* nmcli: honor IP options for VPNs
This can be used for split tunneling - I extended a test as an example.
* Add changelog
(cherry picked from commit 946c48d148)
Co-authored-by: Chih-Hsuan Yen <yan12125@gmail.com>
* nmcli: avoid changed status for most cases with VPN connections
Follow-up https://github.com/ansible-collections/community.general/pull/4746
* `nmcli connection show` includes vpn.service-type but not vpn-type.
Switching to vpn.service-type removes unneeded diffs while keeping
the same functionality, as vpn-type is an alias of vpn.service-type
per nm-settings-nmcli(1).
NetworkManager also adds `org.freedesktop.NetworkManager.` prefix for
known VPN types [1]. The logic is non-trivial so I didn't implement it
in this commit. If a user specifies `service-type: l2tp`, changed will
be always be True:
- "vpn.service-type": "org.freedesktop.NetworkManager.l2tp"
+ "vpn.service-type": "l2tp"
* The vpn.data field from `nmcli connection show` is sorted by keys and
there are spaces around equal signs. I added codes for parsing such
data.
Tests are also updated to match outputs of nmcli commands.
[1] https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/1.38.4/src/libnm-core-impl/nm-vpn-plugin-info.c#L619
* Add changelog
* Some suggested changes
* Make space stripping more flexible - works for cases without equal
signs.
* Keep vpn.data in a test case with no spaces
* nmcli: allow any string for vpn service-type
(cherry picked from commit 6ff594b524)
Co-authored-by: Chih-Hsuan Yen <yan12125@gmail.com>
* Move licenses to LICENSES/, run add-license.py, add LICENSES/MIT.txt.
* Replace 'Copyright:' with 'Copyright'
sed -i 's|Copyright:\(.*\)|Copyright\1|' $(rg -l 'Copyright:')
Co-authored-by: Maxwell G <gotmax@e.email>
(cherry picked from commit 123c7efe5e)
Co-authored-by: Felix Fontein <felix@fontein.de>
* do not convert undefined lists to empty strings
* add changelog fragment (#4813)
(cherry picked from commit 72faebffc6)
Co-authored-by: geichelberger <35195803+geichelberger@users.noreply.github.com>
* add support to create L2TP and PPTP VPN connection
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* apply changes pointed on tests and review
- add changelog fragment
- change example code to use jinja2 in place of shell command
* removes trailing whitespace
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* removes linux command from examples
* remove unnecessary brakets
Co-authored-by: Felix Fontein <felix@fontein.de>
* remove unnecessary brakets
Co-authored-by: Felix Fontein <felix@fontein.de>
* simplify psk encoding on example
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* add unit tests
- test unchenged l2tp and pptp vpn connections
- test create l2tp and pptp vpn connections
- fix is_connection_changed to remove default ifname attribuition
* improve tests on vpn.data param
- fix _compare_conn_params to handle vpn.data as lists
* removes block and set_fact from example
Co-authored-by: Felix Fontein <felix@fontein.de>
* makes line shortter to better reading
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit e5e485390d)
Co-authored-by: José Roberto Emerich Junior <jremerich@gmail.com>
* nmcli: use capital case "DNS" in documentation
In documentation sometimes DNS was written in (incorrect) lower
case "dns" and sometimes in (correct) capital case "DNS". Use the
right capital case spelling in all parameter descriptions.
* nmcli: documentation language
Co-authored-by: Felix Fontein <felix@fontein.de>
* nmcli: documentation language
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 2eadedef6d)
Co-authored-by: bluikko <14869000+bluikko@users.noreply.github.com>
* nmcli: Deprecate default hairpin mode
Deprecate the default hairpin mode for a bridge.
Plain nmcli/bridge tools defaults to no, but for some reason ansible
defaults to yes.
We deprecate the default value so we can switch to default 'no' in
ansible 6.0.0
* Code review fixes
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fix comments
* Update changelogs/fragments/4320-nmcli-hairpin.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelogs/fragments/4320-nmcli-hairpin.yml
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Remove nmcli modify dependency on type parameter
* Add fragment
* Add newline for lint
* Fixed linting for tests
* Fix fragment
* Move aliases to ip_conn_type function
* Remove connection_map
* Updated fragment
* Fixed fragment
Co-authored-by: Trey West <--local>
* nmcli: add wireguard connection type
* nmcli: fix wireguard unit tests
* nmcli: set ipv4.method to disabled if ip4 not set
Method 'auto' is not supported for WireGuard
* nmcli: add wireguard documentation
* nmcli: clean up wireguard documentation
* nmcli: add wireguard changelog fragment
* nmcli: fix wireguard documentation
* Apply suggestions from code review
Co-authored-by: Andrew Pantuso <ajpantuso@gmail.com>
Co-authored-by: Andrew Pantuso <ajpantuso@gmail.com>
* rebase
* Add changelog fragment
* add suggestions
* split PR into two
* Add multiple address support but with #3768 fiexed
* rebase
* clean some merge artifacts
* update the wording
* Add support for addr-gen-mode and ip6-privacy options
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* try to solve conflict
* add suggested code + fix some of its issues
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* change ip6 type to list of str and fix problem with setting addresses without netmask
* change ip6 type to list of str and fix problem with setting addresses without netmask
* Add changelog fragment
* add suggestions
* fix no mask using bug
* Make change independed from feature branch
* change ip4 type to list of str
* Add several tests and change documentation
* Update changelogs/fragments/1088-nmcli_add_multiple_addresses_support.yml
Co-authored-by: Andrew Pantuso <ajpantuso@gmail.com>
Co-authored-by: Andrew Pantuso <ajpantuso@gmail.com>
* nmcli: Fix ipv6.dns not being recongnized as list
There was a missing comma on the previous line.
* nmcli: Add changelog fragment for #3563
* nmcli: Update changelogs/fragments/3563-nmcli-ipv6_dns.yaml
Make the fix description more descriptive
Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
* nmcli: Remove ipv4.route-metric from list-typed properties
Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
* nmcli: Update fragment 3563 with ipv4.route-metric bug
Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
* Updated nmcli.py
Amended the routing-rules4 values as list. By this we could add the entries for "routing_rules4" in the form of a list .
* Update nmcli.py
Fixed typo in line #1701
* 3395-nmcli-needs-type.yml
routing_rules4 module argument is currently accepting only string elements. In order to accept multiple values, amended the type of routing_rules4 as list.
* nmcli: amended the routing-rules4 key values as list
routing_rules4 module argument is currently accepting only string elements. In the case of adding multiple entries to routing_rules4, we need to accept values as list.
* Added 3401-nmcli-needs-type.yml
routing_rules4 module argument is currently accepting only string elements. In the case of adding multiple entries to routing_rules4, we need to accept values as lists
* Amended type to 'minor_changes'
Amended type to 'minor_changes' from 'bug_fixes'
* routing_rules4 to a list of element str
nmcli.py - routing_rules4 to a list of element str
* Update changelogs/fragments/3401-nmcli-needs-type.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* nmcli: allow routing-rules4 key values as list
* nmcli: amended the routing-rules4 key values as list
* nmcli: amended the routing-rules4 key values as list
* nmcli: amended the routing-rules4 key values as list
* test_nmcli: amended whitespaces
* Update 3401-nmcli-needs-type.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* nmcli: Disallow Wi-Fi options not supported by nmcli
By querying nmcli directly
* Added changelog fragment
* Added tests
* Simplify `get_available_options()`
* Update changelogs/fragments/3141-disallow-options-unsupported-by-nmcli.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Remove redundant `802-11-wireless` settings from test show outputs
* Update `mocked_wireless_create(mocker)`
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
* Address comment re. creating function & use nmcli naming conventions
I.E. `setting`.`property` = `value`
```
nmcli> help set
set [<setting>.<prop> <value>] :: set property value
This command sets property value.
Example: nmcli> set con.id My connection
```
* Added `ignore_unsupported_suboptions` option & improved `wifi(_sec)` doc
* Corrected pep8 issues
```
ERROR: Found 2 pep8 issue(s) which need to be resolved:
ERROR: plugins/modules/net_tools/nmcli.py:342:161: E501: line too long
(236 > 160 characters)
ERROR: plugins/modules/net_tools/nmcli.py:359:161: E501: line too long
(237 > 160 characters)
```
* Fixed remaining sanity check issues and added even more docs
* No need to split Note
* Update plugins/modules/net_tools/nmcli.py
3.5.0 has already been released.
Co-authored-by: Felix Fontein <felix@fontein.de>
* Followed uniformity guideline for format macros from Ansible's dev guide
* Addressed comment
https://github.com/ansible-collections/community.general/pull/3141#discussion_r689098383
* Documentation cleanup continuation
* Replace `NM_SETTING_*`s having a description with their numeric value
* Splitting up long paragraphs.
Also removed `wifi`.`seen-bssids` as it "`is only meant for reading`"
* Addressed remaining comments and clarified `wake-on-lan` note
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Finishing addressing documentation comments.
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
* Update nmcli.py
* Added wifi-related `list` type options to `settings_type` method
* Moved `edit_commands` `execution` logic into its own method
* Move `unsupported_property` deletion into `main` function
* Missing `.items()`
* Resolved missing proper `nmcli conn edit` arguments
* Resolve pylint issue `dangerous-default-value`
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
Co-authored-by: David Hummel <dhummel@Fingerling>
* nmcli: use `stdin` for setting private `wifi_sec` options
I.E.:
* `802-11-wireless-security.leap-password`
* `802-11-wireless-security.psk`
* `802-11-wireless-security.wep-key0`
* `802-11-wireless-security.wep-key1`
* `802-11-wireless-security.wep-key2`
* `802-11-wireless-security.wep-key3`
* Changelog fragement formatting.
* Update changelogs/fragments/3160-pass-wifi-secrets-via-stdin-to-nmcli-module.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Make `wifi_sec_secret_options()` into a constant
* Minor cleanup
`'set ' + key + ' ' + value`
=>
`'set %s %s' % (key, value)`
* Change `casing`
* Change `WIFI_SEC_SECRET_OPTIONS` from `list` to `tuple`
* Update `edit_connection()` to not reset `edit_commands`
It will just re`set` them if `edit_connection()` is called more than
once.
* Do not call `edit_connection()` if `connection_update(*)` fails
* Fixed `pep8` issue `E713` in tests
`test for membership should be 'not in'`
* Simplify `create_connection()`/`modify_connection()` logic
* `WIFI_SEC_SECRET_OPTIONS`=>`SECRET_OPTIONS`, options are prefixed
* Moved `if key in self.SECRET_OPTIONS` into `if value is not None` check
We don't need to do anything is the value is None
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fixed `wifi_sec` option changes are not detected
Also updated `docs` URL and formatting to match that of the `wifi`
option
* Removed extraneous `appends` to `cmd` in `connection_update`
These really should have only been added to `connection_options` whose
return values get `extended` onto `cmd`
* [nmcli] add connection.slave-type for teamed devices
* [nmcli] add fragment with changes for #2827
* [nmcli] add tests for network team
* [nmcli] fix testing
Co-authored-by: Oriol MULA VALLS <oriol.mula@lxp.lu>
* nmcli: Remove dead code, 'options' never contains keys from 'param_alias'
* Update changelogs/fragments/2417-nmcli_remove_dead_code.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* nmcli: Compare MAC addresses case insensitively
* Update changelogs/fragments/2416-nmcli_compare_mac_addresses_case_insensitively.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add mac to TESTCASE_BRIDGE so test_bridge_connection_unchanged covers case sensitive mac address comparison
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Convert current_value to uppercase as well in case nmcli changes behaviour
Co-authored-by: Felix Fontein <felix@fontein.de>
* nmcli: manual overwrite MAC address for any devices
Don't restrict the ability to manually set the MAC address to the
bridge. NetworkManager is able to set a static MAC address to the
vaste majority of the device types.
* Update changelogs/fragments/2224_nmcli_allow_MAC_overwrite.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fix: nmcli - Ensure slave-type for bond-slave
Hello 🙂
When using bond-slave type, by default command sent to nmcl is:
['/usr/bin/nmcli', 'con', 'add', 'type', 'bond-slave', 'con-name', 'enp129s0f0', 'connection.interface-name', 'enp129s0f0', 'connection.autoconnect', 'yes', 'connection.master', 'bond0']
Which is not enough, nmcli will complain that connection.slave-type is missing. This small fix solve this issue.
If this change is approved, I will add the changelog fragment.
* Fix: nmcli - Adding changelog fragment for 1882
* Update changelogs/fragments/1882-fix-nmcli-ensure-slave-type-for-bond-slave.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Removed the bridge-slave from list of ip based connections since nmcli does not accept IP options for bridge-slave connections.
* Update changelogs/fragments/1517-bridge-slave-from-list-of-ip-based-connections.yml
Thanks for the tip.
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* * Refactor `nmcli` module to use consistent parameters when creating/modifying connections and detecting changes.
* Keep DNS list arguments as lists internally.
* Remove duplicated code where practical.
* DBus and GObject dependencies are not necessary.
* Update changelog fragment.
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelog fragment.
Co-authored-by: Felix Fontein <felix@fontein.de>
* Use identity operator instead of equality for type comparison.
* Don't start changelog notes with a capital letter.
* * Have `settings_type` return `str` by default instead of `None`.
* Improve variable naming, use `convert_func` instead of `type_cast`.
* Revert new feature of allowing ethernet types as slaves.
* Bring back `list_connection_info` to list all connections with `nmcli con show`.
Co-authored-by: Felix Fontein <felix@fontein.de>
* Type: Wrong package names
In Red Hat systems, python packages are preceeded by `python3-`
* Use Python 2 packages on CentOS 7 and Fedora <= 28.
Co-authored-by: Frank Brütting <fbruetting@users.noreply.github.com>