nmcli: fixed inability to change mtu on vlan connection (#6104)
* tests updated
Co-authored-by: Sam Potekhin <heaveaxy@gmail.com>
(cherry picked from commit 2dee3464dd)
Co-authored-by: Sam Potekhin <24751685+heaveaxy@users.noreply.github.com>
nmcli: Treat order as significant when comparing address lists (#6048)
* nmcli: Treat order as significant when comparing address lists
Don't sort the old and new values for ipv4.addresses and
ipv6.addresses before comparing them, because order matters in these
parameters: the first address specified is the default source address
for outbound connections.
* Changelog fragment for #6048
* Update changelogs/fragments/6048-nmcli-addres-order.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 682c6fc967)
Co-authored-by: Jonathan Kamens <jik@kamens.us>
nmcli: two fixes needed to make wifi.wake-on-wlan settings work properly (#5431)
* nmcli: Convert current value of wifi.wake-on-wlan before comparing
The new value of wifi.wake-on-wlan is specified as an integer, but in
the nmcli output it's specified as a hex string followed by a textual
description of it. Therefore, to determine properly whether it's being
changed we need to pull the hex string out of the current value,
convert it into an integer, and finally convert the integer back to a
string so that we can compare it to the new specified value. Without
this change, whenever wifi.wake-on-wlan is specified in the module
arguments the module will think the value is being changed even when
it isn't.
* nmcli: Handle wifi options correctly when connection type not specified
When an nmcli task does not specify the connection type and the module
ask nmcli for it, the module needs to convert nmcli's
`802-11-wireless` to `wifi`, the term for this connection type used by
the module.
* nmcli: Correctly detect values changed to the integer 0
If the user specifies a value of 0 (without quotes) in a task, we
should interpret that as an actual value, not empty, when comparing
the new value to the old one. Otherwise we incorrectly conclude that
there was no change.
* Changelog fragment for #5431
(cherry picked from commit 490899f87f)
Co-authored-by: Jonathan Kamens <jik@kamens.us>
* Adds transport_mode configuration for Infiniband devices
Adds transport_mode configuration for Infiniband based ipoib devices,
which is one of:
- datagram (default)
- connected
* Remove trailing whitespace
* Add changelog fragment
* Update changelogs/fragments/5361-nmcli-add-infiniband-transport-mode.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Remove default for transport_mode
* Add test for changing Infiniband transport_mode
* remove blank line at end of file
Co-authored-by: Thomas Gebert <thomas.gebert@atos.net>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit b54483b52e)
Co-authored-by: ThomasGebert <44234595+ThomasGebert@users.noreply.github.com>
* nmcli: honor IP options for VPNs
This can be used for split tunneling - I extended a test as an example.
* Add changelog
(cherry picked from commit 946c48d148)
Co-authored-by: Chih-Hsuan Yen <yan12125@gmail.com>
* nmcli: avoid changed status for most cases with VPN connections
Follow-up https://github.com/ansible-collections/community.general/pull/4746
* `nmcli connection show` includes vpn.service-type but not vpn-type.
Switching to vpn.service-type removes unneeded diffs while keeping
the same functionality, as vpn-type is an alias of vpn.service-type
per nm-settings-nmcli(1).
NetworkManager also adds `org.freedesktop.NetworkManager.` prefix for
known VPN types [1]. The logic is non-trivial so I didn't implement it
in this commit. If a user specifies `service-type: l2tp`, changed will
be always be True:
- "vpn.service-type": "org.freedesktop.NetworkManager.l2tp"
+ "vpn.service-type": "l2tp"
* The vpn.data field from `nmcli connection show` is sorted by keys and
there are spaces around equal signs. I added codes for parsing such
data.
Tests are also updated to match outputs of nmcli commands.
[1] https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/1.38.4/src/libnm-core-impl/nm-vpn-plugin-info.c#L619
* Add changelog
* Some suggested changes
* Make space stripping more flexible - works for cases without equal
signs.
* Keep vpn.data in a test case with no spaces
* nmcli: allow any string for vpn service-type
(cherry picked from commit 6ff594b524)
Co-authored-by: Chih-Hsuan Yen <yan12125@gmail.com>
* Move licenses to LICENSES/, run add-license.py, add LICENSES/MIT.txt.
* Replace 'Copyright:' with 'Copyright'
sed -i 's|Copyright:\(.*\)|Copyright\1|' $(rg -l 'Copyright:')
Co-authored-by: Maxwell G <gotmax@e.email>
(cherry picked from commit 123c7efe5e)
Co-authored-by: Felix Fontein <felix@fontein.de>
* do not convert undefined lists to empty strings
* add changelog fragment (#4813)
(cherry picked from commit 72faebffc6)
Co-authored-by: geichelberger <35195803+geichelberger@users.noreply.github.com>
* add support to create L2TP and PPTP VPN connection
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* apply changes pointed on tests and review
- add changelog fragment
- change example code to use jinja2 in place of shell command
* removes trailing whitespace
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* removes linux command from examples
* remove unnecessary brakets
Co-authored-by: Felix Fontein <felix@fontein.de>
* remove unnecessary brakets
Co-authored-by: Felix Fontein <felix@fontein.de>
* simplify psk encoding on example
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* add unit tests
- test unchenged l2tp and pptp vpn connections
- test create l2tp and pptp vpn connections
- fix is_connection_changed to remove default ifname attribuition
* improve tests on vpn.data param
- fix _compare_conn_params to handle vpn.data as lists
* removes block and set_fact from example
Co-authored-by: Felix Fontein <felix@fontein.de>
* makes line shortter to better reading
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit e5e485390d)
Co-authored-by: José Roberto Emerich Junior <jremerich@gmail.com>
* nmcli: use capital case "DNS" in documentation
In documentation sometimes DNS was written in (incorrect) lower
case "dns" and sometimes in (correct) capital case "DNS". Use the
right capital case spelling in all parameter descriptions.
* nmcli: documentation language
Co-authored-by: Felix Fontein <felix@fontein.de>
* nmcli: documentation language
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 2eadedef6d)
Co-authored-by: bluikko <14869000+bluikko@users.noreply.github.com>
* nmcli: Deprecate default hairpin mode
Deprecate the default hairpin mode for a bridge.
Plain nmcli/bridge tools defaults to no, but for some reason ansible
defaults to yes.
We deprecate the default value so we can switch to default 'no' in
ansible 6.0.0
* Code review fixes
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fix comments
* Update changelogs/fragments/4320-nmcli-hairpin.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelogs/fragments/4320-nmcli-hairpin.yml
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Remove nmcli modify dependency on type parameter
* Add fragment
* Add newline for lint
* Fixed linting for tests
* Fix fragment
* Move aliases to ip_conn_type function
* Remove connection_map
* Updated fragment
* Fixed fragment
Co-authored-by: Trey West <--local>
* nmcli: add wireguard connection type
* nmcli: fix wireguard unit tests
* nmcli: set ipv4.method to disabled if ip4 not set
Method 'auto' is not supported for WireGuard
* nmcli: add wireguard documentation
* nmcli: clean up wireguard documentation
* nmcli: add wireguard changelog fragment
* nmcli: fix wireguard documentation
* Apply suggestions from code review
Co-authored-by: Andrew Pantuso <ajpantuso@gmail.com>
Co-authored-by: Andrew Pantuso <ajpantuso@gmail.com>
* rebase
* Add changelog fragment
* add suggestions
* split PR into two
* Add multiple address support but with #3768 fiexed
* rebase
* clean some merge artifacts
* update the wording
* Add support for addr-gen-mode and ip6-privacy options
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* try to solve conflict
* add suggested code + fix some of its issues
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* change ip6 type to list of str and fix problem with setting addresses without netmask
* change ip6 type to list of str and fix problem with setting addresses without netmask
* Add changelog fragment
* add suggestions
* fix no mask using bug
* Make change independed from feature branch
* change ip4 type to list of str
* Add several tests and change documentation
* Update changelogs/fragments/1088-nmcli_add_multiple_addresses_support.yml
Co-authored-by: Andrew Pantuso <ajpantuso@gmail.com>
Co-authored-by: Andrew Pantuso <ajpantuso@gmail.com>
* nmcli: Fix ipv6.dns not being recongnized as list
There was a missing comma on the previous line.
* nmcli: Add changelog fragment for #3563
* nmcli: Update changelogs/fragments/3563-nmcli-ipv6_dns.yaml
Make the fix description more descriptive
Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
* nmcli: Remove ipv4.route-metric from list-typed properties
Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
* nmcli: Update fragment 3563 with ipv4.route-metric bug
Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
* Updated nmcli.py
Amended the routing-rules4 values as list. By this we could add the entries for "routing_rules4" in the form of a list .
* Update nmcli.py
Fixed typo in line #1701
* 3395-nmcli-needs-type.yml
routing_rules4 module argument is currently accepting only string elements. In order to accept multiple values, amended the type of routing_rules4 as list.
* nmcli: amended the routing-rules4 key values as list
routing_rules4 module argument is currently accepting only string elements. In the case of adding multiple entries to routing_rules4, we need to accept values as list.
* Added 3401-nmcli-needs-type.yml
routing_rules4 module argument is currently accepting only string elements. In the case of adding multiple entries to routing_rules4, we need to accept values as lists
* Amended type to 'minor_changes'
Amended type to 'minor_changes' from 'bug_fixes'
* routing_rules4 to a list of element str
nmcli.py - routing_rules4 to a list of element str
* Update changelogs/fragments/3401-nmcli-needs-type.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* nmcli: allow routing-rules4 key values as list
* nmcli: amended the routing-rules4 key values as list
* nmcli: amended the routing-rules4 key values as list
* nmcli: amended the routing-rules4 key values as list
* test_nmcli: amended whitespaces
* Update 3401-nmcli-needs-type.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* nmcli: Disallow Wi-Fi options not supported by nmcli
By querying nmcli directly
* Added changelog fragment
* Added tests
* Simplify `get_available_options()`
* Update changelogs/fragments/3141-disallow-options-unsupported-by-nmcli.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Remove redundant `802-11-wireless` settings from test show outputs
* Update `mocked_wireless_create(mocker)`
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
* Address comment re. creating function & use nmcli naming conventions
I.E. `setting`.`property` = `value`
```
nmcli> help set
set [<setting>.<prop> <value>] :: set property value
This command sets property value.
Example: nmcli> set con.id My connection
```
* Added `ignore_unsupported_suboptions` option & improved `wifi(_sec)` doc
* Corrected pep8 issues
```
ERROR: Found 2 pep8 issue(s) which need to be resolved:
ERROR: plugins/modules/net_tools/nmcli.py:342:161: E501: line too long
(236 > 160 characters)
ERROR: plugins/modules/net_tools/nmcli.py:359:161: E501: line too long
(237 > 160 characters)
```
* Fixed remaining sanity check issues and added even more docs
* No need to split Note
* Update plugins/modules/net_tools/nmcli.py
3.5.0 has already been released.
Co-authored-by: Felix Fontein <felix@fontein.de>
* Followed uniformity guideline for format macros from Ansible's dev guide
* Addressed comment
https://github.com/ansible-collections/community.general/pull/3141#discussion_r689098383
* Documentation cleanup continuation
* Replace `NM_SETTING_*`s having a description with their numeric value
* Splitting up long paragraphs.
Also removed `wifi`.`seen-bssids` as it "`is only meant for reading`"
* Addressed remaining comments and clarified `wake-on-lan` note
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Finishing addressing documentation comments.
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
* Update nmcli.py
* Added wifi-related `list` type options to `settings_type` method
* Moved `edit_commands` `execution` logic into its own method
* Move `unsupported_property` deletion into `main` function
* Missing `.items()`
* Resolved missing proper `nmcli conn edit` arguments
* Resolve pylint issue `dangerous-default-value`
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
Co-authored-by: David Hummel <dhummel@Fingerling>
* nmcli: use `stdin` for setting private `wifi_sec` options
I.E.:
* `802-11-wireless-security.leap-password`
* `802-11-wireless-security.psk`
* `802-11-wireless-security.wep-key0`
* `802-11-wireless-security.wep-key1`
* `802-11-wireless-security.wep-key2`
* `802-11-wireless-security.wep-key3`
* Changelog fragement formatting.
* Update changelogs/fragments/3160-pass-wifi-secrets-via-stdin-to-nmcli-module.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Make `wifi_sec_secret_options()` into a constant
* Minor cleanup
`'set ' + key + ' ' + value`
=>
`'set %s %s' % (key, value)`
* Change `casing`
* Change `WIFI_SEC_SECRET_OPTIONS` from `list` to `tuple`
* Update `edit_connection()` to not reset `edit_commands`
It will just re`set` them if `edit_connection()` is called more than
once.
* Do not call `edit_connection()` if `connection_update(*)` fails
* Fixed `pep8` issue `E713` in tests
`test for membership should be 'not in'`
* Simplify `create_connection()`/`modify_connection()` logic
* `WIFI_SEC_SECRET_OPTIONS`=>`SECRET_OPTIONS`, options are prefixed
* Moved `if key in self.SECRET_OPTIONS` into `if value is not None` check
We don't need to do anything is the value is None
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fixed `wifi_sec` option changes are not detected
Also updated `docs` URL and formatting to match that of the `wifi`
option
* Removed extraneous `appends` to `cmd` in `connection_update`
These really should have only been added to `connection_options` whose
return values get `extended` onto `cmd`
* [nmcli] add connection.slave-type for teamed devices
* [nmcli] add fragment with changes for #2827
* [nmcli] add tests for network team
* [nmcli] fix testing
Co-authored-by: Oriol MULA VALLS <oriol.mula@lxp.lu>
* nmcli: Remove dead code, 'options' never contains keys from 'param_alias'
* Update changelogs/fragments/2417-nmcli_remove_dead_code.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* nmcli: Compare MAC addresses case insensitively
* Update changelogs/fragments/2416-nmcli_compare_mac_addresses_case_insensitively.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add mac to TESTCASE_BRIDGE so test_bridge_connection_unchanged covers case sensitive mac address comparison
* Update plugins/modules/net_tools/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Convert current_value to uppercase as well in case nmcli changes behaviour
Co-authored-by: Felix Fontein <felix@fontein.de>
* nmcli: manual overwrite MAC address for any devices
Don't restrict the ability to manually set the MAC address to the
bridge. NetworkManager is able to set a static MAC address to the
vaste majority of the device types.
* Update changelogs/fragments/2224_nmcli_allow_MAC_overwrite.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fix: nmcli - Ensure slave-type for bond-slave
Hello 🙂
When using bond-slave type, by default command sent to nmcl is:
['/usr/bin/nmcli', 'con', 'add', 'type', 'bond-slave', 'con-name', 'enp129s0f0', 'connection.interface-name', 'enp129s0f0', 'connection.autoconnect', 'yes', 'connection.master', 'bond0']
Which is not enough, nmcli will complain that connection.slave-type is missing. This small fix solve this issue.
If this change is approved, I will add the changelog fragment.
* Fix: nmcli - Adding changelog fragment for 1882
* Update changelogs/fragments/1882-fix-nmcli-ensure-slave-type-for-bond-slave.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Removed the bridge-slave from list of ip based connections since nmcli does not accept IP options for bridge-slave connections.
* Update changelogs/fragments/1517-bridge-slave-from-list-of-ip-based-connections.yml
Thanks for the tip.
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>