Matt laidbackware

## part1_answers.yml
---
nsxt_ip_sets:
- display_name: google_dns
  ip_addresses:
  - '8.8.8.8'
  - '8.8.4.4'
  state: present
nsxt_firewall_section:
- display_name: Default rules
  stateful: True

## manager.yml
---
hostname: nsxt-manager.lab.local
username: admin
password: nsxt-password
validate_certs: False

## firewall_ipsets.yml
---
- hosts: 127.0.0.1
  connection: local
  tasks:
    - name: Create a new IP Set
      nsxt_ip_sets:
        hostname: "{{ hostname }}"
        username: "{{ username }}"
        password: "{{ password }}"
        validate_certs: "{{ validate_certs }}"

## nsxt_part2_answers.yml
---
nsxt_services:
- display_name: HTTPS-Alt
  nsservice_element:
    destination_ports:
    - 8443
    l4_protocol: TCP
    resource_type: L4PortSetNSService
  state: present
nsxt_ip_sets:

## nsxt_part2_playbook.yml
---
- hosts: 127.0.0.1
  connection: local
  tasks:
    - name: Create service
      nsxt_services:
        hostname: "{{ hostname }}"
        username: "{{ username }}"
        password: "{{ password }}"
        validate_certs: "{{ validate_certs }}"

## bosh_permissions.py
import ssl, atexit, os, time, sys
try:
    from pyVim import connect
except:
    from pyvim import connect
from pyVmomi import vim
from getpass import getpass
try:
    vc_fqdn = sys.argv[1]
except IndexError:

## update_protected_router.py
import requests, json
from pprint import pprint

from urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)

# Setup session object
s = requests.Session()
s.verify = False
# The X-Allow-Overwrite parameter will allow the admin user to update protected objects

## om_pks_prep.sh
#!/bin/bash

set -euxo pipefail

OM_TOKEN=$1

OM_VERSION=4.4.2
UAA_CLI_VERSION=0.10.0
PKS_VERSION=1.6.1

## parent_branch.sh
#!/bin/bash
git show-branch -a \
| grep '\*' \
| grep -v `git rev-parse --abbrev-ref HEAD` \
| head -n1 \
| sed 's/.*\[\(.*\)\].*/\1/' \
| sed 's/[\^~].*//'

## gist:54f90dd2fae7735f03a93cb2b1552db7

# Get machine cert from $HOSTNAME on $PORT
echo -n | openssl s_client -connect ${HOSTNAME}:${PORT} 2>/dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'
	---
	nsxt_ip_sets:
	- display_name: google_dns
	ip_addresses:
	- '8.8.8.8'
	- '8.8.4.4'
	state: present
	nsxt_firewall_section:
	- display_name: Default rules
	stateful: True
	---
	hostname: nsxt-manager.lab.local
	username: admin
	password: nsxt-password
	validate_certs: False
	---
	- hosts: 127.0.0.1
	connection: local
	tasks:
	- name: Create a new IP Set
	nsxt_ip_sets:
	hostname: "{{ hostname }}"
	username: "{{ username }}"
	password: "{{ password }}"
	validate_certs: "{{ validate_certs }}"
	---
	nsxt_services:
	- display_name: HTTPS-Alt
	nsservice_element:
	destination_ports:
	- 8443
	l4_protocol: TCP
	resource_type: L4PortSetNSService
	state: present
	nsxt_ip_sets:
	import ssl, atexit, os, time, sys
	try:
	from pyVim import connect
	except:
	from pyvim import connect
	from pyVmomi import vim
	from getpass import getpass
	try:
	vc_fqdn = sys.argv[1]
	except IndexError:
	import requests, json
	from pprint import pprint

	from urllib3.exceptions import InsecureRequestWarning
	requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)

	# Setup session object
	s = requests.Session()
	s.verify = False
	# The X-Allow-Overwrite parameter will allow the admin user to update protected objects
	#!/bin/bash

	set -euxo pipefail

	OM_TOKEN=$1

	OM_VERSION=4.4.2
	UAA_CLI_VERSION=0.10.0
	PKS_VERSION=1.6.1
	#!/bin/bash
	git show-branch -a \
	\| grep '\*' \
	\| grep -v `git rev-parse --abbrev-ref HEAD` \
	\| head -n1 \
	\| sed 's/.\[\(.\)\].*/\1/' \
	\| sed 's/[\^~].*//'

	# Get machine cert from $HOSTNAME on $PORT
	echo -n \| openssl s_client -connect ${HOSTNAME}:${PORT} 2>/dev/null \| sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'