Skip to content

openvpn support #288

New issue
New issue
Open
Open
openvpn support#288
Labels
featureNew feature or requestnmrsChanges to nmrsvpnChanges to VPN surface
@cachebag

Description

@cachebag
cachebag
opened on Mar 18, 2026

tracking issue for openvpn support in nmrs.

openvpn uses the NM VPN plugin model (connection.type = "vpn", vpn.service-type = "org.freedesktop.NetworkManager.openvpn") — fundamentally different from wireguard's native connection type. all config lives in flat Dict<String, String> maps (vpn.data and vpn.secrets).

all changes are non-breaking (minor bumps only) since VpnType, VpnCredentials, and all relevant types are #[non_exhaustive].

core

  • VpnConfig trait + WireGuardConfig refactor
  • OpenVpnAuthType enum + OpenVpnConfig struct
  • OpenVpnBuilder with validation
  • build_openvpn_connection() — D-Bus settings dict
  • refactor core/vpn.rs to dispatch on vpn type
  • openvpn input validation

.ovpn import

  • .ovpn file parser
  • cert store (~/.local/share/nmrs/certs/)
  • NetworkManager::import_ovpn() public API

advanced options

  • tls hardening (tls-auth, tls-crypt, tls-crypt-v2, cert verification)
  • compression + proxy support
  • routing / split tunneling / connection resilience
  • VpnDetails enum on VpnConnectionInfo

docs

  • openvpn guide pages in mdbook

Metadata

Metadata

Assignees

No one assigned

    Labels

    featureNew feature or requestnmrsChanges to nmrsvpnChanges to VPN surface

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions