = Get-NsxEdge -Name "BobLoblaw"
$ESGFW = $ESG | get-NSXEdgeFirewall
$ESGFWRules = Get-NSXEdgeFirewallRule -EdgeFirewall $ESGFW
$CustomReport = @()
$i = 1
Foreach ($Rule in $ESGFWRules)
{
$NewObject = "" | Select-Object RuleNo, RuleID, RuleName, Source, Destination, Description, ServicePorts, Action, appliedTo, datacentername
@Zsoldier
Zsoldier / MacOSTerminalProfileRestore.sh
Last active Apr 7, 2020
Basically a way for me to sync changes via dropbox and restore a MacOS terminal environment w/o bringing along all the garbage that Time Machine will likely haul with it.
View MacOSTerminalProfileRestore.sh
overwrite=true #only applies to zsh profile, not implemented for other stuff. no overwrite by default elsewhere.
brew=true
SyncDir=~/Documents/_NakaProfile
customsudodir=/etc/sudoers.d/
ZSHPlugins=$SyncDir/zsh/custom/plugins/
ZSHThemes=$SyncDir/zsh/custom/themes/
VPNConfigs=$SyncDir/vpn/
stoken=$SyncDir/stoken
customsudofiles=$SyncDir/customsudo/
@Zsoldier
Zsoldier / EdgeOSUpdateHostsBulk.sh
Last active Jan 17, 2020 — forked from lanefu/EdgeOSUpdateHostsBulk.sh
Bulk Insert of active EdgeOS dhcp leases into /etc/hosts aka regenerate entries in /etc/hosts
View EdgeOSUpdateHostsBulk.sh
## do this before hand
## vyatta will try to eval show under the wrong circumstances
show dhcp leases > /tmp/leases.txt
### dump below in a file, execute with bash
MY_INTERNAL_DOMAIN=local
IFS=$'\n'
for line in $(printf "$(cat /tmp/leases.txt|tail -n +3|awk '{print $6, $1, $2}')")
do
@Zsoldier
Zsoldier / Add-SSHUser.sh
Last active Jan 17, 2020
Effectively, the script works like so: An existing sudoer/root/admin must run this script. You provide a username and the user's ssh public key. Set sudoer to true or false (or anything other than true really) customsudofile path defaults to /etc/sudoers.d/nopasswd Essentially, anything in sudoers.d path is ingested by sudoer file as an override…
View Add-SSHUser.sh
username=""
sshpubkey=""
sudoer=true
allownopasswd=true
customsudodir="/etc/sudoers.d/"
tmpsudofile="/tmp/nopasswd" #used for safety check to assure sudo syntax is correct.
customsudodata="%sudo ALL=(ALL:ALL) NOPASSWD: ALL"
useradd $username
@Zsoldier
Zsoldier / bashApplesandPythonExample.sh
Last active Sep 27, 2019
Bash Function example calling several terminal windows in MacOS using AppleScript to launch sshuttle sessions.
View bashApplesandPythonExample.sh
#First argument defines last IP octet for 2nd and 3rd commands.
#Second argument defines an additional subnet you want to proxy for the last sshuttle connection.
crazystuffhere(){
echo -n Password:
read -s something
echo "Connecting to 1st Jumpbox 192.168.5.50 and proxying IP 192.168.10.50 through it."
osascript -e "tell app \"Terminal\"
do script \"sshuttle -r 192.168.5.50 192.168.10.50\"
delay 2
end tell"
@Zsoldier
Zsoldier / Get-AzureGlobalReachEnabledERCircuits.ps1
Last active Aug 7, 2020
Gather ExpressRoute Circuits with Global Reach enabled. This does account for multiple subscriptions as well.
View Get-AzureGlobalReachEnabledERCircuits.ps1
#Requires -Modules az
Connect-AzAccount
$ERGREnabled = @()
$GRDataFull = @()
$ERCircuits = @()
$Subs = Get-AzSubscription
Foreach ($Sub in $Subs){
Select-AzSubscription $Sub
$ERCircuits += Get-AzExpressRouteCircuit
}
@Zsoldier
Zsoldier / cloud-init.yaml
Created Sep 10, 2019 — forked from syntaqx/cloud-init.yaml
cloud init to install docker on ubuntu
View cloud-init.yaml
#cloud-config
package_update: true
package_upgrade: true
package_reboot_if_required: true
manage-resolv-conf: true
resolv_conf:
nameservers:
- '8.8.8.8'
You can’t perform that action at this time.