After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 744260 - vpn: add scripts to import VPN configuration to NM
vpn: add scripts to import VPN configuration to NM
Status: RESOLVED FIXED
Product: NetworkManager
Classification: Platform
Component: general
git master
Other Linux
: Normal normal
: ---
Assigned To: NetworkManager maintainer(s)
NetworkManager maintainer(s)
Depends on:
Blocks:
 
 
Reported: 2015-02-10 12:13 UTC by Jiri Klimes
Modified: 2015-05-19 07:31 UTC
See Also:
GNOME target: ---
GNOME version: ---


Description Jiri Klimes 2015-02-10 12:13:09 UTC 
NetworkManager has an VPN import functionality. However, it is bound to GUI and thus is not useful for command line or batch processing.

Branch jk/vpn-import-scripts includes scripts (in Lua) for importing/converting OpenVPN, vpnc and OpenConnect configurations to NetworkManager.
Comment 1 Thomas Haller 2015-02-16 18:12:42 UTC 
I think there are basically two ways how we should import/export connections.

1) have a script using DBus (possibly libnm-gio-introspection) to create the connections using DBUS directly.
  $ ./create-connection args

2) write keyfiles. This goes together with nmcli being able to import/export connections in keyfile format. Then you would call
  $ ./create-connection args | nmcli connection import

>> contrib/scripts: openvpn2nm.lua - script for converting OpenVPN configs to NM


this supports 1) and 2). I would not support specifying an out-file, just print to stdout. If somebody wants to write it to file, he should redirect it:

  openvpn2nm/lua '<in>' | sudo tee /etc/NetworkManager/system-connections/vpn
(any debug messages would go to stderr).


Is two-spaces indent standard for lua? It's hard to read for me :)

Also, could we get rid of the global variables (except vpn2nm)? IMO that is easier to understand.


+function uuid()

The function does not create RFC compliant uuids. Is there no library function for uuids? Also, NM now supports generating the UUID itself (both in keyfile and DBus Update()). So, you could just omit it entirely.

For reference, nmcli should support regenerating the UUID too:
   ./create-connection args | nmcli connection import
would keep the UUID (if set), otherwise generate one.
This
   ./create-connection args | nmcli connection import --generate-uuid
would always regenerate an UUID.




How about naming the scripts differently? I would expect people to copy the script into their path. Just get rid for the .lua extension.
And how about giving them a common prefix? Like: 
  contrib/scripts/nm-import-[vpnc|openvpn|...]
Comment 2 Thomas Haller 2015-02-18 11:24:01 UTC 
I opened bug 744702 for import/export of connections in nmcli and bug 744699 to support keyfile in libnm.

If that would be done, I think scripts should make use of that functionality.

This way, the script only has to concern itself with reading the vpn-specific config and creating an NMConnection of them.
All that is left is:
  print(connection.to_keyfile(with-secrets=TRUE))
Comment 3 Dan Winship 2015-02-25 15:30:01 UTC 
Why lua? We're already using both perl and python in different places. Adding a third scripting language seems unnecessary.
Comment 4 Jiri Klimes 2015-03-23 13:51:20 UTC 
(In reply to Thomas Haller from comment #1)
> I think there are basically two ways how we should import/export connections.
> 
> I would not support specifying an out-file, just
> print to stdout. If somebody wants to write it to file, he should redirect
> it:
>
Hmm, I think it's just a matter of taste. Anyway, users typically want to store the data to a file and then do something with it, like copying it to NM keyfile storage and adjust the permissions as suggested right away, or storing it for a later use.
Or we could make the output file name optional.

> 
> Is two-spaces indent standard for lua? It's hard to read for me :)
> 
It is: http://lua-users.org/wiki/LuaStyleGuide (Formating)
And it is readable for me. Anyway, I was always using two spaces indentation, even for C (before being forces to one Tab in NM :))

> Also, could we get rid of the global variables (except vpn2nm)? IMO that is
> easier to understand.
> 
There are not that many, just the VPN data storage and they are marked with g_ prefix. It is easier than passing them to all functions.

> 
> +function uuid()
> 
> The function does not create RFC compliant uuids.
How so? The UUIDs look OK and passes e.g. http://guid.us/Test/GUID
There might be some modules for UUID generation, but I'd rather not add a dependency.

> 
> How about naming the scripts differently? I would expect people to copy the
> script into their path. Just get rid for the .lua extension.
> And how about giving them a common prefix? Like: 
>   contrib/scripts/nm-import-[vpnc|openvpn|...]
Done.
Comment 5 Jiri Klimes 2015-03-23 13:54:26 UTC 
(In reply to Dan Winship from comment #3)
> Why lua? We're already using both perl and python in different places.
> Adding a third scripting language seems unnecessary.

Why not :)
My reasons are
1. The scripts are quite independent, so they can be in any language.
2. I wanted to learn Lua and I like it.
3. Lua is small, nice, fast, without much dependencies.
4. Contribute to Lua awareness and spreading.
Comment 6 Jiri Klimes 2015-05-19 07:31:26 UTC 
Scripts have been merged to master:
9b11276 merge: add scripts for importing VPN configurations for NM (bgo #744260)
466515e contrib/scripts: fix importing 'remote' and 'remote-random' options for openvpn
29473f1 contrib/scripts: nm-import-openconnect - script for importing OpenConnect VPN configs to NM
db0cf1e contrib/scripts: nm-import-vpnc - script for importing Cisco VPN configs to NM
1a2798d contrib/scripts: nm-import-openvpn - script for importing OpenVPN configs to NM