From 6a8eb7b388c53acce4d8d701bda86fc9382df7b9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gon=C3=A9ri=20Le=20Bouder?= <goneri@lebouder.net>
Date: Sun, 18 Apr 2021 04:59:23 -0400
Subject: [PATCH] nmcli: add wifi support (#2220)

* nmcli: add wifi support

Ability to:

- connect NetworkManager to a Wifi network
- attach the connection to a master (bond).

* target 3.0.0
---
 .../fragments/2220_nmcli_wifi_support.yaml    |  3 ++
 plugins/modules/net_tools/nmcli.py            | 52 +++++++++++++++++--
 2 files changed, 51 insertions(+), 4 deletions(-)
 create mode 100644 changelogs/fragments/2220_nmcli_wifi_support.yaml

diff --git a/changelogs/fragments/2220_nmcli_wifi_support.yaml b/changelogs/fragments/2220_nmcli_wifi_support.yaml
new file mode 100644
index 0000000000..224c4dc526
--- /dev/null
+++ b/changelogs/fragments/2220_nmcli_wifi_support.yaml
@@ -0,0 +1,3 @@
+---
+minor_changes:
+- "nmcli - add ability to connect to a Wifi network and also to attach it to a master (bond) (https://github.com/ansible-collections/community.general/pull/2220)."
diff --git a/plugins/modules/net_tools/nmcli.py b/plugins/modules/net_tools/nmcli.py
index d5b329fe03..2b402a2230 100644
--- a/plugins/modules/net_tools/nmcli.py
+++ b/plugins/modules/net_tools/nmcli.py
@@ -54,7 +54,7 @@ options:
             - Type C(generic) is added in Ansible 2.5.
             - Type C(infiniband) is added in community.general 2.0.0.
         type: str
-        choices: [ bond, bond-slave, bridge, bridge-slave, ethernet, generic, infiniband, ipip, sit, team, team-slave, vlan, vxlan ]
+        choices: [ bond, bond-slave, bridge, bridge-slave, ethernet, generic, infiniband, ipip, sit, team, team-slave, vlan, vxlan, wifi ]
     mode:
         description:
             - This is the type of device or network connection that you wish to create for a bond, team or bridge.
@@ -279,6 +279,19 @@ options:
             - When updating this property on a currently activated connection, the change takes effect immediately.
        type: str
        version_added: 2.0.0
+    wifi_sec:
+       description:
+            - 'The security configuration of the Wifi connection. The valid attributes are listed on:'
+            - 'U(https://developer.gnome.org/NetworkManager/stable/settings-802-11-wireless-security.html)'
+            - 'For instance to use common WPA-PSK auth with a password:'
+            - '- C({key-mgmt: wpa-psk, psk: my_password})'
+       type: dict
+       version_added: 3.0.0
+    ssid:
+       description:
+            - Name of the Wireless router or the access point.
+       type: str
+       version_added: 3.0.0
 '''
 
 EXAMPLES = r'''
@@ -582,6 +595,19 @@ EXAMPLES = r'''
 #     - 8 NetworkManager is not running
 #     - 9 nmcli and NetworkManager versions mismatch
 #     - 10 Connection, device, or access point does not exist.
+
+- name: Create the wifi connection
+  community.general.nmcli:
+    type: wifi
+    conn_name: Brittany
+    ifname: wlp4s0
+    ssid: Brittany
+    wifi_sec:
+      key-mgmt: wpa-psk
+      psk: my_password
+    autoconnect: true
+    state: present
+
 '''
 
 RETURN = r"""#
@@ -665,6 +691,8 @@ class Nmcli(object):
         self.nmcli_bin = self.module.get_bin_path('nmcli', True)
         self.dhcp_client_id = module.params['dhcp_client_id']
         self.zone = module.params['zone']
+        self.ssid = module.params['ssid']
+        self.wifi_sec = module.params['wifi_sec']
 
         if self.method4:
             self.ipv4_method = self.method4
@@ -774,7 +802,10 @@ class Nmcli(object):
                 'vxlan.local': self.vxlan_local,
                 'vxlan.remote': self.vxlan_remote,
             })
-
+        elif self.type == 'wifi':
+            options.update({
+                'connection.slave-type': 'bond' if self.master else None,
+            })
         # Convert settings values based on the situation.
         for setting, value in options.items():
             setting_type = self.settings_type(setting)
@@ -808,6 +839,7 @@ class Nmcli(object):
             'infiniband',
             'team',
             'vlan',
+            'wifi'
         )
 
     @property
@@ -845,6 +877,7 @@ class Nmcli(object):
             'bond-slave',
             'bridge-slave',
             'team-slave',
+            'wifi',
         )
 
     @property
@@ -919,6 +952,13 @@ class Nmcli(object):
         else:
             ifname = self.ifname
 
+        if self.type == "wifi":
+            cmd.append('ssid')
+            cmd.append(self.ssid)
+            if self.wifi_sec:
+                for name, value in self.wifi_sec.items():
+                    cmd += ['wifi-sec.%s' % name, value]
+
         options = {
             'connection.interface-name': ifname,
         }
@@ -940,7 +980,7 @@ class Nmcli(object):
 
     @property
     def create_connection_up(self):
-        if self.type in ('bond', 'ethernet', 'infiniband'):
+        if self.type in ('bond', 'ethernet', 'infiniband', 'wifi'):
             if (self.mtu is not None) or (self.dns4 is not None) or (self.dns6 is not None):
                 return True
         elif self.type == 'team':
@@ -1088,7 +1128,8 @@ def main():
                           'team',
                           'team-slave',
                           'vlan',
-                          'vxlan'
+                          'vxlan',
+                          'wifi',
                       ]),
             ip4=dict(type='str'),
             gw4=dict(type='str'),
@@ -1141,8 +1182,11 @@ def main():
             ip_tunnel_dev=dict(type='str'),
             ip_tunnel_local=dict(type='str'),
             ip_tunnel_remote=dict(type='str'),
+            ssid=dict(type='str'),
+            wifi_sec=dict(type='dict', no_log=True),
         ),
         mutually_exclusive=[['never_default4', 'gw4']],
+        required_if=[("type", "wifi", [("ssid")])],
         supports_check_mode=True,
     )
     module.run_command_environ_update = dict(LANG='C', LC_ALL='C', LC_MESSAGES='C', LC_CTYPE='C')